3.046083] ? ksys_write+0x1a9/0x260 [ 1223.047002] ? __ia32_sys_read+0xb0/0xb0 [ 1223.047962] __x64_sys_move_pages+0xdd/0x1b0 [ 1223.049012] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1223.050246] do_syscall_64+0x33/0x40 [ 1223.051219] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1223.052528] RIP: 0033:0x7f6fdcf13b19 [ 1223.053439] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1223.058121] RSP: 002b:00007f6fda489188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1223.060089] RAX: ffffffffffffffda RBX: 00007f6fdd026f60 RCX: 00007f6fdcf13b19 [ 1223.061887] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1223.063880] RBP: 00007f6fda4891d0 R08: 0000000020000000 R09: 0000000000000000 [ 1223.065982] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1223.067477] R13: 00007ffee9bd176f R14: 00007f6fda489300 R15: 0000000000022000 [ 1236.928649] FAULT_INJECTION: forcing a failure. [ 1236.928649] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1236.931951] CPU: 1 PID: 7557 Comm: syz-executor.6 Not tainted 5.10.224 #1 15:20:11 executing program 1: syz_emit_ethernet(0x56, &(0x7f0000000080)={@random="20f9bdba2470", @remote, @void, {@canfd={0xd, {{}, 0x0, 0x0, 0x0, 0x0, "7bc74f84dbc157914cd8c864a1bea9a4d30d9eedbf84c7959dd76445502e8debf42a1f820f5fe25e762e614b3d9ae47ca38e6862065da5e5550f0dfc6eba6e8f"}}}}, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x8401, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f00000000c0)={'ipvlan1\x00'}) write$tun(r0, &(0x7f0000000100)={@void, @val={0x1, 0x4, 0x0, 0x2}, @ipv6=@dccp_packet={0x0, 0x6, "3cdefa", 0x10, 0x21, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @local, {[], {{0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "265d99", 0x0, "960cee"}}}}}, 0x42) 15:20:11 executing program 3: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000100)={0x0, 0x0}) capset(&(0x7f0000000180)={0x20080522, r0}, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/locks\x00', 0x0, 0x0) ioctl$FS_IOC_SETVERSION(r2, 0x40087602, &(0x7f0000000040)=0x20) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000)='wlan1\x00', 0x10) sendfile(r1, r2, 0x0, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r3, 0x0, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) 15:20:11 executing program 0: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) setsockopt$packet_rx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0) msgget(0x1, 0x0) ioctl$EXT4_IOC_PRECACHE_EXTENTS(0xffffffffffffffff, 0x6612) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 55) 15:20:11 executing program 7: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000100)={0x0, 0x0}) capset(&(0x7f0000000180)={0x20080522, r0}, &(0x7f00000002c0)={0x40, 0x0, 0xfffffaf2, 0x6, 0xffffffff, 0x40}) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000)='wlan1\x00', 0x10) sendfile(r1, 0xffffffffffffffff, 0x0, 0x6) msgctl$IPC_RMID(0x0, 0x0) move_pages(0x0, 0x1, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, 0x0, 0x0) 15:20:11 executing program 5: r0 = gettid() tgkill(r0, r0, 0x13) process_vm_readv(r0, &(0x7f0000001a40)=[{&(0x7f00000018c0)=""/31, 0x1f}, {&(0x7f0000001b40)=""/124, 0x7a}, {&(0x7f0000001980)=""/161, 0xa1}], 0x3, &(0x7f0000001ec0)=[{&(0x7f0000001a80)=""/101, 0x65}, {&(0x7f0000002240)=""/183, 0xffffffbc}, {&(0x7f0000001bc0)=""/122, 0x7a}, {&(0x7f0000001c40)=""/163, 0xa3}, {&(0x7f0000001d00)=""/231, 0xe7}, {&(0x7f0000001e00)}, {&(0x7f0000001e40)=""/9, 0x9}, {&(0x7f0000001b00)=""/46, 0x2e}], 0x8, 0x0) clock_gettime(0x0, &(0x7f0000001840)={0x0, 0x0}) recvmmsg(0xffffffffffffffff, &(0x7f0000002000)=[{{&(0x7f0000000000)=@ax25={{}, [@netrom, @remote, @bcast, @bcast, @bcast, @netrom, @default]}, 0x80, &(0x7f0000001200)=[{&(0x7f0000000080)=""/4096, 0x1000}, {&(0x7f0000001080)=""/87, 0x57}, {&(0x7f0000002300)=""/4096, 0x1000}, {&(0x7f0000001100)=""/195, 0xc3}], 0x4, &(0x7f0000001240)=""/76, 0x4c}, 0x6}, {{&(0x7f00000012c0)=@alg, 0x80, &(0x7f00000013c0)=[{&(0x7f0000001340)=""/27, 0x1b}, {&(0x7f0000001380)=""/12, 0xc}], 0x2, &(0x7f0000001400)=""/172, 0xac}, 0x9}, {{&(0x7f00000014c0)=@pppoe={0x18, 0x0, {0x0, @link_local}}, 0x80, &(0x7f0000001640)=[{&(0x7f0000001540)=""/51, 0x33}, {&(0x7f0000001580)=""/134, 0x86}, {&(0x7f0000003300)=""/4096, 0x1000}], 0x3, &(0x7f0000001680)=""/170, 0xaa}, 0x4}, {{0x0, 0x0, &(0x7f0000001800)=[{&(0x7f0000001740)=""/19, 0x13}, {&(0x7f0000001780)=""/82, 0x52}], 0x2, &(0x7f0000002100)=""/158, 0x9e}, 0x2}], 0x4, 0x20, &(0x7f0000001880)={r1, r2+10000000}) r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0xa, 0x13, r3, 0x0) clock_gettime(0x0, &(0x7f0000004340)={0x0, 0x0}) recvmmsg(0xffffffffffffffff, &(0x7f0000004300)=[{{&(0x7f0000001f40)=@phonet, 0x80, &(0x7f00000021c0)=[{&(0x7f0000001fc0)=""/2, 0x2}], 0x1, &(0x7f0000002200)=""/16, 0x10}, 0x20}], 0x1, 0x1, &(0x7f0000004380)={r5, r6+60000000}) syz_io_uring_complete(r4) ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(0xffffffffffffffff, 0xc018937e, &(0x7f0000001900)={{0x1, 0x1, 0x18, 0xffffffffffffffff, @in_args={0x1}}, './file0\x00'}) syz_io_uring_submit(r4, 0x0, &(0x7f0000001e80)=@IORING_OP_OPENAT2={0x1c, 0x3, 0x0, r7, &(0x7f0000001940)={0x10600, 0x100}, &(0x7f0000001e00)='./file0\x00', 0x18, 0x0, 0x23456}, 0x5) 15:20:11 executing program 6: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 53) 15:20:11 executing program 2: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000100)={0x0, 0x0}) capset(&(0x7f0000000180)={0x20080522, r0}, &(0x7f00000002c0)={0x40, 0x2, 0xfffffaf2, 0x6, 0xffffffff, 0x40}) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000)='wlan1\x00', 0x10) sendfile(r1, 0xffffffffffffffff, 0x0, 0x6) msgctl$IPC_RMID(0x0, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) 15:20:11 executing program 4: perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) msgget(0x1, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 45) [ 1236.933888] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1236.936653] Call Trace: [ 1236.937461] dump_stack+0x107/0x167 [ 1236.938539] should_fail.cold+0x5/0xa [ 1236.939612] _copy_from_user+0x2e/0x1b0 [ 1236.940783] do_pages_stat+0xf1/0x3b0 [ 1236.941308] FAULT_INJECTION: forcing a failure. [ 1236.941308] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1236.941828] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1236.941857] ? cpuset_mems_allowed+0x1af/0x440 [ 1236.941884] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1236.947977] ? trace_hardirqs_on+0x5b/0x180 [ 1236.950563] kernel_move_pages+0xb8f/0x11c0 [ 1236.951653] ? rcu_read_lock_any_held+0x75/0xa0 [ 1236.952897] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1236.954396] ? fput_many+0x2f/0x1a0 [ 1236.955320] ? ksys_write+0x1a9/0x260 [ 1236.956309] ? __ia32_sys_read+0xb0/0xb0 [ 1236.957332] __x64_sys_move_pages+0xdd/0x1b0 [ 1236.958458] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1236.959741] do_syscall_64+0x33/0x40 [ 1236.960707] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1236.961990] RIP: 0033:0x7f28eb741b19 [ 1236.962941] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1236.967660] RSP: 002b:00007f28e8cb7188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1236.969612] RAX: ffffffffffffffda RBX: 00007f28eb854f60 RCX: 00007f28eb741b19 [ 1236.971449] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1236.973265] RBP: 00007f28e8cb71d0 R08: 0000000020000000 R09: 0000000000000000 [ 1236.975095] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1236.976865] R13: 00007ffd318d456f R14: 00007f28e8cb7300 R15: 0000000000022000 [ 1236.978722] CPU: 0 PID: 7560 Comm: syz-executor.0 Not tainted 5.10.224 #1 [ 1236.979415] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1236.980382] Call Trace: [ 1236.980662] dump_stack+0x107/0x167 [ 1236.981038] should_fail.cold+0x5/0xa [ 1236.981975] _copy_from_user+0x2e/0x1b0 [ 1236.983085] do_pages_stat+0xf1/0x3b0 [ 1236.984001] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1236.984627] ? cpuset_mems_allowed+0x1af/0x440 [ 1236.985767] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1236.986288] ? trace_hardirqs_on+0x5b/0x180 [ 1236.986741] kernel_move_pages+0xb8f/0x11c0 [ 1236.987200] ? rcu_read_lock_any_held+0x75/0xa0 [ 1236.987681] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1236.988752] ? fput_many+0x2f/0x1a0 [ 1236.989303] ? ksys_write+0x1a9/0x260 [ 1236.990287] ? __ia32_sys_read+0xb0/0xb0 [ 1236.991338] __x64_sys_move_pages+0xdd/0x1b0 [ 1236.992573] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1236.993798] do_syscall_64+0x33/0x40 [ 1236.994728] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1236.996142] RIP: 0033:0x7f6fdcf13b19 [ 1236.997086] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1237.001725] RSP: 002b:00007f6fda489188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1237.003668] RAX: ffffffffffffffda RBX: 00007f6fdd026f60 RCX: 00007f6fdcf13b19 [ 1237.005393] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1237.007075] RBP: 00007f6fda4891d0 R08: 0000000020000000 R09: 0000000000000000 [ 1237.008938] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1237.010730] R13: 00007ffee9bd176f R14: 00007f6fda489300 R15: 0000000000022000 [ 1237.017561] FAULT_INJECTION: forcing a failure. [ 1237.017561] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1237.019832] CPU: 1 PID: 7559 Comm: syz-executor.4 Not tainted 5.10.224 #1 [ 1237.021573] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1237.023459] Call Trace: [ 1237.023729] dump_stack+0x107/0x167 [ 1237.025158] should_fail.cold+0x5/0xa [ 1237.025548] _copy_from_user+0x2e/0x1b0 [ 1237.025958] do_pages_stat+0xf1/0x3b0 [ 1237.027395] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1237.027984] ? cpuset_mems_allowed+0x1af/0x440 [ 1237.028500] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1237.029004] ? trace_hardirqs_on+0x5b/0x180 [ 1237.029530] kernel_move_pages+0xb8f/0x11c0 [ 1237.029975] ? rcu_read_lock_any_held+0x75/0xa0 [ 1237.030521] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1237.031154] ? fput_many+0x2f/0x1a0 [ 1237.031524] ? ksys_write+0x1a9/0x260 [ 1237.031904] ? __ia32_sys_read+0xb0/0xb0 [ 1237.032367] __x64_sys_move_pages+0xdd/0x1b0 [ 1237.032812] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1237.033375] do_syscall_64+0x33/0x40 [ 1237.033752] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1237.034330] RIP: 0033:0x7f1c0ae11b19 [ 1237.034704] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1237.036561] RSP: 002b:00007f1c08387188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1237.037350] RAX: ffffffffffffffda RBX: 00007f1c0af24f60 RCX: 00007f1c0ae11b19 [ 1237.038114] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1237.038800] RBP: 00007f1c083871d0 R08: 0000000020000000 R09: 0000000000000000 [ 1237.039533] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1237.040276] R13: 00007ffd2ddfd2cf R14: 00007f1c08387300 R15: 0000000000022000 15:20:11 executing program 7: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000100)={0x0, 0x0}) capset(&(0x7f0000000180)={0x20080522, r0}, &(0x7f00000002c0)={0x40, 0x0, 0xfffffaf2, 0x6, 0xffffffff, 0x40}) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000)='wlan1\x00', 0x10) sendfile(r1, 0xffffffffffffffff, 0x0, 0x6) msgctl$IPC_RMID(0x0, 0x0) move_pages(0x0, 0x1, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0], 0x0) 15:20:11 executing program 1: syz_emit_ethernet(0x56, &(0x7f0000000080)={@random="20f9bdba2470", @remote, @void, {@canfd={0xd, {{}, 0x0, 0x0, 0x0, 0x0, "7bc74f84dbc157914cd8c864a1bea9a4d30d9eedbf84c7959dd76445502e8debf42a1f820f5fe25e762e614b3d9ae47ca38e6862065da5e5550f0dfc6eba6e8f"}}}}, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x8401, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f00000000c0)={'ipvlan1\x00'}) write$tun(r0, &(0x7f0000000100)={@void, @val={0x1, 0x4, 0x0, 0x2}, @ipv6=@dccp_packet={0x0, 0x6, "3cdefa", 0x10, 0x21, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @local, {[], {{0x0, 0x0, 0x4, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, "265d99", 0x0, "960cee"}}}}}, 0x42) 15:20:11 executing program 5: r0 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = getpgrp(0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x105142, 0x0) lseek(r2, 0x0, 0x2) r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x4000, 0x128) copy_file_range(r3, 0x0, r2, 0x0, 0x200f5ef, 0x0) perf_event_open(&(0x7f0000000140)={0x0, 0x80, 0x1f, 0x3, 0xc2, 0x5, 0x0, 0x400, 0x17a, 0x7, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x2, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x2, @perf_config_ext={0x1, 0x2}, 0x20032, 0x3, 0x9, 0x5, 0x800, 0x40, 0x2, 0x0, 0x6, 0x0, 0x80000001}, r1, 0x2, r2, 0x8) r4 = gettid() perf_event_open(&(0x7f00000000c0)={0x1, 0x80, 0xc1, 0x40, 0xfc, 0x7, 0x0, 0x4000000000000000, 0x8008, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0xfffffff8, 0x0, @perf_config_ext={0x3, 0x4}, 0x2006, 0x80, 0x7, 0x5, 0x5, 0x3ff, 0x6, 0x0, 0x2, 0x0, 0x3}, 0xffffffffffffffff, 0x5, r0, 0x8) process_vm_readv(r4, &(0x7f0000001a40)=[{&(0x7f00000018c0)=""/31, 0x1f}, {&(0x7f0000001b40)=""/124, 0x7a}, {&(0x7f0000001980)=""/161, 0xa1}], 0x3, &(0x7f0000001ec0)=[{&(0x7f0000001a80)=""/101, 0x65}, {&(0x7f0000002240)=""/183, 0xffffffbc}, {&(0x7f0000001bc0)=""/122, 0x7a}, {&(0x7f0000001c40)=""/163, 0xa3}, {&(0x7f0000001d00)=""/231, 0xe7}, {&(0x7f0000001e00)}, {&(0x7f0000001e40)=""/9, 0x9}, {&(0x7f0000001b00)=""/46, 0x2e}], 0x8, 0x0) 15:20:11 executing program 3: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000100)={0x0, 0x0}) capset(&(0x7f0000000180)={0x20080522, r0}, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/locks\x00', 0x0, 0x0) ioctl$FS_IOC_SETVERSION(r2, 0x40087602, &(0x7f0000000040)=0x20) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000)='wlan1\x00', 0x10) sendfile(r1, r2, 0x0, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r3, 0x0, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) 15:20:11 executing program 7: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000100)={0x0, 0x0}) capset(&(0x7f0000000180)={0x20080522, r0}, &(0x7f00000002c0)={0x40, 0x0, 0xfffffaf2, 0x6, 0xffffffff, 0x40}) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000)='wlan1\x00', 0x10) sendfile(r1, 0xffffffffffffffff, 0x0, 0x6) msgctl$IPC_RMID(0x0, 0x0) move_pages(0x0, 0x1, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0], 0x0) 15:20:11 executing program 2: syz_emit_ethernet(0x56, &(0x7f0000000080)={@random="20f9bdba2470", @remote, @void, {@canfd={0xd, {{}, 0x0, 0x0, 0x0, 0x0, "7bc74f84dbc157914cd8c864a1bea9a4d30d9eedbf84c7959dd76445502e8debf42a1f820f5fe25e762e614b3d9ae47ca38e6862065da5e5550f0dfc6eba6e8f"}}}}, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x8401, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f00000000c0)={'ipvlan1\x00'}) write$tun(r0, &(0x7f0000000100)={@void, @val={0x1}, @ipv6=@dccp_packet={0x0, 0x6, "3cdefa", 0x10, 0x21, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @local, {[], {{0x0, 0x0, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "265d99", 0x0, "960cee"}}}}}, 0x42) (fail_nth: 1) 15:20:11 executing program 5: r0 = gettid() perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x84, 0x1, 0x46, 0x9d, 0x0, 0x1, 0x200, 0x9, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x3, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x20, 0x1, @perf_config_ext={0x80000000, 0xa4f4}, 0xc0, 0xa0, 0xfff, 0x8, 0xeaf1, 0x2, 0x3, 0x0, 0x7, 0x0, 0x7ff}, 0xffffffffffffffff, 0xd, 0xffffffffffffffff, 0x9) process_vm_readv(r0, &(0x7f0000001a40)=[{&(0x7f00000018c0)=""/31, 0x1f}, {&(0x7f0000001b40)=""/124, 0x7c}, {&(0x7f0000001980)=""/161, 0xa1}], 0x3, &(0x7f0000001ec0)=[{&(0x7f0000000000)=""/96, 0x60}, {&(0x7f0000002240)=""/183, 0xb7}, {&(0x7f0000001bc0)=""/122, 0x7a}, {&(0x7f0000001c40)=""/163, 0xa3}, {&(0x7f0000001d00)=""/231, 0xe7}, {&(0x7f0000001e00)}, {&(0x7f0000001e40)=""/3, 0x3}, {&(0x7f0000001b00)=""/46, 0x2e}], 0x8, 0x0) [ 1237.193017] FAULT_INJECTION: forcing a failure. [ 1237.193017] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1237.195950] CPU: 0 PID: 7578 Comm: syz-executor.2 Not tainted 5.10.224 #1 [ 1237.197595] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1237.199544] Call Trace: [ 1237.200176] dump_stack+0x107/0x167 [ 1237.201035] should_fail.cold+0x5/0xa [ 1237.201998] _copy_from_iter_full+0x201/0xa60 [ 1237.203058] tun_get_user+0x30e/0x32f0 [ 1237.204075] ? tun_build_skb+0xfe0/0xfe0 [ 1237.204956] ? tun_device_event+0x8d0/0x1160 [ 1237.205907] ? lock_downgrade+0x6d0/0x6d0 [ 1237.206797] ? perf_trace_lock+0xac/0x490 [ 1237.207704] tun_chr_write_iter+0xe1/0x1e0 [ 1237.208660] new_sync_write+0x42c/0x660 [ 1237.209515] ? new_sync_read+0x6f0/0x6f0 [ 1237.210395] ? avc_policy_seqno+0x9/0x70 [ 1237.211266] ? selinux_file_permission+0x92/0x520 [ 1237.212346] ? security_file_permission+0xb1/0xe0 [ 1237.213389] vfs_write+0x7c0/0xb10 [ 1237.214155] ksys_write+0x12d/0x260 [ 1237.214936] ? __ia32_sys_read+0xb0/0xb0 [ 1237.215810] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1237.216970] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1237.218086] do_syscall_64+0x33/0x40 [ 1237.218884] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1237.219988] RIP: 0033:0x7f5895ec4b19 [ 1237.220817] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1237.224849] RSP: 002b:00007f589343a188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1237.226489] RAX: ffffffffffffffda RBX: 00007f5895fd7f60 RCX: 00007f5895ec4b19 [ 1237.228072] RDX: 0000000000000042 RSI: 0000000020000100 RDI: 0000000000000003 [ 1237.229616] RBP: 00007f589343a1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1237.231154] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1237.232724] R13: 00007ffeebf75d7f R14: 00007f589343a300 R15: 0000000000022000 15:20:11 executing program 3: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000100)={0x0, 0x0}) capset(&(0x7f0000000180)={0x20080522, r0}, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/locks\x00', 0x0, 0x0) ioctl$FS_IOC_SETVERSION(r2, 0x40087602, &(0x7f0000000040)=0x20) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000)='wlan1\x00', 0x10) sendfile(r1, r2, 0x0, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r3, 0x0, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) 15:20:11 executing program 7: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000100)={0x0, 0x0}) capset(&(0x7f0000000180)={0x20080522, r0}, &(0x7f00000002c0)={0x40, 0x0, 0xfffffaf2, 0x6, 0xffffffff, 0x40}) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000)='wlan1\x00', 0x10) sendfile(r1, 0xffffffffffffffff, 0x0, 0x6) msgctl$IPC_RMID(0x0, 0x0) move_pages(0x0, 0x1, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0], 0x0) 15:20:11 executing program 6: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 54) [ 1237.269375] FAULT_INJECTION: forcing a failure. [ 1237.269375] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1237.272226] CPU: 0 PID: 7587 Comm: syz-executor.6 Not tainted 5.10.224 #1 [ 1237.273733] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1237.275531] Call Trace: [ 1237.276137] dump_stack+0x107/0x167 [ 1237.276923] should_fail.cold+0x5/0xa [ 1237.277756] _copy_to_user+0x2e/0x180 [ 1237.278585] do_pages_stat+0x2b4/0x3b0 [ 1237.279435] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1237.280720] ? cpuset_mems_allowed+0x1af/0x440 [ 1237.281718] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1237.282807] ? trace_hardirqs_on+0x5b/0x180 [ 1237.283742] kernel_move_pages+0xb8f/0x11c0 [ 1237.284711] ? rcu_read_lock_any_held+0x75/0xa0 [ 1237.285731] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1237.286989] ? fput_many+0x2f/0x1a0 [ 1237.287779] ? ksys_write+0x1a9/0x260 [ 1237.288635] ? __ia32_sys_read+0xb0/0xb0 [ 1237.289517] __x64_sys_move_pages+0xdd/0x1b0 [ 1237.290478] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1237.291590] do_syscall_64+0x33/0x40 [ 1237.292452] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1237.293560] RIP: 0033:0x7f28eb741b19 [ 1237.294366] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1237.298628] RSP: 002b:00007f28e8cb7188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1237.300312] RAX: ffffffffffffffda RBX: 00007f28eb854f60 RCX: 00007f28eb741b19 [ 1237.301857] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1237.303511] RBP: 00007f28e8cb71d0 R08: 0000000020000000 R09: 0000000000000000 [ 1237.305092] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1237.306630] R13: 00007ffd318d456f R14: 00007f28e8cb7300 R15: 0000000000022000 15:20:11 executing program 0: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) setsockopt$packet_rx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0) msgget(0x1, 0x0) ioctl$EXT4_IOC_PRECACHE_EXTENTS(0xffffffffffffffff, 0x6612) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 56) 15:20:11 executing program 1: syz_emit_ethernet(0x56, &(0x7f0000000080)={@random="20f9bdba2470", @remote, @void, {@canfd={0xd, {{}, 0x0, 0x0, 0x0, 0x0, "7bc74f84dbc157914cd8c864a1bea9a4d30d9eedbf84c7959dd76445502e8debf42a1f820f5fe25e762e614b3d9ae47ca38e6862065da5e5550f0dfc6eba6e8f"}}}}, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x8401, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f00000000c0)={'ipvlan1\x00'}) write$tun(r0, &(0x7f0000000100)={@void, @val={0x1, 0x4, 0x0, 0x2}, @ipv6=@dccp_packet={0x0, 0x6, "3cdefa", 0x10, 0x21, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @local, {[], {{0x0, 0x0, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "265d99", 0x0, "960cee"}}}}}, 0x42) 15:20:11 executing program 5: perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = gettid() process_vm_readv(r0, &(0x7f0000001a40)=[{&(0x7f00000018c0)=""/31, 0x1f}, {&(0x7f0000001b40)=""/124, 0x7c}, {&(0x7f0000001980)=""/161, 0xa1}], 0x3, &(0x7f0000001ec0)=[{&(0x7f0000001a80)=""/101, 0x65}, {&(0x7f0000002240)=""/183, 0xb7}, {&(0x7f0000001bc0)=""/122, 0x7a}, {&(0x7f0000001c40)=""/163, 0xa3}, {&(0x7f0000001d00)=""/231, 0xe7}, {&(0x7f0000001e00)}, {&(0x7f0000001e40)=""/9, 0x9}, {&(0x7f00000000c0)=""/46, 0x2e}], 0x8, 0x0) r1 = getpgid(r0) r2 = gettid() process_vm_readv(r2, &(0x7f0000001a40)=[{&(0x7f00000018c0)=""/31, 0x1f}, {&(0x7f0000001b40)=""/124, 0x7a}, {&(0x7f0000001980)=""/161, 0xa1}], 0x3, &(0x7f0000001ec0)=[{&(0x7f0000001a80)=""/101, 0x65}, {&(0x7f0000002240)=""/183, 0xffffffbc}, {&(0x7f0000001bc0)=""/122, 0x7a}, {&(0x7f0000001c40)=""/163, 0xa3}, {&(0x7f0000001d00)=""/231, 0xe7}, {&(0x7f0000001e00)}, {&(0x7f0000001e40)=""/9, 0x9}, {&(0x7f0000001b00)=""/46, 0x2e}], 0x8, 0x0) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, &(0x7f0000000000)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x4}}, './file0\x00'}) r4 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl$sock_SIOCETHTOOL(r4, 0x8946, &(0x7f0000000240)={'syz_tun\x00', &(0x7f0000000200)=ANY=[@ANYBLOB="020000000000000000070000000000000000000000000001000000000026c9d0558e00"/44]}) kcmp(r1, r2, 0x0, r3, r4) 15:20:11 executing program 7: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000100)={0x0, 0x0}) capset(&(0x7f0000000180)={0x20080522, r0}, &(0x7f00000002c0)={0x40, 0x0, 0xfffffaf2, 0x6, 0xffffffff, 0x40}) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000)='wlan1\x00', 0x10) sendfile(r1, 0xffffffffffffffff, 0x0, 0x6) msgctl$IPC_RMID(0x0, 0x0) move_pages(0x0, 0x1, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0], 0x0) 15:20:11 executing program 4: perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) msgget(0x1, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 46) 15:20:11 executing program 3: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000100)={0x0, 0x0}) capset(&(0x7f0000000180)={0x20080522, r0}, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/locks\x00', 0x0, 0x0) ioctl$FS_IOC_SETVERSION(r2, 0x40087602, &(0x7f0000000040)=0x20) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000)='wlan1\x00', 0x10) sendfile(r1, r2, 0x0, 0x6) socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(0xffffffffffffffff, 0x0, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) 15:20:11 executing program 7: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000100)={0x0, 0x0}) capset(&(0x7f0000000180)={0x20080522, r0}, &(0x7f00000002c0)={0x40, 0x0, 0xfffffaf2, 0x6, 0xffffffff, 0x40}) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000)='wlan1\x00', 0x10) sendfile(r1, 0xffffffffffffffff, 0x0, 0x6) msgctl$IPC_RMID(0x0, 0x0) move_pages(0x0, 0x1, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0], 0x0) [ 1237.408171] FAULT_INJECTION: forcing a failure. [ 1237.408171] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1237.410590] CPU: 1 PID: 7600 Comm: syz-executor.0 Not tainted 5.10.224 #1 [ 1237.412098] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1237.413917] Call Trace: [ 1237.414496] dump_stack+0x107/0x167 [ 1237.415152] FAULT_INJECTION: forcing a failure. [ 1237.415152] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1237.415290] should_fail.cold+0x5/0xa [ 1237.418013] _copy_to_user+0x2e/0x180 [ 1237.418853] do_pages_stat+0x2b4/0x3b0 [ 1237.419704] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1237.420971] ? cpuset_mems_allowed+0x1af/0x440 [ 1237.421978] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1237.423080] ? trace_hardirqs_on+0x5b/0x180 [ 1237.424040] kernel_move_pages+0xb8f/0x11c0 [ 1237.424994] ? rcu_read_lock_any_held+0x75/0xa0 [ 1237.426009] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1237.427280] ? fput_many+0x2f/0x1a0 [ 1237.428087] ? ksys_write+0x1a9/0x260 [ 1237.428916] ? __ia32_sys_read+0xb0/0xb0 [ 1237.429807] __x64_sys_move_pages+0xdd/0x1b0 [ 1237.430769] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1237.431891] do_syscall_64+0x33/0x40 [ 1237.432715] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1237.433836] RIP: 0033:0x7f6fdcf13b19 [ 1237.434646] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1237.438689] RSP: 002b:00007f6fda489188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1237.440362] RAX: ffffffffffffffda RBX: 00007f6fdd026f60 RCX: 00007f6fdcf13b19 [ 1237.441920] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1237.443478] RBP: 00007f6fda4891d0 R08: 0000000020000000 R09: 0000000000000000 [ 1237.445045] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1237.446602] R13: 00007ffee9bd176f R14: 00007f6fda489300 R15: 0000000000022000 [ 1237.448185] CPU: 0 PID: 7594 Comm: syz-executor.4 Not tainted 5.10.224 #1 [ 1237.448879] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1237.449772] Call Trace: [ 1237.450021] dump_stack+0x107/0x167 [ 1237.450362] should_fail.cold+0x5/0xa [ 1237.450772] _copy_to_user+0x2e/0x180 [ 1237.451129] do_pages_stat+0x2b4/0x3b0 [ 1237.451596] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1237.452153] ? cpuset_mems_allowed+0x1af/0x440 [ 1237.452656] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1237.453123] ? trace_hardirqs_on+0x5b/0x180 [ 1237.453691] kernel_move_pages+0xb8f/0x11c0 [ 1237.454093] ? rcu_read_lock_any_held+0x75/0xa0 [ 1237.454562] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1237.455864] ? fput_many+0x2f/0x1a0 [ 1237.456247] ? ksys_write+0x1a9/0x260 [ 1237.458959] ? __ia32_sys_read+0xb0/0xb0 [ 1237.459357] __x64_sys_move_pages+0xdd/0x1b0 [ 1237.460363] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1237.460852] do_syscall_64+0x33/0x40 [ 1237.461778] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1237.462279] RIP: 0033:0x7f1c0ae11b19 [ 1237.463099] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1237.467297] RSP: 002b:00007f1c08387188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1237.469016] RAX: ffffffffffffffda RBX: 00007f1c0af24f60 RCX: 00007f1c0ae11b19 [ 1237.470707] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1237.472417] RBP: 00007f1c083871d0 R08: 0000000020000000 R09: 0000000000000000 [ 1237.474016] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1237.475682] R13: 00007ffd2ddfd2cf R14: 00007f1c08387300 R15: 0000000000022000 [ 1251.631768] FAULT_INJECTION: forcing a failure. [ 1251.631768] name failslab, interval 1, probability 0, space 0, times 0 [ 1251.632926] CPU: 1 PID: 7620 Comm: syz-executor.2 Not tainted 5.10.224 #1 [ 1251.633497] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1251.634183] Call Trace: [ 1251.634414] dump_stack+0x107/0x167 [ 1251.634721] should_fail.cold+0x5/0xa [ 1251.635046] ? __alloc_skb+0x6d/0x5b0 [ 1251.635374] should_failslab+0x5/0x20 [ 1251.635699] kmem_cache_alloc_node+0x55/0x330 [ 1251.636077] ? mark_lock+0xf5/0x2df0 [ 1251.636511] __alloc_skb+0x6d/0x5b0 [ 1251.636822] alloc_skb_with_frags+0x92/0x570 [ 1251.637187] ? lock_acquire+0x197/0x470 [ 1251.637525] sock_alloc_send_pskb+0x7af/0x930 [ 1251.637905] ? sk_alloc+0x350/0x350 [ 1251.638214] ? _copy_from_iter_full+0x27c/0xa60 [ 1251.638598] ? iov_iter_advance+0x23b/0xec0 [ 1251.638972] tun_get_user+0x94a/0x32f0 [ 1251.639310] ? tun_build_skb+0xfe0/0xfe0 [ 1251.639652] ? tun_device_event+0x8d0/0x1160 [ 1251.640018] ? lock_downgrade+0x6d0/0x6d0 [ 1251.644397] ? perf_trace_lock+0xac/0x490 [ 1251.644760] tun_chr_write_iter+0xe1/0x1e0 [ 1251.645128] new_sync_write+0x42c/0x660 [ 1251.645464] ? new_sync_read+0x6f0/0x6f0 [ 1251.645814] ? avc_policy_seqno+0x9/0x70 [ 1251.646155] ? selinux_file_permission+0x92/0x520 [ 1251.646569] ? security_file_permission+0xb1/0xe0 [ 1251.646977] vfs_write+0x7c0/0xb10 [ 1251.647284] ksys_write+0x12d/0x260 [ 1251.647594] ? __ia32_sys_read+0xb0/0xb0 [ 1251.647940] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1251.648501] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1251.648933] do_syscall_64+0x33/0x40 [ 1251.649247] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1251.649673] RIP: 0033:0x7f5895ec4b19 [ 1251.649986] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1251.651496] RSP: 002b:00007f589343a188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1251.652138] RAX: ffffffffffffffda RBX: 00007f5895fd7f60 RCX: 00007f5895ec4b19 [ 1251.652843] RDX: 0000000000000042 RSI: 0000000020000100 RDI: 0000000000000003 [ 1251.653434] RBP: 00007f589343a1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1251.654026] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1251.654617] R13: 00007ffeebf75d7f R14: 00007f589343a300 R15: 0000000000022000 15:20:26 executing program 4: perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) msgget(0x1, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 47) 15:20:26 executing program 2: syz_emit_ethernet(0x56, &(0x7f0000000080)={@random="20f9bdba2470", @remote, @void, {@canfd={0xd, {{}, 0x0, 0x0, 0x0, 0x0, "7bc74f84dbc157914cd8c864a1bea9a4d30d9eedbf84c7959dd76445502e8debf42a1f820f5fe25e762e614b3d9ae47ca38e6862065da5e5550f0dfc6eba6e8f"}}}}, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x8401, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f00000000c0)={'ipvlan1\x00'}) write$tun(r0, &(0x7f0000000100)={@void, @val={0x1}, @ipv6=@dccp_packet={0x0, 0x6, "3cdefa", 0x10, 0x21, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @local, {[], {{0x0, 0x0, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "265d99", 0x0, "960cee"}}}}}, 0x42) (fail_nth: 2) 15:20:26 executing program 7: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000100)={0x0, 0x0}) capset(&(0x7f0000000180)={0x20080522, r0}, &(0x7f00000002c0)={0x40, 0x0, 0xfffffaf2, 0x6, 0xffffffff, 0x40}) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000)='wlan1\x00', 0x10) sendfile(r1, 0xffffffffffffffff, 0x0, 0x6) msgctl$IPC_RMID(0x0, 0x0) move_pages(0x0, 0x1, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0], 0x0) 15:20:26 executing program 0: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) setsockopt$packet_rx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0) msgget(0x1, 0x0) ioctl$EXT4_IOC_PRECACHE_EXTENTS(0xffffffffffffffff, 0x6612) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 57) 15:20:26 executing program 6: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 55) 15:20:26 executing program 1: syz_emit_ethernet(0x56, &(0x7f0000000080)={@random="20f9bdba2470", @remote, @void, {@canfd={0xd, {{}, 0x0, 0x0, 0x0, 0x0, "7bc74f84dbc157914cd8c864a1bea9a4d30d9eedbf84c7959dd76445502e8debf42a1f820f5fe25e762e614b3d9ae47ca38e6862065da5e5550f0dfc6eba6e8f"}}}}, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x8401, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f00000000c0)={'ipvlan1\x00'}) write$tun(r0, &(0x7f0000000100)={@void, @val={0x1, 0x4, 0x0, 0x2}, @ipv6=@dccp_packet={0x0, 0x6, "3cdefa", 0x10, 0x21, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @local, {[], {{0x0, 0x0, 0x4, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, "265d99", 0x0, "960cee"}}}}}, 0x42) 15:20:26 executing program 5: perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = gettid() timer_create(0x4, &(0x7f0000000000)={0x0, 0x15, 0x0, @thr={&(0x7f00000000c0)="856e6d500546951499a5fd8b99647430793a31f432097db89db54dbf1a6d2103c5e1e4fb2dd9a628a8490a31457a1e538581eee67cfad9488faa32ff69246f7180dbd19fa37a0ef1125e827613a78a7e064989413ce14d0a43e9abef0e0889c382e1ec88338f74381c94b38b6783901ae016dfc8f064d4feb88cfced1d6318cc1c098fc2f914ef56453c1ef8873969271f873acb7e862f0b7f2ec840418d127f305966819ae06ac326309617fbbebaa12610d904cc30301466aa4c1ec15585aa0e9be940726296f2b42cbc59fab97c5f03a1457b65b31efd267cd4dcf8e20b443418760626e0213c789452ff8a7762f0a13cc379e39db2ecbbc9bdcae68e47a72003c296e4676de123c8b8fba310cf9e0332ae276e9e022bb6c7710d2ef799c33d06d0c890d9c451ca365fbed1afd565e6d78afa025ad7110e992bdd26d2025d02c5067f27ae2e9b02ca0018e838713968dbd2905b8d827e2a8e6d455feab657b777991578b7ff118d6a1367714b79b7b75f8fc100c1c801feeee5d4ebb234e117622824d1210e19d2ca23d12e42b818c29b993a8672d1aaf745fea6cf77b12cb68b6f09548aea4663fc351b7ad2d73bd707cffd76244a4ebbb4ac93be5477e89867f35d632d9714fd7cbad8a37f6a4dc54a991c50d85c887a2aed919a230e9eca8ff735444997147f8489b08a21fb5dd89a01cbda9b4de85725b3f8ff7d69cb91c8be6fa4e514775d94ffb044bf66008875acb22f31bc156187ed5a39a6f5bd7586265c056a8bc5fc7cef294af092eb0ef2d5eacdee09b03fa80828b8aafd4f3a94c801001409c2143379659f3337e9b15082c3965b397cf51d927c8846b0f7a7d62bd8d7f1a11c23271907aad31b3091e86bcb1ef6709dc6db2a2dd4934f3f999b5abd9ba7e9704b09202a4f0a06ba630648a51faa699ec304c98df69eb338f3933b3db59463e40979bb114d5af6b77540cdaceaa2952e2f0eeb44230396591cc48f028deb5d67e26e3f14174e6f58fe772fe4c2372c50a1fa6ad73cbc4b8757540d9230402ea2c4982374ca044a2e26045b76bb7354174247c5ca3e9ca12bb63e1c9bab455e7319ed3cafb7b91e8fdb6bcd8b9fd4fa7b22a9b3c006ca69749c72b61f15c52470421ee0e814b606f85fba018c102367b141d159e70b5535c60485f9fbcbef2a814491a8929f1a9a9f8cfe0dac9fb300c58cd1fe60f4e7db57ec74e6672a033d5c45ae18368c58e5b42956fe9a77da1c58e3953548fe4397583761b1fca5e3473ad42699fbddaaf8351623965d1772b8f80a76e646fd5267097f69866f534d456c68c41db2c668d71c14c62497ca37138d7276be1afb04b1ad2e0e554663e9b3229842765d909dbb4db9ac858fc456ed5b55c8432bc74b3086ba279c0005d150fe1ac5cc991af4d50e22f08f930502ea25e7c23ff2ec7c3001ba960daf00a6b9b81378633f9d15d87832853c92c0f5941927c580fa042fa1b7f6cfc830b937e8f8f8dc82564070172ebf358e06f7714d9f9b30af7b0c2355d08856f046d5a737e636cb82e30906b20e610550d49618d781a6f88aa70f09e52b684b6db191b42b5e598b82421f5ae864cd99261599e7199ee3330952dc81155a3a50b30304039f19d4d2be7f38902fa54b0c4b7eeaae9487e3dc4f52a6dbfa33c9df2597722135cd2c83dc867a343b1959022d1cca8cca3b89fb40a6f8765f7ff3409ffb886c5337b58c7d69ee163442969ada743cd4877afdc2704bf0dfdc54e9146a2037adc6386575f39335ce06938d02ccbcaa6e6f1403e452c338ce2cc9a15e2d452869e6f39fa2d48d4ce333a6418842f85195d4e9c7ffbc8743346ff53cc288ca7e1d5c778867d997497387a02f26b38b67e5888af363b4be138cf76e83ccc8bf4625131238bea5798056527cd5e3ccacba2abe7a2efb95c07faa32694c7ea1fb19f58bf16fe3a741612e99c19635d60d858c2f4d070c4c880c89cf84d683b83cdabe585cbcc41b1d09e37a75153cdcc3276bb5e1ea2dbacad56d57332a4408166e142fd9198c6eef6c407a8631d78bc44a72e7c19e2ae3d16e568c288d406a582007e80feaa231cdfedd2a88d6f2da16d5a5c437ccebd47cac866f6ba447967f57840f5ba197be4df5e914f37780718292efa5d0af4cbcf1e59cd786fd13711f09f0dbd7d82096182b10eb418fc5f6f87c3cf7586a5ebdcf91fd9062b497cea6e205b86c2b3d5c4c24fe8128a2c2524c206b79b13fcc92a1e379fa41c7cc26b95cb7e4a24fbffdcfb3e89a1a5f1260cdc1314bfbd577b191f5b1580c12e293cd5274e2d2f2913b33d6582265ee891161f0ad0fb3b6efdeab7002e690915f6590446e8427298a638cf924b88fb96489afae285df38c6b4027405eb302cb0683b16b5f52ebac6c11c3d1887bb9387a189e2f4696d6d1a3337ef9526ce2d19f881d7876d0404c216d032c56ba5ac1b455033f39a5cc42f3f40e4e143865d88af5de1a75be99098b6a0d0cdc2bba78efc6802dec0bf337f0e96529ef1cddd39c17e3a4c8bcd1548bd3362521b531882a303cabd42c64d219c68f8f8a8fdf812fc17e64d073ace5e8c7ace6c64027fc8e0b0b7a697fb62f9b884c2b01526b3d0ce389f9e7a3de27325fc76fe90d87449388d027cbcbe787a282359de0b13b798d578836a824ea9ea905fd7429579a9554dae463265da9d1af187e67454d5f2777538f7e4d24971b9087271ef8a316b644ebcd76ccf8778bde497618f0933b5c8124d0d5c13b95b231e4c17e92da88e598b23ddb2ad980e7422c906d04f1c837d9753294ba3705b978e594ad92140318a8ac0ea9a8c3d84d99a97a8cfbdb90dd79f030c1989562905e10fdf1c8894ea1b54d1d4acf56a9c7c456407b641056fe800634955dc5247fa6e056a5a4764eb45e6162568b895bfc375d428cb2494371f383504394e4160704e6c56dba1365d15c45972429084098b96473325532e46e930d638f8ac4214deee97e363ff4caebae8e76789fb7522be323456447700a9bb5b392c103a3a4081ebbae45892141016f85d4c42d018f495b7996fb058c0c3164fbbdea1b9388e72dfb3d7de96eef2179c374faf7ff6464ad316aa119396ae2dcfd47855a6f483688adfc5fb20bf34ebc4fe60120bc100d63c3da73d79fed6b786604b2befccc12227602e89069e052483b66e0a36eeef5982456979322a5637e39f07d2dcfed63b025a29e448b95f567299f581f8b22cdd186515ca4cb55542566b97c9cba0315d88727c8f71d48d0171f357a2b3396c7b224d9a9128747ed3d7cd9d827ccd67c693b8999470c0af7c7f6c38ae9602709fb1235d9a51fecefc63a5f0ce2c212cc03c671505e0faad334133b4f9b7dfc113753126e521dc7660292323e35710cdefe1949661a78f935cbf15e66ed6776bdcfae4a38d568a270c2eeeaa538dae67710085f5d3b2c889b3d7075266ad2c224707a273ecf55abfb0403bd5b9ed62697c475a154aea07efe6aad25125142f7ebb9bd4adc11ee8480a545858e260b5aba12603803cb713541465dc92a0f67cd7b2ba1dd4836ef9157a6d8b9b3053b897e7cbf424e3aa9d9e94e4bafbd76a55acbac273e93327fe7171937fe6093b43e54b29204e4372db0ee066242e3551da2454269f42bbabf5522464ab3f0b230ed0fad47d16bbd169ff0994b25819b00196f26e4c78574d7e984e8f7b85b204bf1851af903fe62f4c1a13de4852f638c89d6224341d560b40e2ada69a89815bffca2f18ef9b7e4a0d226c765e9bdc7906e433b40a6fcaf5deaecb81c35f34b046e7aa4941b044b3b39ffb65a1214ad7972a0db843bb58f1f9b1ca8a000ffeb8b20b10eeeb0673399405a897a7b5d13f00109ba09d9e8c4b83c33b1fc6f29b5f54a15a66703d4fd53eff3067a09b390b555b633a95c3e90d7a3993d0347e5bd984efb77681ec7b625100b1b1ad2b1b2699f37b0e7605b88a58bb6e795d00a2cbedce278a987f19e25cda366ff391f1da4c1a1178d05db84249829540a1400df2130c4bb455185959a129d5ead2a565ea025853303df658e62791d2989c953518863ca94c8820b1009cd51ae874fd7e74218c20b6b56a8c9b848e608f66022e966a1615d4a0c38f3a98526490fe3d4ccab87afc7ca370c3e2c8d0fa3a13d10899d0dd87fc4d9ee08ba55b1e37ca61e53720d6a8cd96dc124382a003a1666f4d6bf4676664cd499c439f3cf2fe4ef9b7de89d5704215d0285fb0043ecbbb8b1cf1fcfff230470f461beee082510635d912bb319c3f0a0d83ca0c4b2e1f020428e762c65bf9306976b1972e009b22ab1b880bcbf759fa7ee1c6220150ed8767087d90064ac513b0ffc06a3f5630da8224c23a995a0c38599df23a573e8ec8e602b785ed4025090d04db966df861e352468ad9d5b66998e887426f2b87517613092e81ea24576511a0e674cc869d9463ff8ac5410f2d35cb58bf720e689ade8e38c2596cb5410508dd67aa64e494adab5408cace4cb5275c6f848cccc70fc009605babb34f79936f422de1c275bc923d910a30c33bc464a4ec5f23f3ea89bd7c66944f8286490d7d0b5e5d968e4bf45ca81609668b9a822354ed364cd39d87d045b798b8ee5fed841a35722c8a8d67980413d630b40ca0120524baaa7245a03ae6100a557aedff5ec13759f7b0cf305cdbc011608e9fa4896b606351b8009b2153dd832cbad2506db875dbcaa908a36896188e2bb6e863900c8393954f2d3375d17973950fda39783edcf17aceef29f1e15802f927d5e8e20a8f153a3e2ce04f3bcb7a914c4846045ad85310dd348c91499321fce89a6d2d9bf9a1d345e3ae373fed48fccb979c4fbda599b87e6c3cc06874ec7ae585aecd4b16ea3fb595e4bbad77051672a1cd70a610be52a799b535e362b40ee38d6fec5579cfb45b0241c7462736da1fc3f525a579244eec6f873be0982060494ba39a188fecbe15f44e12f3022c2f3b2c6e115ded4f9aedc1dad4ab0e22952591c0a166d3166c569e6e6021d4f15e2d01ab809dba7fc8d23cb7956216f6a32301ca019243e76d99173e8db8d02777d55be940dd0a9d665ff70a530fdda2f36ec0b288bd688a0a966483b05a8318805c0de7a9abeb6415f645530c889cbb1fc419e7cd324b182f99d0e352e9542e5ef2684f6fa391bd15d560c80bc7479761fb36c737ca7ce9b40e649b850ed9a96cc20c5b5cfe062908142065c3097a86a2f8f3f13a41e80cd84737523f87fe622c9ffe92b398d174e2a198f82b36874ccb701b8a54c3154c45b42dacbe64754cd85658af00c2ca365651ff7631521b6845f7459f4dd517879cd9baedb00e49f4d5b15e4480f1b2f4d142c39fa22bbdc078d46288dda5eaaa06aaadcb3b2046c1720eb90112cf58958c18e8cbff6a62a83d2281a687efc1ae6a529fb91e29b1997cfc308ec56fefea65a99d73d693c246a312678f3e3e034760f3d7d7500aa88681534c44ccce2f950497fdfc87d420b3cc9cfc1ffcce6695e66ba670391c82f225fdc368b8f49c42c8feca2dcf12fab4acfe96e1aac006f3652660922bd94a6442444ba47fbda64792bca1cd21ad9cf55045259c67e081ab78254796474c8d0f868d327c20074352cbb7613933879af789f288d0ad32be1bb30f81e833f6b1188903c61fd52d1636297a30bee65186723572c3764b0a74ad7c39f026b61eab0823dd93954cf37ed00609068b5624eab4ea5b601b9f97ebf2aa77277f3d2920c4431aa1d32eee644d51906fe3be9dd455b50f7e95568c9f0cf", &(0x7f0000002300)="01216a13cb7f117a74c0114008ac9d9dba9a65a11e2b8afcaa7555cadf069f7b076e8cfe181df7078dd1b7dae2532cebc726e3d3dbc2313fdbbafe49beb92f66e2e6cc58ee0ce388cbda74e2f7823133be24003362537b7d50afcebf9ebe02d57d6af3a629a08d7e7cea56d7d436c30c392097c4dd302f6d461e837a0edf7306227b4b62d516e3cdf485354a791cd78541ed3f79cc39074ffbe7b2f62ec9caac41297b5f9e9e231e8744eefc3e113d78daf7b8e1303cfdafdea5216ca349e15c5cdbffae33441de106441337cc1acafb33020a55e0127cecde724f047173d5b360344970744d8fe13b4611cce94436f52b5c465fc445ea4f696443aa9f18f4d2e5833eaacbc0dae7f6820b2e55ee0149c022d8ee7340d80558c6398a0ea45a789d9e3ab2fd3310d20bc6a5a2df0c3f9a9dc34a948b5e4584e2ec7c57458d30df9dcc92faf4c653436cd044560a4c46ef5d88104f2a16264b06c8f45a87207dc316593e9802255b68d34eae741a3795403fb98e5ed74f1881615d1ecde612b3380ce3a800d912f57b392917d3c48ebf3c836487872ba4d7e29adaef93b03383db17091d61d9a96f92df44abde851b6ba79d70d4c62e880d3dcb88b3254fa51a60366f9efd0575f744aab8099a976e65b47736ab55b3869ee35f0f5ecab921932e70fbd202bdb3393fed52a87bc0e88769ecd9e3c2109ddb99b56628ccfde262b934966dcff000a7e8a23bc7a5424323e237fdea6202f7f73e979dcce3f2f5f16cababd35b2c4c7a2dd490b339eb9f0c0fdbec498858b335c9cc8985cf495183336c30d08fc6367b7873c83052714b8c6cc97a11ed4aebb0a8ab35c11360f0f74811c79cdbcf3b919a0b1709fd0625bd375e7bfb5dc48c2206de29198e7bbab39daeccb8a67ccf57a6521937012013fd7b5fefb684c30b51d1353772d58df4f4a2224fbd75930f2da3bc0ebde615e2674200173d7fb45426bf41ad04499d88f1e9119117fe66bc068a28215f875c12b15380cd337b2e35e23d622d33177a0b74882fc298806c965392699559d8e691a6d51caf759f3bc40335269f48d7458a94c9926738816134bb63dda46366de3a5b3cb1ed779e0cedaf868dc3a86bee23a080be37ac1da61fd9fe82abd599fdbcf0256eb500b36da93958a0249424adc0536c44245dbed6e7957010dd566f137f47af8fb38f94d5b085e5dcb672cf6a651e71ef0725dcad25d3a72ab7631702613ab86beab60f1ca841ea6145a217a1619d5bd5982df890d45e2ecc83cbf89abb555060f9614404c1533992cf707d8e51f29a47f1eaaa4b164ebda1798e7d22d4e4512b339fe78cba5a336bb169450692a67d9b3fb03fa510bcfa0ef0221f8133c831a3a0f0ef4d7f3d68e747ee46990f4bbe3629ce0c8d23b01c667901f8a53948f7ecb64ac4254379ed6d58280a0b6a6dbddf3a114e48ab56e379d27ecdf3b031313a672e67096e7286eb90cab20bf89b91ab4fea7d130331593f965d3fd954d717b6698d5fa34403390de1758fba91eb602141b8bd66a7e926aa48a0540c342a3f4627e66d5bb1804bd738aa535176397b45fd827f947d982720a45bb4138e47566fd96a28d4a5636b44f79b560cf4cee5633e45e25b96d5167a147e8db7ad7179471f2186acc59e2ab75252144a1eeec1803089277a803ac701c222e1c81bbdbc1559df3596fbbefaf2638def6e1a1cf519c70f6e231e55664b74af6f6ac4ca04f8979c74ccc7179b23287e9dd934d077fe5b476cbea42590811e480f59978baaadedad9117dff4e654d94e8eec9adc6a47aa2cddd352e735fc2a3e3ded73ad6dd51cb9c6a36e6b98907e1b1b56e49a43c35165942310f89aa84b1826c4bc4c1b5fdeca18b2f640948773aed74b4ddc07d94feaf9f6f7d76cce67b95c206166081096e0f4826adc10c6f220e5dfa0fdbca77fa947a217145eef3a9e898eacb2ea68bd9b8e6c440425ebc80f4ad8b30f068d1bf71047ada4e6161a909912fc1a3d9b63f1b28c95ee753a0f392b4e0a1ab59da4def86d4236ae080dc1669491cd7e7410c45ed80066167d74928c46e78cacc33b368d5a69a3e9b1567a9051a8d288dfcfd72b166509b6abed8c50d107209f9c26902d492af5e31eee2018582e8430705f9f4c2e12ddb860f29bd7604c32d29c9898f8a8659c9660e3577163d0eb079ee691b8982d8653e7656f45d093f049ad865b5fd760697a88b39d9d4e1e163de3b340b2146179e0e19691b236107a82442deb583c6313a70d886b54119345c9bd23130f3d6fe544c5f672c5c78d1e464221e529a0d94d56e244c0139611d23824d5e7b3b6149e00efbaeca981293e5e39533baf929e9e43bc4808e89eafcac5701b7b9b554ae6b1c78ca94b2afd5d3b7e5321585a75bc99beda644660784961dc841239a9ee8d0de7b36113ddce0d137cf79059dc712886bad929a51b8e3dfb862e640a33bdd4e8e14dac86851f8e36c724b232c2ec7c84cb297b43fe428067bfbeac3df2e855ad3671036a3647f00561f98619cc68d9df7b82d464f21d08482c7bcd2ef4675f8ff9eed2c58b80c605cfad54b5d7ed94d1c896d5d90a9a97e8e049fa2726eefb8ca2065177d11e9514982b20ff573af1fbfe2aa5eb49c1ba2870f2bf0237304a68815c1757eeedfe8c73ea01e66224a5e16e03345f3875fbf462fce888980b72ded4fe6016f830549689896a0bc3afaf464c07e0b166cd449d3d036beda6d33225b76b2054367ab6a4155a1471922cb7b41980e8c9ac91056ed25f47a4c33785828bdec043e75e35f1e186ccb451be4c7d47853cefc08fb875d11886fd9de096134fca2301582a95cb177e3eabb7d7a3ea0271e6bf839f5c2a9ab8d73ec8b061b6930555c94e19f71e0c9db61a7f28975ebbf8d898fc04c6651625585f19327f56540d0f1b4c7fcacc8363092797975011e6737f236e5d08a6d4a6d86b1ae0a440be54e7a7e12a3a340f717644521cd2197ac31fa9a6564f067337774e1134f251ee9a0206377b9456c008eb6767d3c7ab4bd8cd7a28daf59d7205a39a14e8788c47dd4904f228bea87abe5bbfe80186fb91729bae350e6d384aca3c7e6c3d8f91dcddb916c1e05089cb285ca751b97a40ae22bf31e87c4474c8286a51e177707caa8b45b057cbd74890b888e77d118d67c64cf15654b99659c6c83983c8efbf3c37332fbd18feeef2c90cc8189b3b24535b57b3c1b123f005e6921993f69e896b76abbd11bde1dbdb7ebc1132b484492091f74bb541987ad4a31ed760080d357e111c0bb5660918435da67f34d041b939307eb32aaa897b51fae86d3ce56c7f325e93fa0443fd94cfcb87d99a5797646f6a3a98e6e96291f9f2bbae692da8c9088a7e2d56f1975bb0fffa5144b6eb146dd3c2fff4233fc3c0d28e37dfcec763c09a1e9e59faeedfc44ac7ba7a87a9b940231db7539e8a119ff275e581aee48d2802e2ea6ccdca2205636aca93b85d388ebb82c802d87b08c07b8a2a93d89b21fc9cc57aae1fe709b75ec90fcd768759de80deeb7d2553bf3a44784120f3efef62652763e986a95020e231d3fd3278350b4318e5958b5d9c2bf634f96eecce61dbbe7cace93c67c70560fa04acc0ae52a2eb5f7569a3c24fae3ac560d5693906d5fe513b321476895b5a6fd3281e558b7d044d0bcc451f7fe95be3a31d1467550804537f0c553f5592cf39932513895681a445527ea3a0272e88a3c6a14bb94df775bf03e6ffe1819e97a8d52d91c406850063162a5ab8fc71d658596b773542697be2dd4b74ee0b4723dbb6cf771fd9493419410db60394b46b2233d55a2ce978940bc4997dd8be201069ba389e80fd08ec218c90c21cd1963ddab8dbc8abaf2629bd88007d6cd2c9c967f292679f476dd56a40a28914847cbd016324b5ee14a1bcc9e3dda6e4fc39f89f3729217aea81d501d598f8f3e19aea1eaf3f3ac20912e9fc2fa676dce6675452dc4b27670e0ffd7eae946680dc8f2eca4ce524302afd2e3110cd347b0bdf66c3addee6f7a1cd22f0a890ecaad0502494f29c18dd91c3b1340b23cb331148f523fc3f5838bab160b715302f45443b25e9cc8ac39cf4cd2d61570f5f7f7ba5ea9ad57a2595d9dfefc075457e7ab524bc6e08de3ac74317a10c187d3373fb5918558c2aad306f72e72f0d87d5f03f062f91189b3bf75137dc2f1d840a4bd25f3c44bd8a6dbf9c54b22df1aefb0fd2b1dbbed2e7e06788888619777e271ecdd1918f1e6fc7dc1983e928b2ac3f412da5570047c15aca60e18b74c33b9069d8ce43787cebce6f2e37bf741c8168b883efaede21e60eafa3ed64bf6da3631af94404b5b2689d7351c594b2ff07227f9c62f27fe5b5e64963abd5772dcd7b6f383a593e97c26c7e0faadc19af3620f3b54f57a7e4a1ced65a07f485da2e393ccab281f79125144ee9d5db96c99781675f087def92e80dba14792d0ca15198f74ba43629958d38163fe02da2cafad2ae2db66b4b6f3fb42c6ad8312bf289bc08d6109390972733c5454765acd95d9db25c573dbb72a191023973c5663b62c72a830f3fc3b72b259279f57d2fadc12532795b0202e50944bab71114b614f18f7cad695ab1eb64abe7ec89eb9d43d2362490a329eafa95a509469466c674279a4b8851810ecfbee1331494facc817a3e241e43f1764ed617b8e8c342840d995a27d993586916c0660bb78f0ef15030c034b1371fbd917a134d9a7a821db27d74f54866c9e5114c552eb639161619b6e1ffebf63cbd634db1811fcc73bff7561a1d2dadef8fd1051bb9582f08ca1dd2221bd7b5d13137cce71d60d2d10b3d407367cfb35a5a3ab94f1cca11f8dba107d274877a6f820fb9bd63136d123d6fff76dd8e937a1929563756f98dc9d9bbdf348c58fba4862cb005c589f67b70d0a490aefa517b3afacbda4cb39a2bda976ba80b65a8f80c4d7bc81a5fa656d43e0c40a0d864f6d87d0b9e1d9aa6d189fc936c45a06ad8638f262beefe8e96041b7746327ea8f9b514a8c6147b2dc4734e4917da51b8e399aa0bb5326bf1c418518cc611845a88ae01bb96b30c9bf1343208a92dd8b5512a50f727ef943ea8866f774f8d0542c63e2c58572cd083a235c9f1bea29aa06610a66c17b50f41adda51aa20bace2f6eb8a831bcdfb8df4090415f0e9d0cdc8b1175dfb5bea6bcef766d81ed1c60db6a839ad53f39e2f584d1135fbf10cac232400f2103b3c89f8925a81d760bafe0b907457b37cd0df086c17390f22b2de53a5ebbf72d915dee12a308f51cff3fdaf236ab40feee9a648c4508520cf0b778400d230886eec5e1a7cc2c3062f4b09cd18e99869108fa8c4821cf10bb6d5744af6517313709f6ccd1c413b89b435534fa708ac3ec7136633b6f61b829a289bb646b57a6ab00884194ffd615739aea907b9ac4cf9d2e28e92071d976bf3f6d875c6eb745764dc520510526c285579732663d8efcde147880dcec59a69cdf312f2dc1d4d1619dc1364a175c643d47f41bae36cf87a02c4a090e2e5490cf3efebfa5bc8fc0e9a4a3fb634e2a9b86e7316545a2d1dceb6c4db4ae3fa62db59e537f98fbfdad22d9b36512374e8755087694a7448d644fb9ecdeb6a3dc8a1c6201ec9d1c54f7fc579981af7d178dae20d91d750b64d7b085c166b82f762b11f3b5100c2a03935d5fc16c6fca867bb9dca311d27ac7732450ffbebc48d3ffa5e96e1f1fe04757e9a5750dc9b82045ee4900d15dd8bc4e873096bfa68da34844f43efaba262090897567b2d40c13f26724f305"}}, &(0x7f00000010c0)) process_vm_readv(r0, &(0x7f0000001a40)=[{&(0x7f00000018c0)=""/31, 0x1f}, {&(0x7f0000001b40)=""/124, 0x7a}, {&(0x7f0000001980)=""/161, 0xa1}], 0x3, &(0x7f0000001ec0)=[{&(0x7f0000001a80)=""/101, 0x65}, {&(0x7f0000002240)=""/183, 0xffffffbc}, {&(0x7f0000001bc0)=""/122, 0x7a}, {&(0x7f0000001c40)=""/163, 0xa3}, {&(0x7f0000001d00)=""/231, 0xe7}, {&(0x7f0000001e00)}, {&(0x7f0000001e40)=""/9, 0x9}, {&(0x7f0000001b00)=""/46, 0x2e}], 0x8, 0x0) 15:20:26 executing program 3: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000100)={0x0, 0x0}) capset(&(0x7f0000000180)={0x20080522, r0}, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/locks\x00', 0x0, 0x0) ioctl$FS_IOC_SETVERSION(r2, 0x40087602, &(0x7f0000000040)=0x20) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000)='wlan1\x00', 0x10) sendfile(r1, r2, 0x0, 0x6) socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(0xffffffffffffffff, 0x0, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) [ 1251.671527] FAULT_INJECTION: forcing a failure. [ 1251.671527] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1251.672937] CPU: 0 PID: 7617 Comm: syz-executor.6 Not tainted 5.10.224 #1 [ 1251.673652] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1251.674506] Call Trace: [ 1251.674769] dump_stack+0x107/0x167 [ 1251.675124] should_fail.cold+0x5/0xa [ 1251.675542] _copy_from_user+0x2e/0x1b0 [ 1251.676022] do_pages_stat+0xf1/0x3b0 [ 1251.680918] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1251.681588] ? cpuset_mems_allowed+0x1af/0x440 [ 1251.682118] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1251.683049] ? trace_hardirqs_on+0x5b/0x180 [ 1251.683592] kernel_move_pages+0xb8f/0x11c0 [ 1251.684104] ? rcu_read_lock_any_held+0x75/0xa0 [ 1251.684822] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1251.685392] ? fput_many+0x2f/0x1a0 [ 1251.686065] ? ksys_write+0x1a9/0x260 [ 1251.686487] ? __ia32_sys_read+0xb0/0xb0 [ 1251.686970] __x64_sys_move_pages+0xdd/0x1b0 [ 1251.687790] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1251.688307] do_syscall_64+0x33/0x40 [ 1251.688975] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1251.689534] RIP: 0033:0x7f28eb741b19 [ 1251.689982] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1251.695567] RSP: 002b:00007f28e8cb7188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1251.696407] RAX: ffffffffffffffda RBX: 00007f28eb854f60 RCX: 00007f28eb741b19 [ 1251.697180] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1251.698116] RBP: 00007f28e8cb71d0 R08: 0000000020000000 R09: 0000000000000000 [ 1251.699108] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1251.699938] R13: 00007ffd318d456f R14: 00007f28e8cb7300 R15: 0000000000022000 [ 1251.704520] FAULT_INJECTION: forcing a failure. [ 1251.704520] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1251.707224] CPU: 1 PID: 7614 Comm: syz-executor.4 Not tainted 5.10.224 #1 [ 1251.708851] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1251.710586] FAULT_INJECTION: forcing a failure. [ 1251.710586] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1251.710782] Call Trace: [ 1251.710804] dump_stack+0x107/0x167 [ 1251.710822] should_fail.cold+0x5/0xa [ 1251.714576] _copy_from_user+0x2e/0x1b0 [ 1251.715450] do_pages_stat+0xf1/0x3b0 [ 1251.716298] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1251.717560] ? cpuset_mems_allowed+0x1af/0x440 [ 1251.718699] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1251.719802] ? trace_hardirqs_on+0x5b/0x180 [ 1251.720767] kernel_move_pages+0xb8f/0x11c0 [ 1251.721722] ? rcu_read_lock_any_held+0x75/0xa0 [ 1251.722851] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1251.724122] ? fput_many+0x2f/0x1a0 [ 1251.724935] ? ksys_write+0x1a9/0x260 [ 1251.725769] ? __ia32_sys_read+0xb0/0xb0 [ 1251.726776] __x64_sys_move_pages+0xdd/0x1b0 [ 1251.727743] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1251.728883] do_syscall_64+0x33/0x40 [ 1251.729692] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1251.730921] RIP: 0033:0x7f1c0ae11b19 [ 1251.731727] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1251.735906] RSP: 002b:00007f1c08387188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1251.737653] RAX: ffffffffffffffda RBX: 00007f1c0af24f60 RCX: 00007f1c0ae11b19 [ 1251.749268] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1251.750832] RBP: 00007f1c083871d0 R08: 0000000020000000 R09: 0000000000000000 [ 1251.752411] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1251.753975] R13: 00007ffd2ddfd2cf R14: 00007f1c08387300 R15: 0000000000022000 [ 1251.764517] CPU: 0 PID: 7625 Comm: syz-executor.0 Not tainted 5.10.224 #1 [ 1251.765276] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1251.766384] Call Trace: [ 1251.766642] dump_stack+0x107/0x167 [ 1251.766985] should_fail.cold+0x5/0xa [ 1251.767348] _copy_from_user+0x2e/0x1b0 [ 1251.767725] do_pages_stat+0xf1/0x3b0 [ 1251.768289] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1251.768843] ? cpuset_mems_allowed+0x1af/0x440 [ 1251.769291] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1251.769969] ? trace_hardirqs_on+0x5b/0x180 [ 1251.770381] kernel_move_pages+0xb8f/0x11c0 [ 1251.770796] ? rcu_read_lock_any_held+0x75/0xa0 [ 1251.771425] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1251.771977] ? fput_many+0x2f/0x1a0 [ 1251.772321] ? ksys_write+0x1a9/0x260 [ 1251.772861] ? __ia32_sys_read+0xb0/0xb0 [ 1251.773247] __x64_sys_move_pages+0xdd/0x1b0 [ 1251.773715] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1251.774394] do_syscall_64+0x33/0x40 [ 1251.774746] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1251.775224] RIP: 0033:0x7f6fdcf13b19 [ 1251.775574] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1251.777639] RSP: 002b:00007f6fda489188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1251.778346] RAX: ffffffffffffffda RBX: 00007f6fdd026f60 RCX: 00007f6fdcf13b19 [ 1251.779229] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1251.779976] RBP: 00007f6fda4891d0 R08: 0000000020000000 R09: 0000000000000000 [ 1251.780720] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1251.781454] R13: 00007ffee9bd176f R14: 00007f6fda489300 R15: 0000000000022000 15:20:26 executing program 2: syz_emit_ethernet(0x56, &(0x7f0000000080)={@random="20f9bdba2470", @remote, @void, {@canfd={0xd, {{}, 0x0, 0x0, 0x0, 0x0, "7bc74f84dbc157914cd8c864a1bea9a4d30d9eedbf84c7959dd76445502e8debf42a1f820f5fe25e762e614b3d9ae47ca38e6862065da5e5550f0dfc6eba6e8f"}}}}, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x8401, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f00000000c0)={'ipvlan1\x00'}) write$tun(r0, &(0x7f0000000100)={@void, @val={0x1}, @ipv6=@dccp_packet={0x0, 0x6, "3cdefa", 0x10, 0x21, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @local, {[], {{0x0, 0x0, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "265d99", 0x0, "960cee"}}}}}, 0x42) (fail_nth: 3) [ 1251.835664] FAULT_INJECTION: forcing a failure. [ 1251.835664] name failslab, interval 1, probability 0, space 0, times 0 [ 1251.836944] CPU: 1 PID: 7631 Comm: syz-executor.2 Not tainted 5.10.224 #1 [ 1251.837605] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1251.838404] Call Trace: [ 1251.838673] dump_stack+0x107/0x167 [ 1251.839033] should_fail.cold+0x5/0xa [ 1251.839413] ? create_object.isra.0+0x3a/0xa20 [ 1251.839869] should_failslab+0x5/0x20 [ 1251.840251] kmem_cache_alloc+0x5b/0x310 [ 1251.840655] create_object.isra.0+0x3a/0xa20 [ 1251.841088] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1251.841590] kmem_cache_alloc_node+0x169/0x330 [ 1251.842041] ? mark_lock+0xf5/0x2df0 [ 1251.842413] __alloc_skb+0x6d/0x5b0 [ 1251.842777] alloc_skb_with_frags+0x92/0x570 [ 1251.843205] ? lock_acquire+0x197/0x470 [ 1251.843601] sock_alloc_send_pskb+0x7af/0x930 [ 1251.844047] ? sk_alloc+0x350/0x350 [ 1251.844464] ? _copy_from_iter_full+0x27c/0xa60 [ 1251.844914] ? iov_iter_advance+0x23b/0xec0 [ 1251.845346] tun_get_user+0x94a/0x32f0 [ 1251.845745] ? tun_build_skb+0xfe0/0xfe0 [ 1251.846148] ? tun_device_event+0x8d0/0x1160 [ 1251.846576] ? lock_downgrade+0x6d0/0x6d0 [ 1251.846984] ? perf_trace_lock+0xac/0x490 [ 1251.847405] tun_chr_write_iter+0xe1/0x1e0 [ 1251.847824] new_sync_write+0x42c/0x660 [ 1251.852234] ? new_sync_read+0x6f0/0x6f0 [ 1251.852648] ? avc_policy_seqno+0x9/0x70 [ 1251.853049] ? selinux_file_permission+0x92/0x520 [ 1251.853519] ? security_file_permission+0xb1/0xe0 [ 1251.853993] vfs_write+0x7c0/0xb10 [ 1251.854345] ksys_write+0x12d/0x260 [ 1251.854698] ? __ia32_sys_read+0xb0/0xb0 [ 1251.855096] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1251.855611] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1251.856118] do_syscall_64+0x33/0x40 [ 1251.856492] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1251.856988] RIP: 0033:0x7f5895ec4b19 [ 1251.857344] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1251.859094] RSP: 002b:00007f589343a188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1251.859839] RAX: ffffffffffffffda RBX: 00007f5895fd7f60 RCX: 00007f5895ec4b19 [ 1251.860535] RDX: 0000000000000042 RSI: 0000000020000100 RDI: 0000000000000003 [ 1251.861224] RBP: 00007f589343a1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1251.861828] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1251.862433] R13: 00007ffeebf75d7f R14: 00007f589343a300 R15: 0000000000022000 15:20:26 executing program 7: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000100)={0x0, 0x0}) capset(&(0x7f0000000180)={0x20080522, r0}, &(0x7f00000002c0)={0x40, 0x0, 0xfffffaf2, 0x6, 0xffffffff, 0x40}) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000)='wlan1\x00', 0x10) sendfile(r1, 0xffffffffffffffff, 0x0, 0x6) msgctl$IPC_RMID(0x0, 0x0) move_pages(0x0, 0x1, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0], 0x0) 15:20:26 executing program 5: perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = gettid() process_vm_readv(r0, &(0x7f0000001a40)=[{&(0x7f00000018c0)=""/31, 0x1f}, {&(0x7f0000001b40)=""/124, 0x7a}, {&(0x7f0000001980)=""/161, 0xa1}], 0x3, &(0x7f0000001ec0)=[{&(0x7f0000001a80)=""/101, 0x65}, {&(0x7f0000002240)=""/183, 0xffffffbc}, {&(0x7f0000001bc0)=""/122, 0x7a}, {&(0x7f0000001c40)=""/163, 0xa3}, {&(0x7f0000001d00)=""/231, 0xe7}, {&(0x7f0000001e00)}, {&(0x7f0000001e40)=""/9, 0x9}, {&(0x7f0000001b00)=""/46, 0x2e}], 0x8, 0x0) syz_open_procfs(r0, &(0x7f0000000000)='net/ip_vs_stats\x00') 15:20:26 executing program 3: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000100)={0x0, 0x0}) capset(&(0x7f0000000180)={0x20080522, r0}, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/locks\x00', 0x0, 0x0) ioctl$FS_IOC_SETVERSION(r2, 0x40087602, &(0x7f0000000040)=0x20) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000)='wlan1\x00', 0x10) sendfile(r1, r2, 0x0, 0x6) socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(0xffffffffffffffff, 0x0, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) 15:20:26 executing program 7: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000100)={0x0, 0x0}) capset(&(0x7f0000000180)={0x20080522, r0}, &(0x7f00000002c0)={0x40, 0x0, 0xfffffaf2, 0x6, 0xffffffff, 0x40}) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000)='wlan1\x00', 0x10) sendfile(r1, 0xffffffffffffffff, 0x0, 0x6) msgctl$IPC_RMID(0x0, 0x0) move_pages(0x0, 0x1, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0], 0x0) 15:20:26 executing program 1: syz_emit_ethernet(0x56, &(0x7f0000000080)={@random="20f9bdba2470", @remote, @void, {@canfd={0xd, {{}, 0x0, 0x0, 0x0, 0x0, "7bc74f84dbc157914cd8c864a1bea9a4d30d9eedbf84c7959dd76445502e8debf42a1f820f5fe25e762e614b3d9ae47ca38e6862065da5e5550f0dfc6eba6e8f"}}}}, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x8401, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f00000000c0)={'ipvlan1\x00'}) write$tun(r0, &(0x7f0000000100)={@void, @val={0x1, 0x4, 0x0, 0x2}, @ipv6=@dccp_packet={0x0, 0x6, "3cdefa", 0x10, 0x21, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @local, {[], {{0x0, 0x0, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "265d99", 0x0, "960cee"}}}}}, 0x42) 15:20:26 executing program 7: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000100)={0x0, 0x0}) capset(&(0x7f0000000180)={0x20080522, r0}, &(0x7f00000002c0)={0x40, 0x0, 0xfffffaf2, 0x6, 0xffffffff, 0x40}) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000)='wlan1\x00', 0x10) sendfile(r1, 0xffffffffffffffff, 0x0, 0x6) msgctl$IPC_RMID(0x0, 0x0) move_pages(0x0, 0x1, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0], 0x0) 15:20:26 executing program 4: perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) msgget(0x1, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 48) [ 1252.028441] FAULT_INJECTION: forcing a failure. [ 1252.028441] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1252.030076] CPU: 0 PID: 7648 Comm: syz-executor.4 Not tainted 5.10.224 #1 [ 1252.030745] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1252.031552] Call Trace: [ 1252.031834] dump_stack+0x107/0x167 [ 1252.032206] should_fail.cold+0x5/0xa [ 1252.032613] _copy_to_user+0x2e/0x180 [ 1252.033005] do_pages_stat+0x2b4/0x3b0 [ 1252.033410] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1252.034011] ? cpuset_mems_allowed+0x1af/0x440 [ 1252.035279] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1252.036557] ? trace_hardirqs_on+0x5b/0x180 [ 1252.037643] kernel_move_pages+0xb8f/0x11c0 [ 1252.038727] ? rcu_read_lock_any_held+0x75/0xa0 [ 1252.039877] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1252.041332] ? fput_many+0x2f/0x1a0 [ 1252.042240] ? ksys_write+0x1a9/0x260 [ 1252.043188] ? __ia32_sys_read+0xb0/0xb0 [ 1252.044197] __x64_sys_move_pages+0xdd/0x1b0 [ 1252.045290] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1252.046557] do_syscall_64+0x33/0x40 [ 1252.047477] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1252.048752] RIP: 0033:0x7f1c0ae11b19 [ 1252.049676] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1252.054305] RSP: 002b:00007f1c08387188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1252.056201] RAX: ffffffffffffffda RBX: 00007f1c0af24f60 RCX: 00007f1c0ae11b19 [ 1252.057960] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1252.059735] RBP: 00007f1c083871d0 R08: 0000000020000000 R09: 0000000000000000 [ 1252.061514] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1252.063306] R13: 00007ffd2ddfd2cf R14: 00007f1c08387300 R15: 0000000000022000 15:20:40 executing program 6: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 56) 15:20:40 executing program 4: perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) msgget(0x1, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 49) [ 1265.589529] FAULT_INJECTION: forcing a failure. [ 1265.589529] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1265.590922] CPU: 1 PID: 7654 Comm: syz-executor.6 Not tainted 5.10.224 #1 [ 1265.591548] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1265.592298] Call Trace: [ 1265.592568] dump_stack+0x107/0x167 [ 1265.592909] should_fail.cold+0x5/0xa [ 1265.593276] _copy_to_user+0x2e/0x180 [ 1265.593640] do_pages_stat+0x2b4/0x3b0 [ 1265.594013] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1265.594561] ? cpuset_mems_allowed+0x1af/0x440 [ 1265.594997] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1265.595462] ? trace_hardirqs_on+0x5b/0x180 [ 1265.595870] kernel_move_pages+0xb8f/0x11c0 15:20:40 executing program 7: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000100)={0x0, 0x0}) capset(&(0x7f0000000180)={0x20080522, r0}, &(0x7f00000002c0)={0x40, 0x0, 0xfffffaf2, 0x6, 0xffffffff, 0x40}) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000)='wlan1\x00', 0x10) sendfile(r1, 0xffffffffffffffff, 0x0, 0x6) msgctl$IPC_RMID(0x0, 0x0) move_pages(0x0, 0x1, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0], 0x0) 15:20:40 executing program 3: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000100)={0x0, 0x0}) capset(&(0x7f0000000180)={0x20080522, r0}, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/locks\x00', 0x0, 0x0) ioctl$FS_IOC_SETVERSION(r2, 0x40087602, &(0x7f0000000040)=0x20) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000)='wlan1\x00', 0x10) sendfile(r1, r2, 0x0, 0x6) r3 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r3, 0x0, 0x0) move_pages(0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) [ 1265.596283] ? rcu_read_lock_any_held+0x75/0xa0 [ 1265.596741] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1265.597432] ? fput_many+0x2f/0x1a0 [ 1265.597749] ? ksys_write+0x1a9/0x260 [ 1265.598073] ? __ia32_sys_read+0xb0/0xb0 [ 1265.598420] __x64_sys_move_pages+0xdd/0x1b0 [ 1265.598794] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1265.599225] do_syscall_64+0x33/0x40 [ 1265.599539] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1265.599968] RIP: 0033:0x7f28eb741b19 [ 1265.600283] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1265.601857] RSP: 002b:00007f28e8cb7188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1265.602495] RAX: ffffffffffffffda RBX: 00007f28eb854f60 RCX: 00007f28eb741b19 [ 1265.603088] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1265.603681] RBP: 00007f28e8cb71d0 R08: 0000000020000000 R09: 0000000000000000 [ 1265.604276] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1265.604917] R13: 00007ffd318d456f R14: 00007f28e8cb7300 R15: 0000000000022000 [ 1265.608756] FAULT_INJECTION: forcing a failure. [ 1265.608756] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1265.611285] CPU: 1 PID: 7659 Comm: syz-executor.4 Not tainted 5.10.224 #1 [ 1265.612642] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1265.614186] Call Trace: [ 1265.614677] dump_stack+0x107/0x167 [ 1265.615363] should_fail.cold+0x5/0xa [ 1265.616090] _copy_from_user+0x2e/0x1b0 [ 1265.616644] do_pages_stat+0xf1/0x3b0 [ 1265.617005] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1265.617535] ? cpuset_mems_allowed+0x1af/0x440 [ 1265.617963] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1265.618419] ? trace_hardirqs_on+0x5b/0x180 [ 1265.618822] kernel_move_pages+0xb8f/0x11c0 [ 1265.619221] ? rcu_read_lock_any_held+0x75/0xa0 [ 1265.619640] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1265.620160] ? fput_many+0x2f/0x1a0 [ 1265.620573] ? ksys_write+0x1a9/0x260 [ 1265.620920] ? __ia32_sys_read+0xb0/0xb0 [ 1265.621312] __x64_sys_move_pages+0xdd/0x1b0 [ 1265.621718] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1265.622190] do_syscall_64+0x33/0x40 [ 1265.622541] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1265.623007] RIP: 0033:0x7f1c0ae11b19 [ 1265.623348] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1265.625970] RSP: 002b:00007f1c08387188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1265.627465] RAX: ffffffffffffffda RBX: 00007f1c0af24f60 RCX: 00007f1c0ae11b19 [ 1265.629092] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1265.630640] RBP: 00007f1c083871d0 R08: 0000000020000000 R09: 0000000000000000 [ 1265.632013] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1265.633554] R13: 00007ffd2ddfd2cf R14: 00007f1c08387300 R15: 0000000000022000 [ 1265.664606] FAULT_INJECTION: forcing a failure. [ 1265.664606] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1265.666958] CPU: 1 PID: 7667 Comm: syz-executor.0 Not tainted 5.10.224 #1 [ 1265.668145] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1265.669897] Call Trace: [ 1265.670358] dump_stack+0x107/0x167 [ 1265.670998] should_fail.cold+0x5/0xa [ 1265.671669] _copy_to_user+0x2e/0x180 [ 1265.672332] do_pages_stat+0x2b4/0x3b0 [ 1265.673182] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1265.674193] ? cpuset_mems_allowed+0x1af/0x440 [ 1265.674994] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1265.675987] ? trace_hardirqs_on+0x5b/0x180 [ 1265.676857] kernel_move_pages+0xb8f/0x11c0 [ 1265.677623] ? rcu_read_lock_any_held+0x75/0xa0 [ 1265.678428] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1265.679438] ? fput_many+0x2f/0x1a0 [ 1265.680073] ? ksys_write+0x1a9/0x260 [ 1265.680826] ? __ia32_sys_read+0xb0/0xb0 [ 1265.681532] __x64_sys_move_pages+0xdd/0x1b0 [ 1265.682297] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1265.683186] do_syscall_64+0x33/0x40 [ 1265.683829] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1265.684591] RIP: 0033:0x7f6fdcf13b19 [ 1265.684910] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1265.686430] RSP: 002b:00007f6fda489188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1265.687068] RAX: ffffffffffffffda RBX: 00007f6fdd026f60 RCX: 00007f6fdcf13b19 [ 1265.687661] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1265.688255] RBP: 00007f6fda4891d0 R08: 0000000020000000 R09: 0000000000000000 [ 1265.689579] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1265.690814] R13: 00007ffee9bd176f R14: 00007f6fda489300 R15: 0000000000022000 [ 1265.711922] FAULT_INJECTION: forcing a failure. [ 1265.711922] name failslab, interval 1, probability 0, space 0, times 0 [ 1265.713184] CPU: 0 PID: 7665 Comm: syz-executor.2 Not tainted 5.10.224 #1 [ 1265.713890] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1265.715310] Call Trace: [ 1265.715770] dump_stack+0x107/0x167 [ 1265.716397] should_fail.cold+0x5/0xa [ 1265.717246] should_failslab+0x5/0x20 [ 1265.717909] __kmalloc_node_track_caller+0x74/0x3b0 [ 1265.718777] ? alloc_skb_with_frags+0x92/0x570 [ 1265.719568] ? mark_lock+0xf5/0x2df0 [ 1265.720215] __alloc_skb+0xb1/0x5b0 [ 1265.720658] alloc_skb_with_frags+0x92/0x570 [ 1265.721036] ? lock_acquire+0x197/0x470 [ 1265.721381] sock_alloc_send_pskb+0x7af/0x930 [ 1265.721771] ? sk_alloc+0x350/0x350 [ 1265.722086] ? _copy_from_iter_full+0x27c/0xa60 [ 1265.722478] ? iov_iter_advance+0x23b/0xec0 [ 1265.722859] tun_get_user+0x94a/0x32f0 [ 1265.723206] ? tun_build_skb+0xfe0/0xfe0 [ 1265.723558] ? tun_device_event+0x8d0/0x1160 [ 1265.723929] ? lock_downgrade+0x6d0/0x6d0 [ 1265.724283] ? perf_trace_lock+0xac/0x490 [ 1265.724710] tun_chr_write_iter+0xe1/0x1e0 [ 1265.725073] new_sync_write+0x42c/0x660 [ 1265.725410] ? new_sync_read+0x6f0/0x6f0 [ 1265.725760] ? avc_policy_seqno+0x9/0x70 [ 1265.726101] ? selinux_file_permission+0x92/0x520 [ 1265.726516] ? security_file_permission+0xb1/0xe0 [ 1265.726925] vfs_write+0x7c0/0xb10 [ 1265.727233] ksys_write+0x12d/0x260 [ 1265.727542] ? __ia32_sys_read+0xb0/0xb0 [ 1265.727888] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1265.728331] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1265.728821] do_syscall_64+0x33/0x40 [ 1265.729141] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1265.729574] RIP: 0033:0x7f5895ec4b19 [ 1265.729891] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1265.731432] RSP: 002b:00007f589343a188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1265.732070] RAX: ffffffffffffffda RBX: 00007f5895fd7f60 RCX: 00007f5895ec4b19 [ 1265.732716] RDX: 0000000000000042 RSI: 0000000020000100 RDI: 0000000000000003 [ 1265.733313] RBP: 00007f589343a1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1265.733917] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1265.734517] R13: 00007ffeebf75d7f R14: 00007f589343a300 R15: 0000000000022000 [ 1265.774241] FAULT_INJECTION: forcing a failure. [ 1265.774241] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1265.775530] CPU: 1 PID: 7675 Comm: syz-executor.6 Not tainted 5.10.224 #1 [ 1265.776106] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1265.776813] Call Trace: [ 1265.777047] dump_stack+0x107/0x167 [ 1265.777360] should_fail.cold+0x5/0xa [ 1265.777695] _copy_from_user+0x2e/0x1b0 [ 1265.778038] do_pages_stat+0xf1/0x3b0 [ 1265.778368] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1265.778868] ? cpuset_mems_allowed+0x1af/0x440 [ 1265.779267] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1265.779696] ? trace_hardirqs_on+0x5b/0x180 [ 1265.780069] kernel_move_pages+0xb8f/0x11c0 [ 1265.780457] ? rcu_read_lock_any_held+0x75/0xa0 [ 1265.780862] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1265.781353] ? fput_many+0x2f/0x1a0 [ 1265.781670] ? ksys_write+0x1a9/0x260 [ 1265.781996] ? __ia32_sys_read+0xb0/0xb0 [ 1265.782345] __x64_sys_move_pages+0xdd/0x1b0 [ 1265.782724] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1265.783163] do_syscall_64+0x33/0x40 [ 1265.783482] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1265.783913] RIP: 0033:0x7f28eb741b19 [ 1265.784231] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1265.785783] RSP: 002b:00007f28e8cb7188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1265.786427] RAX: ffffffffffffffda RBX: 00007f28eb854f60 RCX: 00007f28eb741b19 [ 1265.787026] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1265.787625] RBP: 00007f28e8cb71d0 R08: 0000000020000000 R09: 0000000000000000 [ 1265.788222] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1265.788841] R13: 00007ffd318d456f R14: 00007f28e8cb7300 R15: 0000000000022000 [ 1265.823048] FAULT_INJECTION: forcing a failure. [ 1265.823048] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1265.824102] CPU: 1 PID: 7679 Comm: syz-executor.0 Not tainted 5.10.224 #1 [ 1265.824696] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1265.825390] Call Trace: [ 1265.825623] dump_stack+0x107/0x167 [ 1265.825935] should_fail.cold+0x5/0xa [ 1265.826270] _copy_from_user+0x2e/0x1b0 [ 1265.826614] do_pages_stat+0xf1/0x3b0 [ 1265.826948] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1265.828226] ? cpuset_mems_allowed+0x1af/0x440 [ 1265.828799] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1265.830023] ? trace_hardirqs_on+0x5b/0x180 [ 1265.831077] kernel_move_pages+0xb8f/0x11c0 [ 1265.832125] ? rcu_read_lock_any_held+0x75/0xa0 [ 1265.833251] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1265.834639] ? fput_many+0x2f/0x1a0 [ 1265.835511] ? ksys_write+0x1a9/0x260 [ 1265.836434] ? __ia32_sys_read+0xb0/0xb0 [ 1265.837407] __x64_sys_move_pages+0xdd/0x1b0 [ 1265.838456] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1265.839688] do_syscall_64+0x33/0x40 [ 1265.840481] FAULT_INJECTION: forcing a failure. [ 1265.840481] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1265.840587] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1265.844535] RIP: 0033:0x7f6fdcf13b19 [ 1265.845415] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1265.849859] RSP: 002b:00007f6fda489188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1265.851668] RAX: ffffffffffffffda RBX: 00007f6fdd026f60 RCX: 00007f6fdcf13b19 [ 1265.853370] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1265.855082] RBP: 00007f6fda4891d0 R08: 0000000020000000 R09: 0000000000000000 [ 1265.856790] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1265.858484] R13: 00007ffee9bd176f R14: 00007f6fda489300 R15: 0000000000022000 [ 1265.860190] CPU: 0 PID: 7677 Comm: syz-executor.4 Not tainted 5.10.224 #1 [ 1265.861884] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1265.863920] Call Trace: [ 1265.864565] dump_stack+0x107/0x167 [ 1265.865447] should_fail.cold+0x5/0xa [ 1265.866382] _copy_to_user+0x2e/0x180 [ 1265.867311] do_pages_stat+0x2b4/0x3b0 [ 1265.868255] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1265.876828] ? cpuset_mems_allowed+0x1af/0x440 [ 1265.877942] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1265.879171] ? trace_hardirqs_on+0x5b/0x180 [ 1265.880219] kernel_move_pages+0xb8f/0x11c0 [ 1265.881305] ? rcu_read_lock_any_held+0x75/0xa0 [ 1265.882438] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1265.883840] ? fput_many+0x2f/0x1a0 [ 1265.884768] ? ksys_write+0x1a9/0x260 [ 1265.885683] ? __ia32_sys_read+0xb0/0xb0 [ 1265.886665] __x64_sys_move_pages+0xdd/0x1b0 [ 1265.887727] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1265.888996] do_syscall_64+0x33/0x40 [ 1265.889893] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1265.891118] RIP: 0033:0x7f1c0ae11b19 [ 1265.892015] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1265.896541] RSP: 002b:00007f1c08387188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1265.898361] RAX: ffffffffffffffda RBX: 00007f1c0af24f60 RCX: 00007f1c0ae11b19 [ 1265.900109] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1265.905870] RBP: 00007f1c083871d0 R08: 0000000020000000 R09: 0000000000000000 [ 1265.907618] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1265.909348] R13: 00007ffd2ddfd2cf R14: 00007f1c08387300 R15: 0000000000022000 15:20:40 executing program 2: syz_emit_ethernet(0x56, &(0x7f0000000080)={@random="20f9bdba2470", @remote, @void, {@canfd={0xd, {{}, 0x0, 0x0, 0x0, 0x0, "7bc74f84dbc157914cd8c864a1bea9a4d30d9eedbf84c7959dd76445502e8debf42a1f820f5fe25e762e614b3d9ae47ca38e6862065da5e5550f0dfc6eba6e8f"}}}}, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x8401, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f00000000c0)={'ipvlan1\x00'}) write$tun(r0, &(0x7f0000000100)={@void, @val={0x1}, @ipv6=@dccp_packet={0x0, 0x6, "3cdefa", 0x10, 0x21, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @local, {[], {{0x0, 0x0, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "265d99", 0x0, "960cee"}}}}}, 0x42) (fail_nth: 4) 15:20:40 executing program 5: perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) gettid() 15:20:40 executing program 1: syz_emit_ethernet(0x56, &(0x7f0000000080)={@random="20f9bdba2470", @remote, @void, {@canfd={0xd, {{}, 0x0, 0x0, 0x0, 0x0, "7bc74f84dbc157914cd8c864a1bea9a4d30d9eedbf84c7959dd76445502e8debf42a1f820f5fe25e762e614b3d9ae47ca38e6862065da5e5550f0dfc6eba6e8f"}}}}, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x8401, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f00000000c0)={'ipvlan1\x00'}) write$tun(r0, &(0x7f0000000100)={@void, @val={0x1, 0x4, 0x0, 0x2}, @ipv6=@dccp_packet={0x0, 0x6, "3cdefa", 0x10, 0x21, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @local, {[], {{0x0, 0x0, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "265d99", 0x0, "960cee"}}}}}, 0x42) 15:20:40 executing program 0: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) setsockopt$packet_rx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0) msgget(0x1, 0x0) ioctl$EXT4_IOC_PRECACHE_EXTENTS(0xffffffffffffffff, 0x6612) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 58) 15:20:40 executing program 7: perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = gettid() process_vm_readv(r0, &(0x7f0000001a40)=[{&(0x7f00000018c0)=""/31, 0x1f}, {&(0x7f0000001b40)=""/124, 0x7c}, {&(0x7f0000001980)=""/161, 0xa1}], 0x3, &(0x7f0000001ec0)=[{&(0x7f0000001a80)=""/101, 0x65}, {&(0x7f0000002240)=""/183, 0xb7}, {&(0x7f0000001bc0)=""/122, 0x7a}, {&(0x7f0000001c40)=""/163, 0xa3}, {&(0x7f0000001d00)=""/231, 0xe7}, {&(0x7f0000001e00)}, {&(0x7f0000001e40)=""/9, 0x9}, {&(0x7f00000000c0)=""/46, 0x2e}], 0x8, 0x0) r1 = getpgid(r0) r2 = gettid() process_vm_readv(r2, &(0x7f0000001a40)=[{&(0x7f00000018c0)=""/31, 0x1f}, {&(0x7f0000001b40)=""/124, 0x7a}, {&(0x7f0000001980)=""/161, 0xa1}], 0x3, &(0x7f0000001ec0)=[{&(0x7f0000001a80)=""/101, 0x65}, {&(0x7f0000002240)=""/183, 0xffffffbc}, {&(0x7f0000001bc0)=""/122, 0x7a}, {&(0x7f0000001c40)=""/163, 0xa3}, {&(0x7f0000001d00)=""/231, 0xe7}, {&(0x7f0000001e00)}, {&(0x7f0000001e40)=""/9, 0x9}, {&(0x7f0000001b00)=""/46, 0x2e}], 0x8, 0x0) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, &(0x7f0000000000)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x4}}, './file0\x00'}) r4 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl$sock_SIOCETHTOOL(r4, 0x8946, &(0x7f0000000240)={'syz_tun\x00', &(0x7f0000000200)=ANY=[@ANYBLOB="020000000000000000070000000000000000000000000001000000000026c9d0558e00"/44]}) kcmp(r1, r2, 0x0, r3, r4) 15:20:40 executing program 3: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000100)={0x0, 0x0}) capset(&(0x7f0000000180)={0x20080522, r0}, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/locks\x00', 0x0, 0x0) ioctl$FS_IOC_SETVERSION(r2, 0x40087602, &(0x7f0000000040)=0x20) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000)='wlan1\x00', 0x10) sendfile(r1, r2, 0x0, 0x6) r3 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r3, 0x0, 0x0) move_pages(0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) 15:20:40 executing program 6: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 57) 15:20:40 executing program 4: perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) msgget(0x1, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 50) 15:20:40 executing program 0: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) setsockopt$packet_rx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0) msgget(0x1, 0x0) ioctl$EXT4_IOC_PRECACHE_EXTENTS(0xffffffffffffffff, 0x6612) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 59) 15:20:40 executing program 7: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000100)={0x0, 0x0}) capset(&(0x7f0000000180)={0x20080522, r0}, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/locks\x00', 0x0, 0x0) ioctl$FS_IOC_SETVERSION(r2, 0x40087602, &(0x7f0000000040)=0x20) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000)='wlan1\x00', 0x10) sendfile(r1, r2, 0x0, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r3, 0x0, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) 15:20:40 executing program 1: syz_emit_ethernet(0x56, &(0x7f0000000080)={@random="20f9bdba2470", @remote, @void, {@canfd={0xd, {{}, 0x0, 0x0, 0x0, 0x0, "7bc74f84dbc157914cd8c864a1bea9a4d30d9eedbf84c7959dd76445502e8debf42a1f820f5fe25e762e614b3d9ae47ca38e6862065da5e5550f0dfc6eba6e8f"}}}}, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x8401, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f00000000c0)={'ipvlan1\x00'}) write$tun(r0, &(0x7f0000000100)={@void, @val={0x1, 0x4, 0x0, 0x2}, @ipv6=@dccp_packet={0x0, 0x6, "3cdefa", 0x10, 0x21, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @local, {[], {{0x0, 0x0, 0x4, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, "265d99", 0x0, "960cee"}}}}}, 0x42) 15:20:40 executing program 5: fsync(0xffffffffffffffff) syz_emit_ethernet(0x46, &(0x7f0000002780)={@link_local, @dev, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "96153f", 0x10, 0x2c, 0x0, @rand_addr=' \x01\x00', @mcast2, {[@dstopts={0x3a}], @mlv2_report}}}}}, 0x0) r0 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x3000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x4000, 0x128) copy_file_range(r2, 0x0, 0xffffffffffffffff, 0x0, 0x200f5ef, 0x0) r3 = syz_io_uring_setup(0x3d21, &(0x7f00000003c0)={0x0, 0x9aa4, 0x20, 0x3, 0x180}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000580), &(0x7f00000005c0)) fstat(r0, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, 0x0}) r5 = geteuid() getresuid(&(0x7f0000000240), &(0x7f0000000280)=0x0, &(0x7f00000002c0)) r7 = getgid() sendmsg$unix(0xffffffffffffffff, &(0x7f0000000400)={&(0x7f00000000c0)=@abs={0x0, 0x0, 0x4e23}, 0x6e, 0x0, 0x0, &(0x7f0000000300)=[@cred={{0x1c, 0x1, 0x2, {0xffffffffffffffff, r5}}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xee00}}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {0x0, r6}}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0xee01, r7}}}], 0x98, 0x4a6d9b9f314c1032}, 0x0) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r2, 0xc018937b, &(0x7f0000000680)={{0x1, 0x1, 0x18, r3, {r4, r7}}, './file0\x00'}) r8 = gettid() process_vm_readv(r1, &(0x7f0000001a40), 0x0, &(0x7f0000000340)=[{&(0x7f0000000500)=""/105, 0x69}, {&(0x7f0000000440)=""/183, 0xb7}, {&(0x7f0000001bc0)=""/112, 0x70}, {&(0x7f0000000280)=""/163, 0xa3}, {&(0x7f0000001d00)=""/231, 0xe7}, {&(0x7f0000000500)}, {&(0x7f0000001e40)=""/9, 0x9}, {&(0x7f0000001b00)=""/45, 0x2d}], 0x8, 0x0) process_vm_readv(r8, &(0x7f0000001a40)=[{&(0x7f00000018c0)=""/31, 0x1f}, {&(0x7f0000001b40)=""/124, 0x7c}, {&(0x7f0000001980)=""/157, 0x9d}], 0x3, &(0x7f0000001ec0)=[{&(0x7f0000000200)=""/112, 0x70}, {&(0x7f0000002240)=""/183, 0xb7}, {&(0x7f0000001bc0)=""/112, 0x70}, {&(0x7f0000001c40)=""/163, 0xa3}, {&(0x7f0000001d00)=""/231, 0xe7}, {&(0x7f0000001e00)}, {&(0x7f0000001e40)=""/9, 0x9}, {&(0x7f0000001b00)=""/46, 0x2e}], 0x8, 0x0) timer_create(0x4, &(0x7f0000000180)={0x0, 0x33, 0x2, @thr={&(0x7f00000000c0)="c55455daf25d569bdc290d2aefa9dda54eb1a41a5efb99b9074dfd44eb916fa5464e10d6b536da12f0dc262bbbfd652febeb19955642b0dc25b1634771ce2094a6ff42cc4054463e822a458b849ed651e19cca26edf089e465654a0a55ca2826645c7f24f795fcce3d4913711c2e3b3019d0e9e0e51fa863ae82bf4783cf313166671f7e24daf4f7dd5e20e21e9c34121867bd1fb840427f495ccc73d1761470364fa795e4891da18d7038876fdb54c9770cb05f59ddc55abe0634d65d5a", &(0x7f0000000000)="b9512b2141de7de6b08d4162d6ec953ce8159b6f1f5e8580aed40e291f7a7279"}}, &(0x7f00000001c0)) r9 = inotify_init1(0x800) r10 = socket$inet_udp(0x2, 0x2, 0x0) dup2(r9, r10) 15:20:40 executing program 6: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 58) 15:20:40 executing program 3: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000100)={0x0, 0x0}) capset(&(0x7f0000000180)={0x20080522, r0}, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/locks\x00', 0x0, 0x0) ioctl$FS_IOC_SETVERSION(r2, 0x40087602, &(0x7f0000000040)=0x20) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000)='wlan1\x00', 0x10) sendfile(r1, r2, 0x0, 0x6) r3 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r3, 0x0, 0x0) move_pages(0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) [ 1265.963376] FAULT_INJECTION: forcing a failure. [ 1265.963376] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1265.965308] CPU: 0 PID: 7689 Comm: syz-executor.6 Not tainted 5.10.224 #1 [ 1265.966566] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1265.967390] Call Trace: [ 1265.967671] dump_stack+0x107/0x167 [ 1265.968034] should_fail.cold+0x5/0xa [ 1265.968447] _copy_to_user+0x2e/0x180 [ 1265.969189] do_pages_stat+0x2b4/0x3b0 [ 1265.969600] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1265.970190] ? cpuset_mems_allowed+0x1af/0x440 [ 1265.970784] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1265.971934] ? trace_hardirqs_on+0x5b/0x180 [ 1265.972941] kernel_move_pages+0xb8f/0x11c0 [ 1265.973927] ? rcu_read_lock_any_held+0x75/0xa0 [ 1265.974974] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1265.976297] ? fput_many+0x2f/0x1a0 [ 1265.977138] ? ksys_write+0x1a9/0x260 [ 1265.977989] ? __ia32_sys_read+0xb0/0xb0 [ 1265.978927] __x64_sys_move_pages+0xdd/0x1b0 [ 1265.979943] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1265.981117] do_syscall_64+0x33/0x40 [ 1265.981951] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1265.983117] RIP: 0033:0x7f28eb741b19 [ 1265.983954] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1265.988120] RSP: 002b:00007f28e8cb7188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1265.989856] RAX: ffffffffffffffda RBX: 00007f28eb854f60 RCX: 00007f28eb741b19 [ 1265.991428] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1265.992995] RBP: 00007f28e8cb71d0 R08: 0000000020000000 R09: 0000000000000000 [ 1265.994614] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1265.996218] R13: 00007ffd318d456f R14: 00007f28e8cb7300 R15: 0000000000022000 15:20:40 executing program 4: perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) msgget(0x1, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 51) [ 1266.015776] FAULT_INJECTION: forcing a failure. [ 1266.015776] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1266.017866] CPU: 1 PID: 7695 Comm: syz-executor.4 Not tainted 5.10.224 #1 [ 1266.019436] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1266.021326] Call Trace: [ 1266.021918] dump_stack+0x107/0x167 [ 1266.022739] should_fail.cold+0x5/0xa [ 1266.023599] _copy_from_user+0x2e/0x1b0 [ 1266.024509] do_pages_stat+0xf1/0x3b0 [ 1266.025374] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1266.026682] ? cpuset_mems_allowed+0x1af/0x440 [ 1266.027733] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1266.028213] ? trace_hardirqs_on+0x5b/0x180 [ 1266.029209] kernel_move_pages+0xb8f/0x11c0 [ 1266.030196] ? rcu_read_lock_any_held+0x75/0xa0 [ 1266.031252] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1266.031810] ? fput_many+0x2f/0x1a0 [ 1266.032665] ? ksys_write+0x1a9/0x260 [ 1266.033034] ? __ia32_sys_read+0xb0/0xb0 [ 1266.033961] __x64_sys_move_pages+0xdd/0x1b0 [ 1266.034955] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1266.036111] do_syscall_64+0x33/0x40 [ 1266.036961] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1266.038118] RIP: 0033:0x7f1c0ae11b19 [ 1266.038946] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1266.043094] RSP: 002b:00007f1c08387188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1266.044809] RAX: ffffffffffffffda RBX: 00007f1c0af24f60 RCX: 00007f1c0ae11b19 [ 1266.046400] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1266.047993] RBP: 00007f1c083871d0 R08: 0000000020000000 R09: 0000000000000000 [ 1266.049620] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1266.051224] R13: 00007ffd2ddfd2cf R14: 00007f1c08387300 R15: 0000000000022000 15:20:40 executing program 5: r0 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() fcntl$dupfd(r0, 0x0, r0) r2 = gettid() process_vm_readv(r2, &(0x7f0000001a40)=[{&(0x7f00000018c0)=""/31, 0x1f}, {&(0x7f0000001b40)=""/124, 0x7a}, {&(0x7f0000001980)=""/161, 0xa1}], 0x3, &(0x7f0000001ec0)=[{&(0x7f0000001a80)=""/101, 0x65}, {&(0x7f0000002240)=""/183, 0xffffffbc}, {&(0x7f0000001bc0)=""/122, 0x7a}, {&(0x7f0000001c40)=""/163, 0xa3}, {&(0x7f0000001d00)=""/231, 0xe7}, {&(0x7f0000001e00)}, {&(0x7f0000001e40)=""/9, 0x9}, {&(0x7f0000001b00)=""/46, 0x2e}], 0x8, 0x0) ptrace$getregset(0x4204, r2, 0x201, &(0x7f0000000180)={&(0x7f00000000c0)=""/173, 0xad}) process_vm_readv(r1, &(0x7f0000001a40)=[{&(0x7f00000018c0)=""/31, 0x1f}, {&(0x7f0000001b40)=""/124, 0x7c}, {&(0x7f0000001980)=""/147, 0x93}], 0x3, &(0x7f0000001ec0)=[{&(0x7f0000001a80)=""/101, 0x65}, {&(0x7f0000002240)=""/183, 0xb7}, {&(0x7f0000001bc0)=""/118, 0x76}, {&(0x7f0000001c40)=""/163, 0xa3}, {&(0x7f0000001d00)=""/231, 0xe7}, {}, {&(0x7f0000001e40)=""/9, 0x9}, {&(0x7f0000000000)=""/46, 0x2e}], 0x8, 0x0) r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x1000000, 0x100010, 0xffffffffffffffff, 0x10000000) r4 = syz_io_uring_setup(0x3ca0, &(0x7f0000000080), &(0x7f0000400000/0xc00000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000280)=0x0) r7 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0) syz_io_uring_submit(r5, r6, &(0x7f0000000000)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, r7}}, 0x0) syz_io_uring_submit(0x0, r3, &(0x7f00000001c0)=@IORING_OP_POLL_REMOVE={0x7, 0x1, 0x0, 0x0, 0x0, 0x12345, 0x0, 0x0, 0x0, {0x0, r7}}, 0x3) 15:20:54 executing program 2: syz_emit_ethernet(0x56, &(0x7f0000000080)={@random="20f9bdba2470", @remote, @void, {@canfd={0xd, {{}, 0x0, 0x0, 0x0, 0x0, "7bc74f84dbc157914cd8c864a1bea9a4d30d9eedbf84c7959dd76445502e8debf42a1f820f5fe25e762e614b3d9ae47ca38e6862065da5e5550f0dfc6eba6e8f"}}}}, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x8401, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f00000000c0)={'ipvlan1\x00'}) write$tun(r0, &(0x7f0000000100)={@void, @val={0x1}, @ipv6=@dccp_packet={0x0, 0x6, "3cdefa", 0x10, 0x21, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @local, {[], {{0x0, 0x0, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "265d99", 0x0, "960cee"}}}}}, 0x42) (fail_nth: 5) 15:20:54 executing program 6: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 59) [ 1279.795557] FAULT_INJECTION: forcing a failure. [ 1279.795557] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1279.796717] CPU: 1 PID: 7709 Comm: syz-executor.0 Not tainted 5.10.224 #1 [ 1279.798367] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1279.799175] Call Trace: [ 1279.799792] dump_stack+0x107/0x167 [ 1279.800136] should_fail.cold+0x5/0xa [ 1279.800523] _copy_to_user+0x2e/0x180 [ 1279.801432] do_pages_stat+0x2b4/0x3b0 [ 1279.802213] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1279.803512] ? cpuset_mems_allowed+0x1af/0x440 [ 1279.804557] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1279.805709] ? trace_hardirqs_on+0x5b/0x180 [ 1279.806687] kernel_move_pages+0xb8f/0x11c0 [ 1279.807661] ? rcu_read_lock_any_held+0x75/0xa0 [ 1279.808717] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1279.810032] ? fput_many+0x2f/0x1a0 [ 1279.810854] ? ksys_write+0x1a9/0x260 [ 1279.811710] ? __ia32_sys_read+0xb0/0xb0 [ 1279.812639] __x64_sys_move_pages+0xdd/0x1b0 [ 1279.813628] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1279.814761] do_syscall_64+0x33/0x40 [ 1279.815571] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1279.816717] RIP: 0033:0x7f6fdcf13b19 [ 1279.817556] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1279.821743] RSP: 002b:00007f6fda489188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1279.823457] RAX: ffffffffffffffda RBX: 00007f6fdd026f60 RCX: 00007f6fdcf13b19 [ 1279.825098] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1279.826712] RBP: 00007f6fda4891d0 R08: 0000000020000000 R09: 0000000000000000 [ 1279.828319] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1279.829944] R13: 00007ffee9bd176f R14: 00007f6fda489300 R15: 0000000000022000 15:20:54 executing program 0: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) setsockopt$packet_rx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0) msgget(0x1, 0x0) ioctl$EXT4_IOC_PRECACHE_EXTENTS(0xffffffffffffffff, 0x6612) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 60) 15:20:54 executing program 4: perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) msgget(0x1, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 52) 15:20:54 executing program 7: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000100)={0x0, 0x0}) capset(&(0x7f0000000180)={0x20080522, r0}, &(0x7f00000002c0)={0x40, 0x0, 0xfffffaf2, 0x6, 0xffffffff, 0x40}) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000)='wlan1\x00', 0x10) sendfile(r1, 0xffffffffffffffff, 0x0, 0x6) msgctl$IPC_RMID(0x0, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 1) 15:20:54 executing program 1: syz_emit_ethernet(0x56, &(0x7f0000000080)={@random="20f9bdba2470", @remote, @void, {@canfd={0xd, {{}, 0x0, 0x0, 0x0, 0x0, "7bc74f84dbc157914cd8c864a1bea9a4d30d9eedbf84c7959dd76445502e8debf42a1f820f5fe25e762e614b3d9ae47ca38e6862065da5e5550f0dfc6eba6e8f"}}}}, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x8401, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f00000000c0)={'ipvlan1\x00'}) write$tun(r0, &(0x7f0000000100)={@void, @val={0x1, 0x4, 0x0, 0x2}, @ipv6=@dccp_packet={0x0, 0x6, "3cdefa", 0x10, 0x21, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @local, {[], {{0x0, 0x0, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "265d99", 0x0, "960cee"}}}}}, 0x42) 15:20:54 executing program 3: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000100)={0x0, 0x0}) capset(&(0x7f0000000180)={0x20080522, r0}, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/locks\x00', 0x0, 0x0) ioctl$FS_IOC_SETVERSION(r2, 0x40087602, &(0x7f0000000040)=0x20) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000)='wlan1\x00', 0x10) sendfile(r1, r2, 0x0, 0x6) r3 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r3, 0x0, 0x0) move_pages(0x0, 0x0, &(0x7f0000000080), 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) 15:20:54 executing program 5: perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setown(r0, 0x8, 0xffffffffffffffff) close(r0) close_range(r0, 0xffffffffffffffff, 0x0) ioctl$SIOCGIFHWADDR(r0, 0x8927, &(0x7f0000000140)={'veth0_to_bond\x00'}) perf_event_open(&(0x7f00000000c0)={0x3, 0x80, 0x69, 0x5, 0x7f, 0xc9, 0x0, 0x101, 0x10, 0x3, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x4, 0x1, @perf_config_ext={0x1, 0x100}, 0x4000, 0x80000000, 0x1d2e, 0x5, 0xfff, 0x6, 0x3, 0x0, 0x1f, 0x0, 0x526}, 0x0, 0xffffffffffffffff, r0, 0x9) gettid() gettid() [ 1279.839916] FAULT_INJECTION: forcing a failure. [ 1279.839916] name failslab, interval 1, probability 0, space 0, times 0 [ 1279.842522] CPU: 0 PID: 7712 Comm: syz-executor.2 Not tainted 5.10.224 #1 [ 1279.844035] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1279.845877] Call Trace: [ 1279.846467] dump_stack+0x107/0x167 [ 1279.847276] should_fail.cold+0x5/0xa [ 1279.847911] FAULT_INJECTION: forcing a failure. [ 1279.847911] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1279.848124] ? create_object.isra.0+0x3a/0xa20 [ 1279.848150] should_failslab+0x5/0x20 [ 1279.851162] kmem_cache_alloc+0x5b/0x310 [ 1279.852071] create_object.isra.0+0x3a/0xa20 [ 1279.853065] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1279.854196] __kmalloc_node_track_caller+0x1a6/0x3b0 [ 1279.855334] ? alloc_skb_with_frags+0x92/0x570 [ 1279.856352] ? mark_lock+0xf5/0x2df0 [ 1279.857197] __alloc_skb+0xb1/0x5b0 [ 1279.858008] alloc_skb_with_frags+0x92/0x570 [ 1279.858984] ? lock_acquire+0x197/0x470 [ 1279.859872] sock_alloc_send_pskb+0x7af/0x930 [ 1279.860881] ? sk_alloc+0x350/0x350 [ 1279.861698] ? _copy_from_iter_full+0x27c/0xa60 [ 1279.862729] ? iov_iter_advance+0x23b/0xec0 [ 1279.863688] tun_get_user+0x94a/0x32f0 [ 1279.864561] ? tun_build_skb+0xfe0/0xfe0 [ 1279.865510] ? tun_device_event+0x8d0/0x1160 [ 1279.866519] ? lock_downgrade+0x6d0/0x6d0 [ 1279.867456] ? perf_trace_lock+0xac/0x490 [ 1279.868404] tun_chr_write_iter+0xe1/0x1e0 [ 1279.869398] new_sync_write+0x42c/0x660 [ 1279.870321] ? new_sync_read+0x6f0/0x6f0 [ 1279.871269] ? avc_policy_seqno+0x9/0x70 [ 1279.872207] ? selinux_file_permission+0x92/0x520 [ 1279.873338] ? security_file_permission+0xb1/0xe0 [ 1279.874456] vfs_write+0x7c0/0xb10 [ 1279.875283] ksys_write+0x12d/0x260 [ 1279.876125] ? __ia32_sys_read+0xb0/0xb0 [ 1279.877082] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1279.878295] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1279.879486] do_syscall_64+0x33/0x40 [ 1279.880344] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1279.881549] RIP: 0033:0x7f5895ec4b19 [ 1279.882395] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1279.886654] RSP: 002b:00007f589343a188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1279.888395] RAX: ffffffffffffffda RBX: 00007f5895fd7f60 RCX: 00007f5895ec4b19 [ 1279.890056] RDX: 0000000000000042 RSI: 0000000020000100 RDI: 0000000000000003 [ 1279.891698] RBP: 00007f589343a1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1279.893350] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1279.894991] R13: 00007ffeebf75d7f R14: 00007f589343a300 R15: 0000000000022000 [ 1279.896672] CPU: 1 PID: 7714 Comm: syz-executor.7 Not tainted 5.10.224 #1 [ 1279.897409] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1279.898248] Call Trace: [ 1279.898534] dump_stack+0x107/0x167 [ 1279.898915] should_fail.cold+0x5/0xa [ 1279.899324] _copy_from_user+0x2e/0x1b0 [ 1279.899744] do_pages_stat+0xf1/0x3b0 [ 1279.900149] ? __lockdep_reset_lock+0x180/0x180 [ 1279.900631] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1279.901209] ? find_held_lock+0x2c/0x110 [ 1279.902182] ? cpuset_mems_allowed+0x1af/0x440 [ 1279.902659] ? lock_downgrade+0x6d0/0x6d0 [ 1279.903603] ? lock_downgrade+0x6d0/0x6d0 [ 1279.904557] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1279.905388] FAULT_INJECTION: forcing a failure. [ 1279.905388] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1279.905779] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1279.905790] ? trace_hardirqs_on+0x5b/0x180 [ 1279.905809] kernel_move_pages+0xb8f/0x11c0 [ 1279.910051] ? rcu_read_lock_any_held+0x75/0xa0 [ 1279.911122] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1279.912446] ? fput_many+0x2f/0x1a0 [ 1279.913283] ? ksys_write+0x1a9/0x260 [ 1279.914160] ? __ia32_sys_read+0xb0/0xb0 [ 1279.915098] __x64_sys_move_pages+0xdd/0x1b0 [ 1279.916110] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1279.917303] do_syscall_64+0x33/0x40 [ 1279.918165] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1279.919333] RIP: 0033:0x7f8be6d86b19 [ 1279.920185] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1279.924449] RSP: 002b:00007f8be42fc188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1279.926181] RAX: ffffffffffffffda RBX: 00007f8be6e99f60 RCX: 00007f8be6d86b19 [ 1279.927821] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1279.929462] RBP: 00007f8be42fc1d0 R08: 0000000020000000 R09: 0000000000000000 [ 1279.931099] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1279.932750] R13: 00007ffd26b6f95f R14: 00007f8be42fc300 R15: 0000000000022000 [ 1279.934407] CPU: 0 PID: 7704 Comm: syz-executor.6 Not tainted 5.10.224 #1 [ 1279.935099] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1279.935902] Call Trace: [ 1279.936174] dump_stack+0x107/0x167 [ 1279.936543] should_fail.cold+0x5/0xa [ 1279.936958] _copy_from_user+0x2e/0x1b0 [ 1279.937377] do_pages_stat+0xf1/0x3b0 [ 1279.937786] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1279.938386] ? cpuset_mems_allowed+0x1af/0x440 [ 1279.938875] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1279.940044] ? trace_hardirqs_on+0x5b/0x180 [ 1279.941060] kernel_move_pages+0xb8f/0x11c0 [ 1279.942081] ? rcu_read_lock_any_held+0x75/0xa0 [ 1279.943158] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1279.944497] ? fput_many+0x2f/0x1a0 [ 1279.945354] ? ksys_write+0x1a9/0x260 [ 1279.946239] ? __ia32_sys_read+0xb0/0xb0 [ 1279.947197] __x64_sys_move_pages+0xdd/0x1b0 [ 1279.948206] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1279.949409] do_syscall_64+0x33/0x40 [ 1279.950256] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1279.951430] RIP: 0033:0x7f28eb741b19 [ 1279.952289] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1279.956515] RSP: 002b:00007f28e8cb7188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1279.958279] RAX: ffffffffffffffda RBX: 00007f28eb854f60 RCX: 00007f28eb741b19 [ 1279.959919] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1279.961561] RBP: 00007f28e8cb71d0 R08: 0000000020000000 R09: 0000000000000000 [ 1279.963198] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1279.964848] R13: 00007ffd318d456f R14: 00007f28e8cb7300 R15: 0000000000022000 [ 1279.974919] FAULT_INJECTION: forcing a failure. [ 1279.974919] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1279.976130] CPU: 1 PID: 7720 Comm: syz-executor.4 Not tainted 5.10.224 #1 [ 1279.976834] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1279.977660] Call Trace: [ 1279.977961] dump_stack+0x107/0x167 [ 1279.978347] should_fail.cold+0x5/0xa [ 1279.978752] _copy_to_user+0x2e/0x180 [ 1279.979149] do_pages_stat+0x2b4/0x3b0 [ 1279.979558] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1279.980143] ? cpuset_mems_allowed+0x1af/0x440 [ 1279.980617] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1279.981138] ? trace_hardirqs_on+0x5b/0x180 [ 1279.981591] kernel_move_pages+0xb8f/0x11c0 [ 1279.982044] ? rcu_read_lock_any_held+0x75/0xa0 [ 1279.982507] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1279.983104] ? fput_many+0x2f/0x1a0 [ 1279.983491] ? ksys_write+0x1a9/0x260 [ 1279.983886] ? __ia32_sys_read+0xb0/0xb0 [ 1279.984302] __x64_sys_move_pages+0xdd/0x1b0 [ 1279.984768] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1279.985297] do_syscall_64+0x33/0x40 [ 1279.985678] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1279.986193] RIP: 0033:0x7f1c0ae11b19 [ 1279.986572] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1279.988132] RSP: 002b:00007f1c08366188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1279.989063] RAX: ffffffffffffffda RBX: 00007f1c0af25020 RCX: 00007f1c0ae11b19 [ 1279.989774] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1279.990497] RBP: 00007f1c083661d0 R08: 0000000020000000 R09: 0000000000000000 [ 1279.991205] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1279.991919] R13: 00007ffd2ddfd2cf R14: 00007f1c08366300 R15: 0000000000022000 15:20:54 executing program 6: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 60) 15:20:54 executing program 1: syz_emit_ethernet(0x56, &(0x7f0000000080)={@random="20f9bdba2470", @remote, @void, {@canfd={0xd, {{}, 0x0, 0x0, 0x0, 0x0, "7bc74f84dbc157914cd8c864a1bea9a4d30d9eedbf84c7959dd76445502e8debf42a1f820f5fe25e762e614b3d9ae47ca38e6862065da5e5550f0dfc6eba6e8f"}}}}, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x8401, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f00000000c0)={'ipvlan1\x00'}) write$tun(r0, &(0x7f0000000100)={@void, @val={0x1, 0x4, 0x0, 0x2}, @ipv6=@dccp_packet={0x0, 0x6, "3cdefa", 0x10, 0x21, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @local, {[], {{0x0, 0x0, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x2, "265d99", 0x0, "960cee"}}}}}, 0x42) [ 1280.077662] FAULT_INJECTION: forcing a failure. [ 1280.077662] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1280.079196] CPU: 0 PID: 7724 Comm: syz-executor.6 Not tainted 5.10.224 #1 [ 1280.079877] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1280.080724] Call Trace: [ 1280.081000] dump_stack+0x107/0x167 [ 1280.081375] should_fail.cold+0x5/0xa [ 1280.081744] _copy_to_user+0x2e/0x180 [ 1280.082125] do_pages_stat+0x2b4/0x3b0 [ 1280.082500] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1280.083031] ? cpuset_mems_allowed+0x1af/0x440 [ 1280.083462] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1280.083916] ? trace_hardirqs_on+0x5b/0x180 [ 1280.084315] kernel_move_pages+0xb8f/0x11c0 [ 1280.084746] ? rcu_read_lock_any_held+0x75/0xa0 [ 1280.085161] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1280.085690] ? fput_many+0x2f/0x1a0 [ 1280.086018] ? ksys_write+0x1a9/0x260 [ 1280.086359] ? __ia32_sys_read+0xb0/0xb0 [ 1280.086733] __x64_sys_move_pages+0xdd/0x1b0 [ 1280.087162] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1280.087887] do_syscall_64+0x33/0x40 [ 1280.088249] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1280.088990] RIP: 0033:0x7f28eb741b19 [ 1280.089349] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1280.091100] RSP: 002b:00007f28e8cb7188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1280.092409] RAX: ffffffffffffffda RBX: 00007f28eb854f60 RCX: 00007f28eb741b19 [ 1280.093070] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1280.094430] RBP: 00007f28e8cb71d0 R08: 0000000020000000 R09: 0000000000000000 [ 1280.095120] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1280.095829] R13: 00007ffd318d456f R14: 00007f28e8cb7300 R15: 0000000000022000 15:21:09 executing program 2: syz_emit_ethernet(0x56, &(0x7f0000000080)={@random="20f9bdba2470", @remote, @void, {@canfd={0xd, {{}, 0x0, 0x0, 0x0, 0x0, "7bc74f84dbc157914cd8c864a1bea9a4d30d9eedbf84c7959dd76445502e8debf42a1f820f5fe25e762e614b3d9ae47ca38e6862065da5e5550f0dfc6eba6e8f"}}}}, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x8401, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f00000000c0)={'ipvlan1\x00'}) write$tun(r0, &(0x7f0000000100)={@void, @val={0x1}, @ipv6=@dccp_packet={0x0, 0x6, "3cdefa", 0x10, 0x21, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @local, {[], {{0x0, 0x0, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "265d99", 0x0, "960cee"}}}}}, 0x42) (fail_nth: 6) 15:21:09 executing program 4: perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) msgget(0x1, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 53) 15:21:09 executing program 1: syz_emit_ethernet(0x56, &(0x7f0000000080)={@random="20f9bdba2470", @remote, @void, {@canfd={0xd, {{}, 0x0, 0x0, 0x0, 0x0, "7bc74f84dbc157914cd8c864a1bea9a4d30d9eedbf84c7959dd76445502e8debf42a1f820f5fe25e762e614b3d9ae47ca38e6862065da5e5550f0dfc6eba6e8f"}}}}, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x8401, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f00000000c0)={'ipvlan1\x00'}) write$tun(r0, &(0x7f0000000100)={@void, @val={0x1, 0x4, 0x0, 0x2}, @ipv6=@dccp_packet={0x0, 0x6, "3cdefa", 0x10, 0x21, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @local, {[], {{0x0, 0x0, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "265d99", 0x0, "960cee"}}}}}, 0x42) 15:21:09 executing program 5: perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = gettid() process_vm_readv(r0, &(0x7f0000001a40)=[{&(0x7f00000018c0)=""/31, 0x1f}, {&(0x7f0000001b40)=""/124, 0x7c}, {&(0x7f0000001980)=""/161, 0xa1}], 0x3, &(0x7f0000001ec0)=[{&(0x7f0000001a80)=""/101, 0x65}, {&(0x7f0000002240)=""/183, 0xb7}, {&(0x7f0000001bc0)=""/122, 0x7a}, {&(0x7f0000001c40)=""/163, 0xa3}, {&(0x7f0000001d00)=""/231, 0xe7}, {&(0x7f0000001e00)}, {&(0x7f0000000000)=""/9, 0x9}, {&(0x7f0000001b00)=""/46, 0x2e}], 0x8, 0x0) 15:21:09 executing program 7: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000100)={0x0, 0x0}) capset(&(0x7f0000000180)={0x20080522, r0}, &(0x7f00000002c0)={0x40, 0x0, 0xfffffaf2, 0x6, 0xffffffff, 0x40}) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000)='wlan1\x00', 0x10) sendfile(r1, 0xffffffffffffffff, 0x0, 0x6) msgctl$IPC_RMID(0x0, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 2) 15:21:09 executing program 3: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000100)={0x0, 0x0}) capset(&(0x7f0000000180)={0x20080522, r0}, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/locks\x00', 0x0, 0x0) ioctl$FS_IOC_SETVERSION(r2, 0x40087602, &(0x7f0000000040)=0x20) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000)='wlan1\x00', 0x10) sendfile(r1, r2, 0x0, 0x6) r3 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r3, 0x0, 0x0) move_pages(0x0, 0x0, &(0x7f0000000080), 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) [ 1294.640608] FAULT_INJECTION: forcing a failure. [ 1294.640608] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1294.641726] CPU: 0 PID: 7744 Comm: syz-executor.6 Not tainted 5.10.224 #1 [ 1294.642305] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1294.643006] Call Trace: [ 1294.643244] dump_stack+0x107/0x167 [ 1294.643561] should_fail.cold+0x5/0xa [ 1294.643899] _copy_from_user+0x2e/0x1b0 [ 1294.643955] FAULT_INJECTION: forcing a failure. [ 1294.643955] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1294.644249] do_pages_stat+0xf1/0x3b0 [ 1294.644270] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1294.646145] ? cpuset_mems_allowed+0x1af/0x440 [ 1294.646549] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1294.646981] ? trace_hardirqs_on+0x5b/0x180 [ 1294.647356] kernel_move_pages+0xb8f/0x11c0 [ 1294.647741] ? rcu_read_lock_any_held+0x75/0xa0 [ 1294.648141] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1294.648644] ? fput_many+0x2f/0x1a0 [ 1294.648974] ? ksys_write+0x1a9/0x260 [ 1294.649302] ? __ia32_sys_read+0xb0/0xb0 [ 1294.649656] __x64_sys_move_pages+0xdd/0x1b0 [ 1294.650036] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1294.650471] do_syscall_64+0x33/0x40 [ 1294.650789] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1294.651222] RIP: 0033:0x7f28eb741b19 [ 1294.651544] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1294.653109] RSP: 002b:00007f28e8cb7188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1294.653758] RAX: ffffffffffffffda RBX: 00007f28eb854f60 RCX: 00007f28eb741b19 [ 1294.654362] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1294.654967] RBP: 00007f28e8cb71d0 R08: 0000000020000000 R09: 0000000000000000 [ 1294.655571] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1294.656172] R13: 00007ffd318d456f R14: 00007f28e8cb7300 R15: 0000000000022000 [ 1294.656809] CPU: 1 PID: 7745 Comm: syz-executor.0 Not tainted 5.10.224 #1 [ 1294.657431] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1294.658165] Call Trace: [ 1294.658426] dump_stack+0x107/0x167 [ 1294.658761] should_fail.cold+0x5/0xa [ 1294.659114] _copy_from_user+0x2e/0x1b0 [ 1294.659478] do_pages_stat+0xf1/0x3b0 [ 1294.659833] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1294.659938] FAULT_INJECTION: forcing a failure. [ 1294.659938] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1294.660358] ? cpuset_mems_allowed+0x1af/0x440 [ 1294.661734] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1294.662189] ? trace_hardirqs_on+0x5b/0x180 [ 1294.662587] kernel_move_pages+0xb8f/0x11c0 [ 1294.662983] ? rcu_read_lock_any_held+0x75/0xa0 [ 1294.663401] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1294.663918] ? fput_many+0x2f/0x1a0 [ 1294.664256] ? ksys_write+0x1a9/0x260 [ 1294.664600] ? __ia32_sys_read+0xb0/0xb0 [ 1294.664984] __x64_sys_move_pages+0xdd/0x1b0 [ 1294.665378] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1294.665830] do_syscall_64+0x33/0x40 [ 1294.666163] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1294.666618] RIP: 0033:0x7f6fdcf13b19 [ 1294.666950] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1294.668558] RSP: 002b:00007f6fda489188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1294.669242] RAX: ffffffffffffffda RBX: 00007f6fdd026f60 RCX: 00007f6fdcf13b19 [ 1294.669864] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1294.670486] RBP: 00007f6fda4891d0 R08: 0000000020000000 R09: 0000000000000000 [ 1294.671108] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1294.671729] R13: 00007ffee9bd176f R14: 00007f6fda489300 R15: 0000000000022000 [ 1294.672373] CPU: 0 PID: 7739 Comm: syz-executor.7 Not tainted 5.10.224 #1 [ 1294.672977] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1294.673676] Call Trace: [ 1294.673904] dump_stack+0x107/0x167 [ 1294.674218] should_fail.cold+0x5/0xa [ 1294.674550] _copy_to_user+0x2e/0x180 [ 1294.674878] do_pages_stat+0x2b4/0x3b0 [ 1294.675217] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1294.675567] FAULT_INJECTION: forcing a failure. [ 1294.675567] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1294.675707] ? cpuset_mems_allowed+0x1af/0x440 [ 1294.675729] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1294.677544] ? trace_hardirqs_on+0x5b/0x180 [ 1294.677931] kernel_move_pages+0xb8f/0x11c0 [ 1294.678316] ? rcu_read_lock_any_held+0x75/0xa0 [ 1294.678716] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1294.679210] ? fput_many+0x2f/0x1a0 [ 1294.679530] ? ksys_write+0x1a9/0x260 [ 1294.679857] ? __ia32_sys_read+0xb0/0xb0 [ 1294.680206] __x64_sys_move_pages+0xdd/0x1b0 [ 1294.680584] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1294.681035] do_syscall_64+0x33/0x40 [ 1294.681351] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1294.681783] RIP: 0033:0x7f8be6d86b19 [ 1294.682099] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1294.683637] RSP: 002b:00007f8be42fc188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1294.684280] RAX: ffffffffffffffda RBX: 00007f8be6e99f60 RCX: 00007f8be6d86b19 [ 1294.684899] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1294.685505] RBP: 00007f8be42fc1d0 R08: 0000000020000000 R09: 0000000000000000 [ 1294.686107] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1294.686712] R13: 00007ffd26b6f95f R14: 00007f8be42fc300 R15: 0000000000022000 [ 1294.687335] CPU: 1 PID: 7736 Comm: syz-executor.4 Not tainted 5.10.224 #1 [ 1294.687949] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 15:21:09 executing program 0: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) setsockopt$packet_rx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0) msgget(0x1, 0x0) ioctl$EXT4_IOC_PRECACHE_EXTENTS(0xffffffffffffffff, 0x6612) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 61) 15:21:09 executing program 6: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 61) [ 1294.688691] Call Trace: [ 1294.688938] dump_stack+0x107/0x167 [ 1294.689266] should_fail.cold+0x5/0xa [ 1294.689611] _copy_from_user+0x2e/0x1b0 [ 1294.689967] do_pages_stat+0xf1/0x3b0 [ 1294.690319] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1294.691091] ? cpuset_mems_allowed+0x1af/0x440 [ 1294.691515] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1294.691958] ? trace_hardirqs_on+0x5b/0x180 [ 1294.692353] kernel_move_pages+0xb8f/0x11c0 [ 1294.692744] ? rcu_read_lock_any_held+0x75/0xa0 [ 1294.693175] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1294.693686] ? fput_many+0x2f/0x1a0 [ 1294.694013] ? ksys_write+0x1a9/0x260 [ 1294.694355] ? __ia32_sys_read+0xb0/0xb0 [ 1294.694721] __x64_sys_move_pages+0xdd/0x1b0 [ 1294.695114] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1294.695569] do_syscall_64+0x33/0x40 [ 1294.695900] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1294.696351] RIP: 0033:0x7f1c0ae11b19 [ 1294.696683] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1294.698313] RSP: 002b:00007f1c08387188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1294.699095] RAX: ffffffffffffffda RBX: 00007f1c0af24f60 RCX: 00007f1c0ae11b19 [ 1294.699820] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1294.700554] RBP: 00007f1c083871d0 R08: 0000000020000000 R09: 0000000000000000 [ 1294.701345] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1294.702063] R13: 00007ffd2ddfd2cf R14: 00007f1c08387300 R15: 0000000000022000 15:21:09 executing program 6: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 62) 15:21:09 executing program 7: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000100)={0x0, 0x0}) capset(&(0x7f0000000180)={0x20080522, r0}, &(0x7f00000002c0)={0x40, 0x0, 0xfffffaf2, 0x6, 0xffffffff, 0x40}) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000)='wlan1\x00', 0x10) sendfile(r1, 0xffffffffffffffff, 0x0, 0x6) msgctl$IPC_RMID(0x0, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 3) [ 1294.734808] FAULT_INJECTION: forcing a failure. [ 1294.734808] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1294.736945] CPU: 1 PID: 7746 Comm: syz-executor.2 Not tainted 5.10.224 #1 [ 1294.737545] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1294.738263] Call Trace: [ 1294.738510] dump_stack+0x107/0x167 [ 1294.738837] should_fail.cold+0x5/0xa [ 1294.739185] _copy_from_iter+0x202/0xe80 [ 1294.739561] ? __virt_addr_valid+0x170/0x5d0 [ 1294.739955] ? __check_object_size+0x319/0x440 [ 1294.740416] skb_copy_datagram_from_iter+0x11c/0x6c0 [ 1294.740998] tun_get_user+0x14f4/0x32f0 [ 1294.741374] ? tun_build_skb+0xfe0/0xfe0 [ 1294.741807] ? tun_device_event+0x8d0/0x1160 [ 1294.742268] ? lock_downgrade+0x6d0/0x6d0 [ 1294.742698] ? perf_trace_lock+0xac/0x490 [ 1294.743172] tun_chr_write_iter+0xe1/0x1e0 [ 1294.743608] new_sync_write+0x42c/0x660 [ 1294.744043] ? new_sync_read+0x6f0/0x6f0 [ 1294.744482] ? avc_policy_seqno+0x9/0x70 [ 1294.745040] ? selinux_file_permission+0x92/0x520 [ 1294.746055] FAULT_INJECTION: forcing a failure. [ 1294.746055] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1294.746188] ? security_file_permission+0xb1/0xe0 [ 1294.749755] vfs_write+0x7c0/0xb10 [ 1294.750426] ksys_write+0x12d/0x260 [ 1294.751112] ? __ia32_sys_read+0xb0/0xb0 [ 1294.751883] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1294.752932] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1294.753922] do_syscall_64+0x33/0x40 [ 1294.754635] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1294.755596] RIP: 0033:0x7f5895ec4b19 [ 1294.756291] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1294.759792] RSP: 002b:00007f589343a188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1294.761250] RAX: ffffffffffffffda RBX: 00007f5895fd7f60 RCX: 00007f5895ec4b19 [ 1294.762600] RDX: 0000000000000042 RSI: 0000000020000100 RDI: 0000000000000003 [ 1294.763944] RBP: 00007f589343a1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1294.765324] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1294.766658] R13: 00007ffeebf75d7f R14: 00007f589343a300 R15: 0000000000022000 [ 1294.768014] CPU: 0 PID: 7750 Comm: syz-executor.6 Not tainted 5.10.224 #1 [ 1294.769291] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1294.770785] Call Trace: [ 1294.771256] dump_stack+0x107/0x167 [ 1294.771906] should_fail.cold+0x5/0xa [ 1294.772581] _copy_to_user+0x2e/0x180 [ 1294.773333] do_pages_stat+0x2b4/0x3b0 [ 1294.774040] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1294.775082] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1294.776039] kernel_move_pages+0xb8f/0x11c0 [ 1294.776816] ? rcu_read_lock_any_held+0x75/0xa0 [ 1294.777679] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1294.778734] ? fput_many+0x2f/0x1a0 [ 1294.779391] ? ksys_write+0x1a9/0x260 [ 1294.780073] ? __ia32_sys_read+0xb0/0xb0 [ 1294.780791] __x64_sys_move_pages+0xdd/0x1b0 [ 1294.781603] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1294.782527] do_syscall_64+0x33/0x40 [ 1294.783197] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1294.784116] RIP: 0033:0x7f28eb741b19 [ 1294.784776] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1294.788132] RSP: 002b:00007f28e8cb7188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1294.789507] RAX: ffffffffffffffda RBX: 00007f28eb854f60 RCX: 00007f28eb741b19 [ 1294.790786] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1294.792078] RBP: 00007f28e8cb71d0 R08: 0000000020000000 R09: 0000000000000000 [ 1294.793380] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1294.794665] R13: 00007ffd318d456f R14: 00007f28e8cb7300 R15: 0000000000022000 [ 1294.833156] FAULT_INJECTION: forcing a failure. [ 1294.833156] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1294.836128] CPU: 0 PID: 7752 Comm: syz-executor.7 Not tainted 5.10.224 #1 [ 1294.837462] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1294.839170] Call Trace: [ 1294.839689] dump_stack+0x107/0x167 [ 1294.840336] should_fail.cold+0x5/0xa [ 1294.841135] _copy_from_user+0x2e/0x1b0 [ 1294.841902] do_pages_stat+0xf1/0x3b0 [ 1294.842746] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1294.843871] ? cpuset_mems_allowed+0x1af/0x440 [ 1294.845285] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1294.846258] ? trace_hardirqs_on+0x5b/0x180 [ 1294.847100] kernel_move_pages+0xb8f/0x11c0 [ 1294.847943] ? rcu_read_lock_any_held+0x75/0xa0 [ 1294.848833] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1294.850087] ? fput_many+0x2f/0x1a0 [ 1294.850787] ? ksys_write+0x1a9/0x260 [ 1294.851462] ? __ia32_sys_read+0xb0/0xb0 [ 1294.852233] __x64_sys_move_pages+0xdd/0x1b0 [ 1294.853116] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1294.854110] do_syscall_64+0x33/0x40 [ 1294.854824] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1294.855796] RIP: 0033:0x7f8be6d86b19 [ 1294.856610] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1294.858344] RSP: 002b:00007f8be42fc188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1294.859035] RAX: ffffffffffffffda RBX: 00007f8be6e99f60 RCX: 00007f8be6d86b19 [ 1294.859689] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1294.860287] RBP: 00007f8be42fc1d0 R08: 0000000020000000 R09: 0000000000000000 [ 1294.860951] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1294.861598] R13: 00007ffd26b6f95f R14: 00007f8be42fc300 R15: 0000000000022000 15:21:09 executing program 5: perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = gettid() r1 = getpgid(r0) process_vm_readv(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/219, 0xdb}, {&(0x7f00000001c0)=""/206, 0xce}], 0x2, &(0x7f0000000740)=[{&(0x7f00000007c0)=""/189, 0xbd}, {&(0x7f0000000380)}, {&(0x7f00000003c0)=""/112, 0x70}, {&(0x7f0000000440)=""/211, 0xd3}, {&(0x7f0000000540)=""/228, 0xe4}, {&(0x7f0000000640)}, {&(0x7f0000000680)=""/183, 0xb7}], 0x7, 0x0) process_vm_readv(r0, &(0x7f0000001a40)=[{&(0x7f00000018c0)=""/31, 0x1f}, {&(0x7f0000001b40)=""/124, 0x7a}, {&(0x7f0000001980)=""/161, 0xa1}], 0x3, &(0x7f0000001ec0)=[{&(0x7f0000001a80)=""/101, 0x65}, {&(0x7f0000002240)=""/183, 0xffffffbc}, {&(0x7f0000001bc0)=""/122, 0x7a}, {&(0x7f0000001c40)=""/163, 0xa3}, {&(0x7f0000001d00)=""/231, 0xe7}, {&(0x7f0000001e00)}, {&(0x7f0000001e40)=""/9, 0x9}, {&(0x7f0000001b00)=""/46, 0x2e}], 0x8, 0x0) r2 = getpgrp(r1) pidfd_open(r2, 0x0) 15:21:09 executing program 3: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000100)={0x0, 0x0}) capset(&(0x7f0000000180)={0x20080522, r0}, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/locks\x00', 0x0, 0x0) ioctl$FS_IOC_SETVERSION(r2, 0x40087602, &(0x7f0000000040)=0x20) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000)='wlan1\x00', 0x10) sendfile(r1, r2, 0x0, 0x6) r3 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r3, 0x0, 0x0) move_pages(0x0, 0x0, &(0x7f0000000080), 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) 15:21:09 executing program 1: syz_emit_ethernet(0x56, &(0x7f0000000080)={@random="20f9bdba2470", @remote, @void, {@canfd={0xd, {{}, 0x0, 0x0, 0x0, 0x0, "7bc74f84dbc157914cd8c864a1bea9a4d30d9eedbf84c7959dd76445502e8debf42a1f820f5fe25e762e614b3d9ae47ca38e6862065da5e5550f0dfc6eba6e8f"}}}}, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x8401, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f00000000c0)={'ipvlan1\x00'}) write$tun(r0, &(0x7f0000000100)={@void, @val={0x1, 0x4, 0x0, 0x2}, @ipv6=@dccp_packet={0x0, 0x6, "3cdefa", 0x10, 0x21, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @local, {[], {{0x0, 0x0, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "265d99", 0x2, "960cee"}}}}}, 0x42) 15:21:09 executing program 4: perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) msgget(0x1, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 54) [ 1294.913163] FAULT_INJECTION: forcing a failure. [ 1294.913163] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1294.914461] CPU: 0 PID: 7759 Comm: syz-executor.4 Not tainted 5.10.224 #1 [ 1294.915133] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1294.915881] Call Trace: [ 1294.916115] dump_stack+0x107/0x167 [ 1294.916425] should_fail.cold+0x5/0xa [ 1294.916829] _copy_to_user+0x2e/0x180 [ 1294.917164] do_pages_stat+0x2b4/0x3b0 [ 1294.917502] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1294.918048] ? cpuset_mems_allowed+0x1af/0x440 [ 1294.918445] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1294.918947] ? trace_hardirqs_on+0x5b/0x180 [ 1294.919316] kernel_move_pages+0xb8f/0x11c0 [ 1294.919747] ? rcu_read_lock_any_held+0x75/0xa0 [ 1294.920142] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1294.920691] ? fput_many+0x2f/0x1a0 [ 1294.921047] ? ksys_write+0x1a9/0x260 [ 1294.921372] ? __ia32_sys_read+0xb0/0xb0 [ 1294.921773] __x64_sys_move_pages+0xdd/0x1b0 [ 1294.922149] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1294.922661] do_syscall_64+0x33/0x40 [ 1294.922976] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1294.923403] RIP: 0033:0x7f1c0ae11b19 [ 1294.923768] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1294.925364] RSP: 002b:00007f1c08387188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1294.926058] RAX: ffffffffffffffda RBX: 00007f1c0af24f60 RCX: 00007f1c0ae11b19 [ 1294.926727] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1294.927328] RBP: 00007f1c083871d0 R08: 0000000020000000 R09: 0000000000000000 [ 1294.927973] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1294.928620] R13: 00007ffd2ddfd2cf R14: 00007f1c08387300 R15: 0000000000022000 15:21:09 executing program 3: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000100)={0x0, 0x0}) capset(&(0x7f0000000180)={0x20080522, r0}, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/locks\x00', 0x0, 0x0) ioctl$FS_IOC_SETVERSION(r2, 0x40087602, &(0x7f0000000040)=0x20) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000)='wlan1\x00', 0x10) sendfile(r1, r2, 0x0, 0x6) r3 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r3, 0x0, 0x0) move_pages(0x0, 0x1, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, 0x0, 0x0) 15:21:23 executing program 0: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) setsockopt$packet_rx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0) msgget(0x1, 0x0) ioctl$EXT4_IOC_PRECACHE_EXTENTS(0xffffffffffffffff, 0x6612) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 62) 15:21:23 executing program 3: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000100)={0x0, 0x0}) capset(&(0x7f0000000180)={0x20080522, r0}, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/locks\x00', 0x0, 0x0) ioctl$FS_IOC_SETVERSION(r2, 0x40087602, &(0x7f0000000040)=0x20) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000)='wlan1\x00', 0x10) sendfile(r1, r2, 0x0, 0x6) r3 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r3, 0x0, 0x0) move_pages(0x0, 0x1, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, 0x0, 0x0) 15:21:23 executing program 7: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000100)={0x0, 0x0}) capset(&(0x7f0000000180)={0x20080522, r0}, &(0x7f00000002c0)={0x40, 0x0, 0xfffffaf2, 0x6, 0xffffffff, 0x40}) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000)='wlan1\x00', 0x10) sendfile(r1, 0xffffffffffffffff, 0x0, 0x6) msgctl$IPC_RMID(0x0, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 4) 15:21:23 executing program 2: syz_emit_ethernet(0x56, &(0x7f0000000080)={@random="20f9bdba2470", @remote, @void, {@canfd={0xd, {{}, 0x0, 0x0, 0x0, 0x0, "7bc74f84dbc157914cd8c864a1bea9a4d30d9eedbf84c7959dd76445502e8debf42a1f820f5fe25e762e614b3d9ae47ca38e6862065da5e5550f0dfc6eba6e8f"}}}}, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x8401, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f00000000c0)={'ipvlan1\x00'}) write$tun(r0, &(0x7f0000000100)={@void, @val={0x1}, @ipv6=@dccp_packet={0x0, 0x6, "3cdefa", 0x10, 0x21, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @local, {[], {{0x0, 0x0, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "265d99", 0x0, "960cee"}}}}}, 0x42) (fail_nth: 7) [ 1308.781614] FAULT_INJECTION: forcing a failure. [ 1308.781614] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1308.782470] FAULT_INJECTION: forcing a failure. [ 1308.782470] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1308.783121] CPU: 1 PID: 7771 Comm: syz-executor.0 Not tainted 5.10.224 #1 [ 1308.784465] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1308.785200] Call Trace: [ 1308.785561] dump_stack+0x107/0x167 [ 1308.785886] should_fail.cold+0x5/0xa [ 1308.786227] _copy_to_user+0x2e/0x180 [ 1308.786615] do_pages_stat+0x2b4/0x3b0 [ 1308.786970] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1308.787550] ? cpuset_mems_allowed+0x1af/0x440 [ 1308.787965] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1308.788396] ? trace_hardirqs_on+0x5b/0x180 [ 1308.788921] kernel_move_pages+0xb8f/0x11c0 [ 1308.789328] ? rcu_read_lock_any_held+0x75/0xa0 [ 1308.789777] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1308.790277] ? fput_many+0x2f/0x1a0 [ 1308.790724] ? ksys_write+0x1a9/0x260 [ 1308.791061] ? __ia32_sys_read+0xb0/0xb0 [ 1308.791480] __x64_sys_move_pages+0xdd/0x1b0 [ 1308.791880] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1308.792320] do_syscall_64+0x33/0x40 [ 1308.792783] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1308.793247] RIP: 0033:0x7f6fdcf13b19 [ 1308.793617] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1308.795212] RSP: 002b:00007f6fda489188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1308.795947] RAX: ffffffffffffffda RBX: 00007f6fdd026f60 RCX: 00007f6fdcf13b19 [ 1308.796599] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1308.797229] RBP: 00007f6fda4891d0 R08: 0000000020000000 R09: 0000000000000000 [ 1308.797959] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1308.798610] R13: 00007ffee9bd176f R14: 00007f6fda489300 R15: 0000000000022000 [ 1308.799254] CPU: 0 PID: 7775 Comm: syz-executor.7 Not tainted 5.10.224 #1 [ 1308.799869] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1308.800584] Call Trace: 15:21:23 executing program 5: perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) ftruncate(r0, 0x1000003) ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000)) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40082404, &(0x7f0000000000)=0x3) creat(&(0x7f00000000c0)='./file0\x00', 0x2) r1 = gettid() process_vm_readv(r1, &(0x7f0000001a40)=[{&(0x7f00000018c0)=""/31, 0x1f}, {&(0x7f0000001b40)=""/124, 0x7a}, {&(0x7f0000001980)=""/161, 0xa1}], 0x3, &(0x7f0000001ec0)=[{&(0x7f0000001a80)=""/101, 0x65}, {&(0x7f0000002240)=""/183, 0xffffffbc}, {&(0x7f0000001bc0)=""/122, 0x7a}, {&(0x7f0000001c40)=""/163, 0xa3}, {&(0x7f0000001d00)=""/231, 0xe7}, {&(0x7f0000001e00)}, {&(0x7f0000001e40)=""/9, 0x9}, {&(0x7f0000001b00)=""/46, 0x2e}], 0x8, 0x0) [ 1308.800828] dump_stack+0x107/0x167 [ 1308.801170] should_fail.cold+0x5/0xa [ 1308.801519] _copy_to_user+0x2e/0x180 [ 1308.801861] do_pages_stat+0x2b4/0x3b0 [ 1308.802214] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1308.802911] ? cpuset_mems_allowed+0x1af/0x440 [ 1308.803323] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1308.803762] ? trace_hardirqs_on+0x5b/0x180 [ 1308.804148] kernel_move_pages+0xb8f/0x11c0 [ 1308.804542] ? rcu_read_lock_any_held+0x75/0xa0 [ 1308.804949] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1308.805487] ? fput_many+0x2f/0x1a0 [ 1308.805816] ? ksys_write+0x1a9/0x260 [ 1308.806156] ? __ia32_sys_read+0xb0/0xb0 [ 1308.806517] __x64_sys_move_pages+0xdd/0x1b0 [ 1308.806910] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1308.807353] do_syscall_64+0x33/0x40 [ 1308.807679] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1308.808119] RIP: 0033:0x7f8be6d86b19 [ 1308.808447] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1308.809997] RSP: 002b:00007f8be42fc188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1308.810622] RAX: ffffffffffffffda RBX: 00007f8be6e99f60 RCX: 00007f8be6d86b19 [ 1308.811202] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1308.811784] RBP: 00007f8be42fc1d0 R08: 0000000020000000 R09: 0000000000000000 [ 1308.812364] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1308.812945] R13: 00007ffd26b6f95f R14: 00007f8be42fc300 R15: 0000000000022000 15:21:23 executing program 6: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 63) 15:21:23 executing program 4: perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) msgget(0x1, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 55) 15:21:23 executing program 1: syz_emit_ethernet(0x56, &(0x7f0000000080)={@random="20f9bdba2470", @remote, @void, {@canfd={0xd, {{}, 0x0, 0x0, 0x0, 0x0, "7bc74f84dbc157914cd8c864a1bea9a4d30d9eedbf84c7959dd76445502e8debf42a1f820f5fe25e762e614b3d9ae47ca38e6862065da5e5550f0dfc6eba6e8f"}}}}, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x8401, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f00000000c0)={'ipvlan1\x00'}) write$tun(r0, &(0x7f0000000100)={@void, @val={0x1, 0x4, 0x0, 0x2}, @ipv6=@dccp_packet={0x0, 0x6, "3cdefa", 0x10, 0x21, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @local, {[], {{0x0, 0x0, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "265d99", 0x11, "960cee"}}}}}, 0x42) [ 1308.862961] FAULT_INJECTION: forcing a failure. [ 1308.862961] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1308.863043] FAULT_INJECTION: forcing a failure. [ 1308.863043] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1308.864066] CPU: 1 PID: 7782 Comm: syz-executor.6 Not tainted 5.10.224 #1 [ 1308.864074] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1308.864079] Call Trace: [ 1308.864101] dump_stack+0x107/0x167 [ 1308.864115] should_fail.cold+0x5/0xa [ 1308.864142] _copy_from_user+0x2e/0x1b0 [ 1308.864162] do_pages_stat+0xf1/0x3b0 [ 1308.864185] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1308.864210] ? cpuset_mems_allowed+0x1af/0x440 [ 1308.864236] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1308.864248] ? trace_hardirqs_on+0x5b/0x180 [ 1308.864269] kernel_move_pages+0xb8f/0x11c0 [ 1308.864295] ? rcu_read_lock_any_held+0x75/0xa0 [ 1308.864309] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1308.864327] ? fput_many+0x2f/0x1a0 [ 1308.871775] ? ksys_write+0x1a9/0x260 [ 1308.872109] ? __ia32_sys_read+0xb0/0xb0 [ 1308.872513] __x64_sys_move_pages+0xdd/0x1b0 [ 1308.872902] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1308.873374] do_syscall_64+0x33/0x40 [ 1308.873755] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1308.874198] RIP: 0033:0x7f28eb741b19 [ 1308.874597] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1308.876199] RSP: 002b:00007f28e8cb7188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1308.876903] RAX: ffffffffffffffda RBX: 00007f28eb854f60 RCX: 00007f28eb741b19 [ 1308.877589] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1308.878201] RBP: 00007f28e8cb71d0 R08: 0000000020000000 R09: 0000000000000000 [ 1308.878876] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1308.879530] R13: 00007ffd318d456f R14: 00007f28e8cb7300 R15: 0000000000022000 [ 1308.880161] CPU: 0 PID: 7783 Comm: syz-executor.4 Not tainted 5.10.224 #1 [ 1308.880770] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1308.881590] Call Trace: [ 1308.881826] dump_stack+0x107/0x167 [ 1308.882145] should_fail.cold+0x5/0xa [ 1308.882485] _copy_from_user+0x2e/0x1b0 [ 1308.882837] do_pages_stat+0xf1/0x3b0 [ 1308.883182] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1308.883686] ? cpuset_mems_allowed+0x1af/0x440 [ 1308.884097] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1308.884534] ? trace_hardirqs_on+0x5b/0x180 [ 1308.884914] kernel_move_pages+0xb8f/0x11c0 [ 1308.885417] ? rcu_read_lock_any_held+0x75/0xa0 [ 1308.885824] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1308.886326] ? fput_many+0x2f/0x1a0 [ 1308.886648] ? ksys_write+0x1a9/0x260 [ 1308.886989] ? __ia32_sys_read+0xb0/0xb0 [ 1308.887351] __x64_sys_move_pages+0xdd/0x1b0 [ 1308.887737] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1308.888175] do_syscall_64+0x33/0x40 [ 1308.888503] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1308.888941] RIP: 0033:0x7f1c0ae11b19 [ 1308.889372] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1308.890918] RSP: 002b:00007f1c08387188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1308.891570] RAX: ffffffffffffffda RBX: 00007f1c0af24f60 RCX: 00007f1c0ae11b19 [ 1308.892176] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1308.892786] RBP: 00007f1c083871d0 R08: 0000000020000000 R09: 0000000000000000 [ 1308.893509] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1308.894113] R13: 00007ffd2ddfd2cf R14: 00007f1c08387300 R15: 0000000000022000 [ 1308.909626] FAULT_INJECTION: forcing a failure. [ 1308.909626] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1308.910706] CPU: 0 PID: 7787 Comm: syz-executor.2 Not tainted 5.10.224 #1 [ 1308.911291] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1308.912001] Call Trace: [ 1308.912237] dump_stack+0x107/0x167 [ 1308.912563] should_fail.cold+0x5/0xa [ 1308.912901] _copy_to_user+0x2e/0x180 [ 1308.913356] simple_read_from_buffer+0xcc/0x160 [ 1308.913771] proc_fail_nth_read+0x198/0x230 [ 1308.914146] ? proc_sessionid_read+0x230/0x230 [ 1308.914558] ? security_file_permission+0xb1/0xe0 [ 1308.914981] ? proc_sessionid_read+0x230/0x230 [ 1308.915392] vfs_read+0x228/0x620 [ 1308.915705] ksys_read+0x12d/0x260 [ 1308.916015] ? vfs_write+0xb10/0xb10 [ 1308.916352] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1308.916808] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1308.917367] do_syscall_64+0x33/0x40 [ 1308.917693] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1308.918130] RIP: 0033:0x7f5895e7769c [ 1308.918457] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 fc ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 2f fd ff ff 48 [ 1308.920012] RSP: 002b:00007f5893419170 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 1308.920668] RAX: ffffffffffffffda RBX: ffffffffffffffff RCX: 00007f5895e7769c [ 1308.921390] RDX: 000000000000000f RSI: 00007f58934191e0 RDI: 0000000000000004 [ 1308.921997] RBP: 00007f58934191d0 R08: 0000000000000000 R09: 0000000000000000 [ 1308.922606] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1308.923212] R13: 00007ffeebf75d7f R14: 00007f5893419300 R15: 0000000000022000 15:21:23 executing program 3: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000100)={0x0, 0x0}) capset(&(0x7f0000000180)={0x20080522, r0}, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/locks\x00', 0x0, 0x0) ioctl$FS_IOC_SETVERSION(r2, 0x40087602, &(0x7f0000000040)=0x20) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000)='wlan1\x00', 0x10) sendfile(r1, r2, 0x0, 0x6) r3 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r3, 0x0, 0x0) move_pages(0x0, 0x1, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, 0x0, 0x0) 15:21:23 executing program 4: perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) msgget(0x1, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 56) 15:21:23 executing program 7: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000100)={0x0, 0x0}) capset(&(0x7f0000000180)={0x20080522, r0}, &(0x7f00000002c0)={0x40, 0x0, 0xfffffaf2, 0x6, 0xffffffff, 0x40}) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000)='wlan1\x00', 0x10) sendfile(r1, 0xffffffffffffffff, 0x0, 0x6) msgctl$IPC_RMID(0x0, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 5) 15:21:23 executing program 0: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) setsockopt$packet_rx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0) msgget(0x1, 0x0) ioctl$EXT4_IOC_PRECACHE_EXTENTS(0xffffffffffffffff, 0x6612) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 63) [ 1308.994238] FAULT_INJECTION: forcing a failure. [ 1308.994238] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1308.995199] CPU: 1 PID: 7792 Comm: syz-executor.4 Not tainted 5.10.224 #1 [ 1308.995728] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1308.996330] Call Trace: [ 1308.996563] dump_stack+0x107/0x167 [ 1308.996895] should_fail.cold+0x5/0xa [ 1308.997226] _copy_to_user+0x2e/0x180 [ 1308.997564] do_pages_stat+0x2b4/0x3b0 [ 1308.997960] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1308.998424] ? cpuset_mems_allowed+0x1af/0x440 [ 1308.998792] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1308.999176] ? trace_hardirqs_on+0x5b/0x180 [ 1308.999524] kernel_move_pages+0xb8f/0x11c0 [ 1308.999870] ? rcu_read_lock_any_held+0x75/0xa0 [ 1309.000227] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1309.000717] ? fput_many+0x2f/0x1a0 [ 1309.001089] ? ksys_write+0x1a9/0x260 [ 1309.001403] ? __ia32_sys_read+0xb0/0xb0 [ 1309.001734] __x64_sys_move_pages+0xdd/0x1b0 [ 1309.002061] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1309.002441] do_syscall_64+0x33/0x40 [ 1309.002736] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1309.003104] RIP: 0033:0x7f1c0ae11b19 [ 1309.003378] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1309.004712] RSP: 002b:00007f1c08387188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1309.005390] RAX: ffffffffffffffda RBX: 00007f1c0af24f60 RCX: 00007f1c0ae11b19 [ 1309.006029] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1309.006180] FAULT_INJECTION: forcing a failure. [ 1309.006180] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1309.006654] RBP: 00007f1c083871d0 R08: 0000000020000000 R09: 0000000000000000 [ 1309.006673] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1309.006689] R13: 00007ffd2ddfd2cf R14: 00007f1c08387300 R15: 0000000000022000 [ 1309.009754] CPU: 0 PID: 7794 Comm: syz-executor.0 Not tainted 5.10.224 #1 [ 1309.010336] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1309.011040] Call Trace: [ 1309.011289] dump_stack+0x107/0x167 [ 1309.011621] should_fail.cold+0x5/0xa [ 1309.011959] _copy_from_user+0x2e/0x1b0 [ 1309.012318] do_pages_stat+0xf1/0x3b0 [ 1309.012676] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1309.013359] ? cpuset_mems_allowed+0x1af/0x440 [ 1309.013864] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1309.014987] ? trace_hardirqs_on+0x5b/0x180 [ 1309.015444] kernel_move_pages+0xb8f/0x11c0 [ 1309.016405] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1309.016999] __x64_sys_move_pages+0xdd/0x1b0 [ 1309.017975] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1309.018517] do_syscall_64+0x33/0x40 [ 1309.018942] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1309.019473] RIP: 0033:0x7f6fdcf13b19 [ 1309.019865] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1309.021665] RSP: 002b:00007f6fda489188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1309.022560] RAX: ffffffffffffffda RBX: 00007f6fdd026f60 RCX: 00007f6fdcf13b19 [ 1309.023290] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1309.024035] RBP: 00007f6fda4891d0 R08: 0000000020000000 R09: 0000000000000000 [ 1309.024757] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1309.025458] R13: 00007ffee9bd176f R14: 00007f6fda489300 R15: 0000000000022000 [ 1309.037471] FAULT_INJECTION: forcing a failure. [ 1309.037471] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1309.038725] CPU: 1 PID: 7797 Comm: syz-executor.7 Not tainted 5.10.224 #1 [ 1309.039417] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1309.040236] Call Trace: [ 1309.040503] dump_stack+0x107/0x167 [ 1309.040867] should_fail.cold+0x5/0xa [ 1309.041271] _copy_from_user+0x2e/0x1b0 [ 1309.041678] do_pages_stat+0xf1/0x3b0 [ 1309.042074] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1309.042666] ? cpuset_mems_allowed+0x1af/0x440 [ 1309.043131] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1309.043586] ? trace_hardirqs_on+0x5b/0x180 [ 1309.043981] kernel_move_pages+0xb8f/0x11c0 [ 1309.044391] ? rcu_read_lock_any_held+0x75/0xa0 [ 1309.044798] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1309.045368] ? fput_many+0x2f/0x1a0 [ 1309.045732] ? ksys_write+0x1a9/0x260 [ 1309.046107] ? __ia32_sys_read+0xb0/0xb0 [ 1309.046508] __x64_sys_move_pages+0xdd/0x1b0 [ 1309.046944] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1309.047445] do_syscall_64+0x33/0x40 [ 1309.047811] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1309.048297] RIP: 0033:0x7f8be6d86b19 [ 1309.048664] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1309.050430] RSP: 002b:00007f8be42fc188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1309.051197] RAX: ffffffffffffffda RBX: 00007f8be6e99f60 RCX: 00007f8be6d86b19 [ 1309.051875] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1309.052559] RBP: 00007f8be42fc1d0 R08: 0000000020000000 R09: 0000000000000000 [ 1309.053235] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1309.053916] R13: 00007ffd26b6f95f R14: 00007f8be42fc300 R15: 0000000000022000 [ 1329.869184] FAULT_INJECTION: forcing a failure. [ 1329.869184] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1329.870234] CPU: 1 PID: 7812 Comm: syz-executor.4 Not tainted 5.10.224 #1 [ 1329.870803] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1329.871492] Call Trace: [ 1329.871725] dump_stack+0x107/0x167 [ 1329.872035] should_fail.cold+0x5/0xa [ 1329.872368] _copy_from_user+0x2e/0x1b0 [ 1329.872710] do_pages_stat+0xf1/0x3b0 [ 1329.873040] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1329.873552] ? cpuset_mems_allowed+0x1af/0x440 [ 1329.873953] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1329.874377] ? trace_hardirqs_on+0x5b/0x180 [ 1329.874748] kernel_move_pages+0xb8f/0x11c0 [ 1329.875122] ? rcu_read_lock_any_held+0x75/0xa0 [ 1329.875515] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1329.876004] ? fput_many+0x2f/0x1a0 [ 1329.876323] ? ksys_write+0x1a9/0x260 [ 1329.876645] ? __ia32_sys_read+0xb0/0xb0 [ 1329.877002] __x64_sys_move_pages+0xdd/0x1b0 [ 1329.877184] FAULT_INJECTION: forcing a failure. [ 1329.877184] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1329.877398] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1329.878859] do_syscall_64+0x33/0x40 [ 1329.879174] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1329.879602] RIP: 0033:0x7f1c0ae11b19 [ 1329.879924] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1329.881475] RSP: 002b:00007f1c08387188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1329.882118] RAX: ffffffffffffffda RBX: 00007f1c0af24f60 RCX: 00007f1c0ae11b19 [ 1329.882713] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1329.883312] RBP: 00007f1c083871d0 R08: 0000000020000000 R09: 0000000000000000 [ 1329.883911] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1329.884503] R13: 00007ffd2ddfd2cf R14: 00007f1c08387300 R15: 0000000000022000 [ 1329.885126] CPU: 0 PID: 7808 Comm: syz-executor.6 Not tainted 5.10.224 #1 [ 1329.885744] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1329.886434] Call Trace: [ 1329.886668] dump_stack+0x107/0x167 [ 1329.886981] should_fail.cold+0x5/0xa [ 1329.887318] _copy_to_user+0x2e/0x180 [ 1329.887648] do_pages_stat+0x2b4/0x3b0 [ 1329.887988] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1329.888486] ? cpuset_mems_allowed+0x1af/0x440 [ 1329.888884] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1329.889323] ? trace_hardirqs_on+0x5b/0x180 [ 1329.889700] kernel_move_pages+0xb8f/0x11c0 [ 1329.890075] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1329.890578] __x64_sys_move_pages+0xdd/0x1b0 [ 1329.890957] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1329.891392] do_syscall_64+0x33/0x40 [ 1329.891709] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1329.892143] RIP: 0033:0x7f28eb741b19 [ 1329.892460] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1329.894042] RSP: 002b:00007f28e8cb7188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1329.894695] RAX: ffffffffffffffda RBX: 00007f28eb854f60 RCX: 00007f28eb741b19 [ 1329.895304] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1329.895898] RBP: 00007f28e8cb71d0 R08: 0000000020000000 R09: 0000000000000000 [ 1329.896494] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1329.897106] R13: 00007ffd318d456f R14: 00007f28e8cb7300 R15: 0000000000022000 [ 1329.902718] FAULT_INJECTION: forcing a failure. [ 1329.902718] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1329.903775] CPU: 1 PID: 7817 Comm: syz-executor.7 Not tainted 5.10.224 #1 [ 1329.904350] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1329.905049] Call Trace: 15:21:44 executing program 1: syz_emit_ethernet(0x56, &(0x7f0000000080)={@random="20f9bdba2470", @remote, @void, {@canfd={0xd, {{}, 0x0, 0x0, 0x0, 0x0, "7bc74f84dbc157914cd8c864a1bea9a4d30d9eedbf84c7959dd76445502e8debf42a1f820f5fe25e762e614b3d9ae47ca38e6862065da5e5550f0dfc6eba6e8f"}}}}, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x8401, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f00000000c0)={'ipvlan1\x00'}) write$tun(r0, &(0x7f0000000100)={@void, @val={0x1, 0x4, 0x0, 0x2}, @ipv6=@dccp_packet={0x0, 0x6, "3cdefa", 0x10, 0x21, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @local, {[], {{0x0, 0x0, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "265d99", 0x0, "960cee"}}}}}, 0xa) 15:21:44 executing program 7: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000100)={0x0, 0x0}) capset(&(0x7f0000000180)={0x20080522, r0}, &(0x7f00000002c0)={0x40, 0x0, 0xfffffaf2, 0x6, 0xffffffff, 0x40}) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000)='wlan1\x00', 0x10) sendfile(r1, 0xffffffffffffffff, 0x0, 0x6) msgctl$IPC_RMID(0x0, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 6) 15:21:44 executing program 4: perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) msgget(0x1, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 57) 15:21:44 executing program 2: syz_emit_ethernet(0x56, &(0x7f0000000080)={@random="20f9bdba2470", @remote, @void, {@canfd={0xd, {{}, 0x0, 0x0, 0x0, 0x0, "7bc74f84dbc157914cd8c864a1bea9a4d30d9eedbf84c7959dd76445502e8debf42a1f820f5fe25e762e614b3d9ae47ca38e6862065da5e5550f0dfc6eba6e8f"}}}}, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x8401, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f00000000c0)={'ipvlan1\x00'}) write$tun(r0, &(0x7f0000000100)={@void, @val={0x1}, @ipv6=@dccp_packet={0x0, 0x6, "3cdefa", 0x10, 0x21, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @local, {[], {{0x0, 0x0, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "265d99", 0x0, "960cee"}}}}}, 0x42) 15:21:44 executing program 5: perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0xf4, 0x40, 0x40, 0x1c, 0x0, 0x3, 0x104, 0x4, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x2, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x4, @perf_config_ext={0x7, 0x5}, 0x10008, 0x100000000, 0x5, 0x7, 0x5fb, 0x4, 0x9, 0x0, 0x1, 0x0, 0xc67}, 0xffffffffffffffff, 0xd, 0xffffffffffffffff, 0x3) process_vm_readv(0x0, &(0x7f0000001a40)=[{&(0x7f00000018c0)=""/31, 0x1f}, {&(0x7f0000001b40)=""/124, 0x7a}, {&(0x7f0000001980)=""/161, 0xa1}], 0x3, &(0x7f0000001ec0)=[{&(0x7f0000001a80)=""/101, 0x65}, {&(0x7f0000002240)=""/183, 0xffffffbc}, {&(0x7f0000001bc0)=""/122, 0x7a}, {&(0x7f0000001c40)=""/163, 0xa3}, {&(0x7f0000001d00)=""/231, 0xe7}, {&(0x7f0000001e00)}, {&(0x7f0000001e40)=""/9, 0x9}, {&(0x7f0000001b00)=""/46, 0x2e}], 0x8, 0x0) 15:21:44 executing program 0: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) setsockopt$packet_rx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0) msgget(0x1, 0x0) ioctl$EXT4_IOC_PRECACHE_EXTENTS(0xffffffffffffffff, 0x6612) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 64) 15:21:44 executing program 6: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 64) 15:21:44 executing program 3: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000100)={0x0, 0x0}) capset(&(0x7f0000000180)={0x20080522, r0}, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/locks\x00', 0x0, 0x0) ioctl$FS_IOC_SETVERSION(r2, 0x40087602, &(0x7f0000000040)=0x20) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000)='wlan1\x00', 0x10) sendfile(r1, r2, 0x0, 0x6) r3 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r3, 0x0, 0x0) move_pages(0x0, 0x1, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0], 0x0) [ 1329.905287] dump_stack+0x107/0x167 [ 1329.907991] FAULT_INJECTION: forcing a failure. [ 1329.907991] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1329.909402] should_fail.cold+0x5/0xa [ 1329.909419] _copy_to_user+0x2e/0x180 [ 1329.909435] do_pages_stat+0x2b4/0x3b0 [ 1329.911354] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1329.911842] ? cpuset_mems_allowed+0x1af/0x440 [ 1329.912233] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1329.912652] ? trace_hardirqs_on+0x5b/0x180 [ 1329.913024] kernel_move_pages+0xb8f/0x11c0 [ 1329.917412] ? rcu_read_lock_any_held+0x75/0xa0 [ 1329.917805] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1329.918290] ? fput_many+0x2f/0x1a0 [ 1329.918596] ? ksys_write+0x1a9/0x260 [ 1329.918923] ? __ia32_sys_read+0xb0/0xb0 [ 1329.919265] __x64_sys_move_pages+0xdd/0x1b0 [ 1329.919632] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1329.920064] do_syscall_64+0x33/0x40 [ 1329.920374] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1329.920801] RIP: 0033:0x7f8be6d86b19 [ 1329.921116] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1329.922647] RSP: 002b:00007f8be42fc188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1329.923285] RAX: ffffffffffffffda RBX: 00007f8be6e99f60 RCX: 00007f8be6d86b19 [ 1329.923881] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1329.924473] RBP: 00007f8be42fc1d0 R08: 0000000020000000 R09: 0000000000000000 [ 1329.925070] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1329.925673] R13: 00007ffd26b6f95f R14: 00007f8be42fc300 R15: 0000000000022000 [ 1329.926292] CPU: 0 PID: 7809 Comm: syz-executor.0 Not tainted 5.10.224 #1 [ 1329.926884] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1329.927578] Call Trace: [ 1329.927813] dump_stack+0x107/0x167 [ 1329.928126] should_fail.cold+0x5/0xa [ 1329.928459] _copy_to_user+0x2e/0x180 [ 1329.928794] do_pages_stat+0x2b4/0x3b0 [ 1329.929140] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1329.933657] ? cpuset_mems_allowed+0x1af/0x440 [ 1329.934052] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1329.934474] ? trace_hardirqs_on+0x5b/0x180 [ 1329.934841] kernel_move_pages+0xb8f/0x11c0 [ 1329.935211] ? rcu_read_lock_any_held+0x75/0xa0 [ 1329.935600] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1329.936092] ? fput_many+0x2f/0x1a0 [ 1329.936401] ? ksys_write+0x1a9/0x260 [ 1329.936721] ? __ia32_sys_read+0xb0/0xb0 [ 1329.937064] __x64_sys_move_pages+0xdd/0x1b0 [ 1329.937460] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1329.937889] do_syscall_64+0x33/0x40 [ 1329.938200] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1329.938627] RIP: 0033:0x7f6fdcf13b19 [ 1329.938943] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1329.940454] RSP: 002b:00007f6fda489188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1329.941089] RAX: ffffffffffffffda RBX: 00007f6fdd026f60 RCX: 00007f6fdcf13b19 [ 1329.941704] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1329.942294] RBP: 00007f6fda4891d0 R08: 0000000020000000 R09: 0000000000000000 [ 1329.942883] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1329.943474] R13: 00007ffee9bd176f R14: 00007f6fda489300 R15: 0000000000022000 15:21:44 executing program 3: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000100)={0x0, 0x0}) capset(&(0x7f0000000180)={0x20080522, r0}, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/locks\x00', 0x0, 0x0) ioctl$FS_IOC_SETVERSION(r2, 0x40087602, &(0x7f0000000040)=0x20) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000)='wlan1\x00', 0x10) sendfile(r1, r2, 0x0, 0x6) r3 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r3, 0x0, 0x0) move_pages(0x0, 0x1, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0], 0x0) 15:21:44 executing program 6: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 65) 15:21:44 executing program 5: r0 = gettid() getpid() process_vm_readv(r0, &(0x7f0000001a40)=[{&(0x7f00000018c0)=""/31, 0x1f}, {&(0x7f0000001b40)=""/124, 0x7c}, {&(0x7f0000001980)=""/161, 0xa1}], 0x3, &(0x7f0000001ec0), 0x10000000000002cb, 0x0) r1 = perf_event_open(&(0x7f0000000040)={0x3, 0x80, 0x20, 0x1f, 0x0, 0x40, 0x0, 0x3, 0x800, 0x5, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f0000000000), 0x7}, 0x3684, 0xffff, 0x1, 0x1, 0x1, 0x80, 0x6, 0x0, 0x112, 0x0, 0x7}, r0, 0xd, 0xffffffffffffffff, 0x8) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000380)) r2 = gettid() process_vm_readv(r2, &(0x7f0000001a40)=[{&(0x7f00000018c0)=""/31, 0x1f}, {&(0x7f0000001b40)=""/120, 0x78}, {&(0x7f0000001980)=""/161, 0xa1}], 0x3, &(0x7f0000001ec0)=[{&(0x7f0000001a80)=""/101, 0x65}, {&(0x7f0000002240)=""/183, 0xb7}, {&(0x7f0000001bc0)=""/122, 0x7a}, {&(0x7f0000001c40)=""/163, 0xa3}, {&(0x7f0000001d00)=""/231, 0xe7}, {&(0x7f0000001e00)}, {&(0x7f0000001e40)=""/9, 0x9}, {&(0x7f0000000700)=""/31, 0x1f}], 0x1000000000000369, 0x0) fcntl$getownex(r1, 0x10, &(0x7f00000003c0)) r3 = gettid() process_vm_readv(r3, &(0x7f0000001a40)=[{&(0x7f00000018c0)=""/31, 0x1f}, {&(0x7f0000001b40)=""/124, 0x7a}, {&(0x7f0000001980)=""/161, 0xa1}], 0x3, &(0x7f0000001ec0)=[{&(0x7f0000001a80)=""/101, 0x65}, {&(0x7f0000002240)=""/183, 0xffffffbc}, {&(0x7f0000001bc0)=""/122, 0x7a}, {&(0x7f0000001c40)=""/163, 0xa3}, {&(0x7f0000001d00)=""/231, 0xe7}, {&(0x7f0000001e00)}, {&(0x7f0000001e40)=""/9, 0x9}, {&(0x7f0000001b00)=""/46, 0x2e}], 0x8, 0x0) readv(r1, &(0x7f00000006c0)=[{&(0x7f0000000500)=""/29, 0x1d}, {&(0x7f0000000540)=""/165, 0xa5}, {&(0x7f0000000600)=""/46, 0x2e}, {&(0x7f0000000640)=""/110, 0x6e}], 0x4) r4 = openat$sr(0xffffffffffffff9c, &(0x7f0000000440), 0x2b00, 0x0) process_vm_readv(0x0, &(0x7f0000000d00)=[{&(0x7f0000000800)=""/207, 0xcf}, {&(0x7f0000000900)=""/227, 0xe3}, {&(0x7f0000000240)=""/25, 0x19}, {&(0x7f0000000a00)=""/148, 0x94}, {&(0x7f0000000e00)=""/247, 0xf7}, {&(0x7f0000002300)=""/4096, 0x1000}, {&(0x7f0000000bc0)=""/174, 0xae}, {&(0x7f0000000c80)=""/105, 0x69}], 0x8, &(0x7f0000000dc0)=[{&(0x7f0000000400)=""/47, 0x2f}, {&(0x7f0000000d80)=""/18, 0x12}, {&(0x7f0000003300)=""/4096, 0x1000}], 0x3, 0x0) r5 = mmap$IORING_OFF_SQES(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x2000000, 0x810, r4, 0x10000000) syz_io_uring_submit(0x0, r5, &(0x7f0000000740)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x1, 0x0, @fd_index=0xa, 0x2eb5, 0x0, 0xfff}, 0xfffffffa) ioctl$RTC_PIE_OFF(r4, 0x7006) r6 = gettid() process_vm_readv(r6, &(0x7f0000001a40)=[{&(0x7f00000018c0)=""/31, 0x1f}, {&(0x7f0000001b40)=""/124, 0x7a}, {&(0x7f0000001980)=""/161, 0xa1}], 0x3, &(0x7f0000001ec0)=[{&(0x7f0000001a80)=""/101, 0x65}, {&(0x7f0000002240)=""/183, 0xffffffbc}, {&(0x7f0000001bc0)=""/122, 0x7a}, {&(0x7f0000001c40)=""/163, 0xa3}, {&(0x7f0000001d00)=""/231, 0xe7}, {&(0x7f0000001e00)}, {&(0x7f0000001e40)=""/9, 0x9}, {&(0x7f0000001b00)=""/46, 0x2e}], 0x8, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r4, 0xc0502100, &(0x7f0000000780)) clone3(&(0x7f0000000480)={0x10000, &(0x7f00000000c0), &(0x7f0000000100), &(0x7f0000000140), {0x6}, &(0x7f0000000180)=""/190, 0xbe, &(0x7f0000000280)=""/238, &(0x7f0000000400), 0x0, {r4}}, 0x58) 15:21:44 executing program 0: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) setsockopt$packet_rx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0) msgget(0x1, 0x0) ioctl$EXT4_IOC_PRECACHE_EXTENTS(0xffffffffffffffff, 0x6612) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 65) 15:21:44 executing program 2: syz_emit_ethernet(0x56, &(0x7f0000000080)={@random="20f9bdba2470", @remote, @void, {@canfd={0xd, {{}, 0x0, 0x0, 0x0, 0x0, "7bc74f84dbc157914cd8c864a1bea9a4d30d9eedbf84c7959dd76445502e8debf42a1f820f5fe25e762e614b3d9ae47ca38e6862065da5e5550f0dfc6eba6e8f"}}}}, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x8401, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f00000000c0)={'ipvlan1\x00'}) write$tun(r0, &(0x7f0000000100)={@void, @val, @ipv6=@dccp_packet={0x0, 0x6, "3cdefa", 0x10, 0x21, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @local, {[], {{0x0, 0x0, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "265d99", 0x0, "960cee"}}}}}, 0x42) [ 1330.047380] FAULT_INJECTION: forcing a failure. [ 1330.047380] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1330.048578] CPU: 0 PID: 7827 Comm: syz-executor.6 Not tainted 5.10.224 #1 [ 1330.049157] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1330.049872] Call Trace: [ 1330.050107] dump_stack+0x107/0x167 [ 1330.050419] should_fail.cold+0x5/0xa [ 1330.050758] _copy_from_user+0x2e/0x1b0 [ 1330.051105] do_pages_stat+0xf1/0x3b0 [ 1330.051437] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1330.051938] ? cpuset_mems_allowed+0x1af/0x440 [ 1330.052336] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1330.052764] ? trace_hardirqs_on+0x5b/0x180 15:21:44 executing program 1: syz_emit_ethernet(0x56, &(0x7f0000000080)={@random="20f9bdba2470", @remote, @void, {@canfd={0xd, {{}, 0x0, 0x0, 0x0, 0x0, "7bc74f84dbc157914cd8c864a1bea9a4d30d9eedbf84c7959dd76445502e8debf42a1f820f5fe25e762e614b3d9ae47ca38e6862065da5e5550f0dfc6eba6e8f"}}}}, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x8401, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f00000000c0)={'ipvlan1\x00'}) write$tun(r0, &(0x7f0000000100)={@void, @val={0x1, 0x4, 0x0, 0x2}, @ipv6=@dccp_packet={0x0, 0x6, "3cdefa", 0x10, 0x21, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @local, {[], {{0x0, 0x0, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "265d99", 0x0, "960cee"}}}}}, 0x20000142) [ 1330.053137] kernel_move_pages+0xb8f/0x11c0 [ 1330.053535] ? rcu_read_lock_any_held+0x75/0xa0 [ 1330.053934] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1330.054426] ? fput_many+0x2f/0x1a0 [ 1330.054743] ? ksys_write+0x1a9/0x260 [ 1330.055070] ? __ia32_sys_read+0xb0/0xb0 [ 1330.055421] __x64_sys_move_pages+0xdd/0x1b0 [ 1330.055802] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1330.061666] do_syscall_64+0x33/0x40 [ 1330.061981] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1330.062411] RIP: 0033:0x7f28eb741b19 [ 1330.062726] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1330.064255] RSP: 002b:00007f28e8cb7188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1330.064892] RAX: ffffffffffffffda RBX: 00007f28eb854f60 RCX: 00007f28eb741b19 [ 1330.065504] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1330.066100] RBP: 00007f28e8cb71d0 R08: 0000000020000000 R09: 0000000000000000 [ 1330.066695] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1330.067289] R13: 00007ffd318d456f R14: 00007f28e8cb7300 R15: 0000000000022000 15:21:44 executing program 4: perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) msgget(0x1, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 58) 15:21:44 executing program 7: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000100)={0x0, 0x0}) capset(&(0x7f0000000180)={0x20080522, r0}, &(0x7f00000002c0)={0x40, 0x0, 0xfffffaf2, 0x6, 0xffffffff, 0x40}) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000)='wlan1\x00', 0x10) sendfile(r1, 0xffffffffffffffff, 0x0, 0x6) msgctl$IPC_RMID(0x0, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 7) [ 1330.099492] FAULT_INJECTION: forcing a failure. [ 1330.099492] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1330.100553] CPU: 0 PID: 7833 Comm: syz-executor.0 Not tainted 5.10.224 #1 [ 1330.101136] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1330.101863] Call Trace: [ 1330.102099] dump_stack+0x107/0x167 [ 1330.102421] should_fail.cold+0x5/0xa [ 1330.102772] _copy_from_user+0x2e/0x1b0 [ 1330.103124] do_pages_stat+0xf1/0x3b0 [ 1330.103251] FAULT_INJECTION: forcing a failure. [ 1330.103251] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1330.103461] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1330.104928] ? cpuset_mems_allowed+0x1af/0x440 [ 1330.105344] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1330.105780] ? trace_hardirqs_on+0x5b/0x180 [ 1330.106163] kernel_move_pages+0xb8f/0x11c0 [ 1330.106543] ? rcu_read_lock_any_held+0x75/0xa0 [ 1330.106947] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1330.107444] ? fput_many+0x2f/0x1a0 [ 1330.107764] ? ksys_write+0x1a9/0x260 [ 1330.108093] ? __ia32_sys_read+0xb0/0xb0 [ 1330.108446] __x64_sys_move_pages+0xdd/0x1b0 [ 1330.108830] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1330.109283] do_syscall_64+0x33/0x40 [ 1330.109612] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1330.110056] RIP: 0033:0x7f6fdcf13b19 [ 1330.110376] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1330.111943] RSP: 002b:00007f6fda489188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1330.112592] RAX: ffffffffffffffda RBX: 00007f6fdd026f60 RCX: 00007f6fdcf13b19 [ 1330.113203] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1330.113824] RBP: 00007f6fda4891d0 R08: 0000000020000000 R09: 0000000000000000 [ 1330.114418] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1330.115014] R13: 00007ffee9bd176f R14: 00007f6fda489300 R15: 0000000000022000 [ 1330.115628] CPU: 1 PID: 7835 Comm: syz-executor.7 Not tainted 5.10.224 #1 [ 1330.116220] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1330.116912] Call Trace: [ 1330.117146] dump_stack+0x107/0x167 [ 1330.117474] should_fail.cold+0x5/0xa [ 1330.117809] _copy_from_user+0x2e/0x1b0 [ 1330.118154] do_pages_stat+0xf1/0x3b0 [ 1330.118485] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1330.118980] ? cpuset_mems_allowed+0x1af/0x440 [ 1330.119380] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1330.119805] ? trace_hardirqs_on+0x5b/0x180 [ 1330.120177] kernel_move_pages+0xb8f/0x11c0 [ 1330.120556] ? rcu_read_lock_any_held+0x75/0xa0 [ 1330.120951] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1330.121456] ? fput_many+0x2f/0x1a0 [ 1330.121772] ? ksys_write+0x1a9/0x260 [ 1330.122097] ? __ia32_sys_read+0xb0/0xb0 [ 1330.122448] __x64_sys_move_pages+0xdd/0x1b0 [ 1330.122826] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1330.123259] do_syscall_64+0x33/0x40 [ 1330.123575] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1330.124007] RIP: 0033:0x7f8be6d86b19 [ 1330.124321] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1330.125870] RSP: 002b:00007f8be42fc188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1330.126511] RAX: ffffffffffffffda RBX: 00007f8be6e99f60 RCX: 00007f8be6d86b19 [ 1330.127116] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1330.127716] RBP: 00007f8be42fc1d0 R08: 0000000020000000 R09: 0000000000000000 [ 1330.128316] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1330.128917] R13: 00007ffd26b6f95f R14: 00007f8be42fc300 R15: 0000000000022000 15:21:44 executing program 3: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000100)={0x0, 0x0}) capset(&(0x7f0000000180)={0x20080522, r0}, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/locks\x00', 0x0, 0x0) ioctl$FS_IOC_SETVERSION(r2, 0x40087602, &(0x7f0000000040)=0x20) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000)='wlan1\x00', 0x10) sendfile(r1, r2, 0x0, 0x6) r3 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r3, 0x0, 0x0) move_pages(0x0, 0x1, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0], 0x0) 15:21:44 executing program 7: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000100)={0x0, 0x0}) capset(&(0x7f0000000180)={0x20080522, r0}, &(0x7f00000002c0)={0x40, 0x0, 0xfffffaf2, 0x6, 0xffffffff, 0x40}) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000)='wlan1\x00', 0x10) sendfile(r1, 0xffffffffffffffff, 0x0, 0x6) msgctl$IPC_RMID(0x0, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 8) 15:21:44 executing program 2: syz_emit_ethernet(0x56, &(0x7f0000000080)={@random="20f9bdba2470", @remote, @void, {@canfd={0xd, {{}, 0x0, 0x0, 0x0, 0x0, "7bc74f84dbc157914cd8c864a1bea9a4d30d9eedbf84c7959dd76445502e8debf42a1f820f5fe25e762e614b3d9ae47ca38e6862065da5e5550f0dfc6eba6e8f"}}}}, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x8401, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f00000000c0)={'ipvlan1\x00'}) write$tun(r0, &(0x7f0000000100)={@void, @val={0x1}, @ipv6=@dccp_packet={0x0, 0x6, "3cdefa", 0x10, 0x21, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @local, {[], {{0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "265d99", 0x0, "960cee"}}}}}, 0x42) [ 1330.238369] FAULT_INJECTION: forcing a failure. [ 1330.238369] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1330.239629] CPU: 0 PID: 7845 Comm: syz-executor.7 Not tainted 5.10.224 #1 [ 1330.240360] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1330.241236] Call Trace: [ 1330.241826] dump_stack+0x107/0x167 [ 1330.242719] should_fail.cold+0x5/0xa [ 1330.243650] _copy_to_user+0x2e/0x180 [ 1330.244565] do_pages_stat+0x2b4/0x3b0 [ 1330.245557] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1330.246947] ? cpuset_mems_allowed+0x1af/0x440 [ 1330.248045] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1330.249253] ? trace_hardirqs_on+0x5b/0x180 [ 1330.250328] kernel_move_pages+0xb8f/0x11c0 [ 1330.251379] ? rcu_read_lock_any_held+0x75/0xa0 [ 1330.252506] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1330.253923] ? fput_many+0x2f/0x1a0 [ 1330.254804] ? ksys_write+0x1a9/0x260 [ 1330.255714] ? __ia32_sys_read+0xb0/0xb0 [ 1330.256683] __x64_sys_move_pages+0xdd/0x1b0 [ 1330.257754] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1330.258487] FAULT_INJECTION: forcing a failure. [ 1330.258487] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1330.258987] do_syscall_64+0x33/0x40 [ 1330.259016] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1330.263047] RIP: 0033:0x7f8be6d86b19 [ 1330.263891] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1330.267979] RSP: 002b:00007f8be42fc188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1330.269703] RAX: ffffffffffffffda RBX: 00007f8be6e99f60 RCX: 00007f8be6d86b19 [ 1330.271291] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1330.272880] RBP: 00007f8be42fc1d0 R08: 0000000020000000 R09: 0000000000000000 [ 1330.274467] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1330.276050] R13: 00007ffd26b6f95f R14: 00007f8be42fc300 R15: 0000000000022000 [ 1330.277678] CPU: 1 PID: 7837 Comm: syz-executor.4 Not tainted 5.10.224 #1 [ 1330.278400] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1330.279260] Call Trace: [ 1330.279550] dump_stack+0x107/0x167 [ 1330.279925] should_fail.cold+0x5/0xa [ 1330.280355] _copy_to_user+0x2e/0x180 [ 1330.280764] do_pages_stat+0x2b4/0x3b0 [ 1330.281188] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1330.281701] ? cpuset_mems_allowed+0x1af/0x440 [ 1330.282096] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1330.282518] ? trace_hardirqs_on+0x5b/0x180 [ 1330.282887] kernel_move_pages+0xb8f/0x11c0 [ 1330.283258] ? rcu_read_lock_any_held+0x75/0xa0 [ 1330.283650] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1330.284134] ? fput_many+0x2f/0x1a0 [ 1330.284443] ? ksys_write+0x1a9/0x260 [ 1330.284763] ? __ia32_sys_read+0xb0/0xb0 [ 1330.285108] __x64_sys_move_pages+0xdd/0x1b0 [ 1330.285504] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1330.285944] do_syscall_64+0x33/0x40 [ 1330.286261] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1330.286689] RIP: 0033:0x7f1c0ae11b19 [ 1330.287002] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1330.288514] RSP: 002b:00007f1c08387188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1330.289149] RAX: ffffffffffffffda RBX: 00007f1c0af24f60 RCX: 00007f1c0ae11b19 [ 1330.289759] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1330.290350] RBP: 00007f1c083871d0 R08: 0000000020000000 R09: 0000000000000000 [ 1330.290941] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1330.291531] R13: 00007ffd2ddfd2cf R14: 00007f1c08387300 R15: 0000000000022000 15:21:58 executing program 0: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) setsockopt$packet_rx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0) msgget(0x1, 0x0) ioctl$EXT4_IOC_PRECACHE_EXTENTS(0xffffffffffffffff, 0x6612) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 66) [ 1343.695970] FAULT_INJECTION: forcing a failure. [ 1343.695970] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1343.697063] CPU: 0 PID: 7857 Comm: syz-executor.0 Not tainted 5.10.224 #1 [ 1343.697702] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1343.698446] Call Trace: [ 1343.698699] dump_stack+0x107/0x167 [ 1343.699036] should_fail.cold+0x5/0xa [ 1343.699396] _copy_to_user+0x2e/0x180 [ 1343.699750] do_pages_stat+0x2b4/0x3b0 [ 1343.700119] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1343.700652] ? cpuset_mems_allowed+0x1af/0x440 [ 1343.701082] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1343.708441] ? trace_hardirqs_on+0x5b/0x180 [ 1343.708845] kernel_move_pages+0xb8f/0x11c0 15:21:58 executing program 6: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 66) [ 1343.709252] ? rcu_read_lock_any_held+0x75/0xa0 [ 1343.709838] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1343.710362] ? fput_many+0x2f/0x1a0 [ 1343.710700] ? ksys_write+0x1a9/0x260 [ 1343.711049] ? __ia32_sys_read+0xb0/0xb0 [ 1343.711422] __x64_sys_move_pages+0xdd/0x1b0 [ 1343.711823] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1343.712287] do_syscall_64+0x33/0x40 [ 1343.712625] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1343.713085] RIP: 0033:0x7f6fdcf13b19 [ 1343.713424] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1343.715065] RSP: 002b:00007f6fda489188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1343.715748] RAX: ffffffffffffffda RBX: 00007f6fdd026f60 RCX: 00007f6fdcf13b19 [ 1343.716384] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1343.717022] RBP: 00007f6fda4891d0 R08: 0000000020000000 R09: 0000000000000000 [ 1343.717668] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1343.718303] R13: 00007ffee9bd176f R14: 00007f6fda489300 R15: 0000000000022000 [ 1343.763235] FAULT_INJECTION: forcing a failure. [ 1343.763235] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1343.764343] CPU: 1 PID: 7859 Comm: syz-executor.6 Not tainted 5.10.224 #1 [ 1343.764995] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1343.765763] Call Trace: [ 1343.766012] dump_stack+0x107/0x167 [ 1343.766352] should_fail.cold+0x5/0xa [ 1343.766714] _copy_to_user+0x2e/0x180 [ 1343.767070] do_pages_stat+0x2b4/0x3b0 [ 1343.767440] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1343.767972] ? cpuset_mems_allowed+0x1af/0x440 [ 1343.768404] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1343.768868] ? trace_hardirqs_on+0x5b/0x180 [ 1343.769272] kernel_move_pages+0xb8f/0x11c0 [ 1343.769723] ? rcu_read_lock_any_held+0x75/0xa0 [ 1343.770146] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1343.770670] ? fput_many+0x2f/0x1a0 [ 1343.771009] ? ksys_write+0x1a9/0x260 [ 1343.771360] ? __ia32_sys_read+0xb0/0xb0 [ 1343.771737] __x64_sys_move_pages+0xdd/0x1b0 [ 1343.772143] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1343.772606] do_syscall_64+0x33/0x40 [ 1343.772946] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1343.773408] RIP: 0033:0x7f28eb741b19 [ 1343.773768] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1343.775409] RSP: 002b:00007f28e8cb7188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1343.776097] RAX: ffffffffffffffda RBX: 00007f28eb854f60 RCX: 00007f28eb741b19 [ 1343.776739] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1343.777382] RBP: 00007f28e8cb71d0 R08: 0000000020000000 R09: 0000000000000000 [ 1343.778040] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1343.778681] R13: 00007ffd318d456f R14: 00007f28e8cb7300 R15: 0000000000022000 [ 1343.805373] FAULT_INJECTION: forcing a failure. [ 1343.805373] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1343.806494] CPU: 1 PID: 7862 Comm: syz-executor.4 Not tainted 5.10.224 #1 [ 1343.807112] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1343.807854] Call Trace: [ 1343.808100] dump_stack+0x107/0x167 [ 1343.808439] should_fail.cold+0x5/0xa [ 1343.808798] _copy_from_user+0x2e/0x1b0 [ 1343.809166] do_pages_stat+0xf1/0x3b0 [ 1343.821555] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1343.822087] ? cpuset_mems_allowed+0x1af/0x440 [ 1343.822518] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1343.822974] ? trace_hardirqs_on+0x5b/0x180 [ 1343.823380] kernel_move_pages+0xb8f/0x11c0 [ 1343.823785] ? rcu_read_lock_any_held+0x75/0xa0 [ 1343.824209] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1343.824734] ? fput_many+0x2f/0x1a0 [ 1343.825071] ? ksys_write+0x1a9/0x260 [ 1343.825421] ? __ia32_sys_read+0xb0/0xb0 [ 1343.825825] __x64_sys_move_pages+0xdd/0x1b0 [ 1343.826231] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1343.826697] do_syscall_64+0x33/0x40 [ 1343.827038] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1343.827501] RIP: 0033:0x7f1c0ae11b19 [ 1343.827840] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1343.829487] RSP: 002b:00007f1c08387188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1343.830178] RAX: ffffffffffffffda RBX: 00007f1c0af24f60 RCX: 00007f1c0ae11b19 [ 1343.830817] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1343.831458] RBP: 00007f1c083871d0 R08: 0000000020000000 R09: 0000000000000000 [ 1343.832101] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1343.832742] R13: 00007ffd2ddfd2cf R14: 00007f1c08387300 R15: 0000000000022000 15:21:58 executing program 5: perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) pipe2(&(0x7f0000000140)={0xffffffffffffffff}, 0x84000) perf_event_open(&(0x7f00000000c0)={0x1, 0x80, 0x3, 0x3, 0x0, 0x2, 0x0, 0x700000000000000, 0x20488, 0x7, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x2, @perf_bp, 0x8, 0x3, 0x4, 0x0, 0xf4, 0x80000000, 0x0, 0x0, 0xfffffff8, 0x0, 0x9}, 0x0, 0x1, r0, 0xa) r1 = gettid() process_vm_readv(r1, &(0x7f0000001a40)=[{&(0x7f00000018c0)=""/31, 0x1f}, {&(0x7f0000001b40)=""/124, 0x7a}, {&(0x7f0000001980)=""/161, 0xa1}], 0x3, &(0x7f0000001ec0)=[{&(0x7f0000001a80)=""/101, 0x65}, {&(0x7f0000002240)=""/183, 0xffffffbc}, {&(0x7f0000001bc0)=""/122, 0x7a}, {&(0x7f0000001c40)=""/163, 0xa3}, {&(0x7f0000001d00)=""/231, 0xe7}, {&(0x7f0000001e00)}, {&(0x7f0000001e40)=""/9, 0x9}, {&(0x7f0000001b00)=""/46, 0x2e}], 0x8, 0x0) 15:21:58 executing program 7: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000100)={0x0, 0x0}) capset(&(0x7f0000000180)={0x20080522, r0}, &(0x7f00000002c0)={0x40, 0x0, 0xfffffaf2, 0x6, 0xffffffff, 0x40}) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000)='wlan1\x00', 0x10) sendfile(r1, 0xffffffffffffffff, 0x0, 0x6) msgctl$IPC_RMID(0x0, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 9) 15:21:58 executing program 4: perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) msgget(0x1, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 59) 15:21:58 executing program 2: syz_emit_ethernet(0x56, &(0x7f0000000080)={@random="20f9bdba2470", @remote, @void, {@canfd={0xd, {{}, 0x0, 0x0, 0x0, 0x0, "7bc74f84dbc157914cd8c864a1bea9a4d30d9eedbf84c7959dd76445502e8debf42a1f820f5fe25e762e614b3d9ae47ca38e6862065da5e5550f0dfc6eba6e8f"}}}}, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x8401, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f00000000c0)={'ipvlan1\x00'}) write$tun(r0, &(0x7f0000000100)={@void, @val={0x1}, @ipv6=@dccp_packet={0x0, 0x6, "3cdefa", 0x10, 0x21, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @local, {[], {{0x0, 0x0, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "265d99", 0x0, "960cee"}}}}}, 0x20000142) 15:21:58 executing program 3: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000100)={0x0, 0x0}) capset(&(0x7f0000000180)={0x20080522, r0}, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/locks\x00', 0x0, 0x0) ioctl$FS_IOC_SETVERSION(r2, 0x40087602, &(0x7f0000000040)=0x20) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000)='wlan1\x00', 0x10) sendfile(r1, r2, 0x0, 0x6) r3 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r3, 0x0, 0x0) move_pages(0x0, 0x1, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0], 0x0) 15:21:58 executing program 1: syz_emit_ethernet(0x56, &(0x7f0000000080)={@random="20f9bdba2470", @remote, @void, {@canfd={0xd, {{}, 0x0, 0x0, 0x0, 0x0, "7bc74f84dbc157914cd8c864a1bea9a4d30d9eedbf84c7959dd76445502e8debf42a1f820f5fe25e762e614b3d9ae47ca38e6862065da5e5550f0dfc6eba6e8f"}}}}, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x8401, 0x0) syz_extract_tcp_res(&(0x7f0000000140)={0x41424344}, 0x9b4e, 0x401) write$tun(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[@ANYBLOB="0000884c6ea3432c01df0601fc020000000000000000000000000000200100000000000000000000000000025c080000000000000730000000000afa000001000000000000000100000000000000d900000000000000fcffffffffffffff4000000000000000c20400000008c2040000000701010000000000000000080f0000000000000401000718000000000408e5fc01000000000000005a010000000000000001000720000000010603030000f800987a8affff090000000000000000000008000000000738000000010c05b900feffffffffffffff0100000000000000880f000000000000000000020000000001040000000000000200000000000000000000004e214e20", @ANYRES32=r1, @ANYRES32=0x41424344, @ANYBLOB="0010006990780003020400001e148831000000000000010000000000000005dc13129afa60a9a2451203b60b7dc337b3b88f00009589ca94a1a9e617700b9fb6e8ecc9795075fc345d502fea7bcbc14fa8b904d86c7b3de9aca3f5a552f766f162cfde2b74b9ecf3a824afe1597f6b786366097c054c1af3180247da90fce10e353c45264bf03b69702b3fbd851614dc0f1bbfdf3215895a3f133c6525ef13b7deaa2795ceb79fd9187a5d97160a5bba72365e95c13a311f9914014f5a0cf1d279609b78d7c3e7a76c54965dbedf1b55b980681483df4ae42eda30256723958b1a6611ac4222004b4ebea198a41a415c30fada923416a600dd85a6"], 0x20b) syz_extract_tcp_res(&(0x7f0000000140)={0x41424344}, 0x9b4e, 0x401) write$tun(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[@ANYBLOB="0000884c6ea3432c01df0601fc020000000000000000000000000000200100000000000000000000000000025c080000000000000730000000000afa000001000000000000000100000000000000d900000000000000fcffffffffffffff4000000000000000c20400000008c2040000000701010000000000000000080f0000000000000401000718000000000408e5fc01000000000000005a010000000000000001000720000000010603030000f800987a8affff090000000000000000000008000000000738000000010c05b900feffffffffffffff0100000000000000880f000000000000000000020000000001040000000000000200000000000000000000004e214e20", @ANYRES32=r2, @ANYRES32=0x41424344, @ANYBLOB="0010006990780003020400001e148831000000000000010000000000000005dc13129afa60a9a2451203b60b7dc337b3b88f00009589ca94a1a9e617700b9fb6e8ecc9795075fc345d502fea7bcbc14fa8b904d86c7b3de9aca3f5a552f766f162cfde2b74b9ecf3a824afe1597f6b786366097c054c1af3180247da90fce10e353c45264bf03b69702b3fbd851614dc0f1bbfdf3215895a3f133c6525ef13b7deaa2795ceb79fd9187a5d97160a5bba72365e95c13a311f9914014f5a0cf1d279609b78d7c3e7a76c54965dbedf1b55b980681483df4ae42eda30256723958b1a6611ac4222004b4ebea198a41a415c30fada923416a600dd85a6"], 0x20b) syz_emit_ethernet(0x11f7, &(0x7f0000000180)={@multicast, @local, @void, {@ipv6={0x86dd, @tcp={0x2, 0x6, "6acb07", 0x11c1, 0x6, 0x0, @mcast1, @loopback, {[@fragment={0x2f, 0x0, 0xc9, 0x0, 0x0, 0x9, 0x65}, @srh={0x89, 0x8, 0x4, 0x4, 0x1c, 0x10, 0xe8, [@ipv4={'\x00', '\xff\xff', @private=0xa010101}, @empty, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @empty]}, @fragment={0x67, 0x0, 0x6, 0x1, 0x0, 0x0, 0x68}, @dstopts={0x0, 0x3, '\x00', [@calipso={0x7, 0x18, {0x2, 0x4, 0x20, 0xffe1, [0x1000, 0xeb]}}]}, @dstopts={0x11, 0x2, '\x00', [@hao={0xc9, 0x10, @private1={0xfc, 0x1, '\x00', 0x1}}]}, @dstopts={0x2e, 0x209, '\x00', [@pad1, @pad1, @pad1, @generic={0x3, 0x1000, "53be9b31cfc8884e874b81862cc68439a214c9dcb2c49d4c0490899a19c2396acb2f87746baf53acdc8d21a9c13c0da85eef64e6997abeaf51e6a1bb7e1f7fcab67b0482c4f2772da842fd1d92bb24ac5f4b0e5eff9d509a7c9078c5a3e51f3fad57fc6f1e88860c3029d052e96e1d692462065181b9695fc3b52917d403f35d0b556886dd8929c32d1a06d70cc124fd8b9355bbfe641b354a8999de2e62446127ce59598bdf53a803a0722a713365443d0b4306b90b8d09d0773a2e966c194f78e5a24e14660bdfae43bdb3e47835d8b60a51d4e9df709e2517bcbcb319f622cbef64b101f02ec712a799389f78776b85ca404e143e8a5f35b88618dc32024a5d129b14409cbf72ee622707c5242c18dd68319464cf8fbd6285bf056183cfa4844c8afa921cb6d49d54f9b9bb1ba39f5da79a6474fbcc46af252e3efecf73ea5b621f926d88f9a7b47057e0e5296269b426e565fd4e7806a303da60bf9a639bc9b59f18e060183b85e702744957ca263f3c48d75e640b0825dfac188ef0362af21ee55f40180b46a6f49f94a26746cec7d65cb6416a0ebac8b28f03f70117b3dd03ba6c5903ceaae543da55112fb3a61d662d34af80ef3b90a643487a7ed3098713279a70a2dd9e159931173295bac1b9a1bce8a87e39cb421a8d4977176ccde7bc35c3185c1f9a2a92d1a79329af5a3bd0f621f53a13fba79e4394d9cb89732cd6d6aa8aca806bdfb4fd6d93e13f3a80d218294bbf44c2813508fee8b1abaaece562101c060af67ffd9fdee47c1ea18e1b18528616aaed878ac85d1ee4b8cea8e15b92180a538aed1e2eeccdb40daefa9f9da8477f19b28750525a5f5f1cb6284f57b52d859cff512589072743d405b0939152dd7ead1ccb0f821b3682c29656c6b0b487b211e79546886d549c99941a56047ed9ffc85d2d48b01eb32132fc4acb5921a8b998b7fdc6d022bf1bad77feeb61b90aa99e4b3b5d097d3b306f61fe1ad64cbd368c1f6461f92cb697e8f86c8d64a853da02a0533eb1051b26f2c51622279971d24166e548f19a0a9c15f7603d77342733926a23c371ff0ad88bd729952a810149e3169b1ac9b5c73e10c77f70dc8fb518d450e31ae393d9ad31b81f22202c90569ef2053fe8ec771d8961b43eb94bf08ca52f0e3cba52f8db9fea90f3cd1a42b4ddbc9520c267d596503d98e8306fd1a369884374370b1fcfff6ac096b4dd4506f20715af57177f8b78f91e59e4bb84bc43ff85112aea8af7e859523a8e246e93524a71c5c83d36da22203df02b25b053f8c00cc484873dc886f4f73ae87206d3a67ccd84289548158be7223031566f21bf3cbad8278fbd22b7772c9d04421922e523323dd153d50657ae9d47f134b0c93eb1ff1179881cedc1da1651eda5c15f21a995f2d2536d61f5b99c73d86804808d0a19754ce99b224ff2fb1ba9d137f6dd78aefe19822ebd7fa83e56cad901f08473bcde6343339b4797daa70a4d3293b6e9ea14311628936eea5adc0bc9abc921e00d93886004e3eb711dea02d2a81027cfc2dfe34e7ca836dabb8714c25455af855bd9b59b335e0a7c146e93bb3a510e493d40e1caed5f09803cd8bfff9c89c8743d1dae3fc82a3664df806a00c28fb3c3fd25f00f67a89876746b8c143a1881dad53a22e722eea9ca029983442f03dde5df3bb1513c4a76809494e22ff220852ecc1fdf87f564cbb4377ae55edc0c21116143df4ed39228670abeefe1c0c63fb133b55808d5989cad754efc78e6c2b1d4f8887ece24b581dc301bd0c6a489bd4ef145118575a05d3f85f69480229d378ad0e9970b0548994ddd5cd4b37ad54118d6b77b55b39d1f7dc214a2880f8e10e8d5b50b1ada1b93b4253e4f5e27343409289b1a4c3c1b59840c81757c9bed300729ff2d92fc19db4bae951e2a053b7a4a9233deed2607805f70e508150b376c4ba0248e7dda432589ecf0fe49d30ea2f26320d3ba771e1829a35d054f563b7cceb32509255d528beaa399cb5b8d67bec2ffb777e8ea069329694185cfc918d416fb97a1f87e722c41b3320854e7998b20591647d0213bb5361649722836e4289ade23375f136d5eea0d1b366a1b1f0ba6228b2e6945bceb7ba298e25e751311b176fbf38fe3f7b8da9da173acccdf82bd987d0fbc96aaaa7916198dd6994b068ad319db599b0188806fb64c03a2e2d9f162f879552ebcbfc6ebe19feed660f97456a70a505b0a4cbcc5b34953514e4010f94e3e28079cf6aa0512e411be48ddc9fcfaef87ae32d4f6f7e5ea79fc28f7497c75e8c8b54b0bd76758665621e3b32848acb60daba5afbeb63abf0a0690ab292a0367c21822db0030f73e31dc89f78c069536fc4ee6087205ae26b019781c89613b850d0948c4a9d5a56b746bb43781a1e205f49121e14eb07e04da25799e30efb033d55688ee40b046ee42a5f6e2c8603be134302bbbf10fd6480fb1ff5865b88d63008949d23d6a781cf8facfe308cc129b9512de325fe62eac1d76f6ede6eb99e3157e8cc2ba7320e6a3afa9c462f949ce4b060c2b3f0ef94980f71f7ad3aab3a1d1be66b5bffa5514290fc3f33a3541464ce75624c985dac35fb516112c29aeb0e0e8f8b7c20bc12c2f1502223898781d62dd897826c5d5d9899b7b97ce0f0d8065280b7159ec8c660c1634b2c8321481ed104f98e8333b0ce12c62fb89e0c40169abca2372d258c2ce98177981df361d42deacd6013f805565651093202820e27317a86a15f37a2bc19d4a7f45898ecd8227e594723ff3d070afe5ffc9b480d02cfb11805134b893101291c53e547d2e0d197c12db31af8fc25147e846e934f5595248545e4f15269f4a2ecd0b8bc1b2c153153476d736d3aa60b891e2c044fb859ba5079ca16cfe76354b0ce87e8d916187aace75ed7b74cd3c3bca1e78411af087bb43428880217f6420ba59f7e112b53e1c51c3db30c030491b6a15c663aa8c08d2d2c66168393873c6c888281c3e94d8a1d255647f6df80f98c0bab5a834b40d88028f4053ac73d4a1056ae8eb661b67b08be110398f08eef02514c0ab69afaad01583cad22ae34125d75231eb155d73f887e9261cac141dd92772d01d5e25dfd456db13239214ae43da8f1a18a890a5ec9f62fbdef428ea9593fcbb725783cd32bcfbcba649f154630e48766b8e7cd2abd0378bf3c39aa0bdbaef42bc404630f47d43d26fe06c4b49d4eedc1f31443f5bba590d76c6401867b82f4611cfbc0a17be091c42aa3e5e973a33c5c6388ca77cf4b71aa54723efd47bfc99b262e8ea76eb7ebbdcbe1ac41f032b5959764a1b43ad5219d18fd37fbd8672e65ae29bfe115abb3bf828baff2c24362762f8bc6a3b32b9f50e85b02e61adb3210c31bc209b5b45764a221da2d3faba0484f43bc138c7108889d3a3934f75b01d8abc25821c6f863724629fcbe12b5b5607f85006ce9a9a5e8d32dff953520000e2ccfe552bbb93aa524cc1163f12c0ebed7f3cae58fb1bb0edac2d8f4512e99c9b7dd09c16468bee61eb0b5c9c5ec6103c5f68d2651bef37d787755450ecef0d78d43a46f51ea38f4ec25cb2193e99265fff1ef206f6bcc428d5467ddf69fc0fbe9249ecaa71aed43838638a98ad41be1493f6a19e8afefdecb35a245e61efb395f3339e28ce2870aeb559b5b412d07ac7bf7b65fc511d2e4b9e1061ac65ec604fb3c89370a2fd683f70da014dc91134991c35b1338731f20ea28973910ee47a22e7946272d8d325f384bbfb3b4a2b40b26eb967ef1049c1eb185f586cf273fb1f757cf6047b5091a90938c44da96c91303ffb41d3df4bb6f855acbb36f7f2be00930123d895fc0297c5a6a6c1db7b1c3f76a59f28801f12184b5b5ad7fac8681fa18cc5b0e73b6f5d6081ce95b0fbd403b6e48028f856c57e69dafc81b11e727aec0a38e8e9e6c262bac99b2ba21eda22d54832cede44bf3c62df35d98c0eb78485def348e20adf563d838a576e8415b74f37368b0c6c8dc96022f91e9468b3159861295d9a55a447dd07bd32a7d75a4111c5df6f5f591c3349561670a4548cba0ef070e23f248c0eb8ea59359b410c9293f2244ecab0732e808942b97c10230355264d6f3ca3749d4c0120aec4d3abb3af8f115629f2796c17748f7737e3dda29a582f526ecc258005dd7e5c984bcd716a91bfa4579421217d88f64ac08fc774cc3e0c9c8f1b43dfb254d8df6c1e54b7bdfe3c55928a0a8847f4075375fc884efb9740fb6df66a3535ed2e5491ff4c5d5b62c58cc170c54201f3d04445ce8590293801f0ae2f7b281e35bc27dc08266bcaf2d9d2834773f541b41dee2ba300a7202b73ee6289970bfe791f479977fc36c03336ef6493f78c83ccc99c400b1f9287ec4e7c17fbcd78d4bcbf57e4a4a5137d6ac7454dd22c2cbd3157aa21b44f2e7b58bafd12efa8de8ffb70550acab48cd901f6669e034d625535c9c332ab009edb809c96fc9fe8ab910a21effa3a25b7faf6c5d76e3a9027f7715f829d77699ee74eb7df7f99a12fc6cd28a247b1ab9d1eff54816f9c18c3906789e349f99a803afd0162a1bfd392fc7ed5c05cf429e3a97d7194ce8129e66826e6e6c4e7413c4b20701529b77e8f43432f517fb5aef607638650452fe283958e5a21c88d1ec2d9516740dd521ace7bc5417ab0d7fec58b6a0ce13b6427d0d4d96bb3199b08ba6ceecb6ece85df399be876f86a48e2764cc053f30d74a1e3665850190f02979dc385e41d2ad3f0570d52627997150fd577071446d2dd7a3752d03e7176571e911db652b02b1034e7f6585df9c8fcd62576ae279942d12b0abec4d4fc64c14f396acc4ad8707e598ae6df8c3847476250d6120ca902896849cd8b28b558ae50bd1823535f2d12816d2fb5a3065af7b97a63c6bd16399cccea85dd3dcdf6d46cb98e8ee294a6fcabd0adea9d2525558b2e725f4bcc1214ed531b3e3751d07ff87e0af7edae38431f76e789d4aaba6f9af0cb5c769a08a2249603d3bb67355d58494e37b5f41d6aafe76013eaf36c95ff885399f6bed5ff749756720f020a784cca0398079bfc7f44da25adb8d8d26d52c6b8a9445df8d90e272da33bebf4f297de0d8cbcc1ea78aad7d095ade1185c5ff3008912a58df016f14bde96a8481da5380e79f7c3764e05986d0ef81b799cc2e984f789d5f89e05769b1347889cc8a3f750ea9c8922dadd2983dd0c6e7461f8106da0bcae6c670add57af7ccc4366dae93c248e23a4d0023d058de30d5afdc1ce27df68a1325a3f3e9f875fc5baa92635d31ec4cf05e17a5ce6f6324898ab6045ba85f48098f35e000577add0d025f467ae0ef5476bfbc07f5e3c2d328cf536f275cfce5be8c86a17e7460b7121230e823e823cf634a9d1ea632c750318e0fb7749a3b82590352e404feaf733ec0716398555fb977ea89170152c326bf6335bf647752dd61d2565ac010b937cc013a99ee629be6d157768526b5df4bba1a3e89f4193dd01f0ccfb3f652bb6756e371f394567caf0f8a7be92b68d58478046e331a31a5a33289e1eda71d9c211b682562ed84f65585bd7d7a15e110bb1d17f3fefb8a3ddaafec4bd4381d4f71c710cffbc9651bee7825cbf182fba2914e1533c52f1516a61011e08540e44fe5965798fdf847a8f93b166413597fc8128c191cf9de3fab707a130ec3920bbf3970ae7e5cb12055d65fff27e45e091aff4173375ca79bab7f8d1d3448d0b87f286e0ddb34f16c92efb6e6a369acc8b4d6569db9e7148fb997592019457c7a1f96cd8849a8a052b385f223c"}, @calipso={0x7, 0x38, {0x2, 0xc, 0xf7, 0xfffb, [0x31f, 0x5, 0x0, 0x1000, 0x0, 0x80000000]}}, @enc_lim={0x4, 0x1, 0x1f}, @jumbo={0xc2, 0x4, 0x9}]}, @hopopts={0x87, 0x2, '\x00', [@hao={0xc9, 0x10, @private0}]}], {{0x4e22, 0x4e20, r1, r2, 0x0, 0x0, 0x12, 0x80, 0x100, 0x0, 0x1f, {[@md5sig={0x13, 0x12, "630203970592e485d482407252c17a9d"}, @window={0x3, 0x3, 0x85}, @md5sig={0x13, 0x12, "c524d305827f4783ca21c43ff410249b"}, @mptcp=@mp_join={0x1e, 0x3, 0x2}, @window={0x3, 0x3, 0x5}, @exp_smc={0xfe, 0x6}]}}, {"f4f6a27d464bd27ba0f1e59ea2652eeb41470f74322015dad52a906df0caa7d61f9f972f1f68343650265536930ff630a7d70f4b711b54b25a5710ae9601121393ba43480b399b175d13ff8e996953ea33e7f4e87b5dfd03c5bcda9cc746d4e81a"}}}}}}}, &(0x7f0000000000)={0x0, 0x1, [0xb94, 0xe55, 0x18e, 0x56b]}) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f00000000c0)={'ipvlan1\x00'}) write$tun(r0, &(0x7f0000000100)={@void, @val={0x1, 0x4, 0x0, 0x2}, @ipv6=@dccp_packet={0x0, 0x6, "3cdefa", 0x10, 0x21, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @local, {[], {{0x0, 0x0, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "265d99", 0x0, "960cee"}}}}}, 0x42) [ 1343.892545] FAULT_INJECTION: forcing a failure. [ 1343.892545] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1343.909882] CPU: 1 PID: 7872 Comm: syz-executor.7 Not tainted 5.10.224 #1 [ 1343.910460] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1343.911154] Call Trace: [ 1343.911387] dump_stack+0x107/0x167 [ 1343.911700] should_fail.cold+0x5/0xa [ 1343.912033] _copy_from_user+0x2e/0x1b0 [ 1343.912376] do_pages_stat+0xf1/0x3b0 [ 1343.912707] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1343.913201] ? cpuset_mems_allowed+0x1af/0x440 [ 1343.913614] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1343.914039] ? trace_hardirqs_on+0x5b/0x180 [ 1343.914411] kernel_move_pages+0xb8f/0x11c0 [ 1343.914786] ? rcu_read_lock_any_held+0x75/0xa0 [ 1343.915180] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1343.915668] ? fput_many+0x2f/0x1a0 [ 1343.915981] ? ksys_write+0x1a9/0x260 [ 1343.916304] ? __ia32_sys_read+0xb0/0xb0 [ 1343.916650] __x64_sys_move_pages+0xdd/0x1b0 [ 1343.917026] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1343.917469] do_syscall_64+0x33/0x40 [ 1343.917791] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1343.918220] RIP: 0033:0x7f8be6d86b19 [ 1343.918536] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1343.920066] RSP: 002b:00007f8be42fc188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1343.920706] RAX: ffffffffffffffda RBX: 00007f8be6e99f60 RCX: 00007f8be6d86b19 [ 1343.921301] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1343.921911] RBP: 00007f8be42fc1d0 R08: 0000000020000000 R09: 0000000000000000 [ 1343.922505] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1343.923101] R13: 00007ffd26b6f95f R14: 00007f8be42fc300 R15: 0000000000022000 15:21:58 executing program 3: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000100)={0x0, 0x0}) capset(&(0x7f0000000180)={0x20080522, r0}, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/locks\x00', 0x0, 0x0) ioctl$FS_IOC_SETVERSION(r2, 0x40087602, &(0x7f0000000040)=0x20) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000)='wlan1\x00', 0x10) sendfile(r1, r2, 0x0, 0x6) r3 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r3, 0x0, 0x0) move_pages(0x0, 0x1, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0], 0x0) 15:21:58 executing program 0: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) setsockopt$packet_rx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0) msgget(0x1, 0x0) ioctl$EXT4_IOC_PRECACHE_EXTENTS(0xffffffffffffffff, 0x6612) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 67) 15:21:58 executing program 6: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 67) 15:21:58 executing program 4: perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) msgget(0x1, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 60) [ 1343.992614] FAULT_INJECTION: forcing a failure. [ 1343.992614] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1343.993688] CPU: 0 PID: 7878 Comm: syz-executor.0 Not tainted 5.10.224 #1 [ 1343.994266] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1343.994965] Call Trace: [ 1343.995200] dump_stack+0x107/0x167 [ 1343.995513] should_fail.cold+0x5/0xa [ 1343.995849] _copy_from_user+0x2e/0x1b0 [ 1343.996195] do_pages_stat+0xf1/0x3b0 [ 1343.996529] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1343.997027] ? cpuset_mems_allowed+0x1af/0x440 [ 1343.997427] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1343.997888] ? trace_hardirqs_on+0x5b/0x180 [ 1343.998266] kernel_move_pages+0xb8f/0x11c0 [ 1343.998642] ? rcu_read_lock_any_held+0x75/0xa0 [ 1343.999036] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1343.999526] ? fput_many+0x2f/0x1a0 [ 1343.999840] ? ksys_write+0x1a9/0x260 [ 1344.000164] ? __ia32_sys_read+0xb0/0xb0 [ 1344.000510] __x64_sys_move_pages+0xdd/0x1b0 [ 1344.000886] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1344.001321] do_syscall_64+0x33/0x40 [ 1344.001670] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1344.002110] RIP: 0033:0x7f6fdcf13b19 [ 1344.002440] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1344.003998] RSP: 002b:00007f6fda489188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1344.004636] RAX: ffffffffffffffda RBX: 00007f6fdd026f60 RCX: 00007f6fdcf13b19 [ 1344.005234] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1344.005895] RBP: 00007f6fda4891d0 R08: 0000000020000000 R09: 0000000000000000 [ 1344.006490] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1344.007082] R13: 00007ffee9bd176f R14: 00007f6fda489300 R15: 0000000000022000 [ 1344.012527] FAULT_INJECTION: forcing a failure. [ 1344.012527] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1344.013649] CPU: 0 PID: 7880 Comm: syz-executor.6 Not tainted 5.10.224 #1 [ 1344.014225] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1344.014924] Call Trace: [ 1344.015151] dump_stack+0x107/0x167 [ 1344.015468] should_fail.cold+0x5/0xa [ 1344.015796] _copy_from_user+0x2e/0x1b0 [ 1344.016135] do_pages_stat+0xf1/0x3b0 [ 1344.016468] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1344.016957] ? cpuset_mems_allowed+0x1af/0x440 [ 1344.017352] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1344.017828] ? trace_hardirqs_on+0x5b/0x180 [ 1344.018198] kernel_move_pages+0xb8f/0x11c0 [ 1344.018572] ? rcu_read_lock_any_held+0x75/0xa0 [ 1344.018965] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1344.019454] ? fput_many+0x2f/0x1a0 [ 1344.019764] ? ksys_write+0x1a9/0x260 [ 1344.020088] ? __ia32_sys_read+0xb0/0xb0 [ 1344.020437] __x64_sys_move_pages+0xdd/0x1b0 [ 1344.020810] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1344.021242] do_syscall_64+0x33/0x40 [ 1344.021588] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1344.022017] RIP: 0033:0x7f28eb741b19 [ 1344.022331] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1344.023857] RSP: 002b:00007f28e8cb7188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1344.024496] RAX: ffffffffffffffda RBX: 00007f28eb854f60 RCX: 00007f28eb741b19 [ 1344.025090] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1344.025711] RBP: 00007f28e8cb71d0 R08: 0000000020000000 R09: 0000000000000000 [ 1344.026306] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1344.026901] R13: 00007ffd318d456f R14: 00007f28e8cb7300 R15: 0000000000022000 15:21:58 executing program 7: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000100)={0x0, 0x0}) capset(&(0x7f0000000180)={0x20080522, r0}, &(0x7f00000002c0)={0x40, 0x0, 0xfffffaf2, 0x6, 0xffffffff, 0x40}) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000)='wlan1\x00', 0x10) sendfile(r1, 0xffffffffffffffff, 0x0, 0x6) msgctl$IPC_RMID(0x0, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 10) [ 1344.115438] FAULT_INJECTION: forcing a failure. [ 1344.115438] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1344.116498] CPU: 0 PID: 7886 Comm: syz-executor.7 Not tainted 5.10.224 #1 [ 1344.117077] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1344.117801] Call Trace: [ 1344.118036] dump_stack+0x107/0x167 [ 1344.118350] should_fail.cold+0x5/0xa [ 1344.118687] _copy_to_user+0x2e/0x180 [ 1344.119020] do_pages_stat+0x2b4/0x3b0 [ 1344.119361] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1344.119867] ? cpuset_mems_allowed+0x1af/0x440 [ 1344.120268] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1344.120700] ? trace_hardirqs_on+0x5b/0x180 [ 1344.121074] kernel_move_pages+0xb8f/0x11c0 [ 1344.125481] ? rcu_read_lock_any_held+0x75/0xa0 [ 1344.125892] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1344.126381] ? fput_many+0x2f/0x1a0 [ 1344.126696] ? ksys_write+0x1a9/0x260 [ 1344.127018] ? __ia32_sys_read+0xb0/0xb0 [ 1344.127363] __x64_sys_move_pages+0xdd/0x1b0 [ 1344.127739] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1344.128171] do_syscall_64+0x33/0x40 [ 1344.128487] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1344.128916] RIP: 0033:0x7f8be6d86b19 [ 1344.129230] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1344.130783] RSP: 002b:00007f8be42fc188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1344.131419] RAX: ffffffffffffffda RBX: 00007f8be6e99f60 RCX: 00007f8be6d86b19 [ 1344.132014] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1344.132614] RBP: 00007f8be42fc1d0 R08: 0000000020000000 R09: 0000000000000000 [ 1344.133207] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1344.133829] R13: 00007ffd26b6f95f R14: 00007f8be42fc300 R15: 0000000000022000 [ 1344.136549] FAULT_INJECTION: forcing a failure. [ 1344.136549] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1344.137722] CPU: 1 PID: 7884 Comm: syz-executor.4 Not tainted 5.10.224 #1 [ 1344.138340] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1344.139082] Call Trace: [ 1344.139309] dump_stack+0x107/0x167 [ 1344.139617] should_fail.cold+0x5/0xa [ 1344.139944] _copy_to_user+0x2e/0x180 [ 1344.140315] do_pages_stat+0x2b4/0x3b0 [ 1344.140650] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1344.141210] ? cpuset_mems_allowed+0x1af/0x440 [ 1344.141621] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1344.142090] ? trace_hardirqs_on+0x5b/0x180 [ 1344.142459] kernel_move_pages+0xb8f/0x11c0 [ 1344.142829] ? rcu_read_lock_any_held+0x75/0xa0 [ 1344.143266] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1344.143751] ? fput_many+0x2f/0x1a0 [ 1344.144109] ? ksys_write+0x1a9/0x260 [ 1344.144431] ? __ia32_sys_read+0xb0/0xb0 [ 1344.144775] __x64_sys_move_pages+0xdd/0x1b0 [ 1344.145221] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1344.145668] do_syscall_64+0x33/0x40 [ 1344.146024] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1344.146459] RIP: 0033:0x7f1c0ae11b19 [ 1344.146773] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1344.148377] RSP: 002b:00007f1c08366188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1344.149083] RAX: ffffffffffffffda RBX: 00007f1c0af25020 RCX: 00007f1c0ae11b19 [ 1344.149694] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1344.150331] RBP: 00007f1c083661d0 R08: 0000000020000000 R09: 0000000000000000 [ 1344.150925] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1344.151562] R13: 00007ffd2ddfd2cf R14: 00007f1c08366300 R15: 0000000000022000 [ 1358.151950] FAULT_INJECTION: forcing a failure. [ 1358.151950] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1358.153007] CPU: 1 PID: 7894 Comm: syz-executor.0 Not tainted 5.10.224 #1 [ 1358.153580] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1358.154296] Call Trace: [ 1358.154529] dump_stack+0x107/0x167 [ 1358.154843] should_fail.cold+0x5/0xa [ 1358.155177] _copy_to_user+0x2e/0x180 [ 1358.155507] do_pages_stat+0x2b4/0x3b0 [ 1358.155848] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1358.156341] ? cpuset_mems_allowed+0x1af/0x440 [ 1358.156738] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1358.157164] ? trace_hardirqs_on+0x5b/0x180 [ 1358.157538] kernel_move_pages+0xb8f/0x11c0 [ 1358.157928] ? rcu_read_lock_any_held+0x75/0xa0 [ 1358.158322] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1358.158811] ? fput_many+0x2f/0x1a0 [ 1358.159127] ? ksys_write+0x1a9/0x260 [ 1358.159450] ? __ia32_sys_read+0xb0/0xb0 [ 1358.159798] __x64_sys_move_pages+0xdd/0x1b0 [ 1358.160173] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1358.160607] do_syscall_64+0x33/0x40 [ 1358.160929] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1358.161360] RIP: 0033:0x7f6fdcf13b19 [ 1358.161688] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1358.163232] RSP: 002b:00007f6fda489188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1358.163876] RAX: ffffffffffffffda RBX: 00007f6fdd026f60 RCX: 00007f6fdcf13b19 [ 1358.164482] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1358.165082] RBP: 00007f6fda4891d0 R08: 0000000020000000 R09: 0000000000000000 [ 1358.165690] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1358.166294] R13: 00007ffee9bd176f R14: 00007f6fda489300 R15: 0000000000022000 [ 1358.174093] FAULT_INJECTION: forcing a failure. [ 1358.174093] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1358.175177] CPU: 1 PID: 7905 Comm: syz-executor.4 Not tainted 5.10.224 #1 [ 1358.176050] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1358.176741] Call Trace: [ 1358.176975] dump_stack+0x107/0x167 [ 1358.177285] should_fail.cold+0x5/0xa [ 1358.177613] _copy_from_user+0x2e/0x1b0 [ 1358.177970] do_pages_stat+0xf1/0x3b0 [ 1358.178301] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1358.178790] ? cpuset_mems_allowed+0x1af/0x440 [ 1358.179184] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1358.179607] ? trace_hardirqs_on+0x5b/0x180 [ 1358.179983] kernel_move_pages+0xb8f/0x11c0 [ 1358.180354] ? rcu_read_lock_any_held+0x75/0xa0 [ 1358.180748] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1358.181236] ? fput_many+0x2f/0x1a0 [ 1358.181548] ? ksys_write+0x1a9/0x260 [ 1358.181884] ? __ia32_sys_read+0xb0/0xb0 [ 1358.182231] __x64_sys_move_pages+0xdd/0x1b0 [ 1358.182603] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1358.183040] do_syscall_64+0x33/0x40 [ 1358.183356] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1358.183785] RIP: 0033:0x7f1c0ae11b19 [ 1358.184101] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1358.185632] RSP: 002b:00007f1c08387188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1358.186322] RAX: ffffffffffffffda RBX: 00007f1c0af24f60 RCX: 00007f1c0ae11b19 [ 1358.186919] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1358.187516] RBP: 00007f1c083871d0 R08: 0000000020000000 R09: 0000000000000000 [ 1358.188113] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1358.188709] R13: 00007ffd2ddfd2cf R14: 00007f1c08387300 R15: 0000000000022000 [ 1358.190993] FAULT_INJECTION: forcing a failure. [ 1358.190993] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1358.191977] CPU: 1 PID: 7902 Comm: syz-executor.6 Not tainted 5.10.224 #1 [ 1358.192543] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1358.193230] Call Trace: [ 1358.193455] dump_stack+0x107/0x167 [ 1358.197815] should_fail.cold+0x5/0xa [ 1358.198222] _copy_to_user+0x2e/0x180 [ 1358.198559] do_pages_stat+0x2b4/0x3b0 [ 1358.198911] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1358.199495] ? cpuset_mems_allowed+0x1af/0x440 [ 1358.199903] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1358.200399] ? trace_hardirqs_on+0x5b/0x180 [ 1358.200782] kernel_move_pages+0xb8f/0x11c0 [ 1358.201206] ? rcu_read_lock_any_held+0x75/0xa0 [ 1358.201625] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1358.202188] ? fput_many+0x2f/0x1a0 [ 1358.202524] ? ksys_write+0x1a9/0x260 [ 1358.202861] ? __ia32_sys_read+0xb0/0xb0 [ 1358.203289] __x64_sys_move_pages+0xdd/0x1b0 [ 1358.203689] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1358.204183] do_syscall_64+0x33/0x40 [ 1358.204509] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1358.205013] RIP: 0033:0x7f28eb741b19 15:22:12 executing program 3: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000100)={0x0, 0x0}) capset(&(0x7f0000000180)={0x20080522, r0}, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/locks\x00', 0x0, 0x0) ioctl$FS_IOC_SETVERSION(r2, 0x40087602, &(0x7f0000000040)=0x20) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000)='wlan1\x00', 0x10) sendfile(r1, r2, 0x0, 0x6) r3 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r3, 0x0, 0x0) move_pages(0x0, 0x1, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0], 0x0) 15:22:12 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x105142, 0x0) lseek(r0, 0x0, 0x2) r1 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x4000, 0x128) copy_file_range(r1, 0x0, r0, 0x0, 0x200f5ef, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x5}, 0x0, 0x0, r0, 0x0) perf_event_open(&(0x7f0000000300)={0x5, 0x80, 0x40, 0x3f, 0x7, 0x41, 0x0, 0x9, 0x18007, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x21d7, 0x4, @perf_bp={&(0x7f00000002c0), 0x8}, 0x80af, 0x8, 0x0, 0x3, 0x706f179c, 0xc000000, 0x9, 0x0, 0xfffffffe, 0x0, 0x5}, 0x0, 0x7, 0xffffffffffffffff, 0x1) creat(&(0x7f0000000140)='./file0\x00', 0x193) r2 = gettid() process_vm_readv(r2, &(0x7f0000001a40), 0x0, &(0x7f0000001ec0)=[{&(0x7f0000001a80)=""/101, 0x65}, {&(0x7f0000002240)=""/183, 0xb7}, {&(0x7f0000001bc0)=""/122, 0x7a}, {&(0x7f0000001c40)=""/163, 0xa3}, {&(0x7f0000001d00)=""/231, 0xe7}, {&(0x7f0000000000)=""/7, 0x7}, {&(0x7f0000002300)=""/102400, 0x19000}, {&(0x7f0000001b00)=""/46, 0x2e}], 0x8, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x105142, 0x0) lseek(r3, 0x0, 0x2) r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x4000, 0x128) copy_file_range(r4, 0x0, r3, 0x0, 0x200f5ef, 0x0) openat(r3, &(0x7f0000000180)='./file0/file0\x00', 0xc00, 0x50) r5 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl$sock_SIOCETHTOOL(r5, 0x8946, &(0x7f0000000240)={'syz_tun\x00', &(0x7f0000000200)=@ethtool_cmd={0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000}}) fcntl$F_GET_RW_HINT(r5, 0x40b, &(0x7f0000000200)) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000280)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x6b88c270564b49c8, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x1, {0x3}}, 0x8000) r6 = open_tree(r1, &(0x7f00000000c0)='./file0/file0\x00', 0x8001) read(r6, &(0x7f0000000100)=""/28, 0x1c) 15:22:12 executing program 4: perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) msgget(0x1, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 61) 15:22:12 executing program 7: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000100)={0x0, 0x0}) capset(&(0x7f0000000180)={0x20080522, r0}, &(0x7f00000002c0)={0x40, 0x0, 0xfffffaf2, 0x6, 0xffffffff, 0x40}) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000)='wlan1\x00', 0x10) sendfile(r1, 0xffffffffffffffff, 0x0, 0x6) msgctl$IPC_RMID(0x0, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 11) 15:22:12 executing program 1: syz_emit_ethernet(0x56, &(0x7f0000000080)={@random="20f9bdba2470", @remote, @void, {@canfd={0xd, {{}, 0x0, 0x0, 0x0, 0x0, "7bc74f84dbc157914cd8c864a1bea9a4d30d9eedbf84c7959dd76445502e8debf42a1f820f5fe25e762e614b3d9ae47ca38e6862065da5e5550f0dfc6eba6e8f"}}}}, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x8401, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f00000000c0)={'ipvlan1\x00'}) write$tun(r0, &(0x7f0000000100)={@void, @val={0x1, 0x4, 0x0, 0x2}, @ipv6=@dccp_packet={0x0, 0x6, "3cdefa", 0x10, 0x21, 0x1, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @local, {[], {{0x0, 0x0, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "265d99", 0x0, "960cee"}}}}}, 0x42) 15:22:12 executing program 6: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 68) 15:22:12 executing program 0: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) setsockopt$packet_rx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0) msgget(0x1, 0x0) ioctl$EXT4_IOC_PRECACHE_EXTENTS(0xffffffffffffffff, 0x6612) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 68) 15:22:12 executing program 2: syz_emit_ethernet(0x56, &(0x7f0000000080)={@random="20f9bdba2470", @remote, @void, {@canfd={0xd, {{}, 0x0, 0x0, 0x0, 0x0, "7bc74f84dbc157914cd8c864a1bea9a4d30d9eedbf84c7959dd76445502e8debf42a1f820f5fe25e762e614b3d9ae47ca38e6862065da5e5550f0dfc6eba6e8f"}}}}, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x8401, 0x0) syz_emit_ethernet(0x5e, &(0x7f0000000180)={@random="59cc6a7c6d5b", @broadcast, @val={@val={0x9100, 0x6, 0x0, 0x1}, {0x8100, 0x1, 0x1, 0x1}}, {@canfd={0xd, {{0x4, 0x1, 0x1, 0x1}, 0x2e, 0x0, 0x0, 0x0, "15f0909e0190aca9115479333058e853887f884c8c1ca4768462826db2d8ea833a13698b4fcf132aa102f03e7ffea508edad4d5aba9effeb4459d66cce3c63d2"}}}}, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f00000000c0)={'ipvlan1\x00'}) write$tun(r0, &(0x7f0000000100)={@void, @val={0x1}, @ipv6=@dccp_packet={0x0, 0x6, "3cdefa", 0x10, 0x21, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @local, {[], {{0x0, 0x0, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "265d99", 0x0, "960cee"}}}}}, 0x42) [ 1358.205347] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1358.210795] RSP: 002b:00007f28e8cb7188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1358.211530] RAX: ffffffffffffffda RBX: 00007f28eb854f60 RCX: 00007f28eb741b19 [ 1358.212203] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1358.212819] RBP: 00007f28e8cb71d0 R08: 0000000020000000 R09: 0000000000000000 [ 1358.213485] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1358.214175] R13: 00007ffd318d456f R14: 00007f28e8cb7300 R15: 0000000000022000 [ 1358.220618] FAULT_INJECTION: forcing a failure. [ 1358.220618] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1358.223912] CPU: 1 PID: 7897 Comm: syz-executor.7 Not tainted 5.10.224 #1 [ 1358.224548] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1358.225313] Call Trace: [ 1358.225549] dump_stack+0x107/0x167 [ 1358.225900] should_fail.cold+0x5/0xa [ 1358.226284] _copy_from_user+0x2e/0x1b0 [ 1358.226635] do_pages_stat+0xf1/0x3b0 [ 1358.227055] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1358.227562] ? cpuset_mems_allowed+0x1af/0x440 [ 1358.228032] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1358.228476] ? trace_hardirqs_on+0x5b/0x180 [ 1358.228877] kernel_move_pages+0xb8f/0x11c0 [ 1358.229296] ? rcu_read_lock_any_held+0x75/0xa0 [ 1358.229705] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1358.230265] ? fput_many+0x2f/0x1a0 [ 1358.230585] ? ksys_write+0x1a9/0x260 [ 1358.230919] ? __ia32_sys_read+0xb0/0xb0 [ 1358.231360] __x64_sys_move_pages+0xdd/0x1b0 [ 1358.231747] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1358.232262] do_syscall_64+0x33/0x40 [ 1358.232589] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1358.233073] RIP: 0033:0x7f8be6d86b19 [ 1358.233414] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1358.235105] RSP: 002b:00007f8be42fc188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1358.235774] RAX: ffffffffffffffda RBX: 00007f8be6e99f60 RCX: 00007f8be6d86b19 [ 1358.236446] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1358.237102] RBP: 00007f8be42fc1d0 R08: 0000000020000000 R09: 0000000000000000 [ 1358.237737] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1358.238386] R13: 00007ffd26b6f95f R14: 00007f8be42fc300 R15: 0000000000022000 15:22:12 executing program 3: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000100)={0x0, 0x0}) capset(&(0x7f0000000180)={0x20080522, r0}, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/locks\x00', 0x0, 0x0) ioctl$FS_IOC_SETVERSION(r2, 0x40087602, &(0x7f0000000040)=0x20) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000)='wlan1\x00', 0x10) sendfile(r1, r2, 0x0, 0x6) r3 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r3, 0x0, 0x0) move_pages(0x0, 0x1, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0], 0x0) 15:22:12 executing program 5: perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x3f, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = gettid() process_vm_readv(r0, &(0x7f0000001a40), 0x0, &(0x7f0000001ec0)=[{&(0x7f0000001a80)=""/101, 0x65}, {&(0x7f0000002240)=""/183, 0xb7}, {&(0x7f0000001bc0)=""/122, 0x7a}, {&(0x7f0000001c40)=""/163, 0xa3}, {&(0x7f0000001d00)=""/231, 0xe7}, {&(0x7f0000001e00)}, {&(0x7f0000001e40)=""/9, 0x9}, {&(0x7f0000001b00)=""/46, 0x2e}], 0x8, 0x0) r1 = clone3(&(0x7f0000000300)={0x2300, &(0x7f0000000140), &(0x7f0000000180), &(0x7f00000001c0), {0x2d}, &(0x7f0000000200)=""/57, 0x39, &(0x7f0000000240)=""/74, &(0x7f00000002c0)=[r0], 0x1}, 0x58) r2 = gettid() process_vm_readv(r2, &(0x7f0000001a40)=[{&(0x7f00000018c0)=""/31, 0x1f}, {&(0x7f0000001b40)=""/124, 0x7a}, {&(0x7f0000001980)=""/161, 0xa1}], 0x3, &(0x7f0000001ec0)=[{&(0x7f0000001a80)=""/101, 0x65}, {&(0x7f0000002240)=""/183, 0xffffffbc}, {&(0x7f0000001bc0)=""/122, 0x7a}, {&(0x7f0000001c40)=""/163, 0xa3}, {&(0x7f0000001d00)=""/231, 0xe7}, {&(0x7f0000001e00)}, {&(0x7f0000001e40)=""/9, 0x9}, {&(0x7f0000001b00)=""/46, 0x2e}], 0x8, 0x0) process_vm_readv(r2, &(0x7f0000001580)=[{&(0x7f0000000380)=""/205, 0xcd}, {&(0x7f0000000480)=""/50, 0x32}, {&(0x7f00000004c0)=""/176, 0xb0}, {&(0x7f0000000580)=""/4096, 0x1000}], 0x4, &(0x7f0000001900)=[{&(0x7f0000002300)=""/4096, 0x1000}, {&(0x7f00000015c0)=""/143, 0x8f}, {&(0x7f0000001680)=""/124, 0x7c}, {&(0x7f0000001700)=""/155, 0x9b}, {&(0x7f00000017c0)=""/172, 0xac}, {&(0x7f0000001880)}], 0x6, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) ftruncate(r3, 0x1000003) ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000)) r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0xa, 0x13, r4, 0x0) syz_io_uring_complete(r5) syz_io_uring_setup(0x203, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) r8 = timerfd_create(0x0, 0x0) syz_io_uring_submit(r6, r7, &(0x7f0000000000)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd=r8}, 0x0) r9 = io_uring_register$IORING_REGISTER_PERSONALITY(r3, 0x9, 0x0, 0x0) syz_io_uring_submit(r5, r7, &(0x7f0000001880)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x1, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, {0x3, r9}}, 0x7) perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x3, 0xfe, 0x1, 0x40, 0x0, 0x80000001, 0x0, 0x8, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x4, 0x1, @perf_bp, 0x120, 0x5, 0x0, 0x3, 0x6, 0x7, 0xfc, 0x0, 0x5, 0x0, 0x9}, r1, 0xffffffffffffffff, r3, 0x8) 15:22:12 executing program 6: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 69) 15:22:12 executing program 1: syz_emit_ethernet(0x56, &(0x7f0000000080)={@random="20f9bdba2470", @remote, @void, {@canfd={0xd, {{}, 0x0, 0x0, 0x0, 0x0, "7bc74f84dbc157914cd8c864a1bea9a4d30d9eedbf84c7959dd76445502e8debf42a1f820f5fe25e762e614b3d9ae47ca38e6862065da5e5550f0dfc6eba6e8f"}}}}, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x8401, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f00000000c0)={'ipvlan1\x00'}) write$tun(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="01040000020000000000403cdefa00102100fe8800000000000001fe8000000000000000000000000000aa000000000401907800265d9900960cee"], 0x42) 15:22:12 executing program 0: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) setsockopt$packet_rx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0) msgget(0x1, 0x0) ioctl$EXT4_IOC_PRECACHE_EXTENTS(0xffffffffffffffff, 0x6612) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 69) 15:22:12 executing program 7: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000100)={0x0, 0x0}) capset(&(0x7f0000000180)={0x20080522, r0}, &(0x7f00000002c0)={0x40, 0x0, 0xfffffaf2, 0x6, 0xffffffff, 0x40}) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000)='wlan1\x00', 0x10) sendfile(r1, 0xffffffffffffffff, 0x0, 0x6) msgctl$IPC_RMID(0x0, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 12) 15:22:12 executing program 4: perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) msgget(0x1, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 62) [ 1358.374281] FAULT_INJECTION: forcing a failure. [ 1358.374281] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1358.375405] CPU: 1 PID: 7916 Comm: syz-executor.6 Not tainted 5.10.224 #1 [ 1358.375993] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1358.376720] Call Trace: [ 1358.376964] dump_stack+0x107/0x167 [ 1358.377303] should_fail.cold+0x5/0xa [ 1358.377661] _copy_from_user+0x2e/0x1b0 [ 1358.378030] do_pages_stat+0xf1/0x3b0 [ 1358.378405] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1358.378920] ? cpuset_mems_allowed+0x1af/0x440 [ 1358.379347] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1358.379793] ? trace_hardirqs_on+0x5b/0x180 [ 1358.380187] kernel_move_pages+0xb8f/0x11c0 [ 1358.380603] ? rcu_read_lock_any_held+0x75/0xa0 [ 1358.381014] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1358.381549] ? fput_many+0x2f/0x1a0 [ 1358.381903] ? ksys_write+0x1a9/0x260 [ 1358.382247] ? __ia32_sys_read+0xb0/0xb0 [ 1358.382626] __x64_sys_move_pages+0xdd/0x1b0 [ 1358.383020] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1358.383463] do_syscall_64+0x33/0x40 [ 1358.383808] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1358.384256] RIP: 0033:0x7f28eb741b19 [ 1358.384583] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1358.386186] RSP: 002b:00007f28e8cb7188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1358.386861] RAX: ffffffffffffffda RBX: 00007f28eb854f60 RCX: 00007f28eb741b19 [ 1358.387473] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1358.388105] RBP: 00007f28e8cb71d0 R08: 0000000020000000 R09: 0000000000000000 [ 1358.388716] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1358.389354] R13: 00007ffd318d456f R14: 00007f28e8cb7300 R15: 0000000000022000 [ 1358.392677] FAULT_INJECTION: forcing a failure. [ 1358.392677] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1358.393791] CPU: 1 PID: 7919 Comm: syz-executor.7 Not tainted 5.10.224 #1 [ 1358.394395] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1358.395101] Call Trace: [ 1358.395354] dump_stack+0x107/0x167 [ 1358.395678] should_fail.cold+0x5/0xa [ 1358.396022] _copy_to_user+0x2e/0x180 [ 1358.396378] do_pages_stat+0x2b4/0x3b0 [ 1358.396734] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1358.397240] ? cpuset_mems_allowed+0x1af/0x440 [ 1358.397680] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1358.398128] ? trace_hardirqs_on+0x5b/0x180 [ 1358.398529] kernel_move_pages+0xb8f/0x11c0 [ 1358.398917] ? rcu_read_lock_any_held+0x75/0xa0 [ 1358.399325] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1358.399849] ? fput_many+0x2f/0x1a0 [ 1358.400169] ? ksys_write+0x1a9/0x260 [ 1358.400521] ? __ia32_sys_read+0xb0/0xb0 [ 1358.400882] __x64_sys_move_pages+0xdd/0x1b0 [ 1358.401269] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1358.401740] do_syscall_64+0x33/0x40 [ 1358.402073] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1358.402517] RIP: 0033:0x7f8be6d86b19 [ 1358.402863] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1358.404443] RSP: 002b:00007f8be42fc188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1358.405121] RAX: ffffffffffffffda RBX: 00007f8be6e99f60 RCX: 00007f8be6d86b19 [ 1358.405750] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1358.406377] RBP: 00007f8be42fc1d0 R08: 0000000020000000 R09: 0000000000000000 [ 1358.406985] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1358.407589] R13: 00007ffd26b6f95f R14: 00007f8be42fc300 R15: 0000000000022000 15:22:12 executing program 2: syz_emit_ethernet(0x56, &(0x7f0000000080)={@random="20f9bdba2470", @remote, @void, {@canfd={0xd, {{}, 0x0, 0x0, 0x0, 0x0, "7bc74f84dbc157914cd8c864a1bea9a4d30d9eedbf84c7959dd76445502e8debf42a1f820f5fe25e762e614b3d9ae47ca38e6862065da5e5550f0dfc6eba6e8f"}}}}, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x8401, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f00000000c0)={'ipvlan1\x00'}) ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f0000000000)={{0x1, 0x1, 0x18, r0, {0x4}}, './file0\x00'}) write$tun(r0, &(0x7f00000001c0)={@void, @void, @llc={@llc={0x8e, 0x8e, "a1", "8b8d87b72772476db3fde301841d324c3d2e1dff04000000bc0900000000000000e84f9bd9ce3d3900c6c46479bff5e8497cd67ae699fdfdaea0c0eb4886c17ed5914d84ebc411b1bf32ba030e90f4dc11c421d1142d74cd38601c4650aa73"}}}, 0x62) 15:22:12 executing program 3: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000100)={0x0, 0x0}) capset(&(0x7f0000000180)={0x20080522, r0}, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/locks\x00', 0x0, 0x0) ioctl$FS_IOC_SETVERSION(r2, 0x40087602, &(0x7f0000000040)=0x20) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000)='wlan1\x00', 0x10) sendfile(r1, r2, 0x0, 0x6) r3 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r3, 0x0, 0x0) move_pages(0x0, 0x1, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0], 0x0) [ 1358.423005] FAULT_INJECTION: forcing a failure. [ 1358.423005] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1358.424054] CPU: 1 PID: 7925 Comm: syz-executor.4 Not tainted 5.10.224 #1 [ 1358.424637] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1358.425363] Call Trace: [ 1358.425604] dump_stack+0x107/0x167 [ 1358.425957] should_fail.cold+0x5/0xa [ 1358.426306] _copy_to_user+0x2e/0x180 [ 1358.426652] do_pages_stat+0x2b4/0x3b0 [ 1358.427022] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1358.427527] ? cpuset_mems_allowed+0x1af/0x440 [ 1358.427936] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1358.428389] ? trace_hardirqs_on+0x5b/0x180 [ 1358.428779] kernel_move_pages+0xb8f/0x11c0 [ 1358.429182] ? rcu_read_lock_any_held+0x75/0xa0 [ 1358.429594] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1358.430116] ? fput_many+0x2f/0x1a0 [ 1358.430466] ? ksys_write+0x1a9/0x260 [ 1358.430807] ? __ia32_sys_read+0xb0/0xb0 [ 1358.431165] __x64_sys_move_pages+0xdd/0x1b0 [ 1358.431570] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1358.432024] do_syscall_64+0x33/0x40 [ 1358.432368] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1358.432817] RIP: 0033:0x7f1c0ae11b19 [ 1358.433142] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1358.434752] RSP: 002b:00007f1c08366188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1358.435406] RAX: ffffffffffffffda RBX: 00007f1c0af25020 RCX: 00007f1c0ae11b19 [ 1358.436042] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1358.436671] RBP: 00007f1c083661d0 R08: 0000000020000000 R09: 0000000000000000 [ 1358.437282] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1358.437936] R13: 00007ffd2ddfd2cf R14: 00007f1c08366300 R15: 0000000000022000 [ 1358.446263] FAULT_INJECTION: forcing a failure. [ 1358.446263] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1358.447373] CPU: 0 PID: 7928 Comm: syz-executor.0 Not tainted 5.10.224 #1 [ 1358.447952] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1358.448653] Call Trace: [ 1358.448889] dump_stack+0x107/0x167 [ 1358.449208] should_fail.cold+0x5/0xa [ 1358.449546] _copy_from_user+0x2e/0x1b0 [ 1358.449914] do_pages_stat+0xf1/0x3b0 [ 1358.450255] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1358.450755] ? cpuset_mems_allowed+0x1af/0x440 [ 1358.451156] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1358.451584] ? trace_hardirqs_on+0x5b/0x180 [ 1358.451958] kernel_move_pages+0xb8f/0x11c0 [ 1358.452336] ? rcu_read_lock_any_held+0x75/0xa0 [ 1358.452734] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1358.453225] ? fput_many+0x2f/0x1a0 [ 1358.453540] ? ksys_write+0x1a9/0x260 [ 1358.453893] ? __ia32_sys_read+0xb0/0xb0 [ 1358.454240] __x64_sys_move_pages+0xdd/0x1b0 [ 1358.454612] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1358.455041] do_syscall_64+0x33/0x40 [ 1358.455356] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1358.455789] RIP: 0033:0x7f6fdcf13b19 [ 1358.456103] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1358.457631] RSP: 002b:00007f6fda489188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1358.458297] RAX: ffffffffffffffda RBX: 00007f6fdd026f60 RCX: 00007f6fdcf13b19 [ 1358.458893] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1358.459484] RBP: 00007f6fda4891d0 R08: 0000000020000000 R09: 0000000000000000 [ 1358.460080] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1358.460671] R13: 00007ffee9bd176f R14: 00007f6fda489300 R15: 0000000000022000 15:22:13 executing program 7: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000100)={0x0, 0x0}) capset(&(0x7f0000000180)={0x20080522, r0}, &(0x7f00000002c0)={0x40, 0x0, 0xfffffaf2, 0x6, 0xffffffff, 0x40}) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000)='wlan1\x00', 0x10) sendfile(r1, 0xffffffffffffffff, 0x0, 0x6) msgctl$IPC_RMID(0x0, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 13) 15:22:13 executing program 3: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000100)={0x0, 0x0}) capset(&(0x7f0000000180)={0x20080522, r0}, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/locks\x00', 0x0, 0x0) ioctl$FS_IOC_SETVERSION(r2, 0x40087602, &(0x7f0000000040)=0x20) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000)='wlan1\x00', 0x10) sendfile(r1, r2, 0x0, 0x6) r3 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r3, 0x0, 0x0) move_pages(0x0, 0x1, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0], 0x0) 15:22:13 executing program 5: r0 = socket$packet(0x11, 0x2, 0x300) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000140)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000040)={0x11, 0x1, r2, 0x1, 0x8, 0x6, @random="190002400a00"}, 0x14) sendmsg$GTP_CMD_GETPDP(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x3c, 0x0, 0x8, 0x70bd2c, 0x25dfdbfc, {}, [@GTPA_I_TEI={0x8, 0x8, 0x1}, @GTPA_VERSION={0x8}, @GTPA_MS_ADDRESS={0x8, 0x5, @empty}, @GTPA_LINK={0x8}, @GTPA_LINK={0x8, 0x1, r2}]}, 0x3c}, 0x1, 0x0, 0x0, 0x20004040}, 0x1) perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r3 = gettid() process_vm_readv(r3, &(0x7f0000001a40)=[{&(0x7f00000018c0)=""/31, 0x1f}, {&(0x7f0000001b40)=""/124, 0x7a}, {&(0x7f0000001980)=""/161, 0xa1}], 0x3, &(0x7f0000001ec0)=[{&(0x7f0000001a80)=""/101, 0x65}, {&(0x7f0000002240)=""/183, 0xffffffbc}, {&(0x7f0000001bc0)=""/122, 0x7a}, {&(0x7f0000001c40)=""/163, 0xa3}, {&(0x7f0000001d00)=""/231, 0xe7}, {&(0x7f0000001e00)}, {&(0x7f0000001e40)=""/9, 0x9}, {&(0x7f0000001b00)=""/46, 0x2e}], 0x8, 0x0) 15:22:13 executing program 6: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 70) 15:22:13 executing program 2: syz_emit_ethernet(0x56, &(0x7f0000000080)={@random="20f9bdba2470", @remote, @void, {@canfd={0xd, {{}, 0x0, 0x0, 0x0, 0x0, "7bc74f84dbc157914cd8c864a1bea9a4d30d9eedbf84c7959dd76445502e8debf42a1f820f5fe25e762e614b3d9ae47ca38e6862065da5e5550f0dfc6eba6e8f"}}}}, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x8401, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f00000000c0)={'ipvlan1\x00'}) r1 = creat(&(0x7f0000000000)='./file2\x00', 0x0) r2 = socket$inet6_icmp(0xa, 0x2, 0x3a) dup3(r0, r2, 0x0) fcntl$setown(r1, 0x8, 0xffffffffffffffff) close(r1) close_range(r1, 0xffffffffffffffff, 0x0) ioctl$TUNSETLINK(r1, 0x400454cd, 0x1b) ioctl$TUNDETACHFILTER(r0, 0x401054d6, 0x0) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl$sock_SIOCETHTOOL(r3, 0x8946, &(0x7f0000000240)={'syz_tun\x00', &(0x7f0000000200)=@ethtool_cmd={0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000}}) close(r3) write$tun(r0, &(0x7f0000000100)={@void, @val={0x1}, @ipv6=@dccp_packet={0x0, 0x6, "3cdefa", 0x10, 0x21, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @local, {[], {{0x0, 0x0, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "265d99", 0x0, "960cee"}}}}}, 0x42) [ 1358.564153] FAULT_INJECTION: forcing a failure. [ 1358.564153] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1358.565536] CPU: 0 PID: 7936 Comm: syz-executor.7 Not tainted 5.10.224 #1 [ 1358.566209] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1358.567694] Call Trace: [ 1358.567952] dump_stack+0x107/0x167 [ 1358.568305] should_fail.cold+0x5/0xa [ 1358.568958] _copy_from_user+0x2e/0x1b0 [ 1358.569865] do_pages_stat+0xf1/0x3b0 [ 1358.570699] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1358.571258] ? cpuset_mems_allowed+0x1af/0x440 [ 1358.571907] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1358.572382] ? trace_hardirqs_on+0x5b/0x180 [ 1358.573336] kernel_move_pages+0xb8f/0x11c0 [ 1358.574286] ? rcu_read_lock_any_held+0x75/0xa0 [ 1358.574739] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1358.575590] ? fput_many+0x2f/0x1a0 [ 1358.576374] ? ksys_write+0x1a9/0x260 [ 1358.577193] ? __ia32_sys_read+0xb0/0xb0 [ 1358.577591] __x64_sys_move_pages+0xdd/0x1b0 [ 1358.578583] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1358.579691] do_syscall_64+0x33/0x40 [ 1358.580508] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1358.581615] RIP: 0033:0x7f8be6d86b19 [ 1358.582438] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1358.586474] RSP: 002b:00007f8be42fc188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1358.588140] RAX: ffffffffffffffda RBX: 00007f8be6e99f60 RCX: 00007f8be6d86b19 [ 1358.588820] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1358.589638] RBP: 00007f8be42fc1d0 R08: 0000000020000000 R09: 0000000000000000 [ 1358.590326] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1358.591480] R13: 00007ffd26b6f95f R14: 00007f8be42fc300 R15: 0000000000022000 [ 1358.624375] FAULT_INJECTION: forcing a failure. [ 1358.624375] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1358.625939] CPU: 1 PID: 7941 Comm: syz-executor.6 Not tainted 5.10.224 #1 [ 1358.627477] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1358.628246] Call Trace: [ 1358.628525] dump_stack+0x107/0x167 [ 1358.628885] should_fail.cold+0x5/0xa [ 1358.629261] _copy_to_user+0x2e/0x180 [ 1358.629633] do_pages_stat+0x2b4/0x3b0 [ 1358.630017] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1358.630807] ? cpuset_mems_allowed+0x1af/0x440 [ 1358.631283] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1358.632421] ? trace_hardirqs_on+0x5b/0x180 [ 1358.632892] kernel_move_pages+0xb8f/0x11c0 [ 1358.633873] ? rcu_read_lock_any_held+0x75/0xa0 [ 1358.634904] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1358.635462] ? fput_many+0x2f/0x1a0 [ 1358.635821] ? ksys_write+0x1a9/0x260 [ 1358.636208] ? __ia32_sys_read+0xb0/0xb0 [ 1358.636584] __x64_sys_move_pages+0xdd/0x1b0 [ 1358.637017] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1358.637489] do_syscall_64+0x33/0x40 [ 1358.637851] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1358.638350] RIP: 0033:0x7f28eb741b19 [ 1358.638689] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1358.640433] RSP: 002b:00007f28e8cb7188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1358.641171] RAX: ffffffffffffffda RBX: 00007f28eb854f60 RCX: 00007f28eb741b19 [ 1358.641836] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1358.642519] RBP: 00007f28e8cb71d0 R08: 0000000020000000 R09: 0000000000000000 [ 1358.643189] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1358.643856] R13: 00007ffd318d456f R14: 00007f28e8cb7300 R15: 0000000000022000 15:22:28 executing program 7: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000100)={0x0, 0x0}) capset(&(0x7f0000000180)={0x20080522, r0}, &(0x7f00000002c0)={0x40, 0x0, 0xfffffaf2, 0x6, 0xffffffff, 0x40}) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000)='wlan1\x00', 0x10) sendfile(r1, 0xffffffffffffffff, 0x0, 0x6) msgctl$IPC_RMID(0x0, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 14) 15:22:28 executing program 5: perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = gettid() r1 = gettid() r2 = accept4$inet6(0xffffffffffffffff, 0x0, &(0x7f0000000700), 0x80000) pwritev2(r2, &(0x7f0000000740), 0x0, 0xff, 0x100, 0x3) process_vm_readv(r1, &(0x7f0000001a40)=[{&(0x7f00000018c0)=""/31, 0x1f}, {&(0x7f0000001b40)=""/124, 0x7a}, {&(0x7f0000001980)=""/161, 0xa1}], 0x3, &(0x7f0000001ec0)=[{&(0x7f0000001a80)=""/101, 0x65}, {&(0x7f0000002240)=""/183, 0xffffffbc}, {&(0x7f0000001bc0)=""/122, 0x7a}, {&(0x7f0000001c40)=""/163, 0xa3}, {&(0x7f0000001d00)=""/231, 0xe7}, {&(0x7f0000001e00)}, {&(0x7f0000001e40)=""/9, 0x9}, {&(0x7f0000001b00)=""/46, 0x2e}], 0x8, 0x0) perf_event_open(&(0x7f0000000500)={0x4, 0x80, 0x9, 0x81, 0xd1, 0x1, 0x0, 0x3ff, 0x82004, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x4, @perf_config_ext={0x89b2}, 0x4002, 0x3ff, 0x7, 0x2, 0x3, 0x1f, 0x7, 0x0, 0x7fff, 0x0, 0x1}, r1, 0x10, 0xffffffffffffffff, 0x8) process_vm_readv(r0, &(0x7f0000001a40), 0x0, &(0x7f0000000240)=[{&(0x7f0000001a80)=""/101, 0x65}, {&(0x7f0000000440)=""/176, 0xfffffffffffffebd}, {&(0x7f0000000300)=""/124, 0x7c}, {&(0x7f0000000380)=""/163, 0xa3}, {&(0x7f00000000c0)=""/244, 0xf4}, {&(0x7f0000001e00)}, {&(0x7f0000001e40)=""/9, 0x9}, {&(0x7f0000001b00)=""/46, 0x2e}, {&(0x7f00000001c0)=""/121, 0x79}], 0x9, 0x0) timer_create(0x4, &(0x7f0000000000)={0x0, 0x2b, 0x0, @thr={&(0x7f0000000580)="9f0db395d1326db2860dd22ac5d3ff3125e5b0777789e5d134f75f3a045fb8052d9ea737b1459d4b49bd18914150fe83b4272e097fb93a3842f9a9d2c1cf5034054abd4471de661a265b76fba0aba4d57cbf8a88ac301780ea44d654", &(0x7f0000000600)="4c624da7e7c5f412c4968c93b61613dd7c5a9bfd7aba7a7aba23150a160597cbc891be07ab48210131d03333ff9823d31fe7997a0b41d2c67397bb921e8d99add4f7101d4a57b9c918d15e9d493d361b8cdc617b7db3a05ee17d0590b75e16d5a073e34f05c0e70bb48842ba514c5207c80cb269a209f2281cf110d3192790942c3ca36c47e38e082ed9a7596c8b07a622c65255374e9ceb7a6d640b1bd51b0f6718dac5d5"}}, &(0x7f00000006c0)) 15:22:28 executing program 4: perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) msgget(0x1, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 63) 15:22:28 executing program 0: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) setsockopt$packet_rx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0) msgget(0x1, 0x0) ioctl$EXT4_IOC_PRECACHE_EXTENTS(0xffffffffffffffff, 0x6612) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 70) 15:22:28 executing program 2: syz_emit_ethernet(0x56, &(0x7f0000000080)=ANY=[@ANYBLOB="20f9bdba2470aaaaaaaa9abb000deeffffffffff0000a9a4d30d9eedbf84c7959dd76445502e8debf42a1f820f5fe25e762e614b3d9ae47ca38e6862065da5e5550f0dfc6eba6e8f"], 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x8401, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f00000000c0)={'ipvlan1\x00'}) write$tun(r0, &(0x7f0000000100)={@void, @val={0x1}, @ipv6=@dccp_packet={0x0, 0x6, "3cdefa", 0x10, 0x21, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @local, {[], {{0x0, 0x0, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "265d99", 0x0, "960cee"}}}}}, 0x42) openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0xc00, 0x0) [ 1374.324575] FAULT_INJECTION: forcing a failure. [ 1374.324575] name fail_usercopy, interval 1, probability 0, space 0, times 0 15:22:28 executing program 6: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 71) 15:22:28 executing program 1: syz_emit_ethernet(0x6e, &(0x7f0000000240)={@random="20f9bdba2470", @remote, @void, {@mpls_uc={0x8847, {[{}, {0x66}, {0x8}, {0x1}, {0xfff}, {0x80, 0x0, 0x1}, {0x40}, {0x2, 0x0, 0x1}, {0xcd, 0x0, 0x1}, {0x6e9b}], @ipv4=@dccp={{0x0, 0x4, 0x3, 0x0, 0x0, 0x67, 0x0, 0x8c, 0x21, 0x0, @empty, @local, {[@timestamp_prespec={0x44, 0x0, 0x7c, 0x3, 0x6, [{@initdev={0xac, 0x1e, 0x1, 0x0}}, {@private=0xa010101, 0x5}, {@private=0xa010101, 0x40b}, {@rand_addr=0x64010102, 0x7ff}]}, @ssrr={0x89, 0x0, 0x8, [@rand_addr=0x64010102, @dev={0xac, 0x14, 0x14, 0xf}, @empty, @multicast1, @empty, @broadcast, @dev={0xac, 0x14, 0x14, 0xe}, @broadcast, @initdev={0xac, 0x1e, 0x1, 0x0}, @empty]}]}}, {{0x4e20, 0x4e21, 0x0, 0x1, 0xc, 0x0, 0x0, 0x6, 0x0, "ce80ec", 0x5, "cae541"}, "cb820431bc289936b6be9a91e6200552ef8996ab4b2255d0ba64bd95afad5531040e3de80be36e56cb9661ac70f6b0eb5dce3b5d846b62ac678e"}}}}}}, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x8401, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f00000000c0)={'ipvlan1\x00'}) write$tun(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="01040000020000000000603cdefa00102100fe88000000000000000000000000de01fe8000e6ff00000000000000000000aa000000000401907800265d9900960cee"], 0x42) ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454d9, &(0x7f0000000000)={'syz_tun\x00'}) 15:22:28 executing program 3: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000100)={0x0, 0x0}) capset(&(0x7f0000000180)={0x20080522, r0}, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/locks\x00', 0x0, 0x0) ioctl$FS_IOC_SETVERSION(r2, 0x40087602, &(0x7f0000000040)=0x20) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000)='wlan1\x00', 0x10) sendfile(r1, r2, 0x0, 0x6) r3 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r3, 0x0, 0x0) move_pages(0x0, 0x1, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0], 0x0) [ 1374.325712] CPU: 1 PID: 7956 Comm: syz-executor.4 Not tainted 5.10.224 #1 [ 1374.326523] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1374.327472] Call Trace: [ 1374.327773] dump_stack+0x107/0x167 [ 1374.328230] should_fail.cold+0x5/0xa [ 1374.328931] _copy_from_user+0x2e/0x1b0 [ 1374.329348] do_pages_stat+0xf1/0x3b0 [ 1374.329709] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1374.330675] ? cpuset_mems_allowed+0x1af/0x440 [ 1374.331811] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1374.333079] ? trace_hardirqs_on+0x5b/0x180 [ 1374.334182] kernel_move_pages+0xb8f/0x11c0 [ 1374.335246] ? rcu_read_lock_any_held+0x75/0xa0 [ 1374.336374] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1374.337776] ? fput_many+0x2f/0x1a0 [ 1374.338722] ? ksys_write+0x1a9/0x260 [ 1374.339656] ? __ia32_sys_read+0xb0/0xb0 [ 1374.340655] __x64_sys_move_pages+0xdd/0x1b0 [ 1374.341726] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1374.343037] do_syscall_64+0x33/0x40 [ 1374.343438] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1374.344008] RIP: 0033:0x7f1c0ae11b19 [ 1374.344413] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1374.348911] RSP: 002b:00007f1c08387188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1374.350380] RAX: ffffffffffffffda RBX: 00007f1c0af24f60 RCX: 00007f1c0ae11b19 [ 1374.351224] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1374.352024] RBP: 00007f1c083871d0 R08: 0000000020000000 R09: 0000000000000000 [ 1374.352805] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1374.353612] R13: 00007ffd2ddfd2cf R14: 00007f1c08387300 R15: 0000000000022000 [ 1374.365308] FAULT_INJECTION: forcing a failure. [ 1374.365308] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1374.369444] CPU: 1 PID: 7963 Comm: syz-executor.0 Not tainted 5.10.224 #1 [ 1374.371473] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1374.373491] Call Trace: [ 1374.374161] dump_stack+0x107/0x167 [ 1374.375068] should_fail.cold+0x5/0xa [ 1374.376004] _copy_to_user+0x2e/0x180 [ 1374.376901] do_pages_stat+0x2b4/0x3b0 [ 1374.377869] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1374.379346] ? cpuset_mems_allowed+0x1af/0x440 [ 1374.380463] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1374.381684] ? trace_hardirqs_on+0x5b/0x180 [ 1374.382744] kernel_move_pages+0xb8f/0x11c0 [ 1374.383826] ? rcu_read_lock_any_held+0x75/0xa0 [ 1374.384952] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1374.386413] ? fput_many+0x2f/0x1a0 [ 1374.387329] ? ksys_write+0x1a9/0x260 [ 1374.388306] ? __ia32_sys_read+0xb0/0xb0 [ 1374.389351] __x64_sys_move_pages+0xdd/0x1b0 [ 1374.390430] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1374.391666] do_syscall_64+0x33/0x40 [ 1374.392600] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1374.393831] RIP: 0033:0x7f6fdcf13b19 [ 1374.394752] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1374.399250] RSP: 002b:00007f6fda489188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1374.401119] RAX: ffffffffffffffda RBX: 00007f6fdd026f60 RCX: 00007f6fdcf13b19 [ 1374.402826] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1374.404577] RBP: 00007f6fda4891d0 R08: 0000000020000000 R09: 0000000000000000 [ 1374.406820] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1374.408581] R13: 00007ffee9bd176f R14: 00007f6fda489300 R15: 0000000000022000 [ 1374.417264] FAULT_INJECTION: forcing a failure. [ 1374.417264] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1374.420259] CPU: 1 PID: 7965 Comm: syz-executor.6 Not tainted 5.10.224 #1 [ 1374.421890] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1374.423905] Call Trace: [ 1374.424562] dump_stack+0x107/0x167 [ 1374.425500] should_fail.cold+0x5/0xa [ 1374.426469] _copy_from_user+0x2e/0x1b0 [ 1374.427448] do_pages_stat+0xf1/0x3b0 [ 1374.428445] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1374.429940] ? cpuset_mems_allowed+0x1af/0x440 [ 1374.431162] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1374.432388] ? trace_hardirqs_on+0x5b/0x180 [ 1374.433512] kernel_move_pages+0xb8f/0x11c0 [ 1374.434622] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1374.436128] ? asm_sysvec_call_function_single+0x12/0x20 [ 1374.437515] __x64_sys_move_pages+0xdd/0x1b0 [ 1374.438641] do_syscall_64+0x33/0x40 [ 1374.439589] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1374.440876] RIP: 0033:0x7f28eb741b19 [ 1374.441852] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1374.444139] FAULT_INJECTION: forcing a failure. [ 1374.444139] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1374.446627] RSP: 002b:00007f28e8cb7188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1374.446644] RAX: ffffffffffffffda RBX: 00007f28eb854f60 RCX: 00007f28eb741b19 [ 1374.446653] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1374.446662] RBP: 00007f28e8cb71d0 R08: 0000000020000000 R09: 0000000000000000 [ 1374.446672] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1374.446681] R13: 00007ffd318d456f R14: 00007f28e8cb7300 R15: 0000000000022000 [ 1374.460915] CPU: 0 PID: 7954 Comm: syz-executor.7 Not tainted 5.10.224 #1 [ 1374.462647] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1374.464755] Call Trace: [ 1374.465417] dump_stack+0x107/0x167 [ 1374.466305] should_fail.cold+0x5/0xa [ 1374.467280] _copy_to_user+0x2e/0x180 [ 1374.471611] do_pages_stat+0x2b4/0x3b0 [ 1374.472596] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1374.473999] ? cpuset_mems_allowed+0x1af/0x440 [ 1374.475088] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1374.476296] ? trace_hardirqs_on+0x5b/0x180 [ 1374.477326] kernel_move_pages+0xb8f/0x11c0 [ 1374.478379] ? rcu_read_lock_any_held+0x75/0xa0 [ 1374.479480] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1374.480857] ? fput_many+0x2f/0x1a0 [ 1374.481722] ? ksys_write+0x1a9/0x260 [ 1374.482633] ? __ia32_sys_read+0xb0/0xb0 [ 1374.483595] __x64_sys_move_pages+0xdd/0x1b0 [ 1374.484635] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1374.485823] do_syscall_64+0x33/0x40 [ 1374.487000] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1374.488216] RIP: 0033:0x7f8be6d86b19 [ 1374.489094] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1374.493477] RSP: 002b:00007f8be42fc188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1374.506408] RAX: ffffffffffffffda RBX: 00007f8be6e99f60 RCX: 00007f8be6d86b19 [ 1374.507032] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1374.507646] RBP: 00007f8be42fc1d0 R08: 0000000020000000 R09: 0000000000000000 [ 1374.508258] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1374.508872] R13: 00007ffd26b6f95f R14: 00007f8be42fc300 R15: 0000000000022000 15:22:29 executing program 1: syz_emit_ethernet(0x56, &(0x7f0000000080)={@random="20f9bdba2470", @remote, @void, {@canfd={0xd, {{}, 0x0, 0x0, 0x0, 0x0, "7bc74f84dbc157914cd8c864a1bea9a4d30d9eedbf84c7959dd76445502e8debf42a1f820f5fe25e762e614b3d9ae47ca38e6862065da5e5550f0dfc6eba6e8f"}}}}, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x8401, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f00000000c0)={'ipvlan1\x00'}) write$tun(r0, &(0x7f0000000180)={@void, @val={0x1, 0x4, 0x0, 0x2}, @ipv6=@dccp_packet={0x0, 0x6, "3cdefa", 0x248, 0x21, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @local, {[@dstopts={0x33, 0x9, '\x00', [@calipso={0x7, 0x48, {0x3, 0x10, 0x81, 0x8, [0x5, 0x100, 0x8, 0x80, 0x5, 0x8001, 0x5, 0x5]}}, @ra={0x5, 0x2, 0xa34}]}, @srh={0x2f, 0xe, 0x4, 0x7, 0x81, 0x50, 0x7, [@loopback, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @empty, @empty, @private0={0xfc, 0x0, '\x00', 0x1}, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @local]}, @srh={0x32, 0x10, 0x4, 0x8, 0x7, 0x0, 0x4, [@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x1, 0x0}}, @mcast2, @private2={0xfc, 0x2, '\x00', 0x1}, @dev={0xfe, 0x80, '\x00', 0x38}, @ipv4={'\x00', '\xff\xff', @broadcast}, @private1, @private1={0xfc, 0x1, '\x00', 0x7f}]}, @dstopts={0x0, 0x2, '\x00', [@enc_lim, @padn={0x1, 0x2, [0x0, 0x0]}, @ra={0x5, 0x2, 0x8}, @enc_lim={0x4, 0x1, 0x1f}, @pad1]}, @dstopts={0xc, 0x0, '\x00', [@enc_lim]}, @routing={0x89, 0x6, 0x0, 0x6, 0x0, [@empty, @mcast1, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01']}, @hopopts={0x8, 0xd, '\x00', [@generic={0x5, 0x5a, "8bb7998c5c160b8bc46ef3e97ceb182cc23c9a718e44ad24a0fd16bc88bcad84a11a28cd132c4977b3beb0943c447286004f8c97e19e1095cb4959dd64367d08ee54735ff9f2935fc56219095382810abdb8080d757fce65f5c4"}, @hao={0xc9, 0x10, @loopback}]}], {{0x0, 0x4e23, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "265d99", 0x0, "960cee"}}}}}, 0x27a) 15:22:29 executing program 5: syz_mount_image$msdos(&(0x7f0000000080), &(0x7f00000001c0)='./file0\x00', 0x10001, 0x6, &(0x7f00000005c0)=[{&(0x7f0000000280)="0a0f2ff7ba301b52c109818f96c271eb381016e1cd86d5e68456a2dd5a763e4ab48038a399f412f445d750db1e3a6ac5c7b1871d866103c3e7427ab9b5943ad2927eb795b5f641e15fe3480b5c505b1ea614a7eb91896ad099d73bce27edb002d4436be6d460b1c54b68210874ef31b5aea5a98e2c515d0f3a1d8f6ebe05aaabd509c583950bdb03a0e011225dd4c8775f79ac4ae791a48e49c9862cdab90565c5ea8fe9e1810682aca7ef10823930fcf62c6d4914b7633f23f37e093b56f4e0eb52f0d5a49d3b61", 0xc8, 0x8}, {&(0x7f0000000380)="eb6eff392d7553e721433ff5672984186fd511739a434babd1b6ea2a71861bb6931883a859e321c95559ed4cbaab526e92894c7dbe9e565ac37dcdb82617c323478085d15afef18cad954f4b5c1e738227e246062fa0aff52a8447fecb511882f72c507168acce6b929b162c4152c98e54c1bfd7610a5db381240bf1ef68cefefb005794563e39f96a2697b0b93d239ed26e0729d10dfeb91d5bff592ab3e97379f59660732387a5d0808b29117c0e728e", 0xb1}, {&(0x7f0000000440)="a3e5fd552dcf814a41a3e5a63293b6fb17a575adfd597131a1bf3fb641a4a56832d46d0b39b509ef9b20d54007d428a4ca734e3b4911a1311bf0b17e39465a574a307b7c09a5a0fc18bf4419f50eb414d26c617f346cec317502b1ece5dc4cb347382ae7b44c5e4592f342cb75275094ad4be135b77b84", 0x77, 0x8}, {&(0x7f00000004c0)="3a4b790e755aed5df22264847d3b29b34b265f6e47f61786d5cf74cd24f5b6f95dcc92741f8348fd0d3deaf9fe55ceb47c3faf7eb597aac8d4e82eab66e9", 0x3e}, {&(0x7f0000000500)="e36bcc00772b3c7b51e56ee3499e6c48b2b096080b2f4e4e865a8bba73a826467bae0fd7e385e8f758e2e43d74fddcb4a0f13328fa2e39f968367ceaa8d167484ce6d3393f8a9214050fd53fc0f25d9b928fff620002d658dbe714f29a", 0x5d, 0x7}, {&(0x7f0000000580), 0x0, 0x7fffffff}], 0x200400, &(0x7f0000000680)=ANY=[@ANYBLOB="6e66732c6e6f646f74732c646f6e745f686173682c736d61866b01736465663d2f6281"]) perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000240)={'syz_tun\x00', &(0x7f0000000200)=@ethtool_cmd={0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000}}) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x2800000, &(0x7f00000006c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB="050000000000000024033920762555bbc5feaa980ba9d7dcd5717aa84a519c2644fc75b2f7939a97", @ANYRESHEX=r0, @ANYBLOB=',mmap,euid>', @ANYRESDEC, @ANYBLOB=',\x00']) r1 = gettid() r2 = syz_open_dev$usbmon(&(0x7f0000000140), 0x1, 0x321000) fcntl$setlease(r2, 0x400, 0x2) process_vm_readv(r1, &(0x7f0000001a40)=[{&(0x7f00000018c0)=""/31, 0x1f}, {&(0x7f0000001b40)=""/124, 0x7a}, {&(0x7f0000001980)=""/161, 0xa1}], 0x3, &(0x7f0000001ec0)=[{&(0x7f0000001a80)=""/101, 0x65}, {&(0x7f0000002240)=""/183, 0xffffffbc}, {&(0x7f0000001bc0)=""/122, 0x7a}, {&(0x7f0000001c40)=""/163, 0xa3}, {&(0x7f0000001d00)=""/231, 0xe7}, {&(0x7f0000001e00)}, {&(0x7f0000001e40)=""/9, 0x9}, {&(0x7f0000001b00)=""/46, 0x2e}], 0x8, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x105142, 0x0) lseek(r3, 0x0, 0x2) r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x4000, 0x128) copy_file_range(r4, 0x0, r3, 0x0, 0x200f5ef, 0x0) openat(r4, &(0x7f0000000580)='./file0\x00', 0x8401, 0x0) 15:22:29 executing program 3: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000100)={0x0, 0x0}) capset(&(0x7f0000000180)={0x20080522, r0}, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/locks\x00', 0x0, 0x0) ioctl$FS_IOC_SETVERSION(r2, 0x40087602, &(0x7f0000000040)=0x20) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000)='wlan1\x00', 0x10) sendfile(r1, r2, 0x0, 0x6) r3 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r3, 0x0, 0x0) move_pages(0x0, 0x1, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0], 0x0) [ 1374.585546] FAT-fs (loop5): Unrecognized mount option "dont_hash" or missing value [ 1374.619721] 9pnet: Insufficient options for proto=fd [ 1374.650030] FAT-fs (loop5): Unrecognized mount option "dont_hash" or missing value [ 1374.660403] 9pnet: Insufficient options for proto=fd [ 1388.313290] FAULT_INJECTION: forcing a failure. [ 1388.313290] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1388.314413] CPU: 0 PID: 7989 Comm: syz-executor.6 Not tainted 5.10.224 #1 [ 1388.314994] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1388.315697] Call Trace: [ 1388.315937] dump_stack+0x107/0x167 [ 1388.316258] should_fail.cold+0x5/0xa [ 1388.316608] _copy_to_user+0x2e/0x180 [ 1388.316951] do_pages_stat+0x2b4/0x3b0 [ 1388.317305] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1388.317811] ? cpuset_mems_allowed+0x1af/0x440 [ 1388.318242] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1388.318682] ? trace_hardirqs_on+0x5b/0x180 [ 1388.319068] kernel_move_pages+0xb8f/0x11c0 [ 1388.319462] ? rcu_read_lock_any_held+0x75/0xa0 [ 1388.319875] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1388.320381] ? fput_many+0x2f/0x1a0 [ 1388.320709] ? ksys_write+0x1a9/0x260 [ 1388.321047] ? __ia32_sys_read+0xb0/0xb0 [ 1388.321408] __x64_sys_move_pages+0xdd/0x1b0 [ 1388.321795] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1388.337037] do_syscall_64+0x33/0x40 [ 1388.337375] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1388.337818] RIP: 0033:0x7f28eb741b19 [ 1388.338163] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1388.339732] RSP: 002b:00007f28e8cb7188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1388.340385] RAX: ffffffffffffffda RBX: 00007f28eb854f60 RCX: 00007f28eb741b19 [ 1388.340994] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1388.341605] RBP: 00007f28e8cb71d0 R08: 0000000020000000 R09: 0000000000000000 [ 1388.342248] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1388.342880] R13: 00007ffd318d456f R14: 00007f28e8cb7300 R15: 0000000000022000 15:22:42 executing program 6: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 72) 15:22:42 executing program 0: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) setsockopt$packet_rx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0) msgget(0x1, 0x0) ioctl$EXT4_IOC_PRECACHE_EXTENTS(0xffffffffffffffff, 0x6612) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 71) 15:22:42 executing program 2: syz_emit_ethernet(0x56, &(0x7f0000000080)=ANY=[@ANYBLOB="20f9bdba2470aaaaaaaaaabb000d00000000000000007bc74f84db0057914cd8c864a1bea9a4d30d9eedbf84080000006445502e8debf42a1f820f5fe25e762e614b3d9ae478a38e6862065da5e5550f0dfc6eba6e8f"], 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x8401, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f00000000c0)={'ipvlan1\x00'}) r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x105142, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x4000, 0x128) copy_file_range(r2, 0x0, r1, 0x0, 0x200f5ef, 0x0) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x8, 0x1010, r2, 0x0) syz_io_uring_submit(r3, 0x0, &(0x7f0000000000)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x2, 0x4004, @fd_index=0x4, 0x3269, 0x0, 0x0, 0x10, 0x1, {0x3}}, 0x2) write$tun(r2, &(0x7f0000000180)={@val={0x0, 0x8848}, @void, @ipv4=@icmp={{0x2c, 0x4, 0x3, 0x1, 0x112, 0x64, 0x0, 0x66, 0x1, 0x0, @broadcast, @loopback, {[@timestamp_prespec={0x44, 0x34, 0x3a, 0x3, 0x7, [{@local, 0x4}, {@initdev={0xac, 0x1e, 0x0, 0x0}, 0x2}, {@remote, 0x1}, {@local, 0x101}, {@empty, 0x10000}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x2}]}, @noop, @cipso={0x86, 0x16, 0x3, [{0x6, 0x10, "ff8c8cf577b652fab079d56db730"}]}, @ssrr={0x89, 0x27, 0xb4, [@remote, @initdev={0xac, 0x1e, 0x1, 0x0}, @empty, @rand_addr=0x64010100, @local, @rand_addr=0x64010102, @local, @multicast1, @dev={0xac, 0x14, 0x14, 0x23}]}, @timestamp={0x44, 0x28, 0xa9, 0x0, 0x5, [0x3, 0x8, 0x0, 0x5, 0x5, 0x3, 0x600, 0x10000, 0x5]}]}}, @echo={0x8, 0x0, 0x0, 0x3c, 0x8, "b6caf7e656170d873fedb78d55a719484d59590e6b8e6a9cdc640eed189a726b9ca5cc86e85679652cfa6172d33d6d726381a2abf04de75721c277b0638231c79f755dbbc1f37eb4b2a4cdcb4333c7a806810bd09a4bc63e8bb7"}}}, 0x116) write$tun(r0, &(0x7f0000001500)=ANY=[@ANYBLOB="01000000000000000000603cdefa0010001b00000000000000040000000000000001aa80000000000000000000000000a60b000000000401907800265d9900960cee3bf391f682f6b509fe1a4413a936f6e19afc0a98a40cecf5421dc10a240fa5b6968780"], 0x42) r4 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl$sock_SIOCETHTOOL(r4, 0x8946, &(0x7f0000000240)={'syz_tun\x00', &(0x7f0000000200)=@ethtool_cmd={0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000}}) r5 = openat$cgroup_pressure(r2, &(0x7f00000002c0)='memory.pressure\x00', 0x2, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000300)={0x0, ""/256, 0x0, 0x0, 0x0, 0x0, ""/16, ""/16, ""/16, 0x0, 0x0}) ioctl$BTRFS_IOC_SNAP_DESTROY_V2(r4, 0x5000943f, &(0x7f0000000500)={{r5}, r6, 0xc, @unused=[0x2, 0x0, 0x6, 0x3], @name="bbb1a668e0a364883e48dc2ae81d59f9a070065ec942913c066cc9d6ee145073c47b1dedc3d540fa72cf04a6fe73cca7c40e093adec508f4473b9c59ef0f9c1bc8e5d0dd3e8cdae7ea78011c0231273c4c3a434264bb33abd86d5a81c8cd51748df4f8eec0167a7d44805fff82130683a61ce7d88457f0ac2f19aa0d1e5ac037f8e5883c8aba038aa552ca583928a0984d203475d82eec0e542a23712f9fdea4ebe34f6131a478273b9cb93059c1668728d9dfaa973b1c181e07775dc34e718828463fedb5ce1872525fad2b3b3649f5dff1991f8060e19df2a8260008897c6e0e00d083400d6c8061853ab16e8d8bb6c0e6d4a41998c3cafd33038cdc7b25ab1718cd400edf9cbd8ab3bd707a2042a1e643965aaf5b60e8f06d7435d57b167b35cfea7d92c92a05592af3f231198db752bc9b80e826325a3e29c5fe36750684120decb8efdc75b925d95c20b48733bfc239e225a33ef7507ad036e8c63c71ce5030828a54342c913aa58a77405293a283a3b9600696eb38e9a4d4baa0265c84545bad35b601cd85b61b1158d57e1ec5eaf62393b835886ab43cd993bf9c67548b5fd6370d2853ac5783308371e9f19eac84c23f960336860c1073e6bfeab7e1013bfdbaeb50468a6495c20342ca590ba9e0fb8fa9f63cb30cf72fc3f0bf45cca99361c8a6a494ac75a76f3b58142ee7cd6b1d11a79311def902101eb07d04ee7a7fd6fc1caad8a7966f7c3fb80a10a21e65ec094c4f3cf8b7b54cbc053f925afafa527dffdc88a0192080136779208372b5a519cb56e6eee1234d833cd5b5fad8c6b42ab95f3e7d787711923eb74a38984b8aeab12ae09b7fc143cabf551fef7068a1c2c907c6359856fb1f052035123e578f4ccde67133fd037b798b91c5581ea0907d3546915e08ee4bd22d6ccd20935d968bfbbff515c1537501677299e6abbbd3611f931d73e2b658dbc5e7d9b48ecea13af240d42c1ab205f850c35e7f92a472835610817a076c0ff5fac56e5efde8138212dcfc76a40ea3e15d030252f1321d8549ad81e205d64f69ec915893edde093af692b3e8d799199eda37b91aca1ccc4fb520bb4c7bb3336ae016042dc85a2a6e3838c3f6af0ecc408e299339e85d52a2d864c18e5865e088f34f35714c9319d3dde17a7b494020889ce3e72f844339e62637d747741bd4bc10c78b76e1ad6acec27c293bb07c04ee0d63636150658b98c94ee86b4e3c32beea01f6063206c3501e29efb7a30d8bd09b1c9b6be129d42115f7ebcb5df0f6ad9319481814b92178a367a1d088cded824734f1e02d8016856870781aef1d7329889b315b208de0769f16e39844199f1f1836b529e51159f56f1fd10ed2a529464ae466e2224c04791a41486b1fdb27af1c564ac3b9aa1eca84df62b392b567785f7bc9ed4815c5d6bbd217361edf6a0f0654e5e4f2c31516634a3f0b6c071c8b88ccd5659e8d5c6253eba6c85cef99f25597f80669c51416be7ec3278c72110e0ae7353c19e3edfc991418ce858729d048391cde05ad5bc077728df022b87b789ccbcbb59aa254e17a3816d04a8539853a15b606f5b8aa87789a24c0aa2dbbbcf91e0582c63d6ed8e80547a0209bf837fe7c5cf1018483c32da7ca09d72320f34abca00e2086429f78fbe6ccefab743282491421dec9e3dbd8e1e4194799602b3a916c892bb86bc8b0490cf8dc32e8337fa78aa1c4c150a97d664c7cee3f38a53f4d48f480745d26dce052cf124d1eb5d7103c8483b3c939bfaba050596aad541cea76dd214f36198979f5230707b6cfeaf86274a81c76e469d945faec77bb2ff7df0874b393fe0857377759bd72ff6c4ee74b680a1110b272d565ae356ce594b7c3f6f5ef7d4826f2bbf567362f536f120d39266e376937a91af71ea4d5f01562a0cc09bd0ee852522a5b64893c5756af56e595d167f10a01358491847def1a9b3f427e602026e3bf3b91d4ce766d49e58c58eee019df473daa949f050124ec8633eea8841a5761a4a7221349f8abbdd732eb24515a6d69d64f435ae8c36885f90dbff5cf4998a657021d94954b886d8f9df3bdefb651341698b45b340ef1d33476aebda788126fd36d1def897a10d3c1dbb82a1e5495731ec7abafc008fbb2ce2028513ea52c6da1617b281e47ecf5880ecaa45e37d59e890194e4417b313e6a1b548302899216fb4d718a138c96d366ad09ed850c896d27284649fee6b84a50b4c96eb40f8a2bf4bb4085895c1c01ea0186b0a00d47cc05556e871d9da7b2ebdbfa823b340d2409c15115fe0fe5f6694784becdd2244b9d9235c76ca5c7df2285bb84222dc945f5a8fee1811e7044b19345ab447436e46183631d46e08578311bc971d2cd16785c55781a262ed26c25a312f356e0dacfd3319745cbc4704888a2e786c6a63be7a1ec208de02248a29ab014b5ad79d011407cc2c7c15108828c9420b9fa5e8f393a5e38d5f72d46ef4f9167af422b4b40169d76f412a96e5b8f61ead9b161f40d6e04949a5b343a7dfce241061a2180044f857ac3c27e722686f598f65cc9ff86e795fa701729aeb1e6f5bd19455333107c47c960c94c31d621afa28961e332664d79f858971d9b905b8d394d217e494ad6940c9aef37b039eb61dfa700d626d046fb79768fd46c92ab4e4fa39eb21876fe4fbb3e8db93edcd671bb3852cbdb7b8315ebf3396b1216c66eedc69533e03c1b5b56334e66b22708a88935298d9a299f57eb994d994f97856b4138a83b04bf9353741def1743340df1accf013e332dfa2e962181231a209e6e38b9edb8b03c1c267ea40bd03ce4e1dd2f74d6d45c904cd250913e2e9bee0ee48300d3daa5cce3cefd3ed71b19cd233e39ebca998defe739b0c0ecbe66458d7b863b331ecaca5cb25f7d5ec3b9348bbcd81050b3c8d8066c19100f4aec01c479b287adaefe161f9cf12e7f08fce32794b264a158c2067e993752dada20f2b2dad9c0def656502df929b86092cf6ab083de77f24debeaab52bd2be1db2c3948b6063edfd675b0d2dadfbaf1c113d7ad00d1522c31c814c36fd9ceca248ca489df5f4144dc3802a4c95ee9d9f2b663ca90dca2d5205ed5f85be0e08f6b679d298f5829427059a07f0ede0937f54c3b727fed7d6cb6600e80e569722cd50eac7c92b07aa22689d1bf30f602c749023da65af25ae7b7fea6e51a08ffc27b15ee78278974e80cb8be13b0f09771c3a7cd09d75655cee95201215ce8246da9873f70363190cca46960217f7e7c855d07efe875024ce26f056cb77d3f3f9fa76654e49f71868a20c40854c934db6217cd7896e433ace53ce738745872e85bc5f84c748e44f490ed98d9a3f58e4afb4835b0549cb38a21d204c555c29485ed9a10cc4cf28af99972523a7026167fa95402b32fe0ac6307de5c5c46cc4bf7e49f72f9cc6a1a16a56042455b8ccfa31bfbfbad542b69c0257642867c9c21f607758311f004ddfe201f6a356904f6d01740a452ff0936580069419f9bf8856edda487f889c2238c2f842c5e5e3c23f72b6bb2e51e37ca03457da10ce6ab23306ed95fc9ac9420888ec7f319013c4e566575a31d96015cb20182365815ff4a3d30c15a2c384a0fff91d3a9e6559679d83bb1de94311d0633ce00d2638fb8a0ff9fa07ea65d202ef00492ac229336214b10db8c47311313485ae6b011daa55a720afe05db5d1ae506868b08cb077296490375931c8bae7a0e8e1ddc801254b57b08628ec32bdad8e7a8ec9d6077b43ff349a6cf9b882503daac614b59a7893725ca9656c62ce167591105f57cf937facbffe182998e7ecfbb6e6866c0df93deaa7e3beead872dec48b77bc77080a6558288d7df3395cf7bd04c0c091687272fd7ac4479ed090547152e7519137a7bb3762ff07b35f85a144fbdf899f0ce370aed1bb8103cc47d790edf7e8046d64595fc23253d29598936f6a8ec9ceb74e21dddc1cd13ccacee2b9e225a23b567f40881327dfcccac26c87cb5f1e12acbbf08a6ae4a5e5a26e297a85958d2929386ba6848a2dd2401507a15a70238913d9b35e4c625c9046fba87fc5413a5c4c1ca3ccb35b1cb0fb3b36fb3f0d98d2a28f09604f38ab50352bc3e47b3f77efe0090d13ad8105276392e26ba57ae5954deb7f4df9aaffab33bfaab8dfb706aa022db65993d970fecab608e4d95f83e6ad46b1f5690f82ef727d27360a907410ab66edddaf3b4eb42493bb80d1bbb411c33142b421d98a32c2620c815439f467a3c9ea7d92caef7a8cdb5684ff48bd25fdfc5729816a2ea47a01271baaf003ef47d9ddb25e9166664682e3e9e852205fde3f83b9c72a6362e2e37885716132106f06bb2341d661f12d6e3462b0863fabfaded63e525ba76868ecfb3f700e2503f66efb63411602f7c92f0e5dd26fb65b83eb6b62942a86b8ab821d808dd9b1b3ace8bf29b5a6a425f06cb6c887f8a6bbbc30b086d8d8fde0459c3b2008799c0e2c0a1c8d2b5d11fe62058ef0d47855b0eb6a19071da57b7b096671e2b4c03d1ec8b000204ba27f72cc74f420574ac8145457d4d709843736c06906715d89ec445dc6bb523cc2414b9a5a2e1017d8587545f6ce9e63d8177171d222361fab81cb8d1730874e9ec342b5129fb74768ef8ee0473c471708274238a350e7a55ea07cc97da907279983b78c66fcee02216c01d885b475961d8c4ee915477f6194c9285a3387ac47451d9ccfdaa07d4632029a92d20435e78975328171df975a12177743a606392d6a1ef6ee0a31f71f09ad21e7770dcd1ed219cf4fa0bfec55ba6413bfed3b3d94f7fd2c513ef1881f57a87901ceb68b4686d37ee4e316a8fe3a240d3b0cc8d3beb895c8a2b213f68f269c38ba1c948771c132c45c8b70148651918ee947109d913b87bb800117dc62e85940e88c0e5c929842b66e64e4b9618197042108248832264522720764457ef65c8ec35736fa8ad81276776e4e994f9fc8487e430a6c2f690f8b04544dc7a0f530dfa6fc552a224e39f6f25fcb6f6e5e12e1bc9690d01097f6e20841882a4739355db38b631216aa890634b3ad078e76320778b65363b0d4c1a0e2a4a6192b25b69c59ace7b975c177dffecc5bf4a73aa9a6547d4fa6f0d6f4021de806dee007481573aadf87a34c0e98f81525dcf712e8e4fbc5296c6e85385052239a983e760a325333a70267f85ae00fc9b462e94168078fbcf20861b887f0dd2955d72f3de61edc013b1b3f5610feb5adf19404a43a9297a58fd59d84b90be35ae952744cbd256a54a9a4b817f4233dad91a5a614abf63997b5c3f336ce4323253d7ca2184d4344e18f0d6120069acead377cbf0af48888efe45247acd6848bf65f1301a540a3a2875a18119ad408f18646f297de04098fb72ca0dca1b1067be68012aa26726749817d9a5457dec75b1eb2e5b4237d93246edd9fe457e6235052c3b4dfe6eb780e3754b74bd856438304eab5b4bce133a38a24364849043cf29e73a36d86c989ed90b466af18293ca56ecfac2d807401832ca1f72137039afff50327fe5324b16ab04acf89ead4217599a2fc3d079e6465eaefee4775952abaa036faa4ebdc0ae983e2e981d6eb1972bcb0afe946b529c4e24a68754e4d0f08e795009da1c61209a572aea7b75408ac93473f0cd8507d0295924eacb53445622f25a0fd4e9dbdc4e022fc4ad6a5b32639ce3bb6c61588400db53db"}) 15:22:42 executing program 4: perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) msgget(0x1, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 64) 15:22:42 executing program 3: syz_emit_ethernet(0x56, &(0x7f0000000080)={@random="20f9bdba2470", @remote, @void, {@canfd={0xd, {{}, 0x0, 0x0, 0x0, 0x0, "7bc74f84dbc157914cd8c864a1bea9a4d30d9eedbf84c7959dd76445502e8debf42a1f820f5fe25e762e614b3d9ae47ca38e6862065da5e5550f0dfc6eba6e8f"}}}}, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x8401, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f00000000c0)={'ipvlan1\x00'}) write$tun(r0, &(0x7f0000000100)={@void, @val={0x1}, @ipv6=@dccp_packet={0x0, 0x6, "3cdefa", 0x10, 0x21, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @local, {[], {{0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "265d99", 0x0, "960cee"}}}}}, 0x42) 15:22:42 executing program 7: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000100)={0x0, 0x0}) capset(&(0x7f0000000180)={0x20080522, r0}, &(0x7f00000002c0)={0x40, 0x0, 0xfffffaf2, 0x6, 0xffffffff, 0x40}) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000)='wlan1\x00', 0x10) sendfile(r1, 0xffffffffffffffff, 0x0, 0x6) msgctl$IPC_RMID(0x0, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 15) 15:22:42 executing program 1: syz_emit_ethernet(0x56, &(0x7f0000000080)={@random="20f9bdba2470", @remote, @void, {@canfd={0xd, {{}, 0x0, 0x0, 0x0, 0x0, "7bc74f84dbc157914cd8c864a1bea9a4d30d9eedbf84c7959dd76445502e8debf42a1f820f5fe25e762e614b3d9ae47ca38e6862065da5e5550f0dfc6eba6e8f"}}}}, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x8401, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f00000000c0)={'ipvlan1\x00'}) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl$sock_SIOCETHTOOL(r1, 0x8946, &(0x7f0000000240)={'syz_tun\x00', &(0x7f0000000200)=@ethtool_cmd={0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000}}) r2 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setown(r2, 0x8, 0xffffffffffffffff) close(r2) close_range(r2, 0xffffffffffffffff, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x105142, 0x0) lseek(r3, 0x0, 0x2) r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x4000, 0x128) copy_file_range(r4, 0x0, r3, 0x0, 0x200f5ef, 0x0) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r2, 0xc018937d, &(0x7f0000000140)={{0x1, 0x1, 0x18, r4, {0x9}}, './file0\x00'}) write$tun(r5, &(0x7f0000000100)=ANY=[], 0x42) 15:22:42 executing program 5: r0 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() process_vm_readv(r1, &(0x7f0000001a40)=[{&(0x7f00000018c0)=""/31, 0x1f}, {&(0x7f0000001b40)=""/124, 0x7a}, {&(0x7f0000001980)=""/161, 0xa1}], 0x3, &(0x7f0000001ec0)=[{&(0x7f0000001a80)=""/101, 0x65}, {&(0x7f0000002240)=""/183, 0xffffffbc}, {&(0x7f0000001bc0)=""/122, 0x7a}, {&(0x7f0000001c40)=""/163, 0xa3}, {&(0x7f0000001d00)=""/231, 0xe7}, {&(0x7f0000001e00)}, {&(0x7f0000001e40)=""/9, 0x9}, {&(0x7f0000001b00)=""/46, 0x2e}], 0x8, 0x0) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl$sock_SIOCETHTOOL(r2, 0x8946, &(0x7f0000000240)={'syz_tun\x00', &(0x7f0000000200)=@ethtool_cmd={0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000}}) r3 = fcntl$dupfd(r0, 0x0, r2) r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0xa, 0x13, r4, 0x0) r6 = syz_io_uring_complete(r5) r7 = io_uring_register$IORING_REGISTER_PERSONALITY(r3, 0x9, 0x0, 0x0) syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_MADVISE={0x19, 0x1, 0x0, 0x0, 0x0, &(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x17, 0x1, {0x0, r7}}, 0x6) clock_gettime(0x0, &(0x7f0000000000)={0x0, 0x0}) r10 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) ftruncate(r10, 0x1000003) ioctl$FS_IOC_FSSETXATTR(r10, 0x40086602, &(0x7f0000000000)) r11 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl$sock_SIOCETHTOOL(r11, 0x8946, &(0x7f0000000240)={'syz_tun\x00', &(0x7f0000000200)=@ethtool_cmd={0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000}}) io_uring_register$IORING_REGISTER_FILES(r10, 0x2, &(0x7f0000000180)=[r4, r0, r6, r11], 0x4) timer_settime(0x0, 0x1, &(0x7f00000000c0)={{r8, r9+10000000}, {0x77359400}}, &(0x7f0000000100)) [ 1388.381802] FAULT_INJECTION: forcing a failure. [ 1388.381802] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1388.386843] FAULT_INJECTION: forcing a failure. [ 1388.386843] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1388.398974] CPU: 0 PID: 7996 Comm: syz-executor.0 Not tainted 5.10.224 #1 [ 1388.398982] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1388.398987] Call Trace: [ 1388.399007] dump_stack+0x107/0x167 [ 1388.399022] should_fail.cold+0x5/0xa [ 1388.399043] _copy_from_user+0x2e/0x1b0 [ 1388.399061] do_pages_stat+0xf1/0x3b0 [ 1388.399085] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1388.399107] ? cpuset_mems_allowed+0x1af/0x440 [ 1388.399133] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1388.399145] ? trace_hardirqs_on+0x5b/0x180 [ 1388.399165] kernel_move_pages+0xb8f/0x11c0 [ 1388.399188] ? rcu_read_lock_any_held+0x75/0xa0 [ 1388.399202] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1388.399215] ? fput_many+0x2f/0x1a0 [ 1388.399235] ? ksys_write+0x1a9/0x260 [ 1388.399249] ? __ia32_sys_read+0xb0/0xb0 [ 1388.399266] __x64_sys_move_pages+0xdd/0x1b0 [ 1388.399284] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1388.399296] do_syscall_64+0x33/0x40 [ 1388.399309] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1388.399319] RIP: 0033:0x7f6fdcf13b19 [ 1388.399333] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1388.399341] RSP: 002b:00007f6fda489188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1388.399358] RAX: ffffffffffffffda RBX: 00007f6fdd026f60 RCX: 00007f6fdcf13b19 [ 1388.399366] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1388.399375] RBP: 00007f6fda4891d0 R08: 0000000020000000 R09: 0000000000000000 [ 1388.399383] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1388.399392] R13: 00007ffee9bd176f R14: 00007f6fda489300 R15: 0000000000022000 [ 1388.446205] CPU: 1 PID: 7999 Comm: syz-executor.4 Not tainted 5.10.224 #1 [ 1388.446807] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1388.447513] Call Trace: [ 1388.447752] dump_stack+0x107/0x167 [ 1388.448073] should_fail.cold+0x5/0xa [ 1388.448413] _copy_to_user+0x2e/0x180 [ 1388.448750] do_pages_stat+0x2b4/0x3b0 [ 1388.449099] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1388.449602] ? cpuset_mems_allowed+0x1af/0x440 [ 1388.450008] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1388.450458] ? trace_hardirqs_on+0x5b/0x180 [ 1388.450840] kernel_move_pages+0xb8f/0x11c0 [ 1388.451224] ? rcu_read_lock_any_held+0x75/0xa0 [ 1388.451630] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1388.452133] ? fput_many+0x2f/0x1a0 [ 1388.452456] ? ksys_write+0x1a9/0x260 [ 1388.452789] ? __ia32_sys_read+0xb0/0xb0 [ 1388.453146] __x64_sys_move_pages+0xdd/0x1b0 [ 1388.453530] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1388.453972] do_syscall_64+0x33/0x40 [ 1388.454315] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1388.454755] RIP: 0033:0x7f1c0ae11b19 [ 1388.455082] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1388.456633] RSP: 002b:00007f1c08387188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1388.457286] RAX: ffffffffffffffda RBX: 00007f1c0af24f60 RCX: 00007f1c0ae11b19 [ 1388.457893] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1388.458514] RBP: 00007f1c083871d0 R08: 0000000020000000 R09: 0000000000000000 [ 1388.459128] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1388.459738] R13: 00007ffd2ddfd2cf R14: 00007f1c08387300 R15: 0000000000022000 [ 1388.466426] FAULT_INJECTION: forcing a failure. [ 1388.466426] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1388.467523] CPU: 0 PID: 8001 Comm: syz-executor.7 Not tainted 5.10.224 #1 [ 1388.468106] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1388.468812] Call Trace: [ 1388.469046] dump_stack+0x107/0x167 [ 1388.469370] should_fail.cold+0x5/0xa [ 1388.469712] _copy_from_user+0x2e/0x1b0 [ 1388.470077] do_pages_stat+0xf1/0x3b0 [ 1388.470429] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1388.470937] ? cpuset_mems_allowed+0x1af/0x440 [ 1388.471349] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1388.471787] ? trace_hardirqs_on+0x5b/0x180 [ 1388.472172] kernel_move_pages+0xb8f/0x11c0 [ 1388.472560] ? rcu_read_lock_any_held+0x75/0xa0 [ 1388.472966] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1388.473470] ? fput_many+0x2f/0x1a0 [ 1388.473792] ? ksys_write+0x1a9/0x260 [ 1388.474147] ? __ia32_sys_read+0xb0/0xb0 [ 1388.474509] __x64_sys_move_pages+0xdd/0x1b0 [ 1388.474893] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1388.475338] do_syscall_64+0x33/0x40 [ 1388.475663] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1388.476105] RIP: 0033:0x7f8be6d86b19 [ 1388.476434] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1388.477989] RSP: 002b:00007f8be42fc188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1388.486710] RAX: ffffffffffffffda RBX: 00007f8be6e99f60 RCX: 00007f8be6d86b19 [ 1388.487285] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1388.487854] RBP: 00007f8be42fc1d0 R08: 0000000020000000 R09: 0000000000000000 [ 1388.488423] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1388.488990] R13: 00007ffd26b6f95f R14: 00007f8be42fc300 R15: 0000000000022000 15:22:43 executing program 0: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) setsockopt$packet_rx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0) msgget(0x1, 0x0) ioctl$EXT4_IOC_PRECACHE_EXTENTS(0xffffffffffffffff, 0x6612) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 72) 15:22:43 executing program 6: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 73) 15:22:43 executing program 3: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000100)={0x0, 0x0}) capset(&(0x7f0000000180)={0x20080522, r0}, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/locks\x00', 0x0, 0x0) ioctl$FS_IOC_SETVERSION(r2, 0x40087602, &(0x7f0000000040)=0x20) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000)='wlan1\x00', 0x10) sendfile(r1, r2, 0x0, 0x6) r3 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r3, 0x0, 0x0) move_pages(0x0, 0x1, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, 0x0, 0x0) [ 1388.575452] FAULT_INJECTION: forcing a failure. [ 1388.575452] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1388.576564] CPU: 1 PID: 8011 Comm: syz-executor.0 Not tainted 5.10.224 #1 [ 1388.577175] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1388.577903] Call Trace: [ 1388.578179] dump_stack+0x107/0x167 [ 1388.578525] should_fail.cold+0x5/0xa [ 1388.578894] _copy_to_user+0x2e/0x180 [ 1388.579257] do_pages_stat+0x2b4/0x3b0 [ 1388.579642] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1388.580177] ? cpuset_mems_allowed+0x1af/0x440 [ 1388.580623] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1388.581081] ? trace_hardirqs_on+0x5b/0x180 [ 1388.581495] kernel_move_pages+0xb8f/0x11c0 [ 1388.581913] ? rcu_read_lock_any_held+0x75/0xa0 [ 1388.582366] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1388.582878] ? fput_many+0x2f/0x1a0 [ 1388.583209] ? ksys_write+0x1a9/0x260 [ 1388.583549] ? __ia32_sys_read+0xb0/0xb0 [ 1388.583908] __x64_sys_move_pages+0xdd/0x1b0 [ 1388.584298] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1388.584742] do_syscall_64+0x33/0x40 [ 1388.585068] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1388.585511] RIP: 0033:0x7f6fdcf13b19 [ 1388.585837] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1388.587408] RSP: 002b:00007f6fda489188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1388.588069] RAX: ffffffffffffffda RBX: 00007f6fdd026f60 RCX: 00007f6fdcf13b19 [ 1388.588681] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1388.589291] RBP: 00007f6fda4891d0 R08: 0000000020000000 R09: 0000000000000000 [ 1388.589904] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1388.590535] R13: 00007ffee9bd176f R14: 00007f6fda489300 R15: 0000000000022000 [ 1388.605456] FAULT_INJECTION: forcing a failure. 15:22:43 executing program 7: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000100)={0x0, 0x0}) capset(&(0x7f0000000180)={0x20080522, r0}, &(0x7f00000002c0)={0x40, 0x0, 0xfffffaf2, 0x6, 0xffffffff, 0x40}) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000)='wlan1\x00', 0x10) sendfile(r1, 0xffffffffffffffff, 0x0, 0x6) msgctl$IPC_RMID(0x0, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 16) [ 1388.605456] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1388.606711] CPU: 0 PID: 8013 Comm: syz-executor.6 Not tainted 5.10.224 #1 [ 1388.607317] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1388.608083] Call Trace: [ 1388.608350] dump_stack+0x107/0x167 [ 1388.608772] should_fail.cold+0x5/0xa [ 1388.609141] _copy_from_user+0x2e/0x1b0 [ 1388.609563] do_pages_stat+0xf1/0x3b0 [ 1388.609953] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1388.610544] ? cpuset_mems_allowed+0x1af/0x440 [ 1388.611000] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1388.611462] ? trace_hardirqs_on+0x5b/0x180 [ 1388.611923] kernel_move_pages+0xb8f/0x11c0 [ 1388.612345] ? rcu_read_lock_any_held+0x75/0xa0 [ 1388.612848] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1388.613372] ? fput_many+0x2f/0x1a0 15:22:43 executing program 5: r0 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = gettid() process_vm_readv(r2, &(0x7f0000001a40)=[{&(0x7f00000018c0)=""/31, 0x1f}, {&(0x7f0000001b40)=""/124, 0x7a}, {&(0x7f0000001980)=""/161, 0xa1}], 0x3, &(0x7f0000001ec0)=[{&(0x7f0000001a80)=""/101, 0x65}, {&(0x7f0000002240)=""/183, 0xffffffbc}, {&(0x7f0000001bc0)=""/122, 0x7a}, {&(0x7f0000001c40)=""/163, 0xa3}, {&(0x7f0000001d00)=""/231, 0xe7}, {&(0x7f0000001e00)}, {&(0x7f0000001e40)=""/9, 0x9}, {&(0x7f0000001b00)=""/46, 0x2e}], 0x8, 0x0) fcntl$setown(r0, 0x8, r2) process_vm_readv(r1, &(0x7f0000001a40)=[{&(0x7f00000018c0)=""/31, 0x1f}, {&(0x7f0000001b40)=""/124, 0x7a}, {&(0x7f0000001980)=""/161, 0xa1}], 0x3, &(0x7f0000001ec0)=[{&(0x7f0000001a80)=""/101, 0x65}, {&(0x7f0000002240)=""/183, 0xffffffbc}, {&(0x7f0000001bc0)=""/122, 0x7a}, {&(0x7f0000001c40)=""/163, 0xa3}, {&(0x7f0000001d00)=""/231, 0xe7}, {&(0x7f0000001e00)}, {&(0x7f0000001e40)=""/9, 0x9}, {&(0x7f0000001b00)=""/46, 0x2e}], 0x8, 0x0) syz_io_uring_setup(0x203, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) r5 = timerfd_create(0x0, 0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd=r5}, 0x0) r6 = syz_io_uring_setup(0x3ca0, &(0x7f0000000080), &(0x7f0000400000/0xc00000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000280)=0x0) r9 = io_uring_register$IORING_REGISTER_PERSONALITY(r6, 0x9, 0x0, 0x0) syz_io_uring_submit(r7, r8, &(0x7f0000000000)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, r9}}, 0x0) syz_io_uring_submit(0x0, r4, &(0x7f0000000000)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x1, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, r9}}, 0x5fc) [ 1388.613773] ? ksys_write+0x1a9/0x260 [ 1388.614146] ? __ia32_sys_read+0xb0/0xb0 [ 1388.614576] __x64_sys_move_pages+0xdd/0x1b0 [ 1388.614995] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1388.615465] do_syscall_64+0x33/0x40 [ 1388.615864] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1388.616635] RIP: 0033:0x7f28eb741b19 [ 1388.616991] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1388.618689] RSP: 002b:00007f28e8cb7188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1388.619368] RAX: ffffffffffffffda RBX: 00007f28eb854f60 RCX: 00007f28eb741b19 [ 1388.620044] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1388.620749] RBP: 00007f28e8cb71d0 R08: 0000000020000000 R09: 0000000000000000 [ 1388.621378] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1388.622068] R13: 00007ffd318d456f R14: 00007f28e8cb7300 R15: 0000000000022000 15:22:43 executing program 2: capget(&(0x7f0000000000), &(0x7f0000000100)={0x10001, 0x81, 0x2, 0x200, 0x6, 0x3}) syz_emit_ethernet(0x56, &(0x7f0000000080)={@random="20f9bdba2470", @remote, @void, {@canfd={0xd, {{}, 0x0, 0x0, 0x0, 0x0, "7bc74f84dbc157914cd8c864a1bea9a4d30d9eedbf84c7959dd76445502e8debf42a1f820f5fe25e762e614b3d9ae47ca38e6862065da5e5550f0dfc6eba6e8f"}}}}, 0x0) capget(&(0x7f0000000140)={0x20071026, 0xffffffffffffffff}, &(0x7f0000000400)={0x6, 0x0, 0xfffffffc, 0x7, 0x3, 0x36}) syz_emit_ethernet(0x2e, &(0x7f00000001c0)={@random="91a8bb76fa53", @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, @val={@void, {0x8100, 0x4, 0x0, 0x4}}, {@arp={0x806, @ether_ipv4={0x1, 0x800, 0x6, 0x4, 0x3, @remote, @empty, @broadcast, @empty}}}}, &(0x7f0000000200)={0x1, 0x4, [0xec4, 0x629, 0x79f, 0xe52]}) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x8401, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f00000000c0)={'ipvlan1\x00'}) ioctl$EXT4_IOC_GETSTATE(r0, 0x40046629, &(0x7f0000000180)) write$tun(r0, &(0x7f0000000440)=ANY=[@ANYBLOB="0100000000000000000063b536aa02372fb820010000000000000000000000000001fe8000000000000000000000000000aa330204011f604000ff02000000000000000000000000000106008088680000000420880b008f0000008b00031898b90b7316c28c49479edb483d745242ec48c138696b1e73311e123e007a63c373b85a5171ab3b0a9a7fa470795440f16921ee265561d6ac6e894a4d2c772dc7c10fd699ce4f1997b28e483c6f5ae573e86b85acdedeb6424f304dadc86648df95e8f2231c89e8e9467dd1347dc8401abbf08ce86e75894432ca650c7a5bb63a8dd3209f1947f84ee6b7adfc734505000800a53e0b1fdc8953bc1e12520c51f044454e0eec36469bf0f1d1f5ca980f83588bbed1cd0a80863d7b1f79e18c53cdd6d553031134d3a530602965a96232087dd9d9b1251dc6889b868c4cc756fc3fa9f2ebbb0d1677b032737823583ecaeb3ec48225aba0264fed86fc13cafc9fbd9c28e67c135b9212b32ff55768b9b14b81ed73a2756c2df3848017221f29bdbf8118d3fdf33688d437b809e9097ef7fdc225fe43611370ace604f915da07a6b9fec4a2f8d2c0a442090086dd589a01ff0006482578d3eb3275cac575c34bc48b747accd8bba88c512d494082f79d48d3a2c2171cf7c4625b2fca63b6c23fab870814ba1bccf6e708f3e589834d080088be0000000413f9ae620100000000000005080022eb000000042a03a00102000000000006bd0004f1020800655800000002c113b8cde3306379ec5600966891456759cfee888cc3160f044a8edc3bb2dd33ba0478b4e4dc198220a15ea3d5a6852aaf0e2c72a92c7f79ac3c5116a334add7272365f84dc0b1a0c279b8c55454"], 0x269) 15:22:43 executing program 1: syz_emit_ethernet(0x56, &(0x7f0000000080)={@random="20f9bdba2470", @remote, @void, {@canfd={0xd, {{}, 0x0, 0x0, 0x0, 0x0, "7bc74f84dbc157914cd8c864a1bea9a4d30d9eedbf84c7959dd76445502e8debf42a1f820f5fe25e762e614b3d9ae47ca38e6862065da5e5550f0dfc6eba6e8f"}}}}, 0x0) syz_emit_ethernet(0xcb, &(0x7f0000000180)={@empty, @empty, @void, {@llc_tr={0x11, {@llc={0xf0, 0x0, 'O', "d9b383ebec2647d5fe14355c3acba332794a2c8317921088d3473839df2317aaeb4d80ac4464d1f0040f689b94e0bd3bad33346da70bc3861c3a7dda4f9bdf6852afd5138f0223bf1ed3543c6ce3ec4340b611439a2ec6bdfd97cf462d4c8cab9b84f9deb92ba4dc9b6a25bcc01be6d60fe129885470a9795c32659e5a66011c10c8c365758110f202533271d9d2af7e6332843e781a276b79b7b9a1f4ab9a6b5b5e23d18f04065b54849ae3903ad3cc0d1f1a119d8511b9849e"}}}}}, &(0x7f0000000000)={0x1, 0x2, [0xc2f, 0x822, 0x780, 0xbc]}) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x8401, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f00000000c0)={'ipvlan1\x00'}) write$tun(r0, &(0x7f0000000100)={@void, @val={0x1, 0x4, 0x0, 0x2}, @ipv6=@dccp_packet={0x0, 0x6, "3cdefa", 0x10, 0x21, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @local, {[], {{0x0, 0x0, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "265d99", 0x0, "960cee"}}}}}, 0x42) [ 1388.655281] FAULT_INJECTION: forcing a failure. [ 1388.655281] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1388.656602] CPU: 1 PID: 8019 Comm: syz-executor.7 Not tainted 5.10.224 #1 [ 1388.657203] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1388.657923] Call Trace: [ 1388.658201] dump_stack+0x107/0x167 [ 1388.658537] should_fail.cold+0x5/0xa [ 1388.658906] _copy_to_user+0x2e/0x180 [ 1388.659260] do_pages_stat+0x2b4/0x3b0 [ 1388.659622] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1388.660132] ? cpuset_mems_allowed+0x1af/0x440 [ 1388.660546] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1388.660988] ? trace_hardirqs_on+0x5b/0x180 [ 1388.661375] kernel_move_pages+0xb8f/0x11c0 [ 1388.661778] ? rcu_read_lock_any_held+0x75/0xa0 [ 1388.662200] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1388.662721] ? fput_many+0x2f/0x1a0 [ 1388.663054] ? ksys_write+0x1a9/0x260 [ 1388.663397] ? __ia32_sys_read+0xb0/0xb0 [ 1388.663780] __x64_sys_move_pages+0xdd/0x1b0 [ 1388.664175] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1388.664642] do_syscall_64+0x33/0x40 [ 1388.664988] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1388.665447] RIP: 0033:0x7f8be6d86b19 [ 1388.665799] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1388.667382] RSP: 002b:00007f8be42fc188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1388.668043] RAX: ffffffffffffffda RBX: 00007f8be6e99f60 RCX: 00007f8be6d86b19 [ 1388.668660] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1388.669272] RBP: 00007f8be42fc1d0 R08: 0000000020000000 R09: 0000000000000000 [ 1388.669883] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1388.670514] R13: 00007ffd26b6f95f R14: 00007f8be42fc300 R15: 0000000000022000 [ 1402.967621] FAULT_INJECTION: forcing a failure. [ 1402.967621] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1402.969045] CPU: 1 PID: 8043 Comm: syz-executor.7 Not tainted 5.10.224 #1 [ 1402.969758] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1402.970638] Call Trace: [ 1402.970903] dump_stack+0x107/0x167 [ 1402.971255] should_fail.cold+0x5/0xa [ 1402.971687] _copy_from_user+0x2e/0x1b0 [ 1402.972076] do_pages_stat+0xf1/0x3b0 [ 1402.972454] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1402.973077] ? cpuset_mems_allowed+0x1af/0x440 [ 1402.973586] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1402.974077] ? trace_hardirqs_on+0x5b/0x180 [ 1402.974561] kernel_move_pages+0xb8f/0x11c0 [ 1402.974996] ? rcu_read_lock_any_held+0x75/0xa0 [ 1402.975434] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1402.976032] ? fput_many+0x2f/0x1a0 [ 1402.976397] ? ksys_write+0x1a9/0x260 [ 1402.976800] ? __ia32_sys_read+0xb0/0xb0 [ 1402.977190] __x64_sys_move_pages+0xdd/0x1b0 [ 1402.977658] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1402.978142] do_syscall_64+0x33/0x40 [ 1402.978582] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1402.979070] RIP: 0033:0x7f8be6d86b19 [ 1402.979422] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1402.981236] RSP: 002b:00007f8be42fc188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1402.981995] RAX: ffffffffffffffda RBX: 00007f8be6e99f60 RCX: 00007f8be6d86b19 [ 1402.982755] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1402.983431] RBP: 00007f8be42fc1d0 R08: 0000000020000000 R09: 0000000000000000 [ 1402.984195] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1402.984946] R13: 00007ffd26b6f95f R14: 00007f8be42fc300 R15: 0000000000022000 15:22:57 executing program 6: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 74) 15:22:57 executing program 3: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000100)={0x0, 0x0}) capset(&(0x7f0000000180)={0x20080522, r0}, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/locks\x00', 0x0, 0x0) ioctl$FS_IOC_SETVERSION(r2, 0x40087602, &(0x7f0000000040)=0x20) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000)='wlan1\x00', 0x10) sendfile(r1, r2, 0x0, 0x6) r3 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r3, 0x0, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 1) 15:22:57 executing program 0: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) setsockopt$packet_rx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0) msgget(0x1, 0x0) ioctl$EXT4_IOC_PRECACHE_EXTENTS(0xffffffffffffffff, 0x6612) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 73) 15:22:57 executing program 4: perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) msgget(0x1, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 65) 15:22:57 executing program 5: perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = gettid() process_vm_readv(r0, &(0x7f0000001a40)=[{&(0x7f00000018c0)=""/31, 0x1f}, {&(0x7f0000001b40)=""/124, 0x7a}, {&(0x7f0000001980)=""/161, 0xa1}], 0x3, &(0x7f0000001ec0)=[{&(0x7f0000001a80)=""/101, 0x65}, {&(0x7f0000002240)=""/183, 0xffffffbc}, {&(0x7f0000001bc0)=""/122, 0x7a}, {&(0x7f0000001c40)=""/163, 0xa3}, {&(0x7f0000001d00)=""/231, 0xe7}, {&(0x7f0000001e00)}, {&(0x7f0000001e40)=""/9, 0x9}, {&(0x7f0000001b00)=""/46, 0x2e}], 0x8, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x105142, 0x0) lseek(r1, 0x0, 0x2) r2 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x4000, 0x128) copy_file_range(r2, 0x0, r1, 0x0, 0x200f5ef, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x2400, 0x1) 15:22:57 executing program 7: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000100)={0x0, 0x0}) capset(&(0x7f0000000180)={0x20080522, r0}, &(0x7f00000002c0)={0x40, 0x0, 0xfffffaf2, 0x6, 0xffffffff, 0x40}) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000)='wlan1\x00', 0x10) sendfile(r1, 0xffffffffffffffff, 0x0, 0x6) msgctl$IPC_RMID(0x0, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 17) 15:22:57 executing program 1: syz_emit_ethernet(0x56, &(0x7f0000000080)={@random="20f9bdba2470", @remote, @void, {@canfd={0xd, {{}, 0x0, 0x0, 0x0, 0x0, "7bc74f84dbc157914cd8c864a1bea9a4d30d9eedbf84c7959dd76445502e8debf42a1f820f5fe25e762e614b3d9ae47ca38e6862065da5e5550f0dfc6eba6e8f"}}}}, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x8401, 0x0) syz_emit_ethernet(0x56, &(0x7f0000000180)={@random="c0316353258f", @local, @void, {@canfd={0xd, {{}, 0x13, 0x8350d02c6b1ca40b, 0x0, 0x0, "f21dac9d4b9b04090e68bc3ddc9cc2e078ebb045366bcf222aaf2068077694aeed41bda9ca8d9f35a56a55b032f78343588ab22edf6dfc19f9c37fefd5f001df"}}}}, &(0x7f0000000000)={0x0, 0x3, [0x809, 0x320, 0x835, 0xa6e]}) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f00000000c0)={'ipvlan1\x00'}) write$tun(r0, &(0x7f0000000100)={@void, @val={0x1, 0x4, 0x0, 0x2}, @ipv6=@dccp_packet={0x0, 0x6, "3cdefa", 0x10, 0x21, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @local, {[], {{0x0, 0x0, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "265d99", 0x0, "960cee"}}}}}, 0x42) 15:22:57 executing program 2: syz_emit_ethernet(0x56, &(0x7f0000000080)={@random="20f9bdba2470", @remote, @void, {@canfd={0xd, {{}, 0x0, 0x0, 0x0, 0x0, "7bc74f84dbc157914cd8c864a1bea9a4d30d9eedbf84c7959dd76445502e8debf42a1f820f5fe25e762e614b3d9ae47ca38e6862065da5e5550f0dfc6eba6e8f"}}}}, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x8401, 0x0) flock(r0, 0xc) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f00000000c0)={'ipvlan1\x00'}) write$tun(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="01000000000000000000603cdefa00102100fe880000000000000000000000000001fe1245bb0000000000000000000000aa00"/66], 0x42) socket$inet(0x2, 0x2, 0x3) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f0000000180)={'\x00', 0x8, 0x650000, 0x34, 0xffff, 0xf1b9, 0xffffffffffffffff}) [ 1403.007966] FAULT_INJECTION: forcing a failure. [ 1403.007966] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1403.010984] CPU: 0 PID: 8046 Comm: syz-executor.6 Not tainted 5.10.224 #1 [ 1403.012612] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1403.014624] Call Trace: [ 1403.015266] dump_stack+0x107/0x167 [ 1403.016126] should_fail.cold+0x5/0xa [ 1403.017041] _copy_to_user+0x2e/0x180 [ 1403.017962] do_pages_stat+0x2b4/0x3b0 [ 1403.018910] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1403.020285] ? cpuset_mems_allowed+0x1af/0x440 [ 1403.021379] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1403.022607] ? trace_hardirqs_on+0x5b/0x180 [ 1403.023641] kernel_move_pages+0xb8f/0x11c0 [ 1403.024675] ? rcu_read_lock_any_held+0x75/0xa0 [ 1403.025781] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1403.027190] ? fput_many+0x2f/0x1a0 [ 1403.028058] ? ksys_write+0x1a9/0x260 [ 1403.028964] ? __ia32_sys_read+0xb0/0xb0 [ 1403.029934] __x64_sys_move_pages+0xdd/0x1b0 [ 1403.030989] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1403.032212] do_syscall_64+0x33/0x40 [ 1403.033093] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1403.034336] RIP: 0033:0x7f28eb741b19 [ 1403.035215] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1403.039600] RSP: 002b:00007f28e8cb7188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1403.041410] RAX: ffffffffffffffda RBX: 00007f28eb854f60 RCX: 00007f28eb741b19 [ 1403.043069] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1403.044666] RBP: 00007f28e8cb71d0 R08: 0000000020000000 R09: 0000000000000000 [ 1403.046289] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1403.047894] R13: 00007ffd318d456f R14: 00007f28e8cb7300 R15: 0000000000022000 [ 1403.052124] FAULT_INJECTION: forcing a failure. [ 1403.052124] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1403.055093] CPU: 1 PID: 8045 Comm: syz-executor.0 Not tainted 5.10.224 #1 [ 1403.056658] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1403.058585] Call Trace: [ 1403.059184] dump_stack+0x107/0x167 [ 1403.060028] should_fail.cold+0x5/0xa [ 1403.060916] _copy_from_user+0x2e/0x1b0 [ 1403.061838] do_pages_stat+0xf1/0x3b0 [ 1403.062749] ? trace_raw_output_mm_migrate_pages+0x290/0x290 15:22:57 executing program 5: ioctl$BLKDISCARD(0xffffffffffffffff, 0x1277, &(0x7f0000000100)=0x2) r0 = gettid() process_vm_readv(r0, &(0x7f0000001a40)=[{&(0x7f00000018c0)=""/31, 0x1f}, {&(0x7f0000001b40)=""/124, 0x7a}, {&(0x7f0000001980)=""/161, 0xa1}], 0x3, &(0x7f0000001ec0)=[{&(0x7f0000001a80)=""/101, 0x65}, {&(0x7f0000002240)=""/183, 0xffffffbc}, {&(0x7f0000001bc0)=""/122, 0x7a}, {&(0x7f0000001c40)=""/163, 0xa3}, {&(0x7f0000001d00)=""/231, 0xe7}, {&(0x7f0000001e00)}, {&(0x7f0000001e40)=""/9, 0x9}, {&(0x7f0000001b00)=""/46, 0x2e}], 0x8, 0x0) r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x1f}, r0, 0x0, 0xffffffffffffffff, 0x0) r2 = gettid() process_vm_readv(r2, &(0x7f0000001a40)=[{&(0x7f00000018c0)=""/31, 0x1f}, {&(0x7f0000001b40)=""/124, 0x7a}, {&(0x7f0000001980)=""/161, 0xa1}], 0x3, &(0x7f0000001ec0)=[{&(0x7f0000001a80)=""/101, 0x65}, {&(0x7f0000002240)=""/183, 0xffffffbc}, {&(0x7f0000001bc0)=""/122, 0x7a}, {&(0x7f0000001c40)=""/163, 0xa3}, {&(0x7f0000001d00)=""/231, 0xe7}, {&(0x7f0000001e00)}, {&(0x7f0000001e40)=""/9, 0x9}, {&(0x7f0000001b00)=""/46, 0x2e}], 0x8, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x202002, 0x42) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0xa, 0x13, r3, 0x0) syz_io_uring_complete(r4) r5 = mmap$IORING_OFF_SQES(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x4, 0x2010, 0xffffffffffffffff, 0x10000000) syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x1, 0x0, @fd=r1, 0xd3, 0x0, 0x3a499c8e, 0x1}, 0x8) syz_io_uring_setup(0x5915, &(0x7f0000000140)={0x0, 0x2a16, 0x1, 0x2, 0x1ea}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f00000001c0), &(0x7f0000000200)) [ 1403.064072] ? cpuset_mems_allowed+0x1af/0x440 [ 1403.065115] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1403.065642] ? trace_hardirqs_on+0x5b/0x180 [ 1403.066078] kernel_move_pages+0xb8f/0x11c0 [ 1403.066515] ? rcu_read_lock_any_held+0x75/0xa0 [ 1403.067633] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1403.068972] ? fput_many+0x2f/0x1a0 [ 1403.069816] ? ksys_write+0x1a9/0x260 [ 1403.070707] ? __ia32_sys_read+0xb0/0xb0 [ 1403.071637] __x64_sys_move_pages+0xdd/0x1b0 [ 1403.072654] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1403.073818] do_syscall_64+0x33/0x40 [ 1403.074683] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1403.075851] RIP: 0033:0x7f6fdcf13b19 [ 1403.076705] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1403.080927] RSP: 002b:00007f6fda489188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1403.082717] RAX: ffffffffffffffda RBX: 00007f6fdd026f60 RCX: 00007f6fdcf13b19 [ 1403.084325] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1403.085968] RBP: 00007f6fda4891d0 R08: 0000000020000000 R09: 0000000000000000 [ 1403.087583] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1403.089211] R13: 00007ffee9bd176f R14: 00007f6fda489300 R15: 0000000000022000 [ 1403.095471] FAULT_INJECTION: forcing a failure. [ 1403.095471] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1403.096834] CPU: 0 PID: 8047 Comm: syz-executor.4 Not tainted 5.10.224 #1 [ 1403.097550] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1403.098380] Call Trace: [ 1403.098668] dump_stack+0x107/0x167 [ 1403.099062] should_fail.cold+0x5/0xa [ 1403.099450] _copy_from_user+0x2e/0x1b0 [ 1403.099863] do_pages_stat+0xf1/0x3b0 [ 1403.100264] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1403.100852] ? cpuset_mems_allowed+0x1af/0x440 [ 1403.101336] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1403.101844] ? trace_hardirqs_on+0x5b/0x180 [ 1403.102297] kernel_move_pages+0xb8f/0x11c0 [ 1403.102750] ? rcu_read_lock_any_held+0x75/0xa0 [ 1403.103233] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1403.103821] ? fput_many+0x2f/0x1a0 [ 1403.104214] ? ksys_write+0x1a9/0x260 [ 1403.104614] ? __ia32_sys_read+0xb0/0xb0 [ 1403.105057] __x64_sys_move_pages+0xdd/0x1b0 [ 1403.105515] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1403.106041] do_syscall_64+0x33/0x40 [ 1403.106450] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1403.106972] RIP: 0033:0x7f1c0ae11b19 [ 1403.107353] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1403.108999] RSP: 002b:00007f1c08387188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1403.109757] RAX: ffffffffffffffda RBX: 00007f1c0af24f60 RCX: 00007f1c0ae11b19 [ 1403.110432] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1403.111079] RBP: 00007f1c083871d0 R08: 0000000020000000 R09: 0000000000000000 [ 1403.111785] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1403.112438] R13: 00007ffd2ddfd2cf R14: 00007f1c08387300 R15: 0000000000022000 [ 1403.128581] FAULT_INJECTION: forcing a failure. [ 1403.128581] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1403.131293] CPU: 1 PID: 8048 Comm: syz-executor.3 Not tainted 5.10.224 #1 [ 1403.132832] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1403.134745] Call Trace: [ 1403.135374] dump_stack+0x107/0x167 [ 1403.136213] should_fail.cold+0x5/0xa [ 1403.137112] _copy_from_user+0x2e/0x1b0 [ 1403.138052] do_pages_stat+0xf1/0x3b0 [ 1403.138975] ? __lockdep_reset_lock+0x180/0x180 15:22:57 executing program 6: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 75) [ 1403.140062] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1403.151739] ? find_held_lock+0x2c/0x110 [ 1403.152660] ? cpuset_mems_allowed+0x1af/0x440 [ 1403.153679] ? lock_downgrade+0x6d0/0x6d0 [ 1403.154621] ? lock_downgrade+0x6d0/0x6d0 [ 1403.155661] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1403.156957] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1403.158242] ? trace_hardirqs_on+0x5b/0x180 [ 1403.159342] kernel_move_pages+0xb8f/0x11c0 [ 1403.160400] ? rcu_read_lock_any_held+0x75/0xa0 [ 1403.162567] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1403.164139] ? fput_many+0x2f/0x1a0 [ 1403.164890] FAULT_INJECTION: forcing a failure. [ 1403.164890] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1403.165141] ? ksys_write+0x1a9/0x260 [ 1403.165160] ? __ia32_sys_read+0xb0/0xb0 [ 1403.169809] __x64_sys_move_pages+0xdd/0x1b0 [ 1403.170971] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1403.172147] do_syscall_64+0x33/0x40 [ 1403.172991] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1403.174142] RIP: 0033:0x7f1e88ae8b19 [ 1403.174994] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1403.179186] RSP: 002b:00007f1e8605e188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1403.180887] RAX: ffffffffffffffda RBX: 00007f1e88bfbf60 RCX: 00007f1e88ae8b19 [ 1403.182515] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1403.184135] RBP: 00007f1e8605e1d0 R08: 0000000020000000 R09: 0000000000000000 [ 1403.185748] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1403.187341] R13: 00007ffda65e58df R14: 00007f1e8605e300 R15: 0000000000022000 [ 1403.188931] CPU: 0 PID: 8057 Comm: syz-executor.6 Not tainted 5.10.224 #1 [ 1403.190246] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1403.191070] Call Trace: [ 1403.191366] dump_stack+0x107/0x167 [ 1403.191739] should_fail.cold+0x5/0xa [ 1403.192131] _copy_from_user+0x2e/0x1b0 [ 1403.192554] do_pages_stat+0xf1/0x3b0 [ 1403.192945] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1403.193528] ? cpuset_mems_allowed+0x1af/0x440 [ 1403.193997] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1403.194469] ? trace_hardirqs_on+0x5b/0x180 [ 1403.194841] kernel_move_pages+0xb8f/0x11c0 [ 1403.195215] ? rcu_read_lock_any_held+0x75/0xa0 [ 1403.195618] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1403.196108] ? fput_many+0x2f/0x1a0 [ 1403.196419] ? ksys_write+0x1a9/0x260 [ 1403.196753] ? __ia32_sys_read+0xb0/0xb0 [ 1403.197100] __x64_sys_move_pages+0xdd/0x1b0 [ 1403.197474] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1403.197916] do_syscall_64+0x33/0x40 [ 1403.198256] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1403.198916] RIP: 0033:0x7f28eb741b19 [ 1403.199302] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1403.201221] RSP: 002b:00007f28e8cb7188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1403.202020] RAX: ffffffffffffffda RBX: 00007f28eb854f60 RCX: 00007f28eb741b19 [ 1403.202733] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1403.203491] RBP: 00007f28e8cb71d0 R08: 0000000020000000 R09: 0000000000000000 [ 1403.204243] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1403.204983] R13: 00007ffd318d456f R14: 00007f28e8cb7300 R15: 0000000000022000 15:22:57 executing program 7: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000100)={0x0, 0x0}) capset(&(0x7f0000000180)={0x20080522, r0}, &(0x7f00000002c0)={0x40, 0x0, 0xfffffaf2, 0x6, 0xffffffff, 0x40}) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000)='wlan1\x00', 0x10) sendfile(r1, 0xffffffffffffffff, 0x0, 0x6) msgctl$IPC_RMID(0x0, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 18) [ 1403.296945] FAULT_INJECTION: forcing a failure. [ 1403.296945] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1403.299833] CPU: 1 PID: 8064 Comm: syz-executor.7 Not tainted 5.10.224 #1 [ 1403.301026] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1403.302572] Call Trace: [ 1403.303033] dump_stack+0x107/0x167 [ 1403.303659] should_fail.cold+0x5/0xa [ 1403.304324] _copy_to_user+0x2e/0x180 [ 1403.304985] do_pages_stat+0x2b4/0x3b0 [ 1403.305662] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1403.306820] ? trace_hardirqs_on+0x5b/0x180 [ 1403.307577] ? _raw_spin_unlock_irqrestore+0x25/0x40 [ 1403.308464] kernel_move_pages+0xb8f/0x11c0 [ 1403.309219] ? rcu_read_lock_any_held+0x75/0xa0 [ 1403.310066] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1403.310654] ? fput_many+0x2f/0x1a0 [ 1403.311033] ? ksys_write+0x1a9/0x260 [ 1403.311410] ? __ia32_sys_read+0xb0/0xb0 [ 1403.311824] __x64_sys_move_pages+0xdd/0x1b0 [ 1403.312260] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1403.312775] do_syscall_64+0x33/0x40 [ 1403.313146] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1403.313652] RIP: 0033:0x7f8be6d86b19 [ 1403.314027] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1403.315886] RSP: 002b:00007f8be42fc188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1403.316650] RAX: ffffffffffffffda RBX: 00007f8be6e99f60 RCX: 00007f8be6d86b19 [ 1403.317370] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1403.318135] RBP: 00007f8be42fc1d0 R08: 0000000020000000 R09: 0000000000000000 [ 1403.318838] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1403.319528] R13: 00007ffd26b6f95f R14: 00007f8be42fc300 R15: 0000000000022000 [ 1403.348041] FAULT_INJECTION: forcing a failure. [ 1403.348041] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1403.350887] CPU: 1 PID: 8067 Comm: syz-executor.6 Not tainted 5.10.224 #1 [ 1403.352430] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1403.354297] Call Trace: [ 1403.354885] dump_stack+0x107/0x167 [ 1403.355705] should_fail.cold+0x5/0xa [ 1403.356571] _copy_to_user+0x2e/0x180 [ 1403.357434] do_pages_stat+0x2b4/0x3b0 [ 1403.358333] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1403.359638] ? cpuset_mems_allowed+0x1af/0x440 [ 1403.360672] ? _raw_spin_unlock_irqrestore+0x38/0x40 15:22:57 executing program 6: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 76) 15:22:57 executing program 0: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) setsockopt$packet_rx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0) msgget(0x1, 0x0) ioctl$EXT4_IOC_PRECACHE_EXTENTS(0xffffffffffffffff, 0x6612) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 74) 15:22:57 executing program 1: fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) syz_emit_ethernet(0x56, &(0x7f00000001c0)=ANY=[@ANYBLOB="20f9bdba2470aaaaaaaaaabb1c317fa50000000000007bc74f84dbc157914cd8c864a1bea9a4d30d9eedbf84c7959dd76445502e8debf42a1f820f5fe25e762e614b3d9ae47ca38e6862f3a25953c567b269065da5e5550f0dfc6eba6e8fa78ef9bbd31eabe1344fcfe0ab293776732e812012b61512821359df681e8281135017d46ef45c8adba27dcd42b6ffdd305aa8be7cee4fc9fb95c823af9fed345a7083e43ccff9d6b99969ca24273fc53b4859cb8759b14c90e925169116def0f03d791973688fa33f000000000000006052ec4691bfd9ca07e2a2bee6cc3dfbd7dcea7e979c96ff527fa0d0ad5c8f24af3e1965eeeec90c99a63c64256e4545d7a4612cbfdfe4641f9a"], 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x8401, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f00000000c0)={'ipvlan1\x00'}) write$tun(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="01488c00020000000000603cdefa00102100fe880000000000000000000000000001fe8000000000000000000000000000aa000000000401907800265d9900960cee"], 0x42) 15:22:57 executing program 4: perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) msgget(0x1, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 66) [ 1403.361808] ? trace_hardirqs_on+0x5b/0x180 [ 1403.363189] kernel_move_pages+0xb8f/0x11c0 [ 1403.364167] ? rcu_read_lock_any_held+0x75/0xa0 [ 1403.365210] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1403.366523] ? fput_many+0x2f/0x1a0 [ 1403.367348] ? ksys_write+0x1a9/0x260 [ 1403.368205] ? __ia32_sys_read+0xb0/0xb0 [ 1403.369116] __x64_sys_move_pages+0xdd/0x1b0 [ 1403.370100] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1403.371131] FAULT_INJECTION: forcing a failure. [ 1403.371131] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1403.371268] do_syscall_64+0x33/0x40 [ 1403.373244] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1403.374410] RIP: 0033:0x7f28eb741b19 [ 1403.375246] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1403.379398] RSP: 002b:00007f28e8cb7188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1403.381094] RAX: ffffffffffffffda RBX: 00007f28eb854f60 RCX: 00007f28eb741b19 [ 1403.386374] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1403.387984] RBP: 00007f28e8cb71d0 R08: 0000000020000000 R09: 0000000000000000 [ 1403.389581] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1403.391418] R13: 00007ffd318d456f R14: 00007f28e8cb7300 R15: 0000000000022000 [ 1403.393180] CPU: 0 PID: 8071 Comm: syz-executor.0 Not tainted 5.10.224 #1 [ 1403.394256] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1403.396119] Call Trace: [ 1403.396727] dump_stack+0x107/0x167 [ 1403.397549] should_fail.cold+0x5/0xa [ 1403.398428] _copy_to_user+0x2e/0x180 [ 1403.399280] do_pages_stat+0x2b4/0x3b0 [ 1403.399592] FAULT_INJECTION: forcing a failure. [ 1403.399592] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1403.400158] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1403.400182] ? cpuset_mems_allowed+0x1af/0x440 [ 1403.404236] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1403.405381] ? trace_hardirqs_on+0x5b/0x180 [ 1403.406379] kernel_move_pages+0xb8f/0x11c0 [ 1403.407364] ? rcu_read_lock_any_held+0x75/0xa0 [ 1403.408421] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1403.409737] ? fput_many+0x2f/0x1a0 [ 1403.410579] ? ksys_write+0x1a9/0x260 [ 1403.411446] ? __ia32_sys_read+0xb0/0xb0 [ 1403.412379] __x64_sys_move_pages+0xdd/0x1b0 [ 1403.413373] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1403.414556] do_syscall_64+0x33/0x40 [ 1403.415405] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1403.416563] RIP: 0033:0x7f6fdcf13b19 [ 1403.417410] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1403.421656] RSP: 002b:00007f6fda489188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1403.423404] RAX: ffffffffffffffda RBX: 00007f6fdd026f60 RCX: 00007f6fdcf13b19 [ 1403.425058] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1403.430445] RBP: 00007f6fda4891d0 R08: 0000000020000000 R09: 0000000000000000 [ 1403.431055] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1403.431659] R13: 00007ffee9bd176f R14: 00007f6fda489300 R15: 0000000000022000 [ 1403.432290] CPU: 1 PID: 8074 Comm: syz-executor.4 Not tainted 5.10.224 #1 [ 1403.432873] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1403.433566] Call Trace: [ 1403.433793] dump_stack+0x107/0x167 [ 1403.434102] should_fail.cold+0x5/0xa [ 1403.434440] _copy_to_user+0x2e/0x180 [ 1403.434765] do_pages_stat+0x2b4/0x3b0 [ 1403.435102] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1403.435598] ? cpuset_mems_allowed+0x1af/0x440 [ 1403.435992] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1403.436419] ? trace_hardirqs_on+0x5b/0x180 [ 1403.436791] kernel_move_pages+0xb8f/0x11c0 [ 1403.437171] ? rcu_read_lock_any_held+0x75/0xa0 [ 1403.437579] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1403.438068] ? fput_many+0x2f/0x1a0 [ 1403.438391] ? ksys_write+0x1a9/0x260 [ 1403.438720] ? __ia32_sys_read+0xb0/0xb0 [ 1403.439067] __x64_sys_move_pages+0xdd/0x1b0 [ 1403.439440] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1403.439874] do_syscall_64+0x33/0x40 [ 1403.440190] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1403.440620] RIP: 0033:0x7f1c0ae11b19 [ 1403.440940] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1403.442473] RSP: 002b:00007f1c08387188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1403.443116] RAX: ffffffffffffffda RBX: 00007f1c0af24f60 RCX: 00007f1c0ae11b19 [ 1403.443712] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1403.444318] RBP: 00007f1c083871d0 R08: 0000000020000000 R09: 0000000000000000 [ 1403.444916] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1403.445509] R13: 00007ffd2ddfd2cf R14: 00007f1c08387300 R15: 0000000000022000 15:22:57 executing program 3: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000100)={0x0, 0x0}) capset(&(0x7f0000000180)={0x20080522, r0}, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/locks\x00', 0x0, 0x0) ioctl$FS_IOC_SETVERSION(r2, 0x40087602, &(0x7f0000000040)=0x20) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000)='wlan1\x00', 0x10) sendfile(r1, r2, 0x0, 0x6) r3 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r3, 0x0, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 2) 15:22:57 executing program 2: syz_emit_ethernet(0x56, &(0x7f0000000080)={@random="20f9bdba2470", @remote, @void, {@canfd={0xd, {{}, 0x0, 0x0, 0x0, 0x0, "7bc74f84dbc157914cd8c864a1bea9a4d30d9eedbf84c7959dd76445502e8debf42a1f820f5fe25e762e614b3d9ae47ca38e6862065da5e5550f0dfc6eba6e8f"}}}}, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x8401, 0x0) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl$sock_SIOCETHTOOL(r2, 0x8946, &(0x7f0000000240)={'syz_tun\x00', &(0x7f0000000200)=@ethtool_cmd={0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000}}) dup(r2) ioctl$sock_SIOCETHTOOL(r1, 0x8946, &(0x7f0000000240)={'syz_tun\x00', &(0x7f0000000200)=@ethtool_cmd={0x29, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000}}) ioctl$FS_IOC_GETVERSION(r1, 0x80087601, &(0x7f0000000000)) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f00000000c0)={'ipvlan1\x00'}) write$tun(r0, &(0x7f0000000280)=ANY=[@ANYBLOB="01001c000000000000f95f3cdefa00102100fe880400000000000000000000000001fe8000000086000000000000000000aa000000000401907800265d9900960ceeaa1702be09c216c3920b0747ef2cbf6f378dfa2baf300a3395a8f7911b948031266728cc4a8c703eb79637e904484ad2e16068123d5af46961ee5ecb9ccfa5a83ba910a784387425d11980d7a0fbabf0ccede9f9c9b47259538c38ea4f236e390412fa30f2d4c5392de4fd853851e861670dd44bfe8050f10b0c38e69bf5f15ce01b0000"], 0x42) 15:22:58 executing program 1: syz_emit_ethernet(0x56, &(0x7f0000000080)={@random="20f9bdba2470", @remote, @void, {@canfd={0xd, {{}, 0x80, 0x0, 0x0, 0x0, "7bc74f84dbc157914cd8c864a1bea9a4d30d9eedbf84c7959dd76445502e8debf42a1f820f5fe25e762e614b3d9ae47ca38e6862065da5e5550f0dfc6eba6e8f"}}}}, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x8401, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f00000000c0)={'ipvlan1\x00'}) syz_extract_tcp_res$synack(&(0x7f0000000000), 0x1, 0x0) write$tun(r0, &(0x7f0000000100)={@void, @val={0x1, 0x4, 0x0, 0x2}, @ipv6=@dccp_packet={0x0, 0x6, "3cdefa", 0x10, 0x21, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @local, {[], {{0x0, 0x0, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "265d99", 0x0, "960cee"}}}}}, 0x42) 15:22:58 executing program 7: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000100)={0x0, 0x0}) capset(&(0x7f0000000180)={0x20080522, r0}, &(0x7f00000002c0)={0x40, 0x0, 0xfffffaf2, 0x6, 0xffffffff, 0x40}) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000)='wlan1\x00', 0x10) sendfile(r1, 0xffffffffffffffff, 0x0, 0x6) msgctl$IPC_RMID(0x0, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 19) [ 1403.501215] FAULT_INJECTION: forcing a failure. [ 1403.501215] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1403.502325] CPU: 0 PID: 8079 Comm: syz-executor.3 Not tainted 5.10.224 #1 [ 1403.502948] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1403.503853] Call Trace: [ 1403.504143] dump_stack+0x107/0x167 [ 1403.504552] should_fail.cold+0x5/0xa [ 1403.504977] _copy_to_user+0x2e/0x180 [ 1403.505398] do_pages_stat+0x2b4/0x3b0 [ 1403.505844] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1403.506444] ? cpuset_mems_allowed+0x1af/0x440 [ 1403.506852] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1403.507273] ? trace_hardirqs_on+0x5b/0x180 [ 1403.507661] kernel_move_pages+0xb8f/0x11c0 [ 1403.508042] ? rcu_read_lock_any_held+0x75/0xa0 [ 1403.508435] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1403.508937] ? fput_many+0x2f/0x1a0 [ 1403.509256] ? ksys_write+0x1a9/0x260 [ 1403.509577] ? __ia32_sys_read+0xb0/0xb0 [ 1403.509939] __x64_sys_move_pages+0xdd/0x1b0 [ 1403.510326] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1403.510862] do_syscall_64+0x33/0x40 [ 1403.511259] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1403.511814] RIP: 0033:0x7f1e88ae8b19 [ 1403.512206] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1403.514144] RSP: 002b:00007f1e8605e188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1403.514918] RAX: ffffffffffffffda RBX: 00007f1e88bfbf60 RCX: 00007f1e88ae8b19 [ 1403.515661] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1403.516397] RBP: 00007f1e8605e1d0 R08: 0000000020000000 R09: 0000000000000000 [ 1403.517131] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1403.517853] R13: 00007ffda65e58df R14: 00007f1e8605e300 R15: 0000000000022000 15:22:58 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x105142, 0x0) lseek(r0, 0x0, 0x2) r1 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x4000, 0x128) copy_file_range(r1, 0x0, r0, 0x0, 0x200f5ef, 0x0) r2 = perf_event_open(&(0x7f0000000040)={0x4, 0xffffff42, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x8321, 0x80, 0x0, 0x1}, 0x0, 0x0, r0, 0x0) r3 = syz_open_dev$vcsa(&(0x7f0000000100), 0x7655, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0), 0x1884028, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@aname={'aname', 0x3d, ',-'}}, {@access_user}, {}, {@aname={'aname', 0x3d, '\xdc+}\x04%\\\'}'}}, {@cache_mmap}], [{@fsmagic={'fsmagic', 0x3d, 0x3ff}}]}}) r4 = gettid() process_vm_readv(r4, &(0x7f0000001a40)=[{&(0x7f00000018c0)=""/31, 0x1f}, {&(0x7f0000001b40)=""/124, 0x7a}, {&(0x7f0000001980)=""/161, 0xa1}], 0x3, &(0x7f0000001ec0)=[{&(0x7f0000001a80)=""/101, 0x65}, {&(0x7f0000002240)=""/183, 0xffffffbc}, {&(0x7f0000001bc0)=""/122, 0x7a}, {&(0x7f0000001c40)=""/163, 0xa3}, {&(0x7f0000001d00)=""/231, 0xe7}, {&(0x7f0000001e00)}, {&(0x7f0000001e40)=""/9, 0x9}, {&(0x7f0000001b00)=""/46, 0x2e}], 0x8, 0x0) [ 1403.549344] FAULT_INJECTION: forcing a failure. [ 1403.549344] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1403.551306] CPU: 1 PID: 8086 Comm: syz-executor.7 Not tainted 5.10.224 #1 [ 1403.552526] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1403.554002] Call Trace: [ 1403.554531] dump_stack+0x107/0x167 [ 1403.555163] should_fail.cold+0x5/0xa [ 1403.555833] _copy_from_user+0x2e/0x1b0 [ 1403.556528] do_pages_stat+0xf1/0x3b0 15:22:58 executing program 3: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000100)={0x0, 0x0}) capset(&(0x7f0000000180)={0x20080522, r0}, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/locks\x00', 0x0, 0x0) ioctl$FS_IOC_SETVERSION(r2, 0x40087602, &(0x7f0000000040)=0x20) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000)='wlan1\x00', 0x10) sendfile(r1, r2, 0x0, 0x6) r3 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r3, 0x0, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 3) [ 1403.557279] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1403.558462] ? cpuset_mems_allowed+0x1af/0x440 [ 1403.559274] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1403.560155] ? trace_hardirqs_on+0x5b/0x180 [ 1403.560913] kernel_move_pages+0xb8f/0x11c0 [ 1403.561674] ? rcu_read_lock_any_held+0x75/0xa0 [ 1403.562544] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1403.563539] ? fput_many+0x2f/0x1a0 [ 1403.564167] ? ksys_write+0x1a9/0x260 [ 1403.564815] ? __ia32_sys_read+0xb0/0xb0 [ 1403.565509] __x64_sys_move_pages+0xdd/0x1b0 [ 1403.566284] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1403.567390] do_syscall_64+0x33/0x40 [ 1403.568040] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1403.568929] RIP: 0033:0x7f8be6d86b19 [ 1403.569570] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1403.571478] RSP: 002b:00007f8be42fc188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1403.572187] RAX: ffffffffffffffda RBX: 00007f8be6e99f60 RCX: 00007f8be6d86b19 [ 1403.572889] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1403.573577] RBP: 00007f8be42fc1d0 R08: 0000000020000000 R09: 0000000000000000 [ 1403.574279] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1403.574981] R13: 00007ffd26b6f95f R14: 00007f8be42fc300 R15: 0000000000022000 15:22:58 executing program 2: syz_emit_ethernet(0x56, &(0x7f0000000080)={@random="20f9bdba2470", @remote, @void, {@canfd={0xd, {{}, 0x0, 0x0, 0x0, 0x0, "7bc74f84dbc157914cd8c864a1bea9a4d30d9eedbf84c7959dd76445502e8debf42a1f820f5fe25e762e614b3d9ae47ca38e6862065da5e5550f0dfc6eba6e8f"}}}}, 0x0) write$tun(0xffffffffffffffff, &(0x7f0000008180)={@void, @val={0x0, 0x1, 0x6, 0x3, 0x1, 0x1}, @eth={@random="102ef7eb40f9", @local, @void, {@generic={0x8, "4532af6c4051e8d0439196d8793129e8ea5d68f33ccf3084614d53b335464c2cf8251ca43806634370e64fe0e091198e79285279acb3ce9d5bdb62b5fec5180b9c5b9502b2568eae068afa5466bb0c68e533bc6eaba4c27f5cf4b4d6bbf851afc8f6c8158854e04ed2ce8694043fe80dd0ef9e73da875ad3152dda2aa6ee74f87928f41301933882ec196060437730b3c3039149f5de1d8f8d33a56a25f4f9ba70e98efade41e2456d571ee3bd7b3930370d8ebdece7f6baaf929acdd8afb3b0a8ef2e4f7c"}}}}, 0xdd) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2a600, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f00000000c0)={'ipvlan1\x00'}) ioctl$TUNSETQUEUE(r0, 0x400454d9, &(0x7f0000008140)={'bridge_slave_1\x00'}) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl$sock_SIOCETHTOOL(r1, 0x8946, &(0x7f0000000240)={'syz_tun\x00', &(0x7f0000000200)=@ethtool_cmd={0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000}}) recvmmsg(r1, &(0x7f0000007f80)=[{{&(0x7f0000000180)=@in={0x2, 0x0, @remote}, 0x80, &(0x7f0000001740)=[{&(0x7f0000000200)=""/68, 0x44}, {&(0x7f0000000280)=""/199, 0xc7}, {&(0x7f0000000380)=""/99, 0x63}, {&(0x7f0000000400)=""/143, 0x8f}, {&(0x7f00000004c0)=""/90, 0x5a}, {&(0x7f0000000540)=""/202, 0xca}, {&(0x7f0000000640)=""/206, 0xce}, {&(0x7f0000000040)=""/64, 0x40}, {&(0x7f0000000740)=""/4096, 0x1000}], 0x9, &(0x7f0000001800)=""/44, 0x2c}, 0x57}, {{&(0x7f0000001840)=@ieee802154={0x24, @long}, 0x80, &(0x7f0000002c40)=[{&(0x7f00000018c0)=""/240, 0xf0}, {&(0x7f00000019c0)=""/4096, 0x1000}, {&(0x7f00000029c0)=""/217, 0xd9}, {&(0x7f0000002ac0)=""/71, 0x47}, {&(0x7f0000002b40)=""/98, 0x62}, {&(0x7f0000002bc0)=""/91, 0x5b}], 0x6, &(0x7f0000002cc0)=""/4096, 0x1000}, 0x4}, {{&(0x7f0000003cc0)=@ethernet={0x0, @random}, 0x80, &(0x7f0000003f80)=[{&(0x7f0000003d40)=""/106, 0x6a}, {&(0x7f0000003dc0)=""/150, 0x96}, {&(0x7f0000003e80)=""/17, 0x11}, {&(0x7f0000003ec0)=""/7, 0x7}, {&(0x7f0000003f00)=""/14, 0xe}, {&(0x7f0000003f40)=""/3, 0x3}], 0x6, &(0x7f0000004000)=""/157, 0x9d}, 0x9}, {{&(0x7f00000040c0)=@ax25={{0x3, @rose}, [@null, @null, @rose, @rose, @bcast, @remote, @netrom, @netrom]}, 0x80, &(0x7f0000005680)=[{&(0x7f0000004140)=""/105, 0x69}, {&(0x7f00000041c0)=""/157, 0x9d}, {&(0x7f0000004280)=""/129, 0x81}, {&(0x7f0000004340)=""/172, 0xac}, {&(0x7f0000004400)=""/197, 0xc5}, {&(0x7f0000004500)=""/84, 0x54}, {&(0x7f0000004580)=""/4096, 0x1000}, {&(0x7f0000005580)=""/201, 0xc9}], 0x8, &(0x7f0000005700)=""/117, 0x75}, 0x4}, {{&(0x7f0000005780)=@in6={0xa, 0x0, 0x0, @local}, 0x80, &(0x7f0000006c80)=[{&(0x7f0000005800)=""/166, 0xa6}, {&(0x7f00000058c0)=""/231, 0xe7}, {&(0x7f00000059c0)=""/46, 0x2e}, {&(0x7f0000005a00)=""/4096, 0x1000}, {&(0x7f0000006a00)=""/5, 0x5}, {&(0x7f0000006a40)=""/103, 0x67}, {&(0x7f0000006ac0)=""/94, 0x5e}, {&(0x7f0000006b40)=""/242, 0xf2}, {&(0x7f0000006c40)=""/30, 0x1e}], 0x9, &(0x7f0000006d40)=""/167, 0xa7}, 0x800}, {{&(0x7f0000006e00)=@can, 0x80, &(0x7f0000007f40)=[{&(0x7f0000006e80)=""/4096, 0x1000}, {&(0x7f0000007e80)=""/1, 0x1}, {&(0x7f0000007ec0)=""/70, 0x46}], 0x3}, 0x7}], 0x6, 0x100, &(0x7f0000008100)={0x0, 0x989680}) write$tun(r0, &(0x7f0000000100)={@void, @val={0x1}, @ipv6=@dccp_packet={0x0, 0x6, "3cdefa", 0x10, 0x21, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @local, {[], {{0x0, 0x0, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "265d99", 0x0, "960cee"}}}}}, 0x42) 15:22:58 executing program 0: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) setsockopt$packet_rx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0) msgget(0x1, 0x0) ioctl$EXT4_IOC_PRECACHE_EXTENTS(0xffffffffffffffff, 0x6612) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 75) [ 1403.621869] FAULT_INJECTION: forcing a failure. [ 1403.621869] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1403.623253] CPU: 0 PID: 8091 Comm: syz-executor.3 Not tainted 5.10.224 #1 [ 1403.623950] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1403.624794] Call Trace: [ 1403.625066] dump_stack+0x107/0x167 [ 1403.625440] should_fail.cold+0x5/0xa [ 1403.625830] _copy_from_user+0x2e/0x1b0 [ 1403.626230] do_pages_stat+0xf1/0x3b0 [ 1403.626635] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1403.627214] ? cpuset_mems_allowed+0x1af/0x440 [ 1403.627687] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1403.628198] ? trace_hardirqs_on+0x5b/0x180 [ 1403.628645] kernel_move_pages+0xb8f/0x11c0 [ 1403.629065] ? trace_hardirqs_on+0x5b/0x180 [ 1403.629477] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 1403.630043] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1403.630062] ? __x64_sys_move_pages+0xd/0x1b0 [ 1403.631759] __x64_sys_move_pages+0xdd/0x1b0 [ 1403.632796] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1403.633337] do_syscall_64+0x33/0x40 [ 1403.633724] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1403.634285] RIP: 0033:0x7f1e88ae8b19 [ 1403.634674] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1403.636514] RSP: 002b:00007f1e8605e188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1403.637290] RAX: ffffffffffffffda RBX: 00007f1e88bfbf60 RCX: 00007f1e88ae8b19 [ 1403.638003] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1403.638753] RBP: 00007f1e8605e1d0 R08: 0000000020000000 R09: 0000000000000000 [ 1403.639506] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1403.640234] R13: 00007ffda65e58df R14: 00007f1e8605e300 R15: 0000000000022000 [ 1403.657407] FAULT_INJECTION: forcing a failure. [ 1403.657407] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1403.658626] CPU: 1 PID: 8098 Comm: syz-executor.0 Not tainted 5.10.224 #1 [ 1403.660238] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1403.662118] Call Trace: [ 1403.662738] dump_stack+0x107/0x167 [ 1403.663563] should_fail.cold+0x5/0xa [ 1403.664459] _copy_from_user+0x2e/0x1b0 [ 1403.665368] do_pages_stat+0xf1/0x3b0 [ 1403.666257] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1403.667576] ? cpuset_mems_allowed+0x1af/0x440 [ 1403.668639] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1403.669792] ? trace_hardirqs_on+0x5b/0x180 [ 1403.670796] kernel_move_pages+0xb8f/0x11c0 [ 1403.671807] ? rcu_read_lock_any_held+0x75/0xa0 [ 1403.672875] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1403.674215] ? fput_many+0x2f/0x1a0 [ 1403.674808] ? ksys_write+0x1a9/0x260 [ 1403.675677] ? __ia32_sys_read+0xb0/0xb0 [ 1403.676598] __x64_sys_move_pages+0xdd/0x1b0 [ 1403.677604] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1403.678814] do_syscall_64+0x33/0x40 [ 1403.679714] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1403.680892] RIP: 0033:0x7f6fdcf13b19 [ 1403.681739] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1403.685989] RSP: 002b:00007f6fda489188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1403.687781] RAX: ffffffffffffffda RBX: 00007f6fdd026f60 RCX: 00007f6fdcf13b19 [ 1403.689423] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1403.691104] RBP: 00007f6fda4891d0 R08: 0000000020000000 R09: 0000000000000000 [ 1403.692743] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1403.694410] R13: 00007ffee9bd176f R14: 00007f6fda489300 R15: 0000000000022000 15:23:14 executing program 6: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 77) 15:23:14 executing program 1: syz_emit_ethernet(0x56, &(0x7f0000000080)=ANY=[@ANYBLOB="20f9bdba2470aaaaaaaaaabb000d00000000000000007bc74f84dbc157914cd8c8076c7abe9072c77a4bc6eee0a964a1bea959d7d8a4d30d9eedbf84c7959dd76445502e8debf42a1f820f5fe25e762e614b3d9ae47c"], 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x8401, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f00000000c0)={'ipvlan1\x00'}) r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x105142, 0x0) lseek(r1, 0x0, 0x2) copy_file_range(0xffffffffffffffff, 0x0, r1, 0x0, 0x200f5ef, 0x0) write$tun(r1, &(0x7f0000000300)={@val={0x0, 0x8906}, @val={0x3, 0x4, 0x0, 0x2, 0x4, 0x5}, @eth={@remote, @broadcast, @val={@val={0x9100, 0x7, 0x0, 0x4}, {0x8100, 0x4, 0x1, 0x1}}, {@llc={0x4, {@llc={0xbc, 0x42, "9096", "e592da29ac86f540aa6bd0f36e2485d2053be601ede2bd4c977e4bb1bf54"}}}}}}, 0x46) write$tun(r0, &(0x7f00000003c0)={@void, @void, @ipv6=@dccp_packet={0x0, 0x6, "000508", 0x2a, 0x21, 0x0, @empty, @local, {[], {{0x0, 0x0, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "265d99", 0x0, "960cee"}, "463d04658783ebf90ff5e9d400"/26}}}}, 0x52) ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, &(0x7f0000000000)={{0x1, 0x1, 0x18, r0, {0x3}}, './file0\x00'}) ioctl$TUNSETVNETHDRSZ(r2, 0x400454d8, &(0x7f0000000180)) r3 = pidfd_open(0x0, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x105142, 0x0) fchown(r3, 0xee00, 0x0) lseek(r4, 0x0, 0x2) r5 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x4000, 0x128) copy_file_range(r4, 0x0, r4, 0x0, 0x1000000000000c, 0x0) ioctl$TUNSETVNETBE(r5, 0x400454de, &(0x7f0000000380)) fsetxattr$security_evm(r3, &(0x7f00000001c0), &(0x7f0000000200)=@md5={0x1, "2d4bc425b0e56f7e49f9f5a6086af041"}, 0x11, 0x0) r6 = accept$unix(r2, &(0x7f0000000240), &(0x7f00000002c0)=0x6e) dup3(r6, 0xffffffffffffffff, 0x0) 15:23:14 executing program 2: syz_emit_ethernet(0x56, &(0x7f0000000080)={@random="20f9bdba2470", @remote, @void, {@canfd={0xd, {{}, 0x0, 0x0, 0x0, 0x0, "7bc74f84dbc157914cd8c864a1bea9a4d30d9eedbf84c7959dd76445502e8debf42a1f820f5fe25e762e614b3d9ae47ca38e6862065da5e5550f0dfc6eba6e8f"}}}}, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x8401, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f00000000c0)={'ipvlan1\x00'}) write$tun(r0, &(0x7f0000000100)={@void, @val={0x1}, @ipv6=@dccp_packet={0x0, 0x6, "3cdefa", 0x10, 0x21, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @local, {[], {{0x0, 0x0, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "265d99", 0x0, "960cee"}}}}}, 0x42) write$tun(r0, &(0x7f0000000180)={@val={0x0, 0x9300}, @val={0x3, 0x1, 0x0, 0x0, 0xd69c, 0x8000}, @arp=@ether_ipv6={0x1, 0x86dd, 0x6, 0x10, 0x3, @remote, @loopback, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xe}, @mcast2}}, 0x42) 15:23:14 executing program 0: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) setsockopt$packet_rx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0) msgget(0x1, 0x0) ioctl$EXT4_IOC_PRECACHE_EXTENTS(0xffffffffffffffff, 0x6612) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 76) 15:23:14 executing program 5: perf_event_open(&(0x7f00000000c0)={0x1, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x1d001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = gettid() process_vm_readv(r0, &(0x7f0000001a40)=[{&(0x7f00000018c0)=""/31, 0x1f}, {&(0x7f0000001b40)=""/124, 0x7a}, {&(0x7f0000001980)=""/161, 0xa1}], 0x3, &(0x7f0000001ec0)=[{&(0x7f0000001a80)=""/101, 0x65}, {&(0x7f0000002240)=""/183, 0xffffffbc}, {&(0x7f0000001bc0)=""/122, 0x7a}, {&(0x7f0000001c40)=""/163, 0xa3}, {&(0x7f0000001d00)=""/231, 0xe7}, {&(0x7f0000001e00)}, {&(0x7f0000001e40)=""/9, 0x9}, {&(0x7f0000001b00)=""/46, 0x2e}], 0x8, 0x0) r1 = add_key$keyring(&(0x7f0000000240), &(0x7f0000000280)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe) keyctl$setperm(0x5, r1, 0x0) keyctl$get_security(0x11, r1, 0x0, 0x0) r2 = getuid() keyctl$chown(0x4, r1, r2, 0x0) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000040)={&(0x7f0000000140)={0x494, 0x12, 0x902, 0x70bd27, 0x25dfdbfd, {0x20}, [@typed={0x8, 0x11, 0x0, 0x0, @uid=r2}, @generic="b1fc89bdaa31b0d8b8571b8202758564d03a", @generic="b29bd0778f6bfb6e9026ce7fc49dd43d22b9a8e7bfecaa025b8d80f4b91d8e7ab556a1ed5baef1beb65f11f6859708efac63380b39afab8c218e83082ac047b826755f77965d254f48a37b94599b535a34c6a02ec0", @nested={0x2ab, 0x3b, 0x0, 0x1, [@generic="dda2612e230a04707d1cd149faa506028d054091a4da2565c151e0c884057b87d9459e3c4e0b83ac185051f3c69c8ae4c60ec9f4d80ce584eb176d816a4ecf2b51965b077b1f25de137d199820092d9bcfa98c2ac2878ced6709c0d74d6f360bd99d68cb80326110842fc9d44d70f80b4bea5503a196b02574294bebc940a46efdbedbcc33b3dd22d60a4d9088d3cb59", @typed={0x8, 0x2e, 0x0, 0x0, @u32=0x6}, @generic="f423fd1a3f67b8de60a4dc3044ffa5bcc009409e7f5533e61e9a47aba909fdc530b61ceaff979998e713f9649358dff3c350a1cc981b31bf6ff684790c25faeba6d50a79b0e932f4805f42631d863685f8d2070a2f3a548d8f1c41", @typed={0x8, 0x78, 0x0, 0x0, @uid}, @generic="2a5e73b40409555710714e206f635c468d45c062d2f05a0b3b977a933b38bb9b66daf6f600e0eeabc4e315d5598bfbd444bc22f46a9a01575009873445ecc8553691c286f544def81e78726c6dcd47e2167c08074f573cc062a28eac1685e3de00cdbc8567f2bd5a2194639b29bf6d6bcb856419071e295f49ea36c8b53ea0205523cc9b345dd6c959d949235d1bf4a57ff7a0dd07208960cc2cacf58981d7266ce7fb5fa39d93f7570b1ef9e1f41f48521d1332", @generic="7f0f88d9a5c048165809e043fa6d03c884b37463ad98486d79ba48225b628eaacd2d482da0b62ae5dd510628d77fff14b96cc872b4f4feeefec5f1f3409830feba192a645a63df14d50038797a556719f941a6f2e3240a660010d850326a631a4cdca879", @typed={0x88, 0x0, 0x0, 0x0, @binary="61746236fcdf32b9b0983232c3ff463ea35c82045f367009202c29947f5dd07f12c3a75c9cca1712e84df77940953203121527f2c47e74fa720ed887f0a26ec8a0370444671d16865b23202d0b51699db843b121be1e486237896243d76be8051e8baaca97ba611a4b99a89b7548abaeb1776fe96307e5f306a81e6707838e4411e161ad"}, @typed={0xc, 0x8, 0x0, 0x0, @u64=0x513defb7}]}, @nested={0x11b, 0x7, 0x0, 0x1, [@generic="d17750590c873fbd81b165cae1d7884df05d5fbee3142bebbd7a2e40d274044217e7b7f21a11a5a3f8f3a3abbecf3191bfee63e5d8b3720f036ddcd906b754647aec01b2e155a056777ce959c460791cca8695d9bcd32df349f2cd870d56476bfd6e9368e395", @generic="40e71e2a04cb097679f8e91221a15cdbf86178f80c793769859a4c0bc50b7edc249c7755edf49a3c5869269940e4eed756b99c1e4853745f22ab739cbefa594f41f68afb2302514a8c630894379377d3", @typed={0x14, 0x2f, 0x0, 0x0, @ipv6=@local}, @generic="e3a1d0395efb3def8daa96e75cd074b33ae9be9a700ed3e581d143033ce8793cb206ea716224b0fea22d88fda8632deab33715a74e02d557cf0eb73a7f19e186449e7a065858f2c3a841aa3256"]}, @typed={0xc, 0x89, 0x0, 0x0, @u64=0x2}, @typed={0x3c, 0xf, 0x0, 0x0, @binary="0b8697183cf5c8d201b6b4236d736db25932581ac5e6ba49b1c2674371b5264502399fe4f6a3a2e6bcdbaa7454c221e974e31d2fcf1f8d36"}]}, 0x494}, 0x1, 0x0, 0x0, 0x8c0}, 0x90) 15:23:14 executing program 4: perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) msgget(0x1, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 67) 15:23:14 executing program 7: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000100)={0x0, 0x0}) capset(&(0x7f0000000180)={0x20080522, r0}, &(0x7f00000002c0)={0x40, 0x0, 0xfffffaf2, 0x6, 0xffffffff, 0x40}) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000)='wlan1\x00', 0x10) sendfile(r1, 0xffffffffffffffff, 0x0, 0x6) msgctl$IPC_RMID(0x0, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 20) 15:23:14 executing program 3: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000100)={0x0, 0x0}) capset(&(0x7f0000000180)={0x20080522, r0}, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/locks\x00', 0x0, 0x0) ioctl$FS_IOC_SETVERSION(r2, 0x40087602, &(0x7f0000000040)=0x20) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000)='wlan1\x00', 0x10) sendfile(r1, r2, 0x0, 0x6) r3 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r3, 0x0, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 4) [ 1419.759179] FAULT_INJECTION: forcing a failure. [ 1419.759179] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1419.760979] CPU: 1 PID: 8112 Comm: syz-executor.6 Not tainted 5.10.224 #1 [ 1419.762022] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1419.763172] Call Trace: [ 1419.763565] dump_stack+0x107/0x167 [ 1419.764002] should_fail.cold+0x5/0xa [ 1419.764708] _copy_from_user+0x2e/0x1b0 [ 1419.765357] do_pages_stat+0xf1/0x3b0 [ 1419.765885] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1419.766763] ? cpuset_mems_allowed+0x1af/0x440 [ 1419.767461] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1419.768210] ? trace_hardirqs_on+0x5b/0x180 [ 1419.769314] kernel_move_pages+0xb8f/0x11c0 [ 1419.769955] ? rcu_read_lock_any_held+0x75/0xa0 [ 1419.771230] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1419.771697] FAULT_INJECTION: forcing a failure. [ 1419.771697] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1419.772044] ? fput_many+0x2f/0x1a0 [ 1419.772069] ? ksys_write+0x1a9/0x260 [ 1419.774157] ? __ia32_sys_read+0xb0/0xb0 [ 1419.775116] __x64_sys_move_pages+0xdd/0x1b0 [ 1419.775785] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1419.777142] do_syscall_64+0x33/0x40 [ 1419.777656] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1419.778318] RIP: 0033:0x7f28eb741b19 [ 1419.778843] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1419.782305] RSP: 002b:00007f28e8cb7188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1419.783353] RAX: ffffffffffffffda RBX: 00007f28eb854f60 RCX: 00007f28eb741b19 [ 1419.785145] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1419.786174] RBP: 00007f28e8cb71d0 R08: 0000000020000000 R09: 0000000000000000 [ 1419.787070] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1419.788157] R13: 00007ffd318d456f R14: 00007f28e8cb7300 R15: 0000000000022000 [ 1419.790561] CPU: 0 PID: 8114 Comm: syz-executor.7 Not tainted 5.10.224 #1 [ 1419.791244] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1419.792046] Call Trace: [ 1419.792320] dump_stack+0x107/0x167 [ 1419.792677] should_fail.cold+0x5/0xa [ 1419.793064] _copy_to_user+0x2e/0x180 [ 1419.793440] do_pages_stat+0x2b4/0x3b0 [ 1419.793838] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1419.794406] ? cpuset_mems_allowed+0x1af/0x440 [ 1419.794868] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1419.795368] ? trace_hardirqs_on+0x5b/0x180 [ 1419.795809] kernel_move_pages+0xb8f/0x11c0 [ 1419.796250] ? rcu_read_lock_any_held+0x75/0xa0 [ 1419.796734] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1419.797338] ? fput_many+0x2f/0x1a0 [ 1419.797722] ? ksys_write+0x1a9/0x260 [ 1419.798106] ? __ia32_sys_read+0xb0/0xb0 [ 1419.799038] __x64_sys_move_pages+0xdd/0x1b0 [ 1419.799523] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1419.800071] do_syscall_64+0x33/0x40 [ 1419.800457] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1419.800995] RIP: 0033:0x7f8be6d86b19 [ 1419.801400] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1419.803308] RSP: 002b:00007f8be42fc188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1419.804062] RAX: ffffffffffffffda RBX: 00007f8be6e99f60 RCX: 00007f8be6d86b19 [ 1419.804797] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1419.805543] RBP: 00007f8be42fc1d0 R08: 0000000020000000 R09: 0000000000000000 [ 1419.806274] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1419.807026] R13: 00007ffd26b6f95f R14: 00007f8be42fc300 R15: 0000000000022000 [ 1419.808166] FAULT_INJECTION: forcing a failure. [ 1419.808166] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1419.811680] CPU: 1 PID: 8117 Comm: syz-executor.4 Not tainted 5.10.224 #1 [ 1419.813641] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1419.816155] Call Trace: [ 1419.816786] dump_stack+0x107/0x167 [ 1419.817219] should_fail.cold+0x5/0xa [ 1419.817774] _copy_from_user+0x2e/0x1b0 [ 1419.818305] do_pages_stat+0xf1/0x3b0 [ 1419.818914] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1419.819699] ? cpuset_mems_allowed+0x1af/0x440 [ 1419.820259] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1419.820893] ? trace_hardirqs_on+0x5b/0x180 [ 1419.821412] kernel_move_pages+0xb8f/0x11c0 [ 1419.822007] ? rcu_read_lock_any_held+0x75/0xa0 [ 1419.822616] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1419.823282] ? fput_many+0x2f/0x1a0 [ 1419.823759] ? ksys_write+0x1a9/0x260 [ 1419.824203] ? __ia32_sys_read+0xb0/0xb0 [ 1419.824746] __x64_sys_move_pages+0xdd/0x1b0 [ 1419.825249] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1419.825962] do_syscall_64+0x33/0x40 [ 1419.826399] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1419.827071] RIP: 0033:0x7f1c0ae11b19 [ 1419.827549] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1419.831110] RSP: 002b:00007f1c08387188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1419.832131] RAX: ffffffffffffffda RBX: 00007f1c0af24f60 RCX: 00007f1c0ae11b19 [ 1419.833097] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1419.834057] RBP: 00007f1c083871d0 R08: 0000000020000000 R09: 0000000000000000 [ 1419.835014] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1419.835941] R13: 00007ffd2ddfd2cf R14: 00007f1c08387300 R15: 0000000000022000 [ 1419.847950] FAULT_INJECTION: forcing a failure. [ 1419.847950] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1419.849217] CPU: 0 PID: 8115 Comm: syz-executor.3 Not tainted 5.10.224 #1 [ 1419.849915] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1419.850819] Call Trace: [ 1419.851114] dump_stack+0x107/0x167 [ 1419.851503] should_fail.cold+0x5/0xa [ 1419.851906] _copy_to_user+0x2e/0x180 [ 1419.852311] do_pages_stat+0x2b4/0x3b0 [ 1419.852998] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1419.853635] ? cpuset_mems_allowed+0x1af/0x440 [ 1419.854149] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1419.854705] ? trace_hardirqs_on+0x5b/0x180 [ 1419.855167] kernel_move_pages+0xb8f/0x11c0 [ 1419.855654] ? rcu_read_lock_any_held+0x75/0xa0 [ 1419.856138] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1419.857154] ? fput_many+0x2f/0x1a0 [ 1419.858099] ? ksys_write+0x1a9/0x260 [ 1419.858557] ? __ia32_sys_read+0xb0/0xb0 [ 1419.859585] __x64_sys_move_pages+0xdd/0x1b0 [ 1419.860721] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1419.862052] do_syscall_64+0x33/0x40 [ 1419.863019] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1419.864349] RIP: 0033:0x7f1e88ae8b19 [ 1419.865001] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1419.866888] RSP: 002b:00007f1e8605e188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1419.867668] RAX: ffffffffffffffda RBX: 00007f1e88bfbf60 RCX: 00007f1e88ae8b19 [ 1419.868402] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1419.869148] RBP: 00007f1e8605e1d0 R08: 0000000020000000 R09: 0000000000000000 [ 1419.869871] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1419.870654] R13: 00007ffda65e58df R14: 00007f1e8605e300 R15: 0000000000022000 15:23:14 executing program 7: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000100)={0x0, 0x0}) capset(&(0x7f0000000180)={0x20080522, r0}, &(0x7f00000002c0)={0x40, 0x0, 0xfffffaf2, 0x6, 0xffffffff, 0x40}) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000)='wlan1\x00', 0x10) sendfile(r1, 0xffffffffffffffff, 0x0, 0x6) msgctl$IPC_RMID(0x0, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 21) [ 1419.889946] FAULT_INJECTION: forcing a failure. [ 1419.889946] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1419.891185] CPU: 0 PID: 8122 Comm: syz-executor.0 Not tainted 5.10.224 #1 [ 1419.891867] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1419.892809] Call Trace: [ 1419.893110] dump_stack+0x107/0x167 [ 1419.893451] should_fail.cold+0x5/0xa [ 1419.893846] _copy_to_user+0x2e/0x180 [ 1419.894252] do_pages_stat+0x2b4/0x3b0 [ 1419.894664] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1419.895229] ? trace_hardirqs_on+0x5b/0x180 [ 1419.895770] ? _raw_spin_unlock_irqrestore+0x25/0x40 [ 1419.896371] kernel_move_pages+0xb8f/0x11c0 [ 1419.896885] ? rcu_read_lock_any_held+0x75/0xa0 [ 1419.897410] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1419.898052] ? fput_many+0x2f/0x1a0 [ 1419.898473] ? ksys_write+0x1a9/0x260 [ 1419.898901] ? __ia32_sys_read+0xb0/0xb0 [ 1419.899361] __x64_sys_move_pages+0xdd/0x1b0 [ 1419.899851] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1419.900415] do_syscall_64+0x33/0x40 [ 1419.900849] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1419.901434] RIP: 0033:0x7f6fdcf13b19 [ 1419.901886] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1419.904292] RSP: 002b:00007f6fda489188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 15:23:14 executing program 4: perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) msgget(0x1, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 68) [ 1419.905911] RAX: ffffffffffffffda RBX: 00007f6fdd026f60 RCX: 00007f6fdcf13b19 [ 1419.914915] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1419.915590] RBP: 00007f6fda4891d0 R08: 0000000020000000 R09: 0000000000000000 [ 1419.916263] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1419.916934] R13: 00007ffee9bd176f R14: 00007f6fda489300 R15: 0000000000022000 15:23:14 executing program 6: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 78) [ 1419.938038] FAULT_INJECTION: forcing a failure. [ 1419.938038] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1419.939333] CPU: 1 PID: 8126 Comm: syz-executor.7 Not tainted 5.10.224 #1 [ 1419.939917] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1419.940611] Call Trace: [ 1419.940842] dump_stack+0x107/0x167 [ 1419.941153] should_fail.cold+0x5/0xa [ 1419.941486] _copy_from_user+0x2e/0x1b0 [ 1419.941832] do_pages_stat+0xf1/0x3b0 [ 1419.942165] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1419.942683] ? cpuset_mems_allowed+0x1af/0x440 [ 1419.943082] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1419.943509] ? trace_hardirqs_on+0x5b/0x180 [ 1419.943880] kernel_move_pages+0xb8f/0x11c0 [ 1419.944256] ? rcu_read_lock_any_held+0x75/0xa0 [ 1419.944652] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1419.945142] ? fput_many+0x2f/0x1a0 [ 1419.945461] ? ksys_write+0x1a9/0x260 [ 1419.945786] ? __ia32_sys_read+0xb0/0xb0 [ 1419.946134] __x64_sys_move_pages+0xdd/0x1b0 [ 1419.946516] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1419.947009] do_syscall_64+0x33/0x40 [ 1419.947393] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1419.947917] RIP: 0033:0x7f8be6d86b19 [ 1419.948301] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1419.950173] RSP: 002b:00007f8be42fc188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1419.950896] RAX: ffffffffffffffda RBX: 00007f8be6e99f60 RCX: 00007f8be6d86b19 [ 1419.951496] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1419.952095] RBP: 00007f8be42fc1d0 R08: 0000000020000000 R09: 0000000000000000 [ 1419.952691] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1419.953290] R13: 00007ffd26b6f95f R14: 00007f8be42fc300 R15: 0000000000022000 [ 1419.967804] FAULT_INJECTION: forcing a failure. [ 1419.967804] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1419.970002] CPU: 1 PID: 8129 Comm: syz-executor.4 Not tainted 5.10.224 #1 [ 1419.970599] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1419.971435] Call Trace: [ 1419.971695] dump_stack+0x107/0x167 [ 1419.972069] should_fail.cold+0x5/0xa [ 1419.972464] _copy_to_user+0x2e/0x180 [ 1419.972847] do_pages_stat+0x2b4/0x3b0 [ 1419.973248] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1419.973831] ? cpuset_mems_allowed+0x1af/0x440 [ 1419.974308] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1419.974806] ? trace_hardirqs_on+0x5b/0x180 [ 1419.975180] kernel_move_pages+0xb8f/0x11c0 [ 1419.975560] ? rcu_read_lock_any_held+0x75/0xa0 [ 1419.975963] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1419.976456] ? fput_many+0x2f/0x1a0 [ 1419.976771] ? ksys_write+0x1a9/0x260 [ 1419.977099] ? __ia32_sys_read+0xb0/0xb0 [ 1419.977452] __x64_sys_move_pages+0xdd/0x1b0 [ 1419.977832] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1419.978279] do_syscall_64+0x33/0x40 [ 1419.978620] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1419.979049] RIP: 0033:0x7f1c0ae11b19 [ 1419.979366] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1419.980899] RSP: 002b:00007f1c08387188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1419.981536] RAX: ffffffffffffffda RBX: 00007f1c0af24f60 RCX: 00007f1c0ae11b19 [ 1419.982137] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1419.982196] FAULT_INJECTION: forcing a failure. [ 1419.982196] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1419.982757] RBP: 00007f1c083871d0 R08: 0000000020000000 R09: 0000000000000000 [ 1419.982765] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1419.982773] R13: 00007ffd2ddfd2cf R14: 00007f1c08387300 R15: 0000000000022000 [ 1419.986178] CPU: 0 PID: 8130 Comm: syz-executor.6 Not tainted 5.10.224 #1 [ 1419.986850] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1419.987591] Call Trace: [ 1419.987853] dump_stack+0x107/0x167 [ 1419.988195] should_fail.cold+0x5/0xa [ 1419.988580] _copy_to_user+0x2e/0x180 [ 1419.988949] do_pages_stat+0x2b4/0x3b0 [ 1419.989333] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1419.989889] ? cpuset_mems_allowed+0x1af/0x440 [ 1419.990345] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1419.990880] ? trace_hardirqs_on+0x5b/0x180 [ 1419.991312] kernel_move_pages+0xb8f/0x11c0 [ 1419.991751] ? rcu_read_lock_any_held+0x75/0xa0 [ 1419.992193] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1419.992737] ? fput_many+0x2f/0x1a0 [ 1419.993094] ? ksys_write+0x1a9/0x260 [ 1419.993456] ? __ia32_sys_read+0xb0/0xb0 [ 1419.993854] __x64_sys_move_pages+0xdd/0x1b0 [ 1419.994287] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1419.994868] do_syscall_64+0x33/0x40 [ 1419.995227] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1419.995762] RIP: 0033:0x7f28eb741b19 [ 1419.996214] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1419.999865] RSP: 002b:00007f28e8cb7188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1420.001399] RAX: ffffffffffffffda RBX: 00007f28eb854f60 RCX: 00007f28eb741b19 [ 1420.002833] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1420.004263] RBP: 00007f28e8cb71d0 R08: 0000000020000000 R09: 0000000000000000 [ 1420.005683] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1420.006792] R13: 00007ffd318d456f R14: 00007f28e8cb7300 R15: 0000000000022000 15:23:28 executing program 6: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 79) 15:23:28 executing program 0: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) setsockopt$packet_rx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0) msgget(0x1, 0x0) ioctl$EXT4_IOC_PRECACHE_EXTENTS(0xffffffffffffffff, 0x6612) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 77) 15:23:28 executing program 5: r0 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000340), 0xc100, 0x0) ioctl$EVIOCGBITKEY(r0, 0x80404521, &(0x7f0000000380)=""/103) perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000400), &(0x7f0000000440)=0xc) process_vm_readv(r1, &(0x7f0000000200)=[{&(0x7f00000018c0)=""/31, 0x1f}, {&(0x7f0000001b40)=""/124, 0x7c}, {&(0x7f0000001980)=""/161, 0xa1}, {&(0x7f00000000c0)=""/243, 0xf3}, {&(0x7f0000000000)=""/48, 0x30}, {&(0x7f00000001c0)=""/37, 0x25}], 0x6, &(0x7f00000002c0)=[{&(0x7f0000001a80)=""/101, 0x65}, {&(0x7f0000002240)=""/183, 0xb7}, {&(0x7f0000001bc0)=""/122, 0x7a}, {&(0x7f0000001c40)=""/163, 0xa3}, {&(0x7f0000001d00)=""/231, 0xe7}, {&(0x7f0000000280)=""/3, 0x3}, {&(0x7f0000001e40)=""/9, 0x9}, {&(0x7f0000001b00)=""/46, 0x2e}], 0x8, 0x0) 15:23:28 executing program 7: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000100)={0x0, 0x0}) capset(&(0x7f0000000180)={0x20080522, r0}, &(0x7f00000002c0)={0x40, 0x0, 0xfffffaf2, 0x6, 0xffffffff, 0x40}) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000)='wlan1\x00', 0x10) sendfile(r1, 0xffffffffffffffff, 0x0, 0x6) msgctl$IPC_RMID(0x0, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 22) 15:23:28 executing program 1: openat(0xffffffffffffffff, &(0x7f0000000180)='./file0\x00', 0x2c180, 0x10) syz_emit_ethernet(0x56, &(0x7f0000000080)={@random="20f9bdba2470", @remote, @void, {@canfd={0xd, {{}, 0x0, 0x0, 0x0, 0x0, "7bc74f84dbc157914cd8c864a1bea9a4d30d9eedbf84c7959dd76445502e8debf42a1f820f5fe25e762e614b3d9ae47ca38e6862065da5e5550f0dfc6eba6e8f"}}}}, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x8401, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x105142, 0x0) lseek(r1, 0x0, 0x2) r2 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x4000, 0x128) copy_file_range(r2, 0x0, r1, 0x0, 0x200f5ef, 0x0) setns(r1, 0x0) io_setup(0x0, &(0x7f0000000580)=0x0) io_submit(r3, 0x0, 0x0) io_submit(r3, 0x0, &(0x7f0000000000)) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f00000000c0)={'ipvlan1\x00'}) write$tun(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="01040000020000000000603cdefa0070463cde88a300000000000000060000000001fe8000000000000000000000000000aa000000000401907800265d9900960cee"], 0x42) 15:23:28 executing program 2: syz_emit_ethernet(0x56, &(0x7f0000000080)={@random="20f9bdba2470", @remote, @void, {@canfd={0xd, {{}, 0x0, 0x0, 0x0, 0x0, "7bc74f84dbc157914cd8c864a1bea9a4d30d9eedbf84c7959dd76445502e8debf42a1f820f5fe25e762e614b3d9ae47ca38e6862065da5e5550f0dfc6eba6e8f"}}}}, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x8401, 0x0) ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, &(0x7f0000000000)={{0x1, 0x1, 0x18, r0, {0x6}}, './file0\x00'}) write$tun(r1, &(0x7f0000000180)={@void, @val={0x2, 0x3, 0x9, 0xffff, 0x6, 0x400}, @ipv6=@icmpv6={0x5, 0x6, "3d799b", 0x2e3, 0x3a, 0xff, @empty, @private2={0xfc, 0x2, '\x00', 0x1}, {[@srh={0x29, 0x14, 0x4, 0xa, 0x5, 0x0, 0x0, [@local, @mcast1, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @mcast1, @local, @mcast2, @remote, @private2={0xfc, 0x2, '\x00', 0x1}, @mcast2]}, @dstopts={0x5e, 0x7, '\x00', [@ra={0x5, 0x2, 0x6}, @padn={0x1, 0x1, [0x0]}, @jumbo={0xc2, 0x4, 0xfffffbff}, @generic={0xe0, 0x29, "397aed194aa46adf795bd96f9cb4ce0d87249ff95a23d41c24f4fccfd83ecf34ba18ecf1b912dcbee6"}]}], @ndisc_rs={0x85, 0x0, 0x0, '\x00', [{0x18, 0x17, "c95c613bea0f3e22d2ffabade23f3f7db5e7467e9a73356814efca4410893f92c3b9b65578dbabff00629e2cbda74d57f6547856fa01c000ef2bcef5628aeeb70cd80833a56cb378ebcf92f1549b679a2638b47b1f680dcc08bdf40a4ab7abc43f63cd83d26c65624f4d2e807198467e72af66e86ebd101fce4d17515bbdfadc7c23b107e1052a880e7c7f47c999a82636990efc7f6843244c9773aa757d16eb93b731b8109e0fc676fa3eb2be440790af5aeeab07dec487"}, {0x19, 0x16, "c5d363a5589888e6f18d01d558d33e3a37b0b2b20c57ec97c8c7e6da85ab15b9a16a2db11cdced60bd97eb66a2421ef30181de0fe3e91db35d063a6926f6228daff44823fe48cfc9a5dc92aabb9ebc82ba5768714b8f8b6749013fc2bec09197278dc0f288db994d4db176fd9e8b365f8121d8a0de6eae85bc0a7911fd681d709a3dc157ebbbae6e7a9ebeb5219cdba672da3a7a8de84fe0576e99834a6e7c562840fe3e51ad5d546fdfc3021b162599"}, {0x4, 0x0, "7f6c"}, {0x18, 0x10, "c9d1a493a98e52d051a0bd9c86750a5f30e4d2e7a3b5685010285ccb973034748388f99aa8024b36b864a0bd87c00ab12410d58e5bae95614f426afba7a4b9a2b1f08abfd07b2473b6c469a1b7d0985364c59e6f5d190db20f42571230e6e9f2b64c6534631a30c244813559b195fb9d05f4e4736829531047f1575ce1e94e2b51"}]}}}}, 0x315) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f00000000c0)={'ipvlan1\x00'}) write$tun(r0, &(0x7f0000000100)={@void, @val={0x1}, @ipv6=@dccp_packet={0x0, 0x6, "3cdefa", 0x10, 0x21, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @local, {[], {{0x0, 0x0, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "265d99", 0x0, "960cee"}}}}}, 0x42) 15:23:28 executing program 4: perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) msgget(0x1, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 69) 15:23:28 executing program 3: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000100)={0x0, 0x0}) capset(&(0x7f0000000180)={0x20080522, r0}, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/locks\x00', 0x0, 0x0) ioctl$FS_IOC_SETVERSION(r2, 0x40087602, &(0x7f0000000040)=0x20) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000)='wlan1\x00', 0x10) sendfile(r1, r2, 0x0, 0x6) r3 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r3, 0x0, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 5) [ 1434.254880] FAULT_INJECTION: forcing a failure. [ 1434.254880] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1434.255956] CPU: 1 PID: 8137 Comm: syz-executor.6 Not tainted 5.10.224 #1 [ 1434.256530] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1434.257224] Call Trace: [ 1434.257463] dump_stack+0x107/0x167 [ 1434.257776] should_fail.cold+0x5/0xa [ 1434.258111] _copy_from_user+0x2e/0x1b0 [ 1434.258453] do_pages_stat+0xf1/0x3b0 [ 1434.258807] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1434.259332] ? cpuset_mems_allowed+0x1af/0x440 [ 1434.259761] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1434.260216] ? trace_hardirqs_on+0x5b/0x180 [ 1434.260614] kernel_move_pages+0xb8f/0x11c0 [ 1434.261008] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1434.261548] ? io_schedule_timeout+0x140/0x140 [ 1434.261967] ? copy_kernel_to_fpregs+0x9e/0xe0 [ 1434.262383] ? trace_event_raw_event_x86_fpu+0x390/0x390 [ 1434.262881] ? ksys_write+0x1a9/0x260 [ 1434.263234] __x64_sys_move_pages+0xdd/0x1b0 [ 1434.263618] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1434.264050] do_syscall_64+0x33/0x40 [ 1434.264366] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1434.264797] RIP: 0033:0x7f28eb741b19 [ 1434.265115] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1434.266654] RSP: 002b:00007f28e8cb7188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1434.267305] RAX: ffffffffffffffda RBX: 00007f28eb854f60 RCX: 00007f28eb741b19 [ 1434.267903] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1434.268501] RBP: 00007f28e8cb71d0 R08: 0000000020000000 R09: 0000000000000000 [ 1434.269098] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1434.269695] R13: 00007ffd318d456f R14: 00007f28e8cb7300 R15: 0000000000022000 [ 1434.279839] FAULT_INJECTION: forcing a failure. [ 1434.279839] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1434.280853] CPU: 1 PID: 8145 Comm: syz-executor.0 Not tainted 5.10.224 #1 [ 1434.281425] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1434.282118] Call Trace: [ 1434.282345] dump_stack+0x107/0x167 15:23:28 executing program 5: perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setown(r0, 0x8, 0xffffffffffffffff) close(r0) close_range(r0, 0xffffffffffffffff, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x0, 0x100010, r0, 0x8000000) r1 = gettid() process_vm_readv(r1, &(0x7f0000001a40)=[{&(0x7f00000018c0)=""/31, 0x1f}, {&(0x7f0000001b40)=""/124, 0x7a}, {&(0x7f0000001980)=""/161, 0xa1}], 0x3, &(0x7f0000001ec0)=[{&(0x7f0000001a80)=""/101, 0x65}, {&(0x7f0000002240)=""/183, 0xffffffbc}, {&(0x7f0000001bc0)=""/122, 0x7a}, {&(0x7f0000001c40)=""/163, 0xa3}, {&(0x7f0000001d00)=""/231, 0xe7}, {&(0x7f0000001e00)}, {&(0x7f0000001e40)=""/9, 0x9}, {&(0x7f0000001b00)=""/46, 0x2e}], 0x8, 0x0) [ 1434.282663] should_fail.cold+0x5/0xa [ 1434.283009] _copy_from_user+0x2e/0x1b0 [ 1434.283349] do_pages_stat+0xf1/0x3b0 [ 1434.283681] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1434.284173] ? cpuset_mems_allowed+0x1af/0x440 [ 1434.284568] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1434.285138] ? trace_hardirqs_on+0x5b/0x180 [ 1434.285508] kernel_move_pages+0xb8f/0x11c0 [ 1434.285882] ? rcu_read_lock_any_held+0x75/0xa0 [ 1434.286274] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1434.286808] ? fput_many+0x2f/0x1a0 [ 1434.287157] ? ksys_write+0x1a9/0x260 [ 1434.287524] ? __ia32_sys_read+0xb0/0xb0 [ 1434.287916] __x64_sys_move_pages+0xdd/0x1b0 [ 1434.288342] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1434.288835] do_syscall_64+0x33/0x40 [ 1434.289190] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1434.289678] RIP: 0033:0x7f6fdcf13b19 [ 1434.290032] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1434.291782] RSP: 002b:00007f6fda489188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1434.292509] RAX: ffffffffffffffda RBX: 00007f6fdd026f60 RCX: 00007f6fdcf13b19 [ 1434.293189] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1434.293873] RBP: 00007f6fda4891d0 R08: 0000000020000000 R09: 0000000000000000 [ 1434.294562] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1434.295241] R13: 00007ffee9bd176f R14: 00007f6fda489300 R15: 0000000000022000 [ 1434.299593] FAULT_INJECTION: forcing a failure. [ 1434.299593] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1434.300779] CPU: 0 PID: 8140 Comm: syz-executor.7 Not tainted 5.10.224 #1 [ 1434.301424] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1434.302198] Call Trace: [ 1434.302462] dump_stack+0x107/0x167 [ 1434.302839] should_fail.cold+0x5/0xa [ 1434.303219] _copy_to_user+0x2e/0x180 [ 1434.303582] do_pages_stat+0x2b4/0x3b0 [ 1434.303956] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1434.304500] ? trace_hardirqs_on+0x5b/0x180 [ 1434.304918] ? _raw_spin_unlock_irqrestore+0x25/0x40 [ 1434.305407] kernel_move_pages+0xb8f/0x11c0 [ 1434.305825] ? rcu_read_lock_any_held+0x75/0xa0 [ 1434.306273] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1434.306840] ? fput_many+0x2f/0x1a0 [ 1434.307201] ? ksys_write+0x1a9/0x260 [ 1434.307555] ? __ia32_sys_read+0xb0/0xb0 [ 1434.307935] __x64_sys_move_pages+0xdd/0x1b0 [ 1434.308360] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1434.308831] do_syscall_64+0x33/0x40 [ 1434.309191] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1434.309658] RIP: 0033:0x7f8be6d86b19 [ 1434.310017] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1434.311705] RSP: 002b:00007f8be42fc188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1434.312414] RAX: ffffffffffffffda RBX: 00007f8be6e99f60 RCX: 00007f8be6d86b19 [ 1434.313086] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1434.313736] RBP: 00007f8be42fc1d0 R08: 0000000020000000 R09: 0000000000000000 [ 1434.314395] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1434.315124] R13: 00007ffd26b6f95f R14: 00007f8be42fc300 R15: 0000000000022000 [ 1434.321887] FAULT_INJECTION: forcing a failure. [ 1434.321887] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1434.322910] CPU: 1 PID: 8149 Comm: syz-executor.3 Not tainted 5.10.224 #1 [ 1434.323481] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1434.324168] Call Trace: [ 1434.324397] dump_stack+0x107/0x167 [ 1434.324708] should_fail.cold+0x5/0xa [ 1434.325037] _copy_from_user+0x2e/0x1b0 [ 1434.325377] do_pages_stat+0xf1/0x3b0 [ 1434.325711] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1434.326199] ? cpuset_mems_allowed+0x1af/0x440 [ 1434.326594] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1434.327038] ? trace_hardirqs_on+0x5b/0x180 [ 1434.327409] kernel_move_pages+0xb8f/0x11c0 [ 1434.327781] ? rcu_read_lock_any_held+0x75/0xa0 [ 1434.328176] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1434.328665] ? fput_many+0x2f/0x1a0 [ 1434.328978] ? ksys_write+0x1a9/0x260 [ 1434.329302] ? __ia32_sys_read+0xb0/0xb0 [ 1434.329651] __x64_sys_move_pages+0xdd/0x1b0 [ 1434.330032] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1434.330473] do_syscall_64+0x33/0x40 [ 1434.330812] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1434.331244] RIP: 0033:0x7f1e88ae8b19 [ 1434.331570] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1434.332898] FAULT_INJECTION: forcing a failure. [ 1434.332898] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1434.333114] RSP: 002b:00007f1e8605e188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1434.334808] RAX: ffffffffffffffda RBX: 00007f1e88bfbf60 RCX: 00007f1e88ae8b19 [ 1434.335406] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1434.336005] RBP: 00007f1e8605e1d0 R08: 0000000020000000 R09: 0000000000000000 [ 1434.336600] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1434.337197] R13: 00007ffda65e58df R14: 00007f1e8605e300 R15: 0000000000022000 [ 1434.337822] CPU: 0 PID: 8151 Comm: syz-executor.4 Not tainted 5.10.224 #1 [ 1434.338465] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1434.339246] Call Trace: [ 1434.339494] dump_stack+0x107/0x167 [ 1434.339833] should_fail.cold+0x5/0xa [ 1434.340211] _copy_from_user+0x2e/0x1b0 [ 1434.340581] do_pages_stat+0xf1/0x3b0 [ 1434.340943] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1434.341495] ? cpuset_mems_allowed+0x1af/0x440 [ 1434.341929] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1434.342403] ? trace_hardirqs_on+0x5b/0x180 [ 1434.342825] kernel_move_pages+0xb8f/0x11c0 [ 1434.343250] ? rcu_read_lock_any_held+0x75/0xa0 [ 1434.343683] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1434.344227] ? fput_many+0x2f/0x1a0 [ 1434.344569] ? ksys_write+0x1a9/0x260 [ 1434.344929] ? __ia32_sys_read+0xb0/0xb0 [ 1434.345325] __x64_sys_move_pages+0xdd/0x1b0 [ 1434.345738] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1434.346230] do_syscall_64+0x33/0x40 [ 1434.346580] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1434.347078] RIP: 0033:0x7f1c0ae11b19 [ 1434.347421] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1434.349086] RSP: 002b:00007f1c08387188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1434.349779] RAX: ffffffffffffffda RBX: 00007f1c0af24f60 RCX: 00007f1c0ae11b19 [ 1434.350442] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1434.351130] RBP: 00007f1c083871d0 R08: 0000000020000000 R09: 0000000000000000 [ 1434.351770] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1434.352428] R13: 00007ffd2ddfd2cf R14: 00007f1c08387300 R15: 0000000000022000 15:23:28 executing program 6: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 80) 15:23:28 executing program 0: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) setsockopt$packet_rx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0) msgget(0x1, 0x0) ioctl$EXT4_IOC_PRECACHE_EXTENTS(0xffffffffffffffff, 0x6612) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 78) [ 1434.424982] FAULT_INJECTION: forcing a failure. [ 1434.424982] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1434.426103] CPU: 0 PID: 8161 Comm: syz-executor.6 Not tainted 5.10.224 #1 [ 1434.426737] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1434.427498] Call Trace: [ 1434.427754] dump_stack+0x107/0x167 [ 1434.428108] should_fail.cold+0x5/0xa [ 1434.428471] _copy_to_user+0x2e/0x180 [ 1434.428840] do_pages_stat+0x2b4/0x3b0 [ 1434.429225] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1434.429762] ? cpuset_mems_allowed+0x1af/0x440 [ 1434.430211] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1434.430682] ? trace_hardirqs_on+0x5b/0x180 [ 1434.431108] kernel_move_pages+0xb8f/0x11c0 [ 1434.431515] ? rcu_read_lock_any_held+0x75/0xa0 [ 1434.431947] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1434.432492] ? fput_many+0x2f/0x1a0 [ 1434.432836] ? ksys_write+0x1a9/0x260 [ 1434.433204] ? __ia32_sys_read+0xb0/0xb0 [ 1434.433583] __x64_sys_move_pages+0xdd/0x1b0 [ 1434.434006] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1434.434479] do_syscall_64+0x33/0x40 [ 1434.434845] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1434.435322] RIP: 0033:0x7f28eb741b19 [ 1434.435666] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1434.437336] RSP: 002b:00007f28e8cb7188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1434.438041] RAX: ffffffffffffffda RBX: 00007f28eb854f60 RCX: 00007f28eb741b19 [ 1434.438691] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1434.439358] RBP: 00007f28e8cb71d0 R08: 0000000020000000 R09: 0000000000000000 [ 1434.440020] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1434.440668] R13: 00007ffd318d456f R14: 00007f28e8cb7300 R15: 0000000000022000 15:23:28 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) ftruncate(r0, 0x1000003) ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000)) ioctl$BLKDISCARD(r0, 0x1277, &(0x7f0000000000)) syz_emit_ethernet(0x56, &(0x7f0000000080)={@local, @remote, @void, {@canfd={0xd, {{}, 0x0, 0x0, 0x0, 0x0, "7bc74f84dbc157914cd8c864a1bea9a4d30d9eedbf84c7959dd76445502e8debf42a1f820f5fe25e762e614b3d9ae47ca38e6862065da5e5550f0dfc6eba6e8f"}}}}, 0x0) ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454ca, &(0x7f00000000c0)={'ipvlan1\x00'}) write$tun(0xffffffffffffffff, &(0x7f0000000100)={@void, @val={0x1, 0x4, 0x0, 0x2}, @ipv6=@dccp_packet={0x0, 0x6, "3cdefa", 0x10, 0x21, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @local, {[], {{0x0, 0x0, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "265d99", 0x0, "960cee"}}}}}, 0x42) 15:23:28 executing program 5: r0 = syz_open_dev$evdev(&(0x7f0000000040), 0x1, 0x0) ioctl$EVIOCSREP(r0, 0x80084503, 0xffffffffffffffff) ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000000)=0x82eb) ioctl$PERF_EVENT_IOC_QUERY_BPF(0xffffffffffffffff, 0xc008240a, &(0x7f00000000c0)={0x8, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() ioctl$EVIOCGSW(r0, 0x8040451b, &(0x7f0000000100)=""/70) process_vm_readv(r1, &(0x7f0000001a40)=[{&(0x7f00000018c0)=""/31, 0x1f}, {&(0x7f0000001b40)=""/124, 0x7a}, {&(0x7f0000001980)=""/161, 0xa1}], 0x3, &(0x7f0000001ec0)=[{&(0x7f0000001a80)=""/101, 0x65}, {&(0x7f0000002240)=""/183, 0xffffffbc}, {&(0x7f0000001bc0)=""/122, 0x7a}, {&(0x7f0000001c40)=""/163, 0xa3}, {&(0x7f0000001d00)=""/231, 0xe7}, {&(0x7f0000001e00)}, {&(0x7f0000001e40)=""/9, 0x9}, {&(0x7f0000001b00)=""/46, 0x2e}], 0x8, 0x0) 15:23:29 executing program 7: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000100)={0x0, 0x0}) capset(&(0x7f0000000180)={0x20080522, r0}, &(0x7f00000002c0)={0x40, 0x0, 0xfffffaf2, 0x6, 0xffffffff, 0x40}) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000)='wlan1\x00', 0x10) sendfile(r1, 0xffffffffffffffff, 0x0, 0x6) msgctl$IPC_RMID(0x0, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 23) 15:23:29 executing program 1: syz_emit_ethernet(0x56, &(0x7f0000000080)={@random, @remote, @void, {@canfd={0xd, {{}, 0x0, 0x0, 0x0, 0x0, "7bc7c157914cd8c864a1bea9a4d30d9eedbf84c7959dd76445502e8debf4461f820f5fe2050000000000000062065da5e5550f0dfc6eba6e8f00"}}}}, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x8401, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f00000000c0)={'ipvlan1\x00'}) write$tun(r0, &(0x7f0000000280)=ANY=[@ANYBLOB="01040000020000000000603cdefa00102100fe880000000000000000000000000001fe8000000000000000000000000000aa000000000401907800265d9900960cee65f9ac59873aa11bd48fd558decd237a1c12c1d911b1dbd1473ee2154bfdf91d605cbb4c231d7ef8bcdcc4ec22ba7bdb740ea1a1c33990a39e421e0e38d720e049b09f5923e065f588e4ed6078cc4c2ec212b76d2cfc198612c245718b7c03a3a7ea9f219bb9e71a5e513e6e6ccf6f1db004fa0aea786704d7486e0f930f8a41919bfd414505dc6cbaa671200e6ccf090ffebb0802eaacfcf4823f9f53ed381b277439a5c057c81ad5ed3d193d38977355bc597ee0190e590072367aa4a38176e410a1120f4f3355980d7ee5a790718fa05c104688ae798ff15464f10806ec13b3893720dc46582893dd3c4c5e1268448ab3216ea08a798573929541031cf6"], 0x42) [ 1434.490537] FAULT_INJECTION: forcing a failure. [ 1434.490537] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1434.491817] CPU: 1 PID: 8167 Comm: syz-executor.0 Not tainted 5.10.224 #1 [ 1434.492395] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1434.493088] Call Trace: [ 1434.493323] dump_stack+0x107/0x167 [ 1434.493637] should_fail.cold+0x5/0xa [ 1434.493971] _copy_to_user+0x2e/0x180 [ 1434.494301] do_pages_stat+0x2b4/0x3b0 [ 1434.494641] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1434.495180] ? cpuset_mems_allowed+0x1af/0x440 [ 1434.495577] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1434.496003] ? trace_hardirqs_on+0x5b/0x180 [ 1434.496376] kernel_move_pages+0xb8f/0x11c0 [ 1434.496756] ? rcu_read_lock_any_held+0x75/0xa0 [ 1434.497151] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1434.497646] ? fput_many+0x2f/0x1a0 [ 1434.497962] ? ksys_write+0x1a9/0x260 [ 1434.498285] ? __ia32_sys_read+0xb0/0xb0 [ 1434.498633] __x64_sys_move_pages+0xdd/0x1b0 [ 1434.499029] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1434.499461] do_syscall_64+0x33/0x40 [ 1434.499778] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1434.500210] RIP: 0033:0x7f6fdcf13b19 [ 1434.500527] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1434.502052] RSP: 002b:00007f6fda489188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1434.502705] RAX: ffffffffffffffda RBX: 00007f6fdd026f60 RCX: 00007f6fdcf13b19 [ 1434.503323] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1434.503920] RBP: 00007f6fda4891d0 R08: 0000000020000000 R09: 0000000000000000 [ 1434.504514] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1434.505111] R13: 00007ffee9bd176f R14: 00007f6fda489300 R15: 0000000000022000 15:23:29 executing program 2: r0 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000000), 0x20d42, 0x0) sendmsg$TIPC_NL_MEDIA_SET(r0, &(0x7f0000000500)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000004c0)={&(0x7f00000001c0)={0x2cc, 0x0, 0x400, 0x70bd2a, 0x25dfdbff, {}, [@TIPC_NLA_NET={0x34, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ID={0x8}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x24000000000}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x200}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x4}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x4}]}, @TIPC_NLA_NODE={0x1bc, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x5}, @TIPC_NLA_NODE_KEY={0x41, 0x4, {'gcm(aes)\x00', 0x19, "2816289be722e44dd211a0adc8546b6dea1f9bdebfabe80dbd"}}, @TIPC_NLA_NODE_KEY={0x43, 0x4, {'gcm(aes)\x00', 0x1b, "ea2320d25d7e6a9ec631a97b7bcb5468cfd514f2293168ceb4a4ba"}}, @TIPC_NLA_NODE_KEY={0x3c, 0x4, {'gcm(aes)\x00', 0x14, "6e36639231c6e438eece22f4115ea11b930e20ee"}}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_ID={0xd1, 0x3, "7217af2a87a582f1243f711a1cdf782b99e263af56b8ce57209c0d7059eca2ed666d09181e4bffc824aada8342e14729b7dbc1f0a38ef83b5f60fc891fa9eea6462236798ce2b013f3368dee8c363fc6c3e7855378aa958dc355cf60993f6231ff1ce165e8dab4230048725a4dccd1aa2dc239911f71d91f8361624d60d6c7ad832b41df429042ec2d06c3c4d54994d1b12056396e4433816e197c8b228605b090a451ba9b34e590784faeacc354eaf2d3dd92bc4db05f63eaf046145cfad5594c9438ee14333acbe5989edf39"}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x80}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0xd9}, @TIPC_NLA_NODE_UP={0x4}]}, @TIPC_NLA_BEARER={0xb4, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_PROP={0x3c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x10000}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1e}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x6}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x3}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x3f}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x2}]}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x1}, @TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x4e20, @broadcast}}, {0x14, 0x2, @in={0x2, 0x4e23, @loopback}}}}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x14, 0x1, @in={0x2, 0x4e22, @multicast2}}, {0x20, 0x2, @in6={0xa, 0x4e23, 0x8, @dev={0xfe, 0x80, '\x00', 0x23}, 0x7}}}}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x8000}]}, @TIPC_NLA_MON={0x14, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x15e}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x9}]}]}, 0x2cc}, 0x1, 0x0, 0x0, 0x40080c3}, 0x4000000) syz_emit_ethernet(0x56, &(0x7f0000000080)={@random="20f9bdba2470", @remote, @void, {@canfd={0xd, {{}, 0x0, 0x0, 0x0, 0x0, "7bc74f84dbc157914cd8c864a1bea9a4d30d9eedbf84c7959dd76445502e8debf42a1f820f5fe25e762e614b3d9ae47ca38e6862065da5e5550f0dfc6eba6e8f"}}}}, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x8401, 0x0) ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f00000000c0)={'ipvlan1\x00'}) write$tun(r1, &(0x7f0000000100)={@void, @val={0x1}, @ipv6=@dccp_packet={0x0, 0x6, "3cdefa", 0x10, 0x21, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @local, {[], {{0x0, 0x0, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "265d99", 0x0, "960cee"}}}}}, 0x42) 15:23:29 executing program 3: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000100)={0x0, 0x0}) capset(&(0x7f0000000180)={0x20080522, r0}, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/locks\x00', 0x0, 0x0) ioctl$FS_IOC_SETVERSION(r2, 0x40087602, &(0x7f0000000040)=0x20) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000)='wlan1\x00', 0x10) sendfile(r1, r2, 0x0, 0x6) r3 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r3, 0x0, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 6) 15:23:29 executing program 4: perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) msgget(0x1, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 70) [ 1434.549275] FAULT_INJECTION: forcing a failure. [ 1434.549275] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1434.550521] CPU: 1 PID: 8174 Comm: syz-executor.7 Not tainted 5.10.224 #1 [ 1434.551118] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1434.551812] Call Trace: [ 1434.552042] dump_stack+0x107/0x167 [ 1434.552354] should_fail.cold+0x5/0xa [ 1434.552684] _copy_from_user+0x2e/0x1b0 [ 1434.553028] do_pages_stat+0xf1/0x3b0 [ 1434.553359] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1434.553852] ? cpuset_mems_allowed+0x1af/0x440 [ 1434.554250] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1434.554685] ? trace_hardirqs_on+0x5b/0x180 [ 1434.555065] kernel_move_pages+0xb8f/0x11c0 [ 1434.555441] ? rcu_read_lock_any_held+0x75/0xa0 [ 1434.555836] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1434.556326] ? fput_many+0x2f/0x1a0 [ 1434.556640] ? ksys_write+0x1a9/0x260 [ 1434.556967] ? __ia32_sys_read+0xb0/0xb0 [ 1434.557316] __x64_sys_move_pages+0xdd/0x1b0 [ 1434.557690] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1434.558123] do_syscall_64+0x33/0x40 [ 1434.558439] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1434.558888] RIP: 0033:0x7f8be6d86b19 [ 1434.559203] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1434.560730] RSP: 002b:00007f8be42fc188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1434.561367] RAX: ffffffffffffffda RBX: 00007f8be6e99f60 RCX: 00007f8be6d86b19 [ 1434.561964] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1434.562560] RBP: 00007f8be42fc1d0 R08: 0000000020000000 R09: 0000000000000000 [ 1434.563170] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1434.563782] R13: 00007ffd26b6f95f R14: 00007f8be42fc300 R15: 0000000000022000 [ 1434.572837] FAULT_INJECTION: forcing a failure. [ 1434.572837] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1434.573858] CPU: 1 PID: 8178 Comm: syz-executor.3 Not tainted 5.10.224 #1 [ 1434.574431] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1434.575146] Call Trace: [ 1434.575376] dump_stack+0x107/0x167 [ 1434.575688] should_fail.cold+0x5/0xa [ 1434.576017] _copy_to_user+0x2e/0x180 [ 1434.576343] do_pages_stat+0x2b4/0x3b0 [ 1434.576683] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1434.577174] ? cpuset_mems_allowed+0x1af/0x440 [ 1434.577571] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1434.577998] ? trace_hardirqs_on+0x5b/0x180 [ 1434.578371] kernel_move_pages+0xb8f/0x11c0 [ 1434.578759] ? rcu_read_lock_any_held+0x75/0xa0 [ 1434.579155] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1434.579648] ? fput_many+0x2f/0x1a0 [ 1434.579960] ? ksys_write+0x1a9/0x260 [ 1434.580286] ? __ia32_sys_read+0xb0/0xb0 [ 1434.580637] __x64_sys_move_pages+0xdd/0x1b0 [ 1434.581012] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1434.581448] do_syscall_64+0x33/0x40 [ 1434.581765] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1434.582195] RIP: 0033:0x7f1e88ae8b19 [ 1434.582512] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1434.584097] RSP: 002b:00007f1e8605e188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1434.584734] RAX: ffffffffffffffda RBX: 00007f1e88bfbf60 RCX: 00007f1e88ae8b19 [ 1434.585329] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1434.585925] RBP: 00007f1e8605e1d0 R08: 0000000020000000 R09: 0000000000000000 [ 1434.586519] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1434.587130] R13: 00007ffda65e58df R14: 00007f1e8605e300 R15: 0000000000022000 [ 1434.593160] FAULT_INJECTION: forcing a failure. [ 1434.593160] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1434.594310] CPU: 0 PID: 8179 Comm: syz-executor.4 Not tainted 5.10.224 #1 [ 1434.594959] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1434.595712] Call Trace: [ 1434.595977] dump_stack+0x107/0x167 [ 1434.596326] should_fail.cold+0x5/0xa [ 1434.596689] _copy_to_user+0x2e/0x180 [ 1434.597065] do_pages_stat+0x2b4/0x3b0 [ 1434.597446] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1434.598002] ? cpuset_mems_allowed+0x1af/0x440 [ 1434.598447] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1434.598925] ? trace_hardirqs_on+0x5b/0x180 [ 1434.599351] kernel_move_pages+0xb8f/0x11c0 [ 1434.599765] ? rcu_read_lock_any_held+0x75/0xa0 [ 1434.600208] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1434.600729] ? fput_many+0x2f/0x1a0 [ 1434.601083] ? ksys_write+0x1a9/0x260 [ 1434.601428] ? __ia32_sys_read+0xb0/0xb0 [ 1434.601802] __x64_sys_move_pages+0xdd/0x1b0 [ 1434.602226] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1434.602707] do_syscall_64+0x33/0x40 [ 1434.603064] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1434.603533] RIP: 0033:0x7f1c0ae11b19 [ 1434.603886] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1434.605540] RSP: 002b:00007f1c08387188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1434.606249] RAX: ffffffffffffffda RBX: 00007f1c0af24f60 RCX: 00007f1c0ae11b19 [ 1434.606909] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1434.607560] RBP: 00007f1c083871d0 R08: 0000000020000000 R09: 0000000000000000 [ 1434.608218] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1434.608863] R13: 00007ffd2ddfd2cf R14: 00007f1c08387300 R15: 0000000000022000 15:23:42 executing program 6: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 81) 15:23:42 executing program 3: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000100)={0x0, 0x0}) capset(&(0x7f0000000180)={0x20080522, r0}, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/locks\x00', 0x0, 0x0) ioctl$FS_IOC_SETVERSION(r2, 0x40087602, &(0x7f0000000040)=0x20) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000)='wlan1\x00', 0x10) sendfile(r1, r2, 0x0, 0x6) r3 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r3, 0x0, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 7) 15:23:42 executing program 4: perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) msgget(0x1, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 71) 15:23:42 executing program 5: r0 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x5, 0x8, 0x5, 0x0, 0x0, 0x1, 0x10, 0x7, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x2, 0x0, @perf_config_ext={0x2}, 0x20600, 0x10001, 0x8, 0x2, 0x62e, 0x0, 0x6, 0x0, 0x9, 0x0, 0x222aa830}, 0xffffffffffffffff, 0x4, r0, 0xc) readv(r2, &(0x7f0000001540)=[{&(0x7f0000000140)=""/217, 0xd9}, {&(0x7f0000000240)=""/229, 0xe5}, {&(0x7f0000001640)=""/207, 0xcf}, {&(0x7f0000000000)=""/7, 0x7}, {&(0x7f0000000440)=""/4096, 0x1000}, {&(0x7f0000001440)=""/242, 0xf2}], 0x6) process_vm_readv(r1, &(0x7f0000001a40)=[{&(0x7f00000018c0)=""/31, 0x1f}, {&(0x7f0000001b40)=""/124, 0x7a}, {&(0x7f0000001980)=""/161, 0xa1}], 0x3, &(0x7f0000001ec0)=[{&(0x7f0000001a80)=""/101, 0x65}, {&(0x7f0000002240)=""/183, 0xffffffbc}, {&(0x7f0000001bc0)=""/122, 0x7a}, {&(0x7f0000001c40)=""/163, 0xa3}, {&(0x7f0000001d00)=""/231, 0xe7}, {&(0x7f0000001e00)}, {&(0x7f0000001e40)=""/9, 0x9}, {&(0x7f0000001b00)=""/46, 0x2e}], 0x8, 0x0) capset(&(0x7f00000015c0)={0x19980330, r1}, &(0x7f0000001600)={0x68b, 0x2489, 0x92d, 0x3ff, 0x0, 0x4}) [ 1448.378423] FAULT_INJECTION: forcing a failure. [ 1448.378423] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1448.380642] CPU: 1 PID: 8193 Comm: syz-executor.4 Not tainted 5.10.224 #1 [ 1448.381317] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1448.382103] Call Trace: [ 1448.382377] dump_stack+0x107/0x167 [ 1448.382749] should_fail.cold+0x5/0xa [ 1448.383149] _copy_from_user+0x2e/0x1b0 [ 1448.383553] do_pages_stat+0xf1/0x3b0 [ 1448.383941] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1448.384512] ? cpuset_mems_allowed+0x1af/0x440 [ 1448.384969] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1448.385473] ? trace_hardirqs_on+0x5b/0x180 [ 1448.385983] kernel_move_pages+0xb8f/0x11c0 [ 1448.386413] ? rcu_read_lock_any_held+0x75/0xa0 [ 1448.386860] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1448.387863] ? fput_many+0x2f/0x1a0 [ 1448.388238] ? ksys_write+0x1a9/0x260 [ 1448.388605] ? __ia32_sys_read+0xb0/0xb0 [ 1448.389002] __x64_sys_move_pages+0xdd/0x1b0 [ 1448.389436] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1448.389939] do_syscall_64+0x33/0x40 [ 1448.390354] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1448.390857] RIP: 0033:0x7f1c0ae11b19 [ 1448.391627] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1448.393381] RSP: 002b:00007f1c08387188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1448.394999] RAX: ffffffffffffffda RBX: 00007f1c0af24f60 RCX: 00007f1c0ae11b19 [ 1448.395686] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1448.396371] RBP: 00007f1c083871d0 R08: 0000000020000000 R09: 0000000000000000 [ 1448.397889] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1448.399523] R13: 00007ffd2ddfd2cf R14: 00007f1c08387300 R15: 0000000000022000 [ 1448.414253] FAULT_INJECTION: forcing a failure. [ 1448.414253] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1448.415822] CPU: 1 PID: 8198 Comm: syz-executor.7 Not tainted 5.10.224 #1 [ 1448.416395] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1448.417086] Call Trace: [ 1448.417317] dump_stack+0x107/0x167 [ 1448.417630] should_fail.cold+0x5/0xa [ 1448.417964] _copy_to_user+0x2e/0x180 [ 1448.418294] do_pages_stat+0x2b4/0x3b0 [ 1448.418634] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1448.419140] ? cpuset_mems_allowed+0x1af/0x440 [ 1448.419537] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1448.419962] ? trace_hardirqs_on+0x5b/0x180 [ 1448.420334] kernel_move_pages+0xb8f/0x11c0 [ 1448.420710] ? rcu_read_lock_any_held+0x75/0xa0 [ 1448.421103] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1448.421593] ? fput_many+0x2f/0x1a0 [ 1448.421908] ? ksys_write+0x1a9/0x260 [ 1448.422234] ? __ia32_sys_read+0xb0/0xb0 [ 1448.422583] __x64_sys_move_pages+0xdd/0x1b0 [ 1448.422994] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1448.424223] do_syscall_64+0x33/0x40 [ 1448.425074] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1448.426245] RIP: 0033:0x7f8be6d86b19 [ 1448.427104] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1448.431359] RSP: 002b:00007f8be42fc188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1448.433104] RAX: ffffffffffffffda RBX: 00007f8be6e99f60 RCX: 00007f8be6d86b19 [ 1448.434741] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1448.436377] RBP: 00007f8be42fc1d0 R08: 0000000020000000 R09: 0000000000000000 [ 1448.438010] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1448.439640] R13: 00007ffd26b6f95f R14: 00007f8be42fc300 R15: 0000000000022000 [ 1448.445209] FAULT_INJECTION: forcing a failure. [ 1448.445209] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1448.447947] CPU: 1 PID: 8200 Comm: syz-executor.6 Not tainted 5.10.224 #1 [ 1448.449509] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1448.451410] Call Trace: [ 1448.452005] dump_stack+0x107/0x167 [ 1448.453807] should_fail.cold+0x5/0xa [ 1448.454722] _copy_from_user+0x2e/0x1b0 [ 1448.455660] do_pages_stat+0xf1/0x3b0 [ 1448.456547] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1448.457882] ? cpuset_mems_allowed+0x1af/0x440 [ 1448.458938] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1448.460094] ? trace_hardirqs_on+0x5b/0x180 [ 1448.461091] kernel_move_pages+0xb8f/0x11c0 [ 1448.462092] ? rcu_read_lock_any_held+0x75/0xa0 [ 1448.463164] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1448.464503] ? fput_many+0x2f/0x1a0 [ 1448.465355] ? ksys_write+0x1a9/0x260 [ 1448.466235] ? __ia32_sys_read+0xb0/0xb0 [ 1448.467146] __x64_sys_move_pages+0xdd/0x1b0 [ 1448.468110] FAULT_INJECTION: forcing a failure. [ 1448.468110] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1448.470610] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1448.470622] do_syscall_64+0x33/0x40 [ 1448.470635] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1448.470644] RIP: 0033:0x7f28eb741b19 [ 1448.470666] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1448.478953] RSP: 002b:00007f28e8cb7188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1448.480609] RAX: ffffffffffffffda RBX: 00007f28eb854f60 RCX: 00007f28eb741b19 [ 1448.482161] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1448.483764] RBP: 00007f28e8cb71d0 R08: 0000000020000000 R09: 0000000000000000 [ 1448.485393] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1448.487029] R13: 00007ffd318d456f R14: 00007f28e8cb7300 R15: 0000000000022000 [ 1448.488687] CPU: 0 PID: 8199 Comm: syz-executor.0 Not tainted 5.10.224 #1 [ 1448.489526] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1448.490469] Call Trace: [ 1448.490771] dump_stack+0x107/0x167 [ 1448.491217] should_fail.cold+0x5/0xa [ 1448.491650] _copy_from_user+0x2e/0x1b0 [ 1448.492127] do_pages_stat+0xf1/0x3b0 [ 1448.492546] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1448.493200] ? cpuset_mems_allowed+0x1af/0x440 [ 1448.493713] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1448.494311] ? trace_hardirqs_on+0x5b/0x180 [ 1448.494783] kernel_move_pages+0xb8f/0x11c0 [ 1448.495300] ? trace_hardirqs_on+0x5b/0x180 [ 1448.495763] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 1448.496365] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1448.497035] __x64_sys_move_pages+0xdd/0x1b0 [ 1448.497488] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1448.498109] do_syscall_64+0x33/0x40 [ 1448.498492] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1448.499097] RIP: 0033:0x7f6fdcf13b19 [ 1448.499496] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1448.501466] RSP: 002b:00007f6fda489188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1448.502339] RAX: ffffffffffffffda RBX: 00007f6fdd026f60 RCX: 00007f6fdcf13b19 [ 1448.511047] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1448.511706] RBP: 00007f6fda4891d0 R08: 0000000020000000 R09: 0000000000000000 [ 1448.512402] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1448.513111] R13: 00007ffee9bd176f R14: 00007f6fda489300 R15: 0000000000022000 [ 1448.521930] capability: warning: `syz-executor.5' uses 32-bit capabilities (legacy support in use) [ 1448.533424] FAULT_INJECTION: forcing a failure. [ 1448.533424] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1448.534736] CPU: 0 PID: 8201 Comm: syz-executor.3 Not tainted 5.10.224 #1 [ 1448.535424] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1448.536224] Call Trace: [ 1448.536477] dump_stack+0x107/0x167 [ 1448.536829] should_fail.cold+0x5/0xa [ 1448.537252] _copy_from_user+0x2e/0x1b0 [ 1448.537640] do_pages_stat+0xf1/0x3b0 [ 1448.538086] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1448.538635] ? cpuset_mems_allowed+0x1af/0x440 [ 1448.539131] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1448.539606] ? trace_hardirqs_on+0x5b/0x180 [ 1448.540060] kernel_move_pages+0xb8f/0x11c0 [ 1448.540470] ? rcu_read_lock_any_held+0x75/0xa0 [ 1448.540910] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1448.541499] ? fput_many+0x2f/0x1a0 [ 1448.541861] ? ksys_write+0x1a9/0x260 [ 1448.542296] ? __ia32_sys_read+0xb0/0xb0 [ 1448.542690] __x64_sys_move_pages+0xdd/0x1b0 [ 1448.543169] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1448.543656] do_syscall_64+0x33/0x40 [ 1448.544049] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1448.544735] RIP: 0033:0x7f1e88ae8b19 [ 1448.545194] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1448.547035] RSP: 002b:00007f1e8605e188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1448.547739] RAX: ffffffffffffffda RBX: 00007f1e88bfbf60 RCX: 00007f1e88ae8b19 [ 1448.548429] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1448.549139] RBP: 00007f1e8605e1d0 R08: 0000000020000000 R09: 0000000000000000 [ 1448.549797] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1448.550524] R13: 00007ffda65e58df R14: 00007f1e8605e300 R15: 0000000000022000 [ 1448.562336] FAULT_INJECTION: forcing a failure. [ 1448.562336] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1448.563441] CPU: 1 PID: 8205 Comm: syz-executor.4 Not tainted 5.10.224 #1 [ 1448.564020] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1448.564719] Call Trace: [ 1448.564955] dump_stack+0x107/0x167 [ 1448.565268] should_fail.cold+0x5/0xa [ 1448.565607] _copy_to_user+0x2e/0x180 [ 1448.565941] do_pages_stat+0x2b4/0x3b0 [ 1448.566281] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1448.566778] ? cpuset_mems_allowed+0x1af/0x440 [ 1448.567206] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1448.567635] ? trace_hardirqs_on+0x5b/0x180 [ 1448.568007] kernel_move_pages+0xb8f/0x11c0 [ 1448.568386] ? rcu_read_lock_any_held+0x75/0xa0 [ 1448.568781] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1448.569270] ? fput_many+0x2f/0x1a0 [ 1448.569586] ? ksys_write+0x1a9/0x260 [ 1448.569912] ? __ia32_sys_read+0xb0/0xb0 [ 1448.570260] __x64_sys_move_pages+0xdd/0x1b0 [ 1448.570640] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1448.571103] do_syscall_64+0x33/0x40 [ 1448.571419] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1448.571848] RIP: 0033:0x7f1c0ae11b19 [ 1448.572163] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1448.574520] RSP: 002b:00007f1c08387188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1448.576193] RAX: ffffffffffffffda RBX: 00007f1c0af24f60 RCX: 00007f1c0ae11b19 [ 1448.577761] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1448.579388] RBP: 00007f1c083871d0 R08: 0000000020000000 R09: 0000000000000000 [ 1448.581033] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 15:23:42 executing program 1: syz_emit_ethernet(0x56, &(0x7f0000000080)={@random="20f9bdba2470", @remote, @void, {@canfd={0xd, {{}, 0x0, 0x0, 0x0, 0x0, "7bc74f84dbc157914cd8c864a1bea9a4d30d9eedbf84c7959dd76445502e8debf42a1f820f5fe25e762e614b3d9ae47ca38e6862065da5e5550f0dfc6eba6e8f"}}}}, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x105142, 0x0) lseek(r0, 0x0, 0x2) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl$sock_SIOCETHTOOL(r1, 0x8946, &(0x7f0000000240)={'syz_tun\x00', &(0x7f0000000200)=@ethtool_cmd={0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000}}) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r0, 0xc018937d, &(0x7f0000000000)={{0x1, 0x1, 0x18, r1, {0x800}}, './file0\x00'}) sendfile(r0, r2, &(0x7f0000000100)=0x5, 0x6) write$binfmt_elf64(r1, &(0x7f0000002040)=ANY=[@ANYBLOB="7f454c4604043f0800000100000000000300060005000000b80300000000000040000000000000004902000000000000018000008000380002000008fa001f0006000000060900000100000000000000020000000000000008000000000000007f00000000000000ff010000000000003600000000000000c39ab21a65ad60af42ce3be45bb8beaca32cfcf6af66ce28d21b417b6750fd81b19b225abbb12419b979a3fe7dfb56c99a5290e108a906529cfe360846e6cf9ab11a39a8e1a93ea49586fd2a72a44154b1b6d4161262047d2e97f1f911f2106d13fcd68528665671cd703f62c43203f3eb49262c0d47e8ba56dae1eee3286e8687b8999182938720c1f7a84112f2b7dcc85adb019b1945d68c9fbbf08b767ebb6fd1832c9eae44f9fda1c38a073b9100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001065429e42d1a6291f37b1e4c4c1351276a5b1c98e6d5664e5a18a863f70c5045b29aa3f1a72af50823501fc82bb77c08255a94f2ba9b149344cad11aaffde215bc81df525bcd932ac271084a205a94b4430ca291869fca9b169fe01b7197e49f11e5551d7592c320f50b37f09e5"], 0xa27) r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x4000, 0x128) copy_file_range(r3, 0x0, r0, 0x0, 0x200f5ef, 0x0) write$tun(r0, &(0x7f0000000180)={@void, @void, @ipv4=@igmp={{0x17, 0x4, 0x1, 0x38, 0x1064, 0x65, 0x0, 0xff, 0x2, 0x0, @broadcast, @broadcast, {[@cipso={0x86, 0x31, 0xffffffffffffffff, [{0x2, 0xf, "b9eff5432ab6a1a58b7bb966cf"}, {0x5, 0x11, "f18d700e34d8aa1cef27ce99c66aea"}, {0x6, 0xb, "cb5d27797830b7853a"}]}, @timestamp={0x44, 0x14, 0x8f, 0x0, 0x9, [0x5, 0x597, 0x3f, 0x4]}]}}, {0x22, 0x0, 0x0, @dev={0xac, 0x14, 0x14, 0x31}, "dab912693cee23474cd9182181ec1ad45d73ae58117e8fe0942bcaf0e668bdfb6d8cc729522b3204805ec95c830f0296aeee6f186e18f44ece75956ac9767e81f89d640f759810a7c84254e40b1918f4eb5ee8f4560e96170b8664ad648d505ee561769824f316245bd0ffd21ea5a9e3b67f1ade5994c5158399441189036dd6746486b2cc402a16b3efc2e9219cea33eabf6c390e8bc5fb45a46b8973d7489dd8e6811c84be1b3a477517bf6398eed5e06e7e8d88446a53014ff2fa4c1df50a3c776acbabebc412113449be06009187b3362362c466d51e5218adacfc1c2692932a8715648ac93b198d07aa9ff8a8c1efc60506598714fcae44dfa6659abd3ad57a1f2c490bafbbb78c074ee9a7ba06538e0e660516969e5228553cfbd95dd36d5841cae575808cdd924eaee2edbc7c98f48e82d082f115341f5ddcdbcc6c1701b28612b452750b3abe8f23aa2c0df2cc00fcd2019e8138a477a351e80a5df9f34cf9fa44a9689d6b3d34bd3a1a2d8e4f2aa36cab9fe25386941a8f90c6e39eb7e3044334493fc801bc5c362f81ae7f168af9f7712719981f354cd453545143d91f16dfca68d23f177111035360409e462d25bb12eea08db3ca1c940f1bdd7a6f4e24bf890e4d500ad28459c2011b3cc8852c814cf475dbfb7bf1248e44414ccc4c7aa395577fc32c625743e05312a504172a1b70ad057bdc3547f79fe3225f62955180c0c05621299accc3a4038b4aabe3aff8d766fbd7895052723886dddf67705a0131633e101783dfda76aef456e7e06ad544407164af68d2364d784d3d6da589440550b333b0c2d77ffe5398ecd19e8a680db2538e5d55e0f5a0659ee7abdf6a38c025e5ce12bd99243e02dfba6da2a50a78d389fcc9362e1b25f8159a1b1753f697dea463b150f09d9e925c928c26fc735c28970d3d962726adad03a71c7a996e9081cfe2da741a58ee6c483da2c2136cee607fdec57b1e7590a3be2600bdc64aae2912fc5eb39c3b39b9ff94fa892d7e544e24d1e94fe30d5c30d790a04f38f8c1760b28cbbe6412c179782c0b3986882f5b53c56797ebcb1b29f1eb8c8633aed98be84df0f4f4ab8f8eb902cde122dac52b1357701b9418e09a0ec7c215af5ae49c780c0bd20f5972ca0e91168ad31f6707829029c42fdbf79d4188816ff5cf600e7c8af2b713722ef63a3d0472ace3cb1a4d62778f693c1abb8e6d66f1cbd374bc6d0a1b65a3c99c5b6bf276ba45704f57c438f667f994fe9bd64c12ae6c8b80f960668f18e41009e274ad8faa99247889f4d9820f2ccb6a0baa5e441239b0c5d234d1cccdbad252baa0cfa8184c9b0d12ba73597dc503624b653c8a9bbc581556feeb1bfa385990be310d50a42971e9917c999078422d011c57b777fecd62c79317258e4686138f0bafed1a9a47aa20db0f2b5e1892b86613bc514b221850f0019a6a36799b3e2b5cc83718b141469c7a199c170c8804c66d092851f2a1abe9127b1e29f5755719fcd7d74dee96fb4f59777488fcf79e9db416dbdd902e6876e7caaef38008102e0943469fab8a667d668958c03aaeb25550559dd355f36ca3213b76fc43520e40a506395116e9a2396f94f75b6ed7dc507a3bd262d1bb77d48e68dbbbd5427043f2f2bd2c7d84b1cbf15d0fcf614e3289561fe25319ee9e742bbca49b5a8f2a1f02f87cfcce7b476318609126acc25a37f1a24cae12510dc1f3e0cc31f3a203054206d3de30a6342c9f53c8214a165e51a5584d25a49ac1508ef42ee98116e1bf5eafe3de7371298b5fa055bbb56c33c192b2cc68b409d72cefbdea9f78708124af505f135f8f07b170df60e555ef2ce1e983c8f4defbf06faf76774fb347c2bdc60103b27e71f5fa0de3656d0d03d287f08c772686e758715b814332ec0eb81715e0221464195dc3c9ad3246de4b243920f4cfccd25a64f165b3794cb4e53e410f53237ef630b897b778ac91915c33a84e6dc84e0071cd3fb27c9fca6ac74aa65e0b515d35f0237f561f91a0eab1390d847b732c224ce5bf487c50c6e2d47c28c3942355fffdb9b9c18e34330597a9e6ad6f5e6ec7a2ef04d0237cf7ca765fb6a3e31906f483a164852bd7342a87a09fdc8e19814bbb272d8c06e2e0065a1f40c653e8f7bec8124a4467773d164d80ec6abcf3f6182436fcbf306c237587beee61615ae5b55016e9e7631768657bd3cd89ebdbfbcfb7a45db05bfb5b1eae7fea13f7d36c1e50e582ec4807f091e048df147d790280e13889123272abf42092dd36dea7126d3108338086df5bc5a475cbd4672c452db40a5e5e34e4ace11d778001580d810e19f6de0a01cb85d5b9acab4a38a41520a119cb13d6a2a207e875307f25bbb7e5fbc026b726049bc10864ffbd39e9e28b9e660b4a041212a8fbe04350ca1a1fb788ca4b49a03d8a75952acd7e606879486ba1daf4388b778613d74fede7c175576adc5f98c77feacfa6c6d9f27646eac26c572fcd61e6ad769bcb939199bb9706fc87198b9bd5442f39e3765fa9a602e55c3d3e06e803d1cc406c83e4e7b8c2715f874f5d515718e6d0bfb090ad106d36c31109cab3940a0a688115d35dc90ca104e444b0787d45717c002443601c7807dfa074761b32890672a0a68ef85bec73aa6c972968ee271727e1249002475b1b455df7f16a2658cc46c8241c337a8cd434657a3ebe1a399b0dfe6103ca4dec7cff89a65582517ecd977672ad4eeb2386169c27af7844afa5d96f66bcf74c429f3d6d1ba7fa58f1aa79207ae0e04e4dfce86130b87d4bf15ecd3500382097ed791b7a2fffc2edf16fb4d63920a1df5eaa00035853a1ca1cd4b9bc26bcb635c1e625a98edc3791eab1194d24e543d47cdbe6ebad4f5e01d15eafa94f0e04c6dde3ebbccf95db62b818ac61a70b83fea5ff9f15ffcc3a1c096875271af343557f6460635873d948218e45876393aab405f1d8289735a2e7bf92ab085da4edde15c7c931704a9358839f90bdc6772b58db401a29e4dbed5848d6875f0b6382ee7311aaa62bc8968b64afd6154386ebe8fdac322f445b08d28bd3a013520ff72e4a44799116d6391938e71af71259d7376b3c628175ef5d72e25f15778bf026506b04bf9fae59212338d037b7a6456409b973a770eea287561d951f44f4e10c257b020647c0649c292d0ed54e375845a1a5066ffa8531ca48c2ab1b602172c5b7ff00c4cc162ff643d1054ae93c4c786e1abda64b60b5e1d352f316190a5ece265f1a42f135b26171aacc3ef2f91a29247e66ae360670d266d84e4279df0773fc4611a07a0a3757b2a21d3fc41402b4b8acea40c0fb1ff3c318c7551f79d9da9577714808f5f91b4f5e5a5d3f99f75f84e4124fe2bc0c20d887bc83061d6f1e2d3e387e5830cddfbe2589430b43f21b4460d398fa037c1faf71346e86a6f197581fc0bd3bf9f8ef13ddf355b6e7afd903d04e28bd428e547e8bb5e83f3b7375503e4bdcd6f79021e6795500bc05844b13c4157157c81747483b60b25c47a98cbf25fed09f6159c8df23645e4360275c99fab06881857e7ed6c43b0d375101a5311ea58f1650078249155a218e0d6f5de93e159ceb7b8f73a6e9ab75b0a63498ba0d582ac2f35b0ed27dcb1390f9ebac1c22487c72aab2fd52cf77013f2a1ab2169d99e1dd35c95dc4d58c247c9a80e7d1a74714f9cdac0174875bd96681ca38769ed293cf9c33b1dd7531157a04bdad56705d5df65753faecae0e03ad4e9ebe3d68d0cf1e78986fd8f0331e2a12a06ec32cdd4e7d256be9e8279bb05efe87479ba8c136f06edcc5403eb7bcd11a51a59c49f7e855719ce0afa589fcb35ad48eefcb99809808d5e7d81e1b72aeb766cb51905874c1b2e5e969bd01b50c208873bf246fbb9c1f5fa2acf71176f6e33291896b572e15fa6a2c53b3c378b0535856a6dd73427e58bf98b7bddf331f902939116d80260505ad7a65a82bd1ad7e33c0c8eefdb44b449cb3ac7621621bf60a3e522db5c818647ab12c689c1007720610281e298f3dd747dc2b60a5c5399870bb581d0d94660fff11206ff1ec45ee6038e6d26b132b28c4f0d37ad14516b2f9385333451df4847d0603d08b4b20d8d3e40d71b24e93a8b8c5a5b9ed01fdc877c23ca31606d58e4bfe472633adfe32859db4d4cd5758b57d1e8b05675fc560b340f485e981321061a0dd0893d635abf4e61c0d92ffdd4e8cec3e0903c895abb95872011b7c3ca528ad6f95a222901ed59409890fb1a58e92a40ef2000cf9fe3bccd393bc69be193e0e14e066981ce77a8bb0492993270dea7d094708795f5f2d5c27f50631840cac3e236ca51f6e920679785c4a571d952694f4bba9e8d731ca4684dd5f547d628ce5ee0c297eaac582ca6351fe552a722c59d490c6e0702fce9f0ad887aa15bc551da0666ddc173b3ea2dafdad23e46e9148277a9180fab54b4976fc6e568fba9c6ad97eef81ec4a4ab446ab5e07114f924f83cfe41b440b85ef0655ee25f946a60b941dbb2c2c187a8e60d685f33c9eec0fd4d44baf477f195744fce9c62505b6f2a5e7dfcde1909829dec619b91d66c13e150f1e0ddaf3584b56796b88573149799a4d0db1163469f7c043d039f4d514019ea3b3cc35308c98c1e6d78cd711777acba9a35e0a8046d77594c9add79bdf7f4dcb9d37b26e8c16d4a8327f04c4ee99239243bcd433ed1c27c1759e3a5af4845d3fdf54d6d45e570ad1d10c0a037f8f51f570b5085fa48a6af399fc74dd0538dd00821f61dd560c36ba7f1450949e800d98087634c985757d7e1b0502d5540cdb80998d6c41744f105b23b22892e9f7f1534c3ffe2e75143773b1ba9b2c6d48e1fbe10b78f7889de2fc73776c8c01beb720e0eb8d4a1cae0e2fe52cfc4022d26b39e3f4c49cd3d2ab6d6beb033cb00c7fc6c1919ea8b7ff29af1014efe9f58a6c762cf57fdbc9eb5c24e40e3d9b6cc50fa05a3ee6add766bd09c8fe3110f6ee32874e0b798df7a69bd649a6c83fd45b28d250b2ffbacd416d8e3e3041552f0280320969bfbdc03b5d5f16fcbd383bbd88e1a1d3e3a754a92467a80fce90b02ca3275bd9678d8c601e423db24463086319ff626f73ac6968e01983779a9ca78d82510169b4442c771d275d5816b2ec191943989f06db680756604da7223a12a8c7151167d66125ad6b83b0a012af137879819f071f72bbedab5ab241484e26ddb29b3c2470c974f9f197c82f1c28125c540a798bd1fac1ebeee0519ee999e6d54f7e01511b5cea278795dafbe8525dc338d915fb2f023eaed058904f599485d8871146bb46eaf12dfc98069fcf8b53cf095cf81940ca8f0f97bb2bf65dd0ebf095f3bb9f496c9ddebbac2fc144d81b8b0bedb37a23f41c577d20ca8645b44fa830748198311811123e56556335f847d4ea6000eaf958e79f01771834627f7751cca6ee7cc63cf2ab238fefff4017094a79b1d8710dd0854ca4ee7c31875864a706cdcc97a000442a4fb7a65a881117733626b00ceafb1ba10ce7d434f3f53139e4b77b4a0d93f23daf88e0526b10d4363a0bd1e59bc47e4d6ee022eafa063470b859d676dc7ec9c6be7d66bc44c7de77d3235145831553dfed8b933c0c2161ef5cd62ada682807f8a66df5a1338719f36d58f4351aa0d267a5a29addd03c5f3843d166823ca4524f09f30bb9e2428b772cd35045e9bcfe29a1ad52a1cc3cd435cbea677010c967710b0b3298825e8fa31075df49ea651aac0ea1d82b0166aa87c4eee27817f7c7c8c5e80bcdc2f5c1cf6ef2052040e9183bc2"}}}, 0x1064) r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x8401, 0x0) ioctl$TUNSETQUEUE(r4, 0x400454ca, &(0x7f00000000c0)={'ipvlan1\x00'}) [ 1448.583182] R13: 00007ffd2ddfd2cf R14: 00007f1c08387300 R15: 0000000000022000 write$tun(r4, &(0x7f0000001200)={@void, @val={0x1, 0x4, 0x0, 0x2}, @ipv6=@gre_packet={0x0, 0x6, "27e4d5", 0x312, 0x2f, 0x1, @mcast2, @private1, {[], {{0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x880b, 0x8f, 0x2, [0x8000, 0x8], "70caab36790023e3926d2fb2ba1a868a5ef1623c16a45797aee21b3c785e96e4397327259c90ab93664d03694d701bc9492245e6aae041f40159eb5461c9d48c058aaf8d71074ae3a9eff93b7a33f47631b6d12f5e59f41417dc462fe1097fc0cb963f4d3dea5542ac8ce3b5d9bae3d986f4f891fda9bc34530808203e1268f7c10e5eb6f0c069dd6ecade98283f44"}, {0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x800, [0x7, 0x0, 0x1000], "117b56a597215638656248ce48e0b5ad4c0a321614d3c8ed3ad0a0fb8b104330964b55d3dbffefdce326bbbfd979adc72e41c77c5e5ce4add2f92bc211298642df471b5df440ed74daf9c004e402fbefb1e3648080080ef01de0f78cfef8a62b89c8b14b38f019574611e4817f600902519ae40d60a69457d8c5ec66b6293707f20af874c98a0cdd1bbeb2ab6f1b3cb2694a67703562879c7c13705e8b8779e17701a6519958dc7fd79f21331f32af3f83c4a80edfe639468027b17d6aecdb655b8f148dbc1e0c403db3c0546e329059b504bebf4f7b1079791ae77ff36164ae7bd6623ea37b54a6ea"}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd, [0x7ff, 0x1000, 0x7], "6cfdde986db4c75c26b5cda5af8a2c0f1aa8eebffa1c31fb9709085bb8c2256ab977a4d5c67678b4405fb2c7dfe631875f42b65ed04f58f7b1945c738aff3410af39a3b287000bfe5ad70ee322dd4bbb37cfbb8f73d6081b309afc9f42ce74533d4963acd7154e26f14c0cf50e1e756f2715566b72a744df2def3d94c24c34b56710cc29397fe68a06f7811997b71f524e77724024c69b0705d78c1929c34a6e4c34280804cc17e9ac22371f52bd3c6eed0751db4da6bc0e31e501bfb3377ee7299c6429db00"}, {0x8, 0x88be, 0x0, {{0x9, 0x1, 0xcc, 0x2, 0x0, 0x0, 0x1, 0xff}, 0x1, {0x1}}}, {0x8, 0x22eb, 0x1, {{0x2, 0x2, 0x0, 0x2, 0x0, 0x1, 0x1, 0x7}, 0x2, {0x1, 0xfffd, 0x1, 0x1, 0x0, 0x1, 0x3, 0x0, 0x1}}}, {0x8, 0x6558, 0x3, "e116529d8621feb5739cf58e0e63861361ea1d79b07ca6057816b11e7f9d03702984552562b110730abcae24dd44efbd1b46e571461fe8f5fefb5995e2d430e5206e7221f46c9bf0a6f907af92d2de52bfc1c6d122547659852bf94c0e7b574220b64ceb69570d2238b3684f44c02600abf7a0b25d6d700f6b148280d288d13b"}}}}}, 0x344) 15:23:42 executing program 0: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) setsockopt$packet_rx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0) msgget(0x1, 0x0) ioctl$EXT4_IOC_PRECACHE_EXTENTS(0xffffffffffffffff, 0x6612) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 79) 15:23:42 executing program 2: syz_emit_ethernet(0x56, &(0x7f0000000080)=ANY=[@ANYBLOB="020000000000aaaaaa3da8bb000d00000000000000007bc74f84dbc157914cd8c864a1bea9a4d30d9eedbf84c7959dd76445612e8debf42a1f4b3d9ae47ca38e682ae1824e0f63450cfc6eba6e8e00000034bb4d67c6"], 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x8401, 0x0) write$tun(r0, &(0x7f0000000400)={@val={0x0, 0x88e5}, @val={0x2, 0x1, 0x1f, 0x0, 0x7, 0x5}, @mpls={[{0xa55, 0x0, 0x1}, {0x4, 0x0, 0x1}, {0x80}, {0x2, 0x0, 0x1}, {0xa82f}], @ipv6=@generic={0x4, 0x6, "4daa5d", 0x11b8, 0x16, 0x1, @private1={0xfc, 0x1, '\x00', 0x1}, @mcast2, {[@dstopts={0x2e, 0xb, '\x00', [@calipso={0x7, 0x58, {0x1, 0x14, 0x80, 0x5, [0x8, 0x1, 0x401, 0x1f, 0x9, 0x4, 0x101, 0x2, 0x6, 0xff]}}]}, @hopopts={0x6, 0xb, '\x00', [@pad1, @enc_lim={0x4, 0x1, 0x8}, @calipso={0x7, 0x20, {0x1, 0x6, 0x9, 0x6, [0xaa1, 0x2, 0x0]}}, @calipso={0x7, 0x30, {0x3, 0xa, 0xff, 0x9, [0x9, 0x1, 0x6, 0x8, 0x8000]}}, @pad1]}, @hopopts={0xff, 0x1a, '\x00', [@generic={0x3, 0xbf, "3b8a281d2f98d46fa79dca46083d941e534c12e878434884924f25e32a60ebd806345947364e3664085e0b7e0eb69b36bded06992b34c9054705836cf908eca8d947048081f315c4b6466f40a3b4eea652429149fb9824ce0e1fb041f8777bba702cdf92a44837eb828e9c610de8c4abcbead872ce40c1295152577dbae4111c9c99f9e5718654276f206e904c4b1c71fb96578268c5307c328366c4cd40f66543b92bff1252e76dc689d8f622fb74dc968f8ae28a8c21eb4b0bfdbc42fad0"}, @generic={0x18, 0xc, "29d34204c6c3199549708365"}, @pad1, @ra={0x5, 0x2, 0x7}]}, @fragment={0x16, 0x0, 0x72, 0x1, 0x0, 0x4, 0x68}], "9c1996a32eac5d1f8d29d16dbdb4021bb892f1943cd1350f181321cb9b71e193d2476aa515230c8fbc7acfd25c1f97bd46d9ecfeb4e03fc35975bbae09d84b3ba9e7287c852496a319e2bc77f1db8718669e53866abf4a76cb44f3a56f7a4380cc26a547dc8e9d515bd4788a115563b5f97c3c39220306e30d25668355b4065b753a32c3e5d8ec8bb9a5375b8d6ff78e6ce32c072f671d2cca7035208de80fc1cbcf6a7a7b35684156a42cc55eaed71ed2c5419f3a15c382be3ae4f6dfc4e1906a4921f1e563319e5bd1087898bfa6772211772a6b9a5be0ef4eff64bf39dd2a2a83abc6ae76d4a863e0d7c07d933e751b2ebb52fc10af0337619b0ca3c298c83f9bc74d9365b17ab8dd53e14bf7b38e8b66c18b36fc6a577657814575f6044bdb2919d0092e06b935e5317b6c3b73ada8d1abd81487e8930629292324fcea2b8b4977a78bb7a698d508ff716408c7b39416e8a2979a1e03602332994fd06b2a6ffba89946a6497294fadcc71516170ec7d564396630dab03ad317c00fa3a4899924dd281229385f2a44749de85d1312d983f0cef9a3c5f325e4da0161d5757bfa65eb19b008ae21ac4c634be5442e7e016e845921ce78fa8b513d50946ccd875fcb3dbd5aab41a21463821ce162537ef27732e69cb14e09102912caa2e911fef5dcf58947083455c661d4548b2e5a4bba77cec737aa0d2c2bcba5083db016a43ae86fb1b73fcadb034ab38279694b71bf62973b292af53b5d426a75cc9702b04bce619174f1514ea7fa90a03b811fd78ee0f0dde99e78773c9aa74d8375270682bbe8c17e765b3ba2b675a8fcfae4b0f52f46637d83606c3516233dac294a64cc2bb9174ef5b9ac2c3290ef4e52eb24bc618fe46b7bb66286b5c57738f6a9ea55317a795c73bf962a0aa673dfa761eb638622920851ed91d4e6f27d753499bcf9010075f39046dfd5e15bcbdce9eddc194eec56d8fa7f7a659ff2d2c528c4faa5a6b660e7be20d3ce03dc4ea6f822c7049b0460c0608e4fc87be6d7d0e8bdc9b8243a18be893c07af48859f399a777ee221e325f06434fec6fc82623c9af0251b25f14afda0ec64d0579103b614cee96a7c87a9c67bc28815e74093475bfab5bbe0547c9e5ac8500d65bb0234730e24c1c3f8cc2cd0d2409ca75e4fda19ac4a5b39a69f54be47db57145b25e0c1ea43343d0ee4d22e79929d3dc3186a94c3234cbd7ddac82efd194a88f76f3460b8d5ca8eb7ef13b94d3003ae7705e5529ec74ed63299137134eb48b83132b3aca351bb010a8f004507c6c0542dca70c9d3ec35da2dae49aee9c399d45757863de72dd3e2a398101193a702077bab9c48135dd7c1e832fc216d1474416707e9dd378cd009e01d90c26e5aa7e5c4ecf24a81bbebe1c31689f8bfb8933c18cf35e4fb974da9f334bb847c61eb8949e774af1572e4ce3a932d9f86e14b2a4767a66a19f1949f7f1218759a77b60da82670839c2eb4a739e254081ed7eb980422f69adaec2dedc7f02eed64d87a1f2f5deb46710301b74c40d4602599a271fbea7e346567c12a00de4962eb72a7fc1c99d5f766252ba4eec5249d0a7cdc51bf3d82b5068286e3f8a604bd6a5a5bb4fdc406371004a32b202be16407f42b944eb387042a2ca83eb31c378be87186ef05b4a7dbb3260da4c388055b81a97c36fc29c4547ac91c7c3daa31aa1a1ed9bd110480d0a1b4598cfaf18dcabdc0d992f7c9fd886cd0bf67a653aeb383f3c939b9a0fe92c78dbd4a823c91505999644d59a4935336e4410e74cb68768a949e86ba8d03cea1f5984d1ee6c402635242475426d1628b2fc1d124128ead19eb813efd0c906a65bf984b0066d13948687b935c4e1e924ba0c9b907f942e257e752d270d50ab46393116706867a6af41320ffbe69f862c55325e4dc3ca4095fec9524d337856e5a808db274fe7e36c6bbc93800d3ada4e0d0a1b34db541e7251f641de507987d6bc263da609701cc0d77c016b63138155cd2c79cf84cfbb3a5a39b8ae428cc344e86654edd07da7f674085e215e575911ee8631b8896b67fee1fe6404f66be8778c686995606d92fc364a7d12d456439a66b42107b0dabdbfac16e5197dc1c9b4fbba6f100b9c5e29ecbabfb6c6c4ca2e3838ec7da8382981619ed9217c96e67406bbf6fbcbd7a51392469f6de40caeafc74d73ce52ef758a96559bdf3f16ee5c062f1a9042134fbc18d2de945e6eac7f635c8786891284094f04e3f7f4f98a04e36828dd091f2029beb236aa2a5b9054bb03c049cc10bf7cce09c6ae733180dd5aa2160780adb2aebaa16dd8b79a29e60ef200cc48d7318ad7cc9725e705749d29577da95a2bd5fbe11b86840dba1736998b02acb8e8465a58796f074a178a9195d8a13ddcdac214c48149774625d319b0fb0662d2669c5f10e3da27beadddbb74a8c51e1ad33c0fccb70a67dd11cc50afeaa7e405bc3438a1e18a495337d753d4997623b5c71b2cf2656bc041fe147c8f7f95a0d3845ad5425bbb0b0134700c8f1275150e0de03419350e9bbdc1ee8305ce7fd1aee67947013e17afa5f106c9e5500d22e73f9b51882f85087f079dbb57fca97fdb2d4b8ef8bc7e7894478b154b4804bb5f9e181daf83da7e313a2cf859044f65938087c973a72def7a5745afae3fe5bea61c36e490f28f190b895a43c967b467307b8f4166de813ea1ce3075df83a207296c6bc81280f26c07d03a2ea9c4e7fd4d885154610e4293d4a8f05077b00b6b145f97979c587555a6c043dfd3e42665081d70b0de26ce7cff9d1b8b229c22464ac5c3081bb473d75288ebeac58fdd907229459e060e856ad154e87876dd80a154128d1ba4a35ced6ce48d94705e68fae371017556bb03ae5d1532fcd2d46d662e8b7aceed907d09625a466e82b0cb0e7075fcd2228d39f507a6396afb6f63e03f31d2af818e40ec05e98b6d7e1657cdfd94ef37687d38f2da38cc8965c71ca51c29573849a863353d6e65c34e27c5ace3892f89bc78b5471517ae33a44ff01b4d38a42a10030501ec29070ced220e38ae2b96dd4a3cc1be2ff9d56072d3f8068a702798244562ef9d4e3da3d2671a3b19bd65aaccf678e75591d52d86d291f10c7da20006a7a86cef750dbb6437f9c77bc3cc55a152f6f88737ad9e71f9eba712bacc2b623bff860719831a7d23587b2d8c50aac4b2da5aecc7261532333937bc482526a99c928324f89b8203798a3999aa7cd59513aaa704e786136d119c35c5b585c5f6a03249d4302ef3f7d9473fdccaea8bb2b7c82bb74015cb0747ded5d1bc85b9893cf50706c3f6d9559353699c737a74911bd7a423dd4d6006f43a1d8518b1e19cc44d8ae0eeb54c090b67e039670e998404b36469bd6ae4d5c34cc3aad3bd48bebb147308f3aaa3f22411aef1b68fb55827a2aaf2f2e2fc5cfa44e578397d2efcdf4540c5cdb53d5d1c53c333d60f204492bdf737286378ebd72279d931cb053e9774ba21828a3e31d6483571844725a7349722b42514bbeb49f6afd3b2b86d48307c0281e17b66f636612c22920c3309f37aa144479f62ae1f3a81d79944633bc71ee23b26e5dfda2a3086b01d9c9634ec20673c155903320ed49e992142092e1a69516748c75a0783869453367663fcc51d21e6efbb41801a2f92059fc30640269f1ab4a32aeb5ad4e8410f274a9bc81e97d66bff4c7db6d634b78c298f2f17fdf93488b161bdbe7fff2d8e968e18aca0729a9023eb88206661867ba425ec3a011e25ceb02beda5a0c1cd49a7a5dfc5f8a02c19425e9613560450d0c46601339913b8948e506102a4b8427a6770e59c35c21f8982572af469c16ffc8b0e58d8b7d7fb659ceba1a0b17415f2f8bb878df3ee89d1cfb63e7e31e1856e15ae5728ac36735bbb2201edf982a4db6a80029a19feabfc5741ee4aee3ceb9c5a2a20786ce307ef81eb61d9b85a443f3d341159b4be747400447ca26c1b3cf4621da33ded491fec49c0bd4b3bc650526586e36c2502e08904d73953f33a995f2f61d8affc5b244b69fa3874d8854d1e564a97b91a817be1dab86d2e841ca499245de4285aa1bccf07814fe7311fde51f8ff2432c2950e2c0ec4dedf5ab5c4d3146c84b8deea46dacf17d35167a63e41563fe893f22cc565e47b232584869379cf513f1ccaffb6f0102ba42966cfa0c45b39072d0b4d4785d1ee67654cb24d5b3c491db9d9c0b2fe3ede50265c59fad6fb24925d8c2c31b8c081c164fd852ee9a0316a32a266f77d7c63b8529fd0e34bfddb068edb5739663eb78efc32defade58998cd1df5ab469b1949efaaeb160b1ab7a7ec336641a20430ad748fc3223860a4272a8de6ed0070e3e7652eaa19cc14b97c4e7c5000d44f0f5bc0741db9a030ac2cf23e82784d1f47bcd6fb51f5d2b6b526bdc1a9d9f6bdadca857af5a6cd662b9765ed7fcbca2c7ba82975f1adcb225ba82d058c1ddd2180ab34ecbcfa90fa4022d3e9c140c46e368dc6265ff090b59885959d5f0d126961097fd8109abde045c700f231ce16890cfd6080dc585cab45b194da4916bb63c8dd28a6e1e4bda537a5105264fc5f8f79face7546a40d3e954f5be2c7460e6e9b6fec687e2c5aefce76ea36bb1faf1d4be277236bacec69f800752e2ce7039dc02770e66e0b1a7b1ff1e9f9283ebb7c6afba23a47559625f3e25c2a3fed446b0dc9908cc0ebdfbcff443369b31c9b71bf4bb98cd02251c3181c0668758309fbd3cbca844600fb27f92b0711e486bc87702e3b589e6b704930d5ce9128423ec13d2c6bbac90bba7559bdad8bf228d21574ca660a1e3999a1a74132b1d4c70bce7445cfeb28c0f3ecfd8f8602968ae27a2d555ef151c220e86877e52418c9d112e2cbccf9cff4e286d222845a4fa4c4b20ce856082ce17f228ac159a80aefecc10fdee5a14b25eaa18a88373ef615063378c6503aa3c7044c977ad13aa246bd4cdd66ef79d194d65306e0dd4a8734f2ffebd18666cc6241beee58b60c03117df6d07d3abf8ca248e27de9cc252a9ce8055803bedde17a50ce0c92c19ecea19cda63e04f6e5f1c085bb6cf7ff8356fd13150102f552b6d5b9106241df62ccea9a38ed69a91debfbd55dabc472cd7ed5ad03758f5c8927bbfd8d76119bc857beaa7ff5ff168484c50f9e2fdf3c43c6ede580b2dd657d0d525711d45f014cd942c02c3e859292c579a3dc9d1ce199fd537efb6d9737904f5d5ac694b0cd7026adaf2d6edc97caaf2f2cd155ab5689d66e919ceb9c61defa2ab98ad90e32e344661717c91624caefa47abb9f0aed973d41c676a3954d74e1648464ab88dc35cd33787dfadb20d3533c1456f6b64937a66b5f3d9a38c4e6a61496ed99c7e3d589a9d54086ba996018a438785ee4be7db199b8af330fe1718e94e8e9411c4153be600b0e381a99fc29e2087731ce4269a2d3116d4315695136c5b9daa12b2473f43dd6ca03d79ad82865d2907f05bd815dcecf48605f9053dca29b6564feb7314db8b1bf8a83f63d3acf6dfc9c15b42fb40f854a2a29a39bdde7144dc3e2833b280daec219cb99742af9224b651afa4316806ec4d7c742a4c7e1ab25ad03a449ca9d10abb815dba7a001cced8705df05dbff14a20114668e71b3c23a2e3ebddabdb2726463a738f28aa1804555a1bd556065bd63be29b8186479ceeedeca183a17fa391ac39247d98420346d5d1ba234e3e4d65dc3e9e04cf551c2abc548f7d5d4c7897bea69d5c434de81c905ef6cde11c4caa3c5f73d67781accd49df9656d7c7dbab69d9d249"}}}}, 0x1202) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f00000000c0)={'ipvlan1\x00'}) write$tun(r0, &(0x7f0000000280)=ANY=[@ANYBLOB="01000000000000000000603cdefa00102100fe880000000000000000000100000001fe8000000000000000000000000000aa000000000401907800265d9900960cee1967177173c205f1ba091cf5b85ca18cb74d35855fa5cb781d8447964575c0a90e503e3357049c645829cae64bd30000000000000400000000a30beab1baaed2f155896d403d454d81252126cfad456f0cd8dd74bb8b227f208633ed5e31d8b88680ac58614b2a384b7d82852f7a2bac1ae95f0019f5191d903b506286fbe1f0a52618c981c0d9c5d95c680478fa58b52fde7c3e5b8ef203f0507cc516b0b287eef853136c22299b023b4b797174a15655a918ffe8770e8053a03a5207f4b028962c7799dce2fb836a03f89c3b45b59c51a3d003332ccf86c0d71ba447e90586714a9bb3b013e49b6f4e55db21770b2f579da510265ebf215eae435a0f6d451802cb267736ff15af5f7b746b491b5286f3f73128f2289b24552c6ec68103f083f944"], 0x42) 15:23:42 executing program 7: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000100)={0x0, 0x0}) capset(&(0x7f0000000180)={0x20080522, r0}, &(0x7f00000002c0)={0x40, 0x0, 0xfffffaf2, 0x6, 0xffffffff, 0x40}) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000)='wlan1\x00', 0x10) sendfile(r1, 0xffffffffffffffff, 0x0, 0x6) msgctl$IPC_RMID(0x0, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 24) 15:23:43 executing program 4: perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) msgget(0x1, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 72) 15:23:56 executing program 7: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000100)={0x0, 0x0}) capset(&(0x7f0000000180)={0x20080522, r0}, &(0x7f00000002c0)={0x40, 0x0, 0xfffffaf2, 0x6, 0xffffffff, 0x40}) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000)='wlan1\x00', 0x10) sendfile(r1, 0xffffffffffffffff, 0x0, 0x6) msgctl$IPC_RMID(0x0, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 25) 15:23:56 executing program 5: perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = gettid() process_vm_readv(r0, &(0x7f0000001a40)=[{&(0x7f00000018c0)=""/31, 0x1f}, {&(0x7f0000001b40)=""/124, 0x7c}, {&(0x7f0000001980)=""/161, 0xa1}], 0x3, &(0x7f0000001ec0)=[{&(0x7f0000001a80)=""/98, 0x62}, {&(0x7f0000002240)=""/183, 0xb7}, {&(0x7f0000001bc0)=""/122, 0x7a}, {&(0x7f0000001c40)=""/163, 0xa3}, {&(0x7f0000001d00)=""/231, 0xe7}, {&(0x7f0000001e00)}, {&(0x7f0000001e40)=""/9, 0x9}, {&(0x7f0000001b00)=""/46, 0x2e}], 0x8, 0x0) 15:23:56 executing program 3: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000100)={0x0, 0x0}) capset(&(0x7f0000000180)={0x20080522, r0}, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/locks\x00', 0x0, 0x0) ioctl$FS_IOC_SETVERSION(r2, 0x40087602, &(0x7f0000000040)=0x20) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000)='wlan1\x00', 0x10) sendfile(r1, r2, 0x0, 0x6) r3 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r3, 0x0, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 8) 15:23:56 executing program 0: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) setsockopt$packet_rx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0) msgget(0x1, 0x0) ioctl$EXT4_IOC_PRECACHE_EXTENTS(0xffffffffffffffff, 0x6612) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 80) [ 1462.263160] FAULT_INJECTION: forcing a failure. [ 1462.263160] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1462.264235] CPU: 1 PID: 8216 Comm: syz-executor.7 Not tainted 5.10.224 #1 [ 1462.264811] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1462.265506] Call Trace: [ 1462.265741] dump_stack+0x107/0x167 [ 1462.266054] should_fail.cold+0x5/0xa [ 1462.266396] _copy_from_user+0x2e/0x1b0 [ 1462.266742] do_pages_stat+0xf1/0x3b0 [ 1462.267082] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1462.267580] ? cpuset_mems_allowed+0x1af/0x440 [ 1462.267979] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1462.268405] ? trace_hardirqs_on+0x5b/0x180 [ 1462.268777] kernel_move_pages+0xb8f/0x11c0 [ 1462.269156] ? rcu_read_lock_any_held+0x75/0xa0 [ 1462.269551] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1462.270041] ? fput_many+0x2f/0x1a0 [ 1462.270356] ? ksys_write+0x1a9/0x260 [ 1462.270681] ? __ia32_sys_read+0xb0/0xb0 [ 1462.271041] __x64_sys_move_pages+0xdd/0x1b0 [ 1462.271421] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1462.271856] do_syscall_64+0x33/0x40 [ 1462.272173] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1462.272605] RIP: 0033:0x7f8be6d86b19 [ 1462.272924] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1462.274455] RSP: 002b:00007f8be42fc188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1462.275122] RAX: ffffffffffffffda RBX: 00007f8be6e99f60 RCX: 00007f8be6d86b19 [ 1462.275728] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1462.276321] RBP: 00007f8be42fc1d0 R08: 0000000020000000 R09: 0000000000000000 [ 1462.276912] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1462.277504] R13: 00007ffd26b6f95f R14: 00007f8be42fc300 R15: 0000000000022000 [ 1462.283533] FAULT_INJECTION: forcing a failure. [ 1462.283533] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1462.284580] CPU: 1 PID: 8226 Comm: syz-executor.6 Not tainted 5.10.224 #1 [ 1462.285154] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1462.285768] FAULT_INJECTION: forcing a failure. [ 1462.285768] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1462.285866] Call Trace: [ 1462.285880] dump_stack+0x107/0x167 [ 1462.285900] should_fail.cold+0x5/0xa [ 1462.287724] _copy_to_user+0x2e/0x180 [ 1462.288054] do_pages_stat+0x2b4/0x3b0 [ 1462.288394] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1462.288891] ? cpuset_mems_allowed+0x1af/0x440 [ 1462.289287] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1462.289714] ? trace_hardirqs_on+0x5b/0x180 [ 1462.290088] kernel_move_pages+0xb8f/0x11c0 [ 1462.290460] ? rcu_read_lock_any_held+0x75/0xa0 [ 1462.290859] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1462.291374] ? fput_many+0x2f/0x1a0 [ 1462.291687] ? ksys_write+0x1a9/0x260 [ 1462.292014] ? __ia32_sys_read+0xb0/0xb0 [ 1462.292360] __x64_sys_move_pages+0xdd/0x1b0 [ 1462.292736] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1462.293168] do_syscall_64+0x33/0x40 [ 1462.293481] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1462.293916] RIP: 0033:0x7f28eb741b19 [ 1462.294231] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1462.295783] RSP: 002b:00007f28e8cb7188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1462.296420] RAX: ffffffffffffffda RBX: 00007f28eb854f60 RCX: 00007f28eb741b19 [ 1462.297022] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1462.297616] RBP: 00007f28e8cb71d0 R08: 0000000020000000 R09: 0000000000000000 [ 1462.298217] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1462.298817] R13: 00007ffd318d456f R14: 00007f28e8cb7300 R15: 0000000000022000 [ 1462.300490] FAULT_INJECTION: forcing a failure. [ 1462.300490] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1462.301498] CPU: 1 PID: 8221 Comm: syz-executor.0 Not tainted 5.10.224 #1 [ 1462.302071] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1462.302766] Call Trace: [ 1462.302993] dump_stack+0x107/0x167 [ 1462.303325] should_fail.cold+0x5/0xa [ 1462.303653] _copy_to_user+0x2e/0x180 [ 1462.303982] do_pages_stat+0x2b4/0x3b0 [ 1462.304326] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1462.304820] ? cpuset_mems_allowed+0x1af/0x440 [ 1462.305216] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1462.305641] ? trace_hardirqs_on+0x5b/0x180 [ 1462.306017] kernel_move_pages+0xb8f/0x11c0 [ 1462.306389] ? rcu_read_lock_any_held+0x75/0xa0 [ 1462.306786] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1462.307290] ? fput_many+0x2f/0x1a0 [ 1462.307600] ? ksys_write+0x1a9/0x260 [ 1462.307928] ? __ia32_sys_read+0xb0/0xb0 [ 1462.308496] __x64_sys_move_pages+0xdd/0x1b0 [ 1462.309263] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1462.310163] do_syscall_64+0x33/0x40 [ 1462.310815] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1462.311905] RIP: 0033:0x7f6fdcf13b19 [ 1462.312225] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1462.313765] RSP: 002b:00007f6fda489188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1462.314407] RAX: ffffffffffffffda RBX: 00007f6fdd026f60 RCX: 00007f6fdcf13b19 [ 1462.315015] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1462.316596] RBP: 00007f6fda4891d0 R08: 0000000020000000 R09: 0000000000000000 [ 1462.318165] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1462.319737] R13: 00007ffee9bd176f R14: 00007f6fda489300 R15: 0000000000022000 [ 1462.321331] CPU: 0 PID: 8217 Comm: syz-executor.3 Not tainted 5.10.224 #1 [ 1462.322059] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1462.322901] Call Trace: [ 1462.323185] dump_stack+0x107/0x167 [ 1462.323553] should_fail.cold+0x5/0xa [ 1462.323953] _copy_to_user+0x2e/0x180 [ 1462.324340] do_pages_stat+0x2b4/0x3b0 [ 1462.324745] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1462.325319] ? cpuset_mems_allowed+0x1af/0x440 [ 1462.325793] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1462.326284] ? trace_hardirqs_on+0x5b/0x180 [ 1462.326706] kernel_move_pages+0xb8f/0x11c0 [ 1462.327170] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1462.327755] __x64_sys_move_pages+0xdd/0x1b0 [ 1462.328204] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1462.328729] do_syscall_64+0x33/0x40 [ 1462.329084] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1462.329582] RIP: 0033:0x7f1e88ae8b19 [ 1462.329977] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1462.331860] RSP: 002b:00007f1e8605e188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1462.332606] RAX: ffffffffffffffda RBX: 00007f1e88bfbf60 RCX: 00007f1e88ae8b19 [ 1462.333325] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1462.333920] RBP: 00007f1e8605e1d0 R08: 0000000020000000 R09: 0000000000000000 [ 1462.334522] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1462.335125] R13: 00007ffda65e58df R14: 00007f1e8605e300 R15: 0000000000022000 15:23:56 executing program 4: perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) msgget(0x1, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 73) 15:23:56 executing program 2: syz_emit_ethernet(0x56, &(0x7f0000000080)={@random="20f9bdba2470", @remote, @void, {@canfd={0xd, {{}, 0x0, 0x0, 0x0, 0x0, "7bc74f84dbc157914cd8c864a1bea9a4d30d9eedbf84c7959dd76445502e8debf42a1f820f5fe25e762e614b3d9ae47ca38e6862065da5e5550f0dfc6eba6e8f"}}}}, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x8401, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f00000000c0)={'ipvlan1\x00'}) write$tun(r0, &(0x7f0000000100)={@void, @val={0x1}, @ipv6=@dccp_packet={0x0, 0x6, "3cdefa", 0x10, 0x21, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @local, {[], {{0x0, 0x0, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "265d99", 0x0, "960cee"}}}}}, 0x42) write$tun(r0, &(0x7f0000000000)={@val={0x0, 0x15}, @void, @arp=@generic={0xfdd9, 0x888e, 0x6, 0xc, 0x3, @link_local, "8b5f29e4981a5b35f211fa56", @link_local, "5da283b12bfc50"}}, 0x2b) 15:23:56 executing program 1: syz_emit_ethernet(0x56, &(0x7f0000000080)={@random="20f9bdba2470", @remote, @void, {@canfd={0xd, {{}, 0x0, 0x0, 0x0, 0x0, "7bc74f84dbc157914cd8c864a1bea9a4d30d9eedbf84c7959dd76445502e8debf42a1f820f5fe25e762e614b3d9ae47ca38e6862065da5e5550f0dfc6eba6e8f"}}}}, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x8401, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f00000000c0)={'ipvlan1\x00'}) write$tun(r0, &(0x7f0000000100)={@void, @val={0x1, 0x4, 0x0, 0x2, 0x0, 0x5}, @ipv6=@dccp_packet={0x0, 0x6, "3cdefa", 0x10, 0x21, 0x0, @remote, @dev={0xfe, 0x80, '\x00', 0x3b}, {[], {{0x0, 0x0, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "265d99", 0x0, "960cee"}}}}}, 0x42) 15:23:56 executing program 6: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 82) 15:23:56 executing program 5: r0 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x3, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0}, 0x80}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fchmod(r0, 0x40) r1 = gettid() r2 = syz_open_procfs$namespace(r1, &(0x7f0000000000)='ns/user\x00') r3 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x105142, 0x0) lseek(r3, 0x0, 0x2) r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x4000, 0x128) copy_file_range(r4, 0x0, r3, 0x0, 0x200f5ef, 0x0) r5 = socket$unix(0x1, 0x5, 0x0) ioctl$AUTOFS_DEV_IOCTL_READY(r4, 0xc0189376, &(0x7f0000000100)={{0x1, 0x1, 0x18, r5, {0x1f}}, './file0\x00'}) ioctl$NS_GET_USERNS(r2, 0xb701, 0x0) r6 = pidfd_getfd(0xffffffffffffffff, r4, 0x0) openat$cgroup(r6, &(0x7f0000000140)='syz0\x00', 0x200002, 0x0) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f00000000c0)={r2, 0xf84f, 0x1, 0x2}) gettid() process_vm_readv(r1, &(0x7f0000001a40)=[{&(0x7f00000018c0)=""/31, 0x1f}, {&(0x7f0000001b40)=""/124, 0x7a}, {&(0x7f0000001980)=""/161, 0xa1}], 0x3, &(0x7f0000001ec0)=[{&(0x7f0000001a80)=""/101, 0x65}, {&(0x7f0000002240)=""/183, 0xffffffbc}, {&(0x7f0000001bc0)=""/122, 0x7a}, {&(0x7f0000001c40)=""/163, 0xa3}, {&(0x7f0000001d00)=""/231, 0xe7}, {&(0x7f0000001e00)}, {&(0x7f0000001e40)=""/9, 0x9}, {&(0x7f0000001b00)=""/46, 0x2e}], 0x8, 0x0) [ 1462.381201] FAULT_INJECTION: forcing a failure. [ 1462.381201] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1462.382857] CPU: 0 PID: 8220 Comm: syz-executor.4 Not tainted 5.10.224 #1 [ 1462.383564] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1462.384386] Call Trace: [ 1462.384656] dump_stack+0x107/0x167 [ 1462.385023] should_fail.cold+0x5/0xa [ 1462.385422] _copy_from_user+0x2e/0x1b0 [ 1462.385824] do_pages_stat+0xf1/0x3b0 [ 1462.386206] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1462.386780] ? cpuset_mems_allowed+0x1af/0x440 [ 1462.387251] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1462.387771] ? trace_hardirqs_on+0x5b/0x180 [ 1462.388220] kernel_move_pages+0xb8f/0x11c0 [ 1462.388681] ? rcu_read_lock_any_held+0x75/0xa0 [ 1462.395450] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1462.396008] ? fput_many+0x2f/0x1a0 [ 1462.396380] ? ksys_write+0x1a9/0x260 [ 1462.396769] ? __ia32_sys_read+0xb0/0xb0 [ 1462.397193] __x64_sys_move_pages+0xdd/0x1b0 [ 1462.397643] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1462.398155] do_syscall_64+0x33/0x40 [ 1462.398532] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1462.399049] RIP: 0033:0x7f1c0ae11b19 [ 1462.399429] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1462.401228] RSP: 002b:00007f1c08387188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1462.401978] RAX: ffffffffffffffda RBX: 00007f1c0af24f60 RCX: 00007f1c0ae11b19 [ 1462.402654] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1462.403355] RBP: 00007f1c083871d0 R08: 0000000020000000 R09: 0000000000000000 [ 1462.404059] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1462.404773] R13: 00007ffd2ddfd2cf R14: 00007f1c08387300 R15: 0000000000022000 15:23:56 executing program 0: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) setsockopt$packet_rx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0) msgget(0x1, 0x0) ioctl$EXT4_IOC_PRECACHE_EXTENTS(0xffffffffffffffff, 0x6612) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 81) 15:23:56 executing program 6: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 83) 15:23:56 executing program 7: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000100)={0x0, 0x0}) capset(&(0x7f0000000180)={0x20080522, r0}, &(0x7f00000002c0)={0x40, 0x0, 0xfffffaf2, 0x6, 0xffffffff, 0x40}) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000)='wlan1\x00', 0x10) sendfile(r1, 0xffffffffffffffff, 0x0, 0x6) msgctl$IPC_RMID(0x0, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 26) [ 1462.440210] FAULT_INJECTION: forcing a failure. [ 1462.440210] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1462.443053] CPU: 1 PID: 8239 Comm: syz-executor.6 Not tainted 5.10.224 #1 [ 1462.444569] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1462.446401] Call Trace: [ 1462.446988] dump_stack+0x107/0x167 [ 1462.447813] should_fail.cold+0x5/0xa [ 1462.448664] _copy_from_user+0x2e/0x1b0 [ 1462.449547] do_pages_stat+0xf1/0x3b0 [ 1462.450393] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1462.451676] ? cpuset_mems_allowed+0x1af/0x440 [ 1462.452693] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1462.453806] ? trace_hardirqs_on+0x5b/0x180 [ 1462.454768] kernel_move_pages+0xb8f/0x11c0 [ 1462.455736] ? rcu_read_lock_any_held+0x75/0xa0 [ 1462.456768] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1462.458052] ? fput_many+0x2f/0x1a0 [ 1462.458861] ? ksys_write+0x1a9/0x260 [ 1462.459711] ? __ia32_sys_read+0xb0/0xb0 [ 1462.460603] __x64_sys_move_pages+0xdd/0x1b0 [ 1462.461582] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1462.462720] do_syscall_64+0x33/0x40 [ 1462.463551] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1462.464676] RIP: 0033:0x7f28eb741b19 [ 1462.465490] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1462.469560] RSP: 002b:00007f28e8cb7188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1462.471248] RAX: ffffffffffffffda RBX: 00007f28eb854f60 RCX: 00007f28eb741b19 [ 1462.472811] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1462.474376] RBP: 00007f28e8cb71d0 R08: 0000000020000000 R09: 0000000000000000 [ 1462.475949] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1462.477522] R13: 00007ffd318d456f R14: 00007f28e8cb7300 R15: 0000000000022000 [ 1462.495315] FAULT_INJECTION: forcing a failure. [ 1462.495315] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1462.496569] CPU: 0 PID: 8238 Comm: syz-executor.7 Not tainted 5.10.224 #1 [ 1462.497268] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1462.498127] Call Trace: [ 1462.498411] dump_stack+0x107/0x167 [ 1462.498779] should_fail.cold+0x5/0xa [ 1462.499203] _copy_to_user+0x2e/0x180 [ 1462.499596] do_pages_stat+0x2b4/0x3b0 [ 1462.500021] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1462.500611] ? cpuset_mems_allowed+0x1af/0x440 [ 1462.501090] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1462.501606] ? trace_hardirqs_on+0x5b/0x180 [ 1462.502062] kernel_move_pages+0xb8f/0x11c0 [ 1462.502523] ? rcu_read_lock_any_held+0x75/0xa0 [ 1462.503010] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1462.503602] ? fput_many+0x2f/0x1a0 [ 1462.504009] ? ksys_write+0x1a9/0x260 [ 1462.504401] ? __ia32_sys_read+0xb0/0xb0 [ 1462.504838] __x64_sys_move_pages+0xdd/0x1b0 [ 1462.505280] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1462.505815] do_syscall_64+0x33/0x40 [ 1462.506196] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1462.506716] RIP: 0033:0x7f8be6d86b19 [ 1462.507102] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1462.508849] RSP: 002b:00007f8be42fc188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1462.509495] RAX: ffffffffffffffda RBX: 00007f8be6e99f60 RCX: 00007f8be6d86b19 [ 1462.510115] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1462.510741] RBP: 00007f8be42fc1d0 R08: 0000000020000000 R09: 0000000000000000 [ 1462.511360] FAULT_INJECTION: forcing a failure. [ 1462.511360] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1462.512324] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1462.512333] R13: 00007ffd26b6f95f R14: 00007f8be42fc300 R15: 0000000000022000 [ 1462.513674] CPU: 1 PID: 8241 Comm: syz-executor.0 Not tainted 5.10.224 #1 [ 1462.514246] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1462.514938] Call Trace: [ 1462.515172] dump_stack+0x107/0x167 [ 1462.515484] should_fail.cold+0x5/0xa [ 1462.515815] _copy_from_user+0x2e/0x1b0 [ 1462.516155] do_pages_stat+0xf1/0x3b0 [ 1462.516487] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1462.516981] ? cpuset_mems_allowed+0x1af/0x440 [ 1462.517376] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1462.517803] ? trace_hardirqs_on+0x5b/0x180 [ 1462.518174] kernel_move_pages+0xb8f/0x11c0 [ 1462.518546] ? rcu_read_lock_any_held+0x75/0xa0 [ 1462.518941] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1462.519609] ? fput_many+0x2f/0x1a0 [ 1462.520426] ? ksys_write+0x1a9/0x260 [ 1462.521279] ? __ia32_sys_read+0xb0/0xb0 [ 1462.522183] __x64_sys_move_pages+0xdd/0x1b0 [ 1462.523164] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1462.524297] do_syscall_64+0x33/0x40 [ 1462.525115] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1462.526243] RIP: 0033:0x7f6fdcf13b19 [ 1462.527077] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1462.531163] RSP: 002b:00007f6fda489188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1462.532832] RAX: ffffffffffffffda RBX: 00007f6fdd026f60 RCX: 00007f6fdcf13b19 [ 1462.534401] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1462.535999] RBP: 00007f6fda4891d0 R08: 0000000020000000 R09: 0000000000000000 [ 1462.537565] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1462.539150] R13: 00007ffee9bd176f R14: 00007f6fda489300 R15: 0000000000022000 [ 1462.599273] FAULT_INJECTION: forcing a failure. [ 1462.599273] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1462.601157] CPU: 1 PID: 8248 Comm: syz-executor.4 Not tainted 5.10.224 #1 [ 1462.602695] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1462.604547] Call Trace: [ 1462.605142] dump_stack+0x107/0x167 [ 1462.605954] should_fail.cold+0x5/0xa [ 1462.606813] _copy_to_user+0x2e/0x180 [ 1462.607668] do_pages_stat+0x2b4/0x3b0 [ 1462.608541] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1462.609817] ? cpuset_mems_allowed+0x1af/0x440 [ 1462.610844] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1462.611982] ? trace_hardirqs_on+0x5b/0x180 [ 1462.612941] kernel_move_pages+0xb8f/0x11c0 [ 1462.613902] ? rcu_read_lock_any_held+0x75/0xa0 [ 1462.614930] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1462.616266] ? fput_many+0x2f/0x1a0 [ 1462.617078] ? ksys_write+0x1a9/0x260 [ 1462.617918] ? __ia32_sys_read+0xb0/0xb0 [ 1462.618818] __x64_sys_move_pages+0xdd/0x1b0 [ 1462.619811] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1462.620959] do_syscall_64+0x33/0x40 [ 1462.621786] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1462.622921] RIP: 0033:0x7f1c0ae11b19 [ 1462.623753] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1462.627842] RSP: 002b:00007f1c08387188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1462.629516] RAX: ffffffffffffffda RBX: 00007f1c0af24f60 RCX: 00007f1c0ae11b19 [ 1462.631104] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1462.632695] RBP: 00007f1c083871d0 R08: 0000000020000000 R09: 0000000000000000 [ 1462.634245] FAULT_INJECTION: forcing a failure. [ 1462.634245] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1462.634268] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1462.634285] R13: 00007ffd2ddfd2cf R14: 00007f1c08387300 R15: 0000000000022000 [ 1462.638671] CPU: 0 PID: 8253 Comm: syz-executor.7 Not tainted 5.10.224 #1 [ 1462.639385] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1462.640218] Call Trace: [ 1462.640502] dump_stack+0x107/0x167 [ 1462.640875] should_fail.cold+0x5/0xa [ 1462.641277] _copy_from_user+0x2e/0x1b0 [ 1462.641680] do_pages_stat+0xf1/0x3b0 [ 1462.642065] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1462.642655] ? cpuset_mems_allowed+0x1af/0x440 [ 1462.643126] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1462.643622] ? trace_hardirqs_on+0x5b/0x180 [ 1462.644067] kernel_move_pages+0xb8f/0x11c0 [ 1462.644504] ? rcu_read_lock_any_held+0x75/0xa0 [ 1462.644979] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1462.645564] ? fput_many+0x2f/0x1a0 [ 1462.645938] ? ksys_write+0x1a9/0x260 [ 1462.646318] ? __ia32_sys_read+0xb0/0xb0 [ 1462.646729] __x64_sys_move_pages+0xdd/0x1b0 [ 1462.647185] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1462.647709] do_syscall_64+0x33/0x40 [ 1462.648082] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1462.648594] RIP: 0033:0x7f8be6d86b19 [ 1462.648968] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1462.650641] RSP: 002b:00007f8be42fc188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1462.651290] RAX: ffffffffffffffda RBX: 00007f8be6e99f60 RCX: 00007f8be6d86b19 [ 1462.651888] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1462.652486] RBP: 00007f8be42fc1d0 R08: 0000000020000000 R09: 0000000000000000 [ 1462.653084] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1462.653684] R13: 00007ffd26b6f95f R14: 00007f8be42fc300 R15: 0000000000022000 [ 1462.676179] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.5'. [ 1462.690591] FAULT_INJECTION: forcing a failure. [ 1462.690591] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1462.692060] CPU: 1 PID: 8261 Comm: syz-executor.6 Not tainted 5.10.224 #1 [ 1462.692527] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.5'. [ 1462.692775] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1462.692786] Call Trace: [ 1462.694770] dump_stack+0x107/0x167 [ 1462.695164] should_fail.cold+0x5/0xa [ 1462.695554] _copy_to_user+0x2e/0x180 [ 1462.695969] do_pages_stat+0x2b4/0x3b0 [ 1462.696401] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1462.697010] ? cpuset_mems_allowed+0x1af/0x440 [ 1462.697492] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1462.698034] ? trace_hardirqs_on+0x5b/0x180 [ 1462.698485] kernel_move_pages+0xb8f/0x11c0 [ 1462.698954] ? rcu_read_lock_any_held+0x75/0xa0 [ 1462.699447] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1462.700035] ? fput_many+0x2f/0x1a0 [ 1462.700414] ? ksys_write+0x1a9/0x260 [ 1462.700809] ? __ia32_sys_read+0xb0/0xb0 [ 1462.701232] __x64_sys_move_pages+0xdd/0x1b0 [ 1462.701701] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1462.702220] do_syscall_64+0x33/0x40 [ 1462.702614] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1462.703147] RIP: 0033:0x7f28eb741b19 [ 1462.703557] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1462.705156] RSP: 002b:00007f28e8cb7188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1462.705798] RAX: ffffffffffffffda RBX: 00007f28eb854f60 RCX: 00007f28eb741b19 [ 1462.706397] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1462.707002] RBP: 00007f28e8cb71d0 R08: 0000000020000000 R09: 0000000000000000 [ 1462.707701] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1462.708404] R13: 00007ffd318d456f R14: 00007f28e8cb7300 R15: 0000000000022000 [ 1462.711044] FAULT_INJECTION: forcing a failure. [ 1462.711044] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1462.712260] CPU: 1 PID: 8262 Comm: syz-executor.0 Not tainted 5.10.224 #1 [ 1462.712918] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1462.713721] Call Trace: [ 1462.713987] dump_stack+0x107/0x167 [ 1462.714338] should_fail.cold+0x5/0xa [ 1462.714724] _copy_to_user+0x2e/0x180 [ 1462.715107] do_pages_stat+0x2b4/0x3b0 [ 1462.715507] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1462.716071] ? cpuset_mems_allowed+0x1af/0x440 [ 1462.716536] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1462.717043] ? trace_hardirqs_on+0x5b/0x180 [ 1462.717463] kernel_move_pages+0xb8f/0x11c0 [ 1462.717892] ? rcu_read_lock_any_held+0x75/0xa0 [ 1462.718345] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1462.718920] ? fput_many+0x2f/0x1a0 [ 1462.719282] ? ksys_write+0x1a9/0x260 [ 1462.719673] ? __ia32_sys_read+0xb0/0xb0 [ 1462.720082] __x64_sys_move_pages+0xdd/0x1b0 [ 1462.720518] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1462.721004] do_syscall_64+0x33/0x40 [ 1462.721363] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1462.721838] RIP: 0033:0x7f6fdcf13b19 [ 1462.722183] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1462.723923] RSP: 002b:00007f6fda489188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1462.725538] RAX: ffffffffffffffda RBX: 00007f6fdd026f60 RCX: 00007f6fdcf13b19 [ 1462.726227] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1462.726931] RBP: 00007f6fda4891d0 R08: 0000000020000000 R09: 0000000000000000 [ 1462.727604] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1462.728300] R13: 00007ffee9bd176f R14: 00007f6fda489300 R15: 0000000000022000 [ 1462.736365] FAULT_INJECTION: forcing a failure. [ 1462.736365] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1462.737434] CPU: 1 PID: 8263 Comm: syz-executor.3 Not tainted 5.10.224 #1 [ 1462.738659] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1462.740452] Call Trace: [ 1462.740711] dump_stack+0x107/0x167 [ 1462.741079] should_fail.cold+0x5/0xa [ 1462.741930] _copy_from_user+0x2e/0x1b0 [ 1462.742326] do_pages_stat+0xf1/0x3b0 [ 1462.742702] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1462.743534] ? cpuset_mems_allowed+0x1af/0x440 [ 1462.743996] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1462.744489] ? trace_hardirqs_on+0x5b/0x180 [ 1462.744932] kernel_move_pages+0xb8f/0x11c0 [ 1462.745892] ? rcu_read_lock_any_held+0x75/0xa0 [ 1462.746339] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1462.746903] ? fput_many+0x2f/0x1a0 [ 1462.747259] ? ksys_write+0x1a9/0x260 [ 1462.747646] ? __ia32_sys_read+0xb0/0xb0 [ 1462.748061] __x64_sys_move_pages+0xdd/0x1b0 [ 1462.748496] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1462.749155] do_syscall_64+0x33/0x40 [ 1462.749517] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1462.749996] RIP: 0033:0x7f1e88ae8b19 [ 1462.750349] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1462.752139] RSP: 002b:00007f1e8605e188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1462.752854] RAX: ffffffffffffffda RBX: 00007f1e88bfbf60 RCX: 00007f1e88ae8b19 [ 1462.753524] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1462.754202] RBP: 00007f1e8605e1d0 R08: 0000000020000000 R09: 0000000000000000 [ 1462.754875] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1462.755546] R13: 00007ffda65e58df R14: 00007f1e8605e300 R15: 0000000000022000 [ 1462.822256] FAULT_INJECTION: forcing a failure. [ 1462.822256] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1462.823440] CPU: 1 PID: 8269 Comm: syz-executor.7 Not tainted 5.10.224 #1 [ 1462.824096] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1462.824909] Call Trace: [ 1462.825163] dump_stack+0x107/0x167 [ 1462.825523] should_fail.cold+0x5/0xa [ 1462.825911] _copy_to_user+0x2e/0x180 [ 1462.826277] do_pages_stat+0x2b4/0x3b0 [ 1462.826669] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1462.827248] ? cpuset_mems_allowed+0x1af/0x440 [ 1462.827709] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1462.828207] ? trace_hardirqs_on+0x5b/0x180 [ 1462.828646] kernel_move_pages+0xb8f/0x11c0 [ 1462.829068] ? rcu_read_lock_any_held+0x75/0xa0 [ 1462.829512] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1462.830085] ? fput_many+0x2f/0x1a0 [ 1462.830444] ? ksys_write+0x1a9/0x260 [ 1462.830822] ? __ia32_sys_read+0xb0/0xb0 [ 1462.831223] __x64_sys_move_pages+0xdd/0x1b0 [ 1462.831658] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1462.832152] do_syscall_64+0x33/0x40 [ 1462.832533] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1462.833025] RIP: 0033:0x7f8be6d86b19 [ 1462.833388] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1462.835153] RSP: 002b:00007f8be42fc188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1462.835905] RAX: ffffffffffffffda RBX: 00007f8be6e99f60 RCX: 00007f8be6d86b19 [ 1462.836612] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1462.837314] RBP: 00007f8be42fc1d0 R08: 0000000020000000 R09: 0000000000000000 [ 1462.838001] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1462.838677] R13: 00007ffd26b6f95f R14: 00007f8be42fc300 R15: 0000000000022000 15:23:56 executing program 2: syz_emit_ethernet(0x56, &(0x7f0000000080)={@random="20f9bdba2470", @remote, @void, {@canfd={0xd, {{}, 0x0, 0x0, 0x0, 0x0, "7bc74f84dbc157914cd8c864a1bea9a4d30d9eedbf84c7959dd76445502e8debf42a1f820f5fe25e762e614b3d9ae47ca38e6862065da5e5550f0dfc6eba6e8f"}}}}, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x8401, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f00000000c0)={'ipvlan1\x00'}) syz_emit_ethernet(0x84, &(0x7f0000000d40)={@broadcast, @multicast, @void, {@x25={0x805, {0x1, 0x42, 0x1b, "a1ca8b4a2b16e6b25e19a84eefc7133ccaa88f25c95c33eebce08278d857a30dd9e45d3c9767cf71d7814dd21850980ea6005cae3ae9685f8d264579fa480be3e51441b4ffe22bc90eb7da34f4be0f161692563ec071d65598cc70ba66dec69463177b8cab4dcac01dc46bb268042d01be1c42"}}}}, &(0x7f0000000100)={0x0, 0x4, [0xe4d, 0xd94, 0x782, 0xe3]}) r1 = openat$full(0xffffffffffffff9c, &(0x7f00000001c0), 0x100, 0x0) clone3(&(0x7f0000000440)={0x600, &(0x7f0000000240), &(0x7f0000000280), &(0x7f00000002c0)=0x0, {0x10}, &(0x7f0000000300)=""/93, 0x5d, &(0x7f0000000380)=""/101, &(0x7f0000000400)=[0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff], 0x9}, 0x58) r3 = gettid() process_vm_readv(r3, &(0x7f0000001a40)=[{&(0x7f00000018c0)=""/31, 0x1f}, {&(0x7f0000001b40)=""/124, 0x7a}, {&(0x7f0000001980)=""/161, 0xa1}], 0x3, &(0x7f0000001ec0)=[{&(0x7f0000001a80)=""/101, 0x65}, {&(0x7f0000002240)=""/183, 0xffffffbc}, {&(0x7f0000001bc0)=""/122, 0x7a}, {&(0x7f0000001c40)=""/163, 0xa3}, {&(0x7f0000001d00)=""/231, 0xe7}, {&(0x7f0000001e00)}, {&(0x7f0000001e40)=""/9, 0x9}, {&(0x7f0000001b00)=""/46, 0x2e}], 0x8, 0x0) sendmsg$nl_generic(r1, &(0x7f0000000cc0)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000c80)={&(0x7f00000004c0)={0x7bc, 0x20, 0x8, 0x70bd2c, 0x25dfdbfe, {0x1a}, [@typed={0x1d, 0x7b, 0x0, 0x0, @binary="854b34e6bda5d0534bca3acda5d878851ec6ed71d8dd6ff514"}, @nested={0x118, 0x1f, 0x0, 0x1, [@generic="feabed1e55b2fa5716aeef8d8b882466b164e43bc5a376a17fef526875fe746b63c74989a5ab5cb85fcf929bbbed4b1e12c12a445b1511edbd1372b0a2141d9c2c19a2b58c342923649c0993454b376c257cf15c49c959a8267555cf0db4d5f3f773d286f9eaa051716f569b33bf5946f2d3e036fb00a2e92ae32adcc8db2c298f3bc8ddf0d2077d7f735135980ea26432e5c615714f68080b6dab82c415ec3617f33bf0c849e3306f18c9acd71f32696dae1a525f7b5a89ce85da7f093a", @typed={0x8, 0x18, 0x0, 0x0, @fd=r0}, @generic="9e53c8afb2e5351d65ba0afa4f6656637190e8f7f4cba5d120c4c2aba7bd35267c2195a9d0237d9f543087a0bfbb16e0fbce2a0c091f63f2168825f82016be0ea9b6ae3375dc", @typed={0x8, 0x5d, 0x0, 0x0, @u32=0x8}]}, @generic="790bbb0e38afaf4906870495ef8b1c4153604194d1cbb9614cb971250ecea2322935c3f341162f8b2e15b519c1", @nested={0x3fb, 0x96, 0x0, 0x1, [@generic="4c93a76bdd5a5171a6c0f3ba733590bda5ced55d7a5d06313ea987a9631ae74281330d329a633246da26b7116602836cba0ad23e4fe46f1e63ae27c2da7950075cbd999cf13c3ec1c814087a3b524d3d815fb0b4663a8ed75eb99ff753eed36ed558a0d432f829f0fb3232adb653cf5fff510955071cff1a4cf10c25d369cfd83a6cdfc87c83ad0b8fbedc664448073d", @generic="dfe85feaff6057c88ef453e2de8c62db4f71cd9a154551e11b9c29d15fce9b", @generic="bc0fae503a1198e71a04d9150b46c9429d25d835c64e3c2765c012e0304ed2382d317c1437b08b618479e917ac5f7c1b0d5109b32c3eb18ae50c72c6856a6e35bd9307fb807d82f1ec044de1e10f0d2f6f2e4d5e84c8a653628a8956f00949ebccadb9e7a4355e1d3b7e1962512a8dbd49efa1ed2cf5a5bc24442b9e9745fbf0add6e2e9ee43543d80a538f8ef34f6a3eced0363aee694e8576aad50261642c267920dcf7deafc72ae25d4366cff0225d5912a0b1e12e5ea26cf096ad6fa8afe152306b8d65e", @generic="1bad4fd25886d47a6e34b35b947158b82fe4498ad5e8d4e92f2fd0a5aa137d3783f805a6674f4e012996d6808a31fba36d353e08bc641df7a81a1f809a457e694779ab9679a2898f6246717e4b57363ae2b48cfa41632efda820289c1cb1aeb74eb806abd620f2fdefdc23d16cd708821923ba3b29ffd14c95f2c96e431fac5910187be6e95d84bde28c28123e8b2ca89a37c3be0161df559be1851136d7cd6646f622550fb12e34f927c5a3b26d0ecc8585a066e61a18d98b43022ec0c670758691e50fbc54ca92dfff18ade1846a6c0cd44eae08f53562bee9a7a350e43a37e7b740f892f39d13d938cec2375d31026bca", @generic="7a5f2c07cfd492c77500d169513d770994ed305cfe2c70e7c55ebf5ed5b82211a76a4499d1e3da1e6eeaa9bf8ca1e226c72512aaf744d820e566cb750558b65acd89ddd988507677dd20cf11438ddedcef5d47e7a34c512d51984ec847cab4eb80bf88a9ae387ea41ec106121d216cc3bde7db0838de040261fab6f5aa3c258abe80dcfc5034ec5f612aeb61a686958a9acd6b61da44aa8adf497eb8dfb43193b01a936c33c639aa25a53081b043098743ff052dd0a8d34e5d3d8e782626702848df5fb00e5e752e13", @typed={0x8, 0x19, 0x0, 0x0, @pid=r2}, @typed={0x5, 0x47, 0x0, 0x0, @str='\x00'}, @generic="f856c5", @generic="945847fd80ca6e07c5545610b2b825e82eb81f79752ed592948b9fab7158b880a31a08e4a6625b6203efd97b198868db05814d9f7aabae6943b4fc171a223bbffb2dbd5d09cdeffcd6f0eb5ba8f65597a6160bd8dd88187f997daefa50a475d9c0a973d3d0be1e5b049720a0ae42faa8917585815adfef094991f763752ed41d3f7cdadeb11191e16088e50eab856db540a725556dc585fd158b467fd2fd901a45ce3bd4dfcb4c37960aac70d85affb44ebd5dab"]}, @generic="95623400ae02b0f4e9c3edbe215c7c0ca77dacb6bf9b8d0045352ea447170a8dbbe393b6fb6fb2ba7292638e702f221d35bc3502e7b2605091cf23bc90a7f821d6e216a5d63d8d22c32cf3cef52f9153d74604cde24e175342eea0d0afa93ead0b970844acc2fc08f0ed3bac8c0794005642b73bd217acaaeadd766ed85b336c4016f3231c560c617f791061700c29a189b43a2bcaa60495ffa137273bdaa5967c8d3ecebd7ba9510e50b1fd6e7e4b0e8306b1ab71ffb79932c34a479c", @typed={0xc, 0x95, 0x0, 0x0, @u64=0x7}, @typed={0xc, 0x5a, 0x0, 0x0, @u64=0x8}, @typed={0x4, 0x7a}, @nested={0x122, 0x57, 0x0, 0x1, [@generic="1f70c13f2d7722f8b1320663f5cc20b098a1553893a90b5d9d4994c7b0c8961c27b0fc98e4c78dfdbcea8733fabea0bad1ed097d0284a683b4e254bbfedbcf62c8d1", @typed={0x8, 0x7c, 0x0, 0x0, @pid=r3}, @generic="0e716e2c2f9e98fc0fc815e0719eab4cb48c54e2e24a67d20ffc8ae9139bc1de0c998950c276d255602ce76704a7259ef6849c5defb521a4bab1c6272af8a5f004f7028fda5d7ab1ec848ec75146be5d4401dfd04eb1f066f2c2c54fd6997269b3047f790338cf9f86ccfa4ffc74c179d74b0975b7f22405f095d494708a8189b3f8ed90b73db6feab63afe6d943a1e014bc6139dfdef056dbb80843d404491f1b4fecb1b5805e69d70f590ca04132b75f1db9d83cb198047deb0a4fe47ce0a21594b4f04d1a66d080305c7a8b359c33a7d4dd55"]}, @generic="2e7ee4d9e24ca4190f1b67b361dcf922d71fe9796256294ee82a0b4054db0db2a77ae39b7822b09d52bdf93fee5f62bc9ce2e91203695788ec67da5b60c552f98343afe830cab227"]}, 0x7bc}, 0x1, 0x0, 0x0, 0x400c004}, 0x40000) write$tun(r0, &(0x7f0000000d00)={@void, @val={0x1}, @arp=@ether_ipv6={0x1, 0x86dd, 0x6, 0x10, 0x4, @empty, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @multicast, @empty}}, 0x3e) syz_emit_ethernet(0x32, &(0x7f0000000000)={@random="0b95c2e70d53", @local, @val={@val={0x9100, 0x6, 0x0, 0x1}, {0x8100, 0x3, 0x0, 0x2}}, {@arp={0x806, @ether_ipv4={0x1, 0x800, 0x6, 0x4, 0x2, @random="091fbe950cc8", @remote, @empty, @broadcast}}}}, &(0x7f0000000180)={0x0, 0x1, [0xa71, 0xcd3, 0x204, 0x925]}) 15:23:57 executing program 5: perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x7, 0x60a4d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x80a}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = gettid() process_vm_readv(r0, &(0x7f0000001a40)=[{&(0x7f00000018c0)=""/31, 0x1f}, {&(0x7f0000001b40)=""/124, 0x7a}, {&(0x7f0000001980)=""/161, 0xa1}], 0x3, &(0x7f0000001ec0)=[{&(0x7f0000001a80)=""/101, 0x65}, {&(0x7f0000002240)=""/183, 0xffffffbc}, {&(0x7f0000001bc0)=""/122, 0x7a}, {&(0x7f0000001c40)=""/163, 0xa3}, {&(0x7f0000001d00)=""/231, 0xe7}, {&(0x7f0000001e00)}, {&(0x7f0000001e40)=""/9, 0x9}, {&(0x7f0000001b00)=""/46, 0x2e}], 0x8, 0x0) 15:23:57 executing program 4: perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) msgget(0x1, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 74) 15:23:57 executing program 1: syz_emit_ethernet(0x56, &(0x7f0000000080)={@random="20f9bdba2470", @remote, @void, {@canfd={0xd, {{}, 0x0, 0x0, 0x0, 0x0, "7bc74f84dbc157914cd8c864a1bea9a4d30d9eedbf84c7959dd76445502e8debf42a1f820f5fe25e762e614b3d9ae47ca38e6862065da5e5550f0dfc6eba6e8f"}}}}, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x8401, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f00000000c0)={'ipvlan1\x00'}) write$tun(r0, &(0x7f0000000180)=ANY=[@ANYBLOB="0104000000603cdefa001021002c3d54e4140f7bb33677d4ba7b03c4bcfe880000000000000052c06eb283080076b3db93470de5a800000000000001fe8000000000008000000000000000aa00"], 0x42) r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x105142, 0x0) lseek(r1, 0x0, 0x2) r2 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x4000, 0x128) copy_file_range(r2, 0x0, r1, 0x0, 0x200f5ef, 0x0) ioctl$TUNSETCARRIER(r2, 0x400454e2, &(0x7f0000000000)) r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCETHTOOL(r3, 0x8946, &(0x7f0000000100)={'veth1_to_hsr\x00', &(0x7f0000000200)=@ethtool_rxnfc={0x2a, 0x9, 0x1, {0x7, @sctp_ip4_spec={@remote, @rand_addr=0x64010102, 0x4e23, 0x4e21, 0x3}, {0x0, @random="da9b6434b4a3", 0x1f, 0x4, [0x101, 0xfffffffd]}, @sctp_ip4_spec={@multicast2, @remote, 0x4e22, 0x4e24, 0x6}, {0x0, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x27}, 0xfffc, 0x40, [0x2, 0x400]}, 0x80, 0xffff7fff}, 0x2, [0x1, 0x1]}}) 15:23:57 executing program 7: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000100)={0x0, 0x0}) capset(&(0x7f0000000180)={0x20080522, r0}, &(0x7f00000002c0)={0x40, 0x0, 0xfffffaf2, 0x6, 0xffffffff, 0x40}) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000)='wlan1\x00', 0x10) sendfile(r1, 0xffffffffffffffff, 0x0, 0x6) msgctl$IPC_RMID(0x0, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 27) 15:23:57 executing program 0: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) setsockopt$packet_rx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0) msgget(0x1, 0x0) ioctl$EXT4_IOC_PRECACHE_EXTENTS(0xffffffffffffffff, 0x6612) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 82) 15:23:57 executing program 3: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000100)={0x0, 0x0}) capset(&(0x7f0000000180)={0x20080522, r0}, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/locks\x00', 0x0, 0x0) ioctl$FS_IOC_SETVERSION(r2, 0x40087602, &(0x7f0000000040)=0x20) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000)='wlan1\x00', 0x10) sendfile(r1, r2, 0x0, 0x6) r3 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r3, 0x0, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 9) 15:23:57 executing program 5: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000001c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_GET_KEY(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000080)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="010000000000000000000900000008000300", @ANYRES32=r3, @ANYBLOB="19009344e2"], 0x24}}, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r4 = gettid() process_vm_readv(r4, &(0x7f0000001a40)=[{&(0x7f00000018c0)=""/31, 0x1f}, {&(0x7f0000001b40)=""/124, 0x7c}, {&(0x7f00000000c0)=""/161, 0xa1}], 0x3, &(0x7f0000001ec0)=[{&(0x7f0000000180)=""/110, 0x6e}, {&(0x7f0000002240)=""/183, 0xb7}, {&(0x7f0000001bc0)=""/122, 0x7a}, {&(0x7f0000001c40)=""/163, 0xa3}, {&(0x7f0000001d00)=""/231, 0xfffffffffffffd02}, {&(0x7f0000001e00)}, {&(0x7f0000001e40)=""/9, 0x9}, {&(0x7f0000001b00)=""/46, 0x2e}], 0x8, 0x0) r5 = openat2(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', &(0x7f0000000200)={0x181201}, 0x18) r6 = syz_io_uring_setup(0x3ca0, &(0x7f0000000080), &(0x7f0000400000/0xc00000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000280)=0x0) r9 = io_uring_register$IORING_REGISTER_PERSONALITY(r6, 0x9, 0x0, 0x0) syz_io_uring_submit(r7, r8, &(0x7f0000000000)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, r9}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000280)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x3, 0x0, r5, 0x0, &(0x7f0000000240)="d9e6aed31556fe8bdb485b9382cf785408e58b3916a8c5514c7d3e63f3810b87e41c044d6df237f3d874b9a485b422d888873a08335512472114", 0x3a, 0x10040, 0x1, {0x0, r9}}, 0x0) 15:23:57 executing program 6: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 84) 15:23:57 executing program 7: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000100)={0x0, 0x0}) capset(&(0x7f0000000180)={0x20080522, r0}, &(0x7f00000002c0)={0x40, 0x0, 0xfffffaf2, 0x6, 0xffffffff, 0x40}) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000)='wlan1\x00', 0x10) sendfile(r1, 0xffffffffffffffff, 0x0, 0x6) msgctl$IPC_RMID(0x0, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 28) [ 1477.425096] FAULT_INJECTION: forcing a failure. [ 1477.425096] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1477.426251] CPU: 1 PID: 8279 Comm: syz-executor.4 Not tainted 5.10.224 #1 [ 1477.426911] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1477.427663] Call Trace: [ 1477.427898] dump_stack+0x107/0x167 [ 1477.428211] should_fail.cold+0x5/0xa [ 1477.428547] _copy_from_user+0x2e/0x1b0 [ 1477.428894] do_pages_stat+0xf1/0x3b0 [ 1477.429226] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1477.429722] ? cpuset_mems_allowed+0x1af/0x440 [ 1477.430124] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1477.430552] ? trace_hardirqs_on+0x5b/0x180 [ 1477.430926] kernel_move_pages+0xb8f/0x11c0 [ 1477.431319] ? rcu_read_lock_any_held+0x75/0xa0 [ 1477.431717] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1477.432208] ? fput_many+0x2f/0x1a0 [ 1477.432525] ? ksys_write+0x1a9/0x260 [ 1477.432855] ? __ia32_sys_read+0xb0/0xb0 [ 1477.433204] __x64_sys_move_pages+0xdd/0x1b0 [ 1477.433582] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1477.434018] do_syscall_64+0x33/0x40 [ 1477.434336] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1477.434769] RIP: 0033:0x7f1c0ae11b19 [ 1477.435086] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1477.436642] RSP: 002b:00007f1c08387188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1477.437289] RAX: ffffffffffffffda RBX: 00007f1c0af24f60 RCX: 00007f1c0ae11b19 [ 1477.437894] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1477.438503] RBP: 00007f1c083871d0 R08: 0000000020000000 R09: 0000000000000000 [ 1477.439123] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1477.439736] R13: 00007ffd2ddfd2cf R14: 00007f1c08387300 R15: 0000000000022000 15:24:11 executing program 4: perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) msgget(0x1, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 75) 15:24:11 executing program 1: syz_emit_ethernet(0x56, &(0x7f0000000080)={@random="20f9bdba2470", @remote, @void, {@canfd={0xd, {{}, 0x0, 0x0, 0x0, 0x0, "7bc74f84dbc157914cd8c864a1bea9a4d30d9eedbf84c7959dd76445502e8debf42a1f820f5fe25e762e614b3d9ae47ca38e6862065da5e5550f0dfc6eba6e8f"}}}}, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x8401, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f00000000c0)={'ipvlan1\x00'}) write$tun(r0, &(0x7f0000000100)={@void, @val={0x1, 0x4, 0x0, 0x2}, @ipv6=@dccp_packet={0x0, 0x6, "3cdefa", 0x10, 0x21, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @local, {[], {{0x0, 0x0, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "265d99", 0x0, "960cee"}}}}}, 0x42) write(r0, &(0x7f0000000180)="c9aa05676180e93172c3aad13c4e84bccc5342756794cdeae216f3caf5b20a032cef4e7b92bc8c5517b351f2a2b36966b12b9aab55e3a1322b3980e6f9da516e6636fbcc734430e2161ef0cab40899c11c696ffab9ca33f66a1e7c8d5a6f8d7315f8dcacda3196e436c31c6521d65e8344224f79ba8658abae97366ab3a149edda585eb79d481464f245459b051b83aa4cf0ce157ac6f1e5a8bb8b43a538e40066cdf3", 0xa3) 15:24:11 executing program 7: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000100)={0x0, 0x0}) capset(&(0x7f0000000180)={0x20080522, r0}, &(0x7f00000002c0)={0x40, 0x0, 0xfffffaf2, 0x6, 0xffffffff, 0x40}) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000)='wlan1\x00', 0x10) sendfile(r1, 0xffffffffffffffff, 0x0, 0x6) msgctl$IPC_RMID(0x0, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 29) 15:24:11 executing program 5: perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffb8e}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = gettid() rt_sigqueueinfo(r0, 0x40, &(0x7f00000000c0)={0x1d, 0xeda, 0x7fff}) process_vm_readv(r0, &(0x7f0000001a40)=[{&(0x7f00000018c0)=""/31, 0x1f}, {&(0x7f0000001b40)=""/124, 0x7a}, {&(0x7f0000001980)=""/161, 0xa1}], 0x3, &(0x7f0000001ec0)=[{&(0x7f0000001a80)=""/101, 0x65}, {&(0x7f0000002240)=""/183, 0xffffffbc}, {&(0x7f0000001bc0)=""/122, 0x7a}, {&(0x7f0000001c40)=""/163, 0xa3}, {&(0x7f0000001d00)=""/231, 0xe7}, {&(0x7f0000001e00)}, {&(0x7f0000001e40)=""/9, 0x9}, {&(0x7f0000001b00)=""/46, 0x2e}], 0x8, 0x0) 15:24:11 executing program 0: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) setsockopt$packet_rx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0) msgget(0x1, 0x0) ioctl$EXT4_IOC_PRECACHE_EXTENTS(0xffffffffffffffff, 0x6612) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 83) 15:24:11 executing program 6: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 85) 15:24:11 executing program 3: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000100)={0x0, 0x0}) capset(&(0x7f0000000180)={0x20080522, r0}, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/locks\x00', 0x0, 0x0) ioctl$FS_IOC_SETVERSION(r2, 0x40087602, &(0x7f0000000040)=0x20) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000)='wlan1\x00', 0x10) sendfile(r1, r2, 0x0, 0x6) r3 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r3, 0x0, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 10) 15:24:11 executing program 2: syz_emit_ethernet(0x56, &(0x7f00000055c0)=ANY=[@ANYBLOB="20f9bdba2470aaaaaaaaaabb000dec193b7768cec7bb4c086d0fc9ffe93ccb4f6e167ba57bc74f84dbc157914cd8c864a1bea9a4d30d9eedbf84c7959dd76426502e8debf42a1f820f5fe25e762e614b3d9a44d1b0e3cf563ebcd2c581366c1c9d1ae47ca38e6862065da5e5550f0dfc6eba6e"], 0x0) r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000000), 0x18000, 0x0) recvmmsg(r0, &(0x7f0000005440)=[{{0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000180)=""/235, 0xeb}, {&(0x7f0000000280)=""/4096, 0x1000}, {&(0x7f0000001280)=""/210, 0xd2}, {&(0x7f0000001380)=""/137, 0x89}, {&(0x7f0000001440)=""/188, 0xbc}], 0x5, &(0x7f0000001580)=""/150, 0x96}, 0x800}, {{&(0x7f0000001640)=@nl=@proc, 0x80, &(0x7f0000001b00)=[{&(0x7f00000016c0)=""/228, 0xe4}, {&(0x7f00000017c0)=""/89, 0x59}, {&(0x7f0000001840)=""/87, 0x57}, {&(0x7f00000018c0)=""/101, 0x65}, {&(0x7f0000001940)=""/11, 0xb}, {&(0x7f0000001980)=""/131, 0x83}, {&(0x7f0000001a40)=""/189, 0xbd}], 0x7, &(0x7f0000001b80)=""/174, 0xae}, 0x7}, {{&(0x7f0000001c40)=@hci, 0x80, &(0x7f0000003e40)=[{&(0x7f0000001cc0)=""/4096, 0x1000}, {&(0x7f0000002cc0)=""/4096, 0x1000}, {&(0x7f0000003cc0)=""/122, 0x7a}, {&(0x7f0000003d40)=""/179, 0xb3}, {&(0x7f0000003e00)=""/46, 0x2e}], 0x5, &(0x7f0000003ec0)=""/225, 0xe1}, 0x78a7fd9e}, {{&(0x7f0000003fc0)=@l2tp6={0xa, 0x0, 0x0, @dev}, 0x80, &(0x7f0000004240)=[{&(0x7f0000004040)=""/230, 0xe6}, {&(0x7f0000004140)=""/250, 0xfa}], 0x2, &(0x7f0000004280)=""/4096, 0x1000}, 0x200}, {{&(0x7f0000005280)=@generic, 0x80, &(0x7f00000053c0)=[{&(0x7f0000005300)=""/179, 0xb3}], 0x1, &(0x7f0000005400)=""/57, 0x39}, 0x3}], 0x5, 0x2, &(0x7f0000005580)={0x77359400}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x8401, 0x0) ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f00000000c0)={'ipvlan1\x00'}) write$tun(r1, &(0x7f0000000100)=ANY=[@ANYBLOB="01000000000000000000603cdefa00102100fe88000000000000000000000001fe8000000000000000000000000000aa000000000401907800265d9900960cee0000"], 0x42) [ 1477.461355] FAULT_INJECTION: forcing a failure. [ 1477.461355] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1477.464350] FAULT_INJECTION: forcing a failure. [ 1477.464350] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1477.468124] CPU: 1 PID: 8290 Comm: syz-executor.6 Not tainted 5.10.224 #1 [ 1477.469730] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1477.470425] Call Trace: [ 1477.470652] dump_stack+0x107/0x167 [ 1477.470971] should_fail.cold+0x5/0xa [ 1477.471313] _copy_from_user+0x2e/0x1b0 [ 1477.471652] do_pages_stat+0xf1/0x3b0 [ 1477.471986] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1477.472473] ? cpuset_mems_allowed+0x1af/0x440 [ 1477.472878] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1477.473302] ? trace_hardirqs_on+0x5b/0x180 [ 1477.473671] kernel_move_pages+0xb8f/0x11c0 [ 1477.474045] ? rcu_read_lock_any_held+0x75/0xa0 [ 1477.474437] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1477.474931] ? fput_many+0x2f/0x1a0 [ 1477.475253] ? ksys_write+0x1a9/0x260 [ 1477.475576] ? __ia32_sys_read+0xb0/0xb0 [ 1477.475933] __x64_sys_move_pages+0xdd/0x1b0 [ 1477.476305] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1477.476738] do_syscall_64+0x33/0x40 [ 1477.477055] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1477.477482] RIP: 0033:0x7f28eb741b19 [ 1477.477802] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1477.479341] RSP: 002b:00007f28e8cb7188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1477.479982] RAX: ffffffffffffffda RBX: 00007f28eb854f60 RCX: 00007f28eb741b19 [ 1477.480575] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1477.481179] RBP: 00007f28e8cb71d0 R08: 0000000020000000 R09: 0000000000000000 [ 1477.481776] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1477.482375] R13: 00007ffd318d456f R14: 00007f28e8cb7300 R15: 0000000000022000 [ 1477.483003] CPU: 0 PID: 8287 Comm: syz-executor.0 Not tainted 5.10.224 #1 [ 1477.483655] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1477.484408] Call Trace: [ 1477.484670] dump_stack+0x107/0x167 [ 1477.485013] should_fail.cold+0x5/0xa [ 1477.485379] _copy_from_user+0x2e/0x1b0 [ 1477.485759] do_pages_stat+0xf1/0x3b0 [ 1477.486124] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1477.486137] FAULT_INJECTION: forcing a failure. [ 1477.486137] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1477.487690] ? cpuset_mems_allowed+0x1af/0x440 [ 1477.488126] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1477.488585] ? trace_hardirqs_on+0x5b/0x180 [ 1477.488994] kernel_move_pages+0xb8f/0x11c0 [ 1477.489401] ? rcu_read_lock_any_held+0x75/0xa0 [ 1477.489832] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1477.490359] ? fput_many+0x2f/0x1a0 [ 1477.490700] ? ksys_write+0x1a9/0x260 [ 1477.491059] ? __ia32_sys_read+0xb0/0xb0 [ 1477.491445] __x64_sys_move_pages+0xdd/0x1b0 [ 1477.491856] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1477.492328] do_syscall_64+0x33/0x40 [ 1477.492672] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1477.493145] RIP: 0033:0x7f6fdcf13b19 [ 1477.493487] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1477.495129] RSP: 002b:00007f6fda489188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1477.495834] RAX: ffffffffffffffda RBX: 00007f6fdd026f60 RCX: 00007f6fdcf13b19 [ 1477.496473] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1477.497123] RBP: 00007f6fda4891d0 R08: 0000000020000000 R09: 0000000000000000 [ 1477.497766] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1477.498408] R13: 00007ffee9bd176f R14: 00007f6fda489300 R15: 0000000000022000 [ 1477.499078] CPU: 1 PID: 8291 Comm: syz-executor.7 Not tainted 5.10.224 #1 [ 1477.499700] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1477.500402] Call Trace: [ 1477.500631] dump_stack+0x107/0x167 [ 1477.500943] should_fail.cold+0x5/0xa [ 1477.501270] _copy_from_user+0x2e/0x1b0 [ 1477.501611] do_pages_stat+0xf1/0x3b0 [ 1477.501950] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1477.502443] ? cpuset_mems_allowed+0x1af/0x440 [ 1477.502841] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1477.503292] ? trace_hardirqs_on+0x5b/0x180 [ 1477.503662] kernel_move_pages+0xb8f/0x11c0 [ 1477.504043] ? rcu_read_lock_any_held+0x75/0xa0 [ 1477.504447] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1477.504947] ? fput_many+0x2f/0x1a0 [ 1477.505256] ? ksys_write+0x1a9/0x260 [ 1477.505578] ? __ia32_sys_read+0xb0/0xb0 [ 1477.505931] __x64_sys_move_pages+0xdd/0x1b0 [ 1477.506303] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1477.506734] do_syscall_64+0x33/0x40 [ 1477.507048] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1477.507492] RIP: 0033:0x7f8be6d86b19 [ 1477.507808] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1477.509345] RSP: 002b:00007f8be42fc188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1477.509984] RAX: ffffffffffffffda RBX: 00007f8be6e99f60 RCX: 00007f8be6d86b19 [ 1477.510581] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1477.511184] RBP: 00007f8be42fc1d0 R08: 0000000020000000 R09: 0000000000000000 [ 1477.511791] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1477.512389] R13: 00007ffd26b6f95f R14: 00007f8be42fc300 R15: 0000000000022000 15:24:12 executing program 4: perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) msgget(0x1, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 76) 15:24:12 executing program 7: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000100)={0x0, 0x0}) capset(&(0x7f0000000180)={0x20080522, r0}, &(0x7f00000002c0)={0x40, 0x0, 0xfffffaf2, 0x6, 0xffffffff, 0x40}) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000)='wlan1\x00', 0x10) sendfile(r1, 0xffffffffffffffff, 0x0, 0x6) msgctl$IPC_RMID(0x0, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 30) [ 1477.548399] FAULT_INJECTION: forcing a failure. [ 1477.548399] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1477.549502] CPU: 0 PID: 8289 Comm: syz-executor.3 Not tainted 5.10.224 #1 [ 1477.550121] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1477.550865] Call Trace: [ 1477.551126] dump_stack+0x107/0x167 [ 1477.551481] should_fail.cold+0x5/0xa [ 1477.551851] _copy_to_user+0x2e/0x180 [ 1477.552208] do_pages_stat+0x2b4/0x3b0 [ 1477.552580] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1477.553119] ? cpuset_mems_allowed+0x1af/0x440 [ 1477.553553] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1477.554015] ? trace_hardirqs_on+0x5b/0x180 [ 1477.554420] kernel_move_pages+0xb8f/0x11c0 [ 1477.554838] ? rcu_read_lock_any_held+0x75/0xa0 [ 1477.555272] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1477.555802] ? fput_many+0x2f/0x1a0 [ 1477.556144] ? ksys_write+0x1a9/0x260 [ 1477.556494] ? __ia32_sys_read+0xb0/0xb0 [ 1477.556876] __x64_sys_move_pages+0xdd/0x1b0 [ 1477.557284] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1477.557751] do_syscall_64+0x33/0x40 [ 1477.558093] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1477.558559] RIP: 0033:0x7f1e88ae8b19 [ 1477.558903] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1477.560562] RSP: 002b:00007f1e8605e188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1477.561258] RAX: ffffffffffffffda RBX: 00007f1e88bfbf60 RCX: 00007f1e88ae8b19 [ 1477.561909] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1477.562560] RBP: 00007f1e8605e1d0 R08: 0000000020000000 R09: 0000000000000000 [ 1477.563225] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1477.563304] FAULT_INJECTION: forcing a failure. [ 1477.563304] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1477.563872] R13: 00007ffda65e58df R14: 00007f1e8605e300 R15: 0000000000022000 [ 1477.565531] CPU: 1 PID: 8297 Comm: syz-executor.7 Not tainted 5.10.224 #1 [ 1477.566102] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1477.566791] Call Trace: [ 1477.567020] dump_stack+0x107/0x167 [ 1477.567344] should_fail.cold+0x5/0xa [ 1477.567672] _copy_to_user+0x2e/0x180 [ 1477.568002] do_pages_stat+0x2b4/0x3b0 [ 1477.568344] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1477.568832] ? cpuset_mems_allowed+0x1af/0x440 [ 1477.569226] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1477.569649] ? trace_hardirqs_on+0x5b/0x180 [ 1477.570020] kernel_move_pages+0xb8f/0x11c0 [ 1477.570393] ? rcu_read_lock_any_held+0x75/0xa0 [ 1477.570788] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1477.571292] ? fput_many+0x2f/0x1a0 [ 1477.571607] ? ksys_write+0x1a9/0x260 [ 1477.571931] ? __ia32_sys_read+0xb0/0xb0 [ 1477.572278] __x64_sys_move_pages+0xdd/0x1b0 [ 1477.572652] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1477.573083] do_syscall_64+0x33/0x40 [ 1477.573399] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1477.573827] RIP: 0033:0x7f8be6d86b19 [ 1477.574143] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1477.575682] RSP: 002b:00007f8be42fc188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1477.576330] RAX: ffffffffffffffda RBX: 00007f8be6e99f60 RCX: 00007f8be6d86b19 [ 1477.576927] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1477.577526] RBP: 00007f8be42fc1d0 R08: 0000000020000000 R09: 0000000000000000 [ 1477.578121] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1477.578715] R13: 00007ffd26b6f95f R14: 00007f8be42fc300 R15: 0000000000022000 15:24:12 executing program 5: r0 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() process_vm_readv(r1, &(0x7f0000001a40)=[{&(0x7f00000018c0)=""/31, 0x1f}, {&(0x7f0000001b40)=""/124, 0x7a}, {&(0x7f0000001980)=""/161, 0xa1}], 0x3, &(0x7f0000001ec0)=[{&(0x7f0000001a80)=""/101, 0x65}, {&(0x7f0000002240)=""/183, 0xffffffbc}, {&(0x7f0000001bc0)=""/122, 0x7a}, {&(0x7f0000001c40)=""/163, 0xa3}, {&(0x7f0000001d00)=""/231, 0xe7}, {&(0x7f0000001e00)}, {&(0x7f0000001e40)=""/9, 0x9}, {&(0x7f0000001b00)=""/46, 0x2e}], 0x8, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0xa, 0x13, r2, 0x0) syz_io_uring_complete(r3) syz_io_uring_submit(r3, 0x0, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x5, 0x4007, @fd=r0, 0x5, &(0x7f00000000c0)="2aa873543ddbfd901f6b7123d127f541634a2dd54514f37634ae17952a69b3b123923eb24751043c91ed99d502d276c186ee89f2c490cc6cfc99a0ff313dcfa313fb735fed73b8a2f0c906f6e09a4ca457dd178fcd2cc5fdc029ff3dd6489dadff0d3a82456c88dc7f3186313467825ca1d9d78298798e16", 0x78, 0x14, 0x1}, 0x5) 15:24:12 executing program 0: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) setsockopt$packet_rx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0) msgget(0x1, 0x0) ioctl$EXT4_IOC_PRECACHE_EXTENTS(0xffffffffffffffff, 0x6612) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 84) 15:24:12 executing program 6: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 86) 15:24:12 executing program 1: syz_emit_ethernet(0x2c, &(0x7f0000000080)={@random="0000008000", @local, @void, {@arp={0x806, @generic={0x338, 0x80f3, 0x6, 0x7, 0x4, @local, "36a39dffde030e", @random="56ae177dbbc0", "d8e0e8"}}}}, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x8401, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f00000000c0)={'ipvlan1\x00'}) write$tun(r0, &(0x7f0000000100)={@void, @val={0x1, 0x4, 0x0, 0x2}, @ipv6=@dccp_packet={0x0, 0x6, "3cdefa", 0x10, 0x21, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @local, {[], {{0x0, 0x0, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "265d99", 0x0, "960cee"}}}}}, 0x42) 15:24:12 executing program 2: syz_emit_ethernet(0x56, &(0x7f0000000080)={@random="20f9bdba2470", @remote, @void, {@canfd={0xd, {{}, 0x0, 0x0, 0x0, 0x0, "7bc74f84dbc157914cd8c864a1bea9a4d30d9eedbf84c7959dd76445502e8debf42a1f820f5fe25e762e614b3d9ae47ca38e6862065da5e5550f0dfc6eba6e8f"}}}}, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x8401, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f00000000c0)={'ipvlan1\x00'}) write$tun(r0, &(0x7f0000000100)={@void, @val={0x1}, @ipv6=@dccp_packet={0x0, 0x6, "3cdefa", 0x10, 0x21, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @local, {[], {{0x0, 0x0, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "265d99", 0x0, "960cee"}}}}}, 0x42) write$tun(r0, &(0x7f0000000000)={@val={0x0, 0x88f5}, @val={0x2, 0x3, 0x80, 0xa8, 0x1, 0x100}, @llc={@snap={0x1, 0xe0cc466631852c50, "85", "9142ab", 0xa01}}}, 0x16) 15:24:12 executing program 3: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000100)={0x0, 0x0}) capset(&(0x7f0000000180)={0x20080522, r0}, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/locks\x00', 0x0, 0x0) ioctl$FS_IOC_SETVERSION(r2, 0x40087602, &(0x7f0000000040)=0x20) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000)='wlan1\x00', 0x10) sendfile(r1, r2, 0x0, 0x6) r3 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r3, 0x0, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 11) [ 1477.657717] FAULT_INJECTION: forcing a failure. [ 1477.657717] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1477.658782] CPU: 1 PID: 8303 Comm: syz-executor.0 Not tainted 5.10.224 #1 [ 1477.659371] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1477.660069] Call Trace: [ 1477.660303] dump_stack+0x107/0x167 [ 1477.660616] should_fail.cold+0x5/0xa [ 1477.660950] _copy_to_user+0x2e/0x180 [ 1477.661281] do_pages_stat+0x2b4/0x3b0 [ 1477.661622] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1477.662116] ? cpuset_mems_allowed+0x1af/0x440 [ 1477.662514] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1477.662942] ? trace_hardirqs_on+0x5b/0x180 [ 1477.663333] kernel_move_pages+0xb8f/0x11c0 [ 1477.663710] ? rcu_read_lock_any_held+0x75/0xa0 [ 1477.664104] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1477.664596] ? fput_many+0x2f/0x1a0 [ 1477.664911] ? ksys_write+0x1a9/0x260 [ 1477.665236] ? __ia32_sys_read+0xb0/0xb0 [ 1477.665586] __x64_sys_move_pages+0xdd/0x1b0 [ 1477.665962] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1477.666397] do_syscall_64+0x33/0x40 [ 1477.666715] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1477.667146] RIP: 0033:0x7f6fdcf13b19 [ 1477.667493] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1477.675971] RSP: 002b:00007f6fda489188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1477.676609] RAX: ffffffffffffffda RBX: 00007f6fdd026f60 RCX: 00007f6fdcf13b19 [ 1477.677201] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1477.677792] RBP: 00007f6fda4891d0 R08: 0000000020000000 R09: 0000000000000000 [ 1477.678382] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1477.678973] R13: 00007ffee9bd176f R14: 00007f6fda489300 R15: 0000000000022000 [ 1477.698299] FAULT_INJECTION: forcing a failure. [ 1477.698299] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1477.699518] CPU: 0 PID: 8306 Comm: syz-executor.6 Not tainted 5.10.224 #1 [ 1477.700144] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1477.700902] Call Trace: [ 1477.701159] dump_stack+0x107/0x167 [ 1477.701505] should_fail.cold+0x5/0xa [ 1477.701878] _copy_to_user+0x2e/0x180 [ 1477.702241] do_pages_stat+0x2b4/0x3b0 [ 1477.702618] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1477.703159] ? trace_hardirqs_on+0x5b/0x180 [ 1477.703595] ? _raw_spin_unlock_irqrestore+0x25/0x40 [ 1477.704079] kernel_move_pages+0xb8f/0x11c0 [ 1477.704495] ? rcu_read_lock_any_held+0x75/0xa0 [ 1477.704934] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1477.705473] ? fput_many+0x2f/0x1a0 [ 1477.705823] ? ksys_write+0x1a9/0x260 [ 1477.706178] ? __ia32_sys_read+0xb0/0xb0 [ 1477.706561] __x64_sys_move_pages+0xdd/0x1b0 [ 1477.706976] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1477.707466] do_syscall_64+0x33/0x40 [ 1477.707815] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1477.708286] RIP: 0033:0x7f28eb741b19 [ 1477.708634] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1477.710303] RSP: 002b:00007f28e8cb7188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1477.711018] RAX: ffffffffffffffda RBX: 00007f28eb854f60 RCX: 00007f28eb741b19 [ 1477.711691] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1477.712344] RBP: 00007f28e8cb71d0 R08: 0000000020000000 R09: 0000000000000000 [ 1477.713004] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1477.713672] R13: 00007ffd318d456f R14: 00007f28e8cb7300 R15: 0000000000022000 [ 1477.720870] FAULT_INJECTION: forcing a failure. [ 1477.720870] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1477.723316] CPU: 1 PID: 8310 Comm: syz-executor.3 Not tainted 5.10.224 #1 [ 1477.723909] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1477.724608] Call Trace: [ 1477.724839] dump_stack+0x107/0x167 [ 1477.725151] should_fail.cold+0x5/0xa [ 1477.725486] _copy_from_user+0x2e/0x1b0 [ 1477.725829] do_pages_stat+0xf1/0x3b0 [ 1477.726163] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1477.726664] ? cpuset_mems_allowed+0x1af/0x440 [ 1477.727063] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1477.727515] ? trace_hardirqs_on+0x5b/0x180 [ 1477.727888] kernel_move_pages+0xb8f/0x11c0 [ 1477.728259] ? rcu_read_lock_any_held+0x75/0xa0 [ 1477.728652] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1477.729141] ? fput_many+0x2f/0x1a0 [ 1477.729452] ? ksys_write+0x1a9/0x260 [ 1477.729777] ? __ia32_sys_read+0xb0/0xb0 [ 1477.730122] __x64_sys_move_pages+0xdd/0x1b0 [ 1477.730495] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1477.730925] do_syscall_64+0x33/0x40 [ 1477.731252] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1477.731682] RIP: 0033:0x7f1e88ae8b19 [ 1477.731999] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1477.733536] RSP: 002b:00007f1e8605e188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1477.734176] RAX: ffffffffffffffda RBX: 00007f1e88bfbf60 RCX: 00007f1e88ae8b19 [ 1477.734771] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1477.735386] RBP: 00007f1e8605e1d0 R08: 0000000020000000 R09: 0000000000000000 [ 1477.735987] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1477.736585] R13: 00007ffda65e58df R14: 00007f1e8605e300 R15: 0000000000022000 15:24:12 executing program 7: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000100)={0x0, 0x0}) capset(&(0x7f0000000180)={0x20080522, r0}, &(0x7f00000002c0)={0x40, 0x0, 0xfffffaf2, 0x6, 0xffffffff, 0x40}) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000)='wlan1\x00', 0x10) sendfile(r1, 0xffffffffffffffff, 0x0, 0x6) msgctl$IPC_RMID(0x0, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 31) 15:24:12 executing program 2: r0 = openat$cgroup(0xffffffffffffffff, &(0x7f0000000000)='syz1\x00', 0x200002, 0x0) dup2(0xffffffffffffffff, r0) syz_emit_ethernet(0x56, &(0x7f0000000080)={@random="20f9bdba2470", @remote, @void, {@canfd={0xd, {{}, 0x0, 0x0, 0x0, 0x0, "7bc74f84dbc157914cd8c864a1bea9a4d30d9eedbf84c7959dd76445502e8debf42a1f820f5fe25e762e614b3d9ae47ca38e6862065da5e5550f0dfc6eba6e8f"}}}}, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x8401, 0x0) ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f00000000c0)={'ipvlan1\x00'}) write$tun(r1, &(0x7f0000000100)={@void, @val={0x1}, @ipv6=@dccp_packet={0x0, 0x6, "3cdefa", 0x10, 0x21, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @local, {[], {{0x0, 0x0, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "265d99", 0x0, "960cee"}}}}}, 0x42) [ 1477.797220] FAULT_INJECTION: forcing a failure. [ 1477.797220] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1477.798359] CPU: 0 PID: 8302 Comm: syz-executor.4 Not tainted 5.10.224 #1 15:24:12 executing program 5: r0 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, &(0x7f0000000140)={{0x1, 0x1, 0x18, r0}, './file0\x00'}) perf_event_open(&(0x7f00000000c0)={0x4, 0x80, 0x8, 0x7f, 0x1, 0x80, 0x0, 0x6, 0x20401, 0x8, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x3, 0x4, @perf_bp={&(0x7f0000000000), 0x8}, 0x1, 0x8001, 0xd7, 0x4, 0x54, 0x2, 0xfff, 0x0, 0x2, 0x0, 0x6}, r1, 0x7, r2, 0xb) process_vm_readv(r1, &(0x7f0000001a40)=[{&(0x7f00000018c0)=""/31, 0x1f}, {&(0x7f0000001b40)=""/124, 0x7a}, {&(0x7f0000001980)=""/161, 0xa1}], 0x3, &(0x7f0000001ec0)=[{&(0x7f0000001a80)=""/101, 0x65}, {&(0x7f0000002240)=""/183, 0xffffffbc}, {&(0x7f0000001bc0)=""/122, 0x7a}, {&(0x7f0000001c40)=""/163, 0xa3}, {&(0x7f0000001d00)=""/231, 0xe7}, {&(0x7f0000001e00)}, {&(0x7f0000001e40)=""/9, 0x9}, {&(0x7f0000001b00)=""/46, 0x2e}], 0x8, 0x0) [ 1477.798982] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1477.799748] Call Trace: [ 1477.800006] dump_stack+0x107/0x167 [ 1477.800347] should_fail.cold+0x5/0xa [ 1477.800715] _copy_to_user+0x2e/0x180 [ 1477.801075] do_pages_stat+0x2b4/0x3b0 [ 1477.801448] ? trace_raw_output_mm_migrate_pages+0x290/0x290 15:24:12 executing program 0: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) setsockopt$packet_rx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0) msgget(0x1, 0x0) ioctl$EXT4_IOC_PRECACHE_EXTENTS(0xffffffffffffffff, 0x6612) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 85) [ 1477.801992] ? cpuset_mems_allowed+0x1af/0x440 [ 1477.803472] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1477.804618] ? trace_hardirqs_on+0x5b/0x180 [ 1477.805600] kernel_move_pages+0xb8f/0x11c0 [ 1477.806590] ? rcu_read_lock_any_held+0x75/0xa0 [ 1477.807759] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1477.809051] ? fput_many+0x2f/0x1a0 [ 1477.809861] ? ksys_write+0x1a9/0x260 [ 1477.810706] ? __ia32_sys_read+0xb0/0xb0 [ 1477.811741] __x64_sys_move_pages+0xdd/0x1b0 [ 1477.812743] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1477.813904] do_syscall_64+0x33/0x40 [ 1477.814746] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1477.816213] RIP: 0033:0x7f1c0ae11b19 [ 1477.817041] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1477.821718] RSP: 002b:00007f1c08387188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1477.823536] RAX: ffffffffffffffda RBX: 00007f1c0af24f60 RCX: 00007f1c0ae11b19 [ 1477.825145] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1477.826741] RBP: 00007f1c083871d0 R08: 0000000020000000 R09: 0000000000000000 [ 1477.827690] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1477.828337] R13: 00007ffd2ddfd2cf R14: 00007f1c08387300 R15: 0000000000022000 [ 1477.833136] FAULT_INJECTION: forcing a failure. [ 1477.833136] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1477.834264] CPU: 0 PID: 8317 Comm: syz-executor.7 Not tainted 5.10.224 #1 [ 1477.834890] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1477.835669] Call Trace: [ 1477.835919] dump_stack+0x107/0x167 [ 1477.836265] should_fail.cold+0x5/0xa [ 1477.836629] _copy_from_user+0x2e/0x1b0 [ 1477.837003] do_pages_stat+0xf1/0x3b0 [ 1477.837369] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1477.837912] ? cpuset_mems_allowed+0x1af/0x440 [ 1477.838349] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1477.838814] ? trace_hardirqs_on+0x5b/0x180 [ 1477.839232] kernel_move_pages+0xb8f/0x11c0 [ 1477.839651] ? rcu_read_lock_any_held+0x75/0xa0 [ 1477.840083] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1477.840619] ? fput_many+0x2f/0x1a0 [ 1477.840967] ? ksys_write+0x1a9/0x260 [ 1477.841326] ? __ia32_sys_read+0xb0/0xb0 [ 1477.841708] __x64_sys_move_pages+0xdd/0x1b0 [ 1477.842119] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1477.842597] do_syscall_64+0x33/0x40 [ 1477.842943] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1477.843426] RIP: 0033:0x7f8be6d86b19 [ 1477.843773] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1477.845434] RSP: 002b:00007f8be42fc188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1477.846132] RAX: ffffffffffffffda RBX: 00007f8be6e99f60 RCX: 00007f8be6d86b19 [ 1477.846783] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1477.847461] RBP: 00007f8be42fc1d0 R08: 0000000020000000 R09: 0000000000000000 [ 1477.848117] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1477.848783] R13: 00007ffd26b6f95f R14: 00007f8be42fc300 R15: 0000000000022000 [ 1477.849087] FAULT_INJECTION: forcing a failure. [ 1477.849087] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1477.850476] CPU: 1 PID: 8322 Comm: syz-executor.0 Not tainted 5.10.224 #1 [ 1477.851049] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1477.855766] Call Trace: [ 1477.856002] dump_stack+0x107/0x167 [ 1477.856311] should_fail.cold+0x5/0xa [ 1477.856645] _copy_from_user+0x2e/0x1b0 [ 1477.856989] do_pages_stat+0xf1/0x3b0 [ 1477.857318] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1477.857808] ? cpuset_mems_allowed+0x1af/0x440 [ 1477.858203] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1477.858627] ? trace_hardirqs_on+0x5b/0x180 [ 1477.858998] kernel_move_pages+0xb8f/0x11c0 [ 1477.859398] ? rcu_read_lock_any_held+0x75/0xa0 [ 1477.859791] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1477.860278] ? fput_many+0x2f/0x1a0 [ 1477.860590] ? ksys_write+0x1a9/0x260 [ 1477.860914] ? __ia32_sys_read+0xb0/0xb0 [ 1477.861261] __x64_sys_move_pages+0xdd/0x1b0 [ 1477.861635] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1477.862066] do_syscall_64+0x33/0x40 [ 1477.862392] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1477.862834] RIP: 0033:0x7f6fdcf13b19 [ 1477.863149] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1477.864694] RSP: 002b:00007f6fda489188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1477.865329] RAX: ffffffffffffffda RBX: 00007f6fdd026f60 RCX: 00007f6fdcf13b19 [ 1477.865924] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1477.866517] RBP: 00007f6fda4891d0 R08: 0000000020000000 R09: 0000000000000000 [ 1477.867112] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1477.867728] R13: 00007ffee9bd176f R14: 00007f6fda489300 R15: 0000000000022000 [ 1477.908180] FAULT_INJECTION: forcing a failure. [ 1477.908180] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1477.909209] CPU: 1 PID: 8328 Comm: syz-executor.3 Not tainted 5.10.224 #1 [ 1477.909780] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1477.910472] Call Trace: [ 1477.910702] dump_stack+0x107/0x167 [ 1477.911012] should_fail.cold+0x5/0xa [ 1477.911364] _copy_to_user+0x2e/0x180 [ 1477.911692] do_pages_stat+0x2b4/0x3b0 [ 1477.912032] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1477.912523] ? cpuset_mems_allowed+0x1af/0x440 [ 1477.912925] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1477.913353] ? trace_hardirqs_on+0x5b/0x180 [ 1477.913730] kernel_move_pages+0xb8f/0x11c0 [ 1477.914107] ? rcu_read_lock_any_held+0x75/0xa0 [ 1477.914502] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1477.914993] ? fput_many+0x2f/0x1a0 [ 1477.915325] ? ksys_write+0x1a9/0x260 [ 1477.915658] ? __ia32_sys_read+0xb0/0xb0 [ 1477.916009] __x64_sys_move_pages+0xdd/0x1b0 [ 1477.916388] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1477.916827] do_syscall_64+0x33/0x40 [ 1477.917146] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1477.917580] RIP: 0033:0x7f1e88ae8b19 [ 1477.917899] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1477.919451] RSP: 002b:00007f1e8605e188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1477.920091] RAX: ffffffffffffffda RBX: 00007f1e88bfbf60 RCX: 00007f1e88ae8b19 [ 1477.920692] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1477.921290] RBP: 00007f1e8605e1d0 R08: 0000000020000000 R09: 0000000000000000 [ 1477.921887] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1477.922484] R13: 00007ffda65e58df R14: 00007f1e8605e300 R15: 0000000000022000 [ 1477.932539] FAULT_INJECTION: forcing a failure. [ 1477.932539] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1477.934064] CPU: 0 PID: 8333 Comm: syz-executor.6 Not tainted 5.10.224 #1 [ 1477.934666] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1477.935406] Call Trace: [ 1477.935657] dump_stack+0x107/0x167 [ 1477.935987] should_fail.cold+0x5/0xa [ 1477.936344] _copy_from_user+0x2e/0x1b0 [ 1477.936715] do_pages_stat+0xf1/0x3b0 [ 1477.937073] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1477.937603] ? cpuset_mems_allowed+0x1af/0x440 [ 1477.938026] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1477.938476] ? trace_hardirqs_on+0x5b/0x180 [ 1477.938875] kernel_move_pages+0xb8f/0x11c0 [ 1477.939288] ? rcu_read_lock_any_held+0x75/0xa0 [ 1477.939711] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1477.940233] ? fput_many+0x2f/0x1a0 [ 1477.940571] ? ksys_write+0x1a9/0x260 [ 1477.940915] ? __ia32_sys_read+0xb0/0xb0 [ 1477.941284] __x64_sys_move_pages+0xdd/0x1b0 [ 1477.941690] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1477.942148] do_syscall_64+0x33/0x40 [ 1477.942483] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1477.942950] RIP: 0033:0x7f28eb741b19 [ 1477.943303] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1477.944903] RSP: 002b:00007f28e8cb7188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1477.945580] RAX: ffffffffffffffda RBX: 00007f28eb854f60 RCX: 00007f28eb741b19 [ 1477.946217] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 15:24:12 executing program 1: syz_emit_ethernet(0x56, &(0x7f0000000140)=ANY=[@ANYBLOB="20f9bd8d00000000000000007bc74f84dbc157914cd8c864a1bea9a4d30d9eedbf90c7959dd76445502e8debf42a1f820f5fe25e762e614b3d9ae47ca38e6862065daae5550f0dfc6eba6e8fbee6ec13a0fbcf2c3b382dd99114a1a7ec1c21a4fbdb136fac8df06e3038d64a26c1508feeb95e951d96beae8304a3a219b7345a8570bc731dba7934e09002a5dfd4e3c500"/154], 0x0) write$tun(0xffffffffffffffff, &(0x7f0000000380)={@val={0x0, 0x6000}, @val={0x3, 0x80, 0x2, 0x101, 0x7, 0x3f}, @x25={0x0, 0x40, 0xff, "4f3ccb3a8f539a165728f671750a04b84279b08d53b3669596887c6afad3ab050f7f9e0b3c2f19927858e3d7beaf5332477afec80c46c7fb8b261c032ef735d6c761281a7fab7fa0e0a7c2538f59ef3a78dc7ce90eece31e905b503349f847629a014a1e6581d37663815b569c471be265c17dfe3a94ae1bd6f9814cd83e1a391cb9f84ae4ad9e273ec73cfe701ff87683a6c78ac7e1e545ae592a34389db427a6f39d8c65946a20abc490382d0708f5402975f773b204a9a74e0dd5b622c6c020d93d77a8fad77d29da96734f208b925b87d3b331de3ff62c4ea6c62954041c80a8e36a094aabb22979dbedd5d66beeca53579953ddb5432a67b243ea620895a6821c085c6a771c573cf84910908c10bd733743639c9860fbb931e06fcf8f25641337bb513150c5b2b39b9871e55e5f8538e8c25e09eb31b9c44f080ed5f923bcc8e288747ed327952199c96b0648a576760bc943db3525db5cf2ab21a4fe690c02200120985615ece3d8691e58257728c555207565948a75821d39b3e172610b2585fa7602be8ba8ac56c7c941eb93beb72818f3ef0ad26d0d1a1a7cd51761274eb499c43d37e7a8453431790312c8adc415bf681a5e2c95144d375840408d3b118a7990ede1100ed2835013dccfd32b7a4fbadef8ef78f8d7bac7b2670e15c427a13094d3ea7e692c2cbe0a9486daff93d99743274f906f7ee12e2c519877d68fe1a87b7970c3d7b6aa33006d19bad14996af947599c1742e2893b1234b9431e5e7ab75120189d57753a57e0e7302206843ac635e245117151549ba93539260f62f676178c78cf19b9c89d27dd14459133db5996fc141ea98f5ced19fbe98e142b19a1dddf28c4dd1cd68b5255c40e2bd8f74b4862ded9e684ed33cca5e35f6c7d1924f8ff80de25959dce80714badb09ed92403efe4ab2c5b085beff18b2f4e7d2a7c47390eb7a3061a9736c108f3da337c285a75bc842f8797e29c066acc9f8e37b413b91c1adf06aea7f7422a64eb90fc40d3e08b70a901f5b8f2e16ec8d23c434687d202e4035d62be7abdd92bb8bb268117a1899d79461645bbebb2dce9d203e2bae47fa5500b60e353447d8a14c86555b7f231712e48b6156c62e39930fc13faa6bf3c29b0ba277b33db6a61c0498188ab5092ed87b3d7df9832af3ab04d34cf60e114dcaf302eb1f25821ee6b78f824517bcf2f3a4df86ecda1378c7761b991f108c187ee3e2055e5daf7c0b19851437b63eed467fb23c38454ac1531a78e1a6054ce0a03901bfb89a2ae36ddf8a2f9c3bc1b1d1326268b1e22ad082be9162101465936c4b8e1c8b07a48f29ffb11682f9996b476cdb824d71d51d915ea5585adcbd47ac1b6198d74f388f721f1858e0d6c50644cb2a1ecbf2d52ecbd3b386c7cccab0646157e99d7bc1d5a4b53cb823724f8e3b5a4f5201fe0c04e1702576a64961c0df0cc5da686d8768f1e35c88598adadd0fa2370f4e75c182ea2bc517423d8f31ea95359f3d25995ab4e2c99f3799e4ec9956d354dec2537acdbd352deb7533725a04394711805d2a87849b1773469f80ccac212f3db89d58adc7600afcb5da93a89ed7e0f40594e5c15e25af0fb9d10147a7779429a9f2e161f3c5fb27393f13659924304bab486b2996c6db3fca5764f5b682bb530c2d8ad99d47eba864c7b24d6dbc34e6832684e4c0732bd1d156502c61195fbb49a086d1da9acef47585e73d15d591a8aab1b8da21d25adf87c95bb0faee9e6335842f5743b268e8d8e3a8609ea71225e0acb138b865f4c5c5167c7515e616e8b52db5bd775c002bb35dcabe9c03c3bf128d4aa81932ab1e0112a4b9598bee9bcf1a5061d45f9ec4ea4b88ce7a8db783711b0f3bf9f0d3564af49ac209f1c5cd5411277d7817321d58c824216f82baffbc540f06802647a8040f0b06bb699506ccad2cc7a7c3c7c5bb41f48082ba566384913ea5341cbb891fcded7833ff2da6233f28f4839dd01b027b6d0ce91e2bd2df500ee6fa0c4fb03067178fa2161eb3769ff36ffde3bdea51182257f8a1a2e1d52a134268208c036456bb562df4a90ffafbeefaff5a933b5eead5330e6678bc6bc5ac9f57efd2843362cb66ef520dd6f36b05d25302785f2c686994b1baa6398d18f20fe1734ea3a98ab5dbc20659f550b02f6fca1a76082a5983c70431711e8c4457b56e8ddef9c41ea537991f5034942f1fa94d718d87db49bebf1bf1623dd45e8c707a2d40748af19054f89859a9599fe7e3ee7fb89f21fb59fb1af28f408f29b6dcb9303aa56de6037e71c283b80cc0357f2bf6cc910ac4ee18cb96d1028d359f0f242f1c519f995197b89209cc25067b6a6a4c5ff81951b783add33d53407df30bbe23d56a00ef15c4df3efded255a1ecc1c28f8c5e4a2c21cc8ea279e11a126780b1456048ad2e4ce7827df5b7e2ed7dba2731c42ddf8ff5a2e0de9afa4dfbd4c20af694c0d5f327caaa38f22af4c279f6452160bc446c7658a209db91f5e959b992f4243b6905d1f176c0db26718f28f56cd1cb26b5bd82398f7eddc1cd495efe3f5ec485f7b85e4e163ecbabf1216324f3d81547eab5cba0c2ac7fbe64d0a417ba751155136fab9adb95498c103b5d022e215195733512efb0bbe39560ad79f49e2447db69d716fe131db456e44e62d38ba5bed0337a4a0823482954657694fb2d615cea3ae7e47a4b932a01dde96746fc2f4069d2867cb246f167be83541755b3ea3aaedb314c17572a0916567fb6c22f0402d32241085469a3eba4134609ef363d1fcd4f0a97e855ef0f44c3d68ce3bd2d912457e526789cf8a63ecbdd40cf85efc3c0fcb7033595bb40defccd340e9f0ca6cc87a6b1c9bd5756f72bd3321abb4034673dcd66a7ba9d3145812ce927f561a945cd8e856c1b94de3dc7b5a5bafe3d0800927b206184106e7d70ace944a76304a3335ae944a592058806bb26d2121c2b5b64a114b0c1a01ba67eb1f5d43f4077d7dbbcbab7354f3e1b1b31297447186bfa40d0e143554000fea857aa1babfeb6fd6396575a05250678ac6fa55ba17b3200ca86e3ec0d36917c56600b6c0405ef018626d993806f706ffaa4e10a1b0367ef72d7c60647d196f1bcf1830f513ddc4a547ae2eb304b32fbb1b43b49d5d96ad1336a38247c9524b7a77b48c95bff5dbc1c308741457617d29ec4d8cfe582379ac96150bfa929baf6a68273e585756158ec64e1d0696aff58ae3d89263be5aca5cdd3f4b5a99c39ac9908a4f4aa37ae8e935f99f54a348e5b57f8ad9a6d65ba46640a7617da014cc12b456fdcecc25ae780881e01401f1abc69457ee43b4c33ea965b15937da7ccfa4a70a16c0382d86fb7eaf9c6baad32019fc87b98d8638bd0edbdbe21881065afaa34368656024f21a7d30a70b22301ce37f755d97a6084beb5c1e46d98d0d0f7aa0f849923c6b32cb69637b6887ce5064cfa77c5e1155b027121c1b528d9fb909b57b71f3b7c98eb1495c786c22b66f79f36e62123a90946116b690608e492174a2487c6ef84b99e4b8d626b7ca5f99a2e3c66663aa8e99893f0aac2e47f87e5cc060bd4ff25fc0a213613a7b100e83e5abde837cfb0144c9a287c390a628145c854ffa83a4ec8def6c6285e5995305cf2a2f7db31ba04fd892b37efd459895221e4dc6ab80e8a022b9a8303108040189e6c14f5cca08347ae83bda3cc80fe0779ad440df0e218bb915814d2fad49ef8dd8c9b5cac37ea063d2e92b453fbe2c33e78f0610a71a9496f6319d9c6564e3d555fef24b36e12d19cd8348e8120a0727b214bfd4c7f13b809af169a0f9e58e7a2c0d1a6b54f1227cddb56f956a42353c842deb70658fd36bf2be8f6f456e506d1c4dbfe37a766e9bc05e91cd6c31a1f5f3952922fdaa67cec78b56e3b0f6d3e76ef803932219584253f696f920e12400a29a87a6c19ba7fcf7d843b3264df729abd1016d867057ee1f74c6b7947f2953fddbd3965abfa78b78d13bc843d6e42fa03aec58195100c393eeaa4f38e4ce7d83b6c43da8f66112e107c8d65ec2c18170aa4c1ecff9943738c4a2c3ccb86e6ab12519a6b3e097fbc8064171ebbd99c3502c38ff3ad97d68f860dce6f247137f1727145944ab68d55c713dce8e2473abbec136dc6b4b81d53d58ae3eb13177972c52ccbe71e55a369bae974adabdd19c7ea0577397069ba131f329431dc98a368442ce5298dbeda12b792119698a5b32c43dba72a9239dae47d5d61175a069f4b085b31f076d91ebcb676ab4fd8915206b512cd02a4995c4ec0e64e4f1bf7173e0b88a40fe54e4c1a5ce5f1ec87145f4a71ef899fc71c2ba18122bd153df57aca41cc4b8361422a04a97e0e96e04f91cc160ee0d27ef21bd410831ca11654b87781ca9e5a3b336b89ab9a574aed186b143ea1a6ecb4280a11d8d3610cedd1f81e12dfa3e7e909ba899723fb2d1509d1a4834a115a8f7a93a838c97e89aff1a1f124bafddecc7c8e9cb7d457539f7163dae95db2ff99384fb89db6e8367234792f9846db6c50c6e3a7d6e89b742b3bb5d597baf97c7a55f437276ea6059ba356b71bf80669423bfb0227f23d68d0c5762003a0d91d1383fbf8a57bf60d895bd43c2ca4d618c3db993e0e4713c755975bef2a2d0e90035875e6e14507cbe05b1c7342a25f4c166c92fb555af5ec97f399d81fa23df3221d1c1761463c960feadc921938f5d28cfddb578a881713fa34c73fa63003f2fa4b0e2ffdc644d1b0ff9edb1eb82ecb78ebde94998ece2c0e44dba7f7cb0cbfefbf589af31b2c655d3d2284ccb91dc0a733e777961415c5ec606ca52e39a80afd57eba1d5f2ad432fba49bf61ccafcd55083220bbe54dabf7f2fbb59ffa3c92fec8a5cd875cc7d5908749af473d284265aa6650252b2cc4628a4b73d45a33cb05a43a6fe2031566fb01d6c82722262775ea12849b4e7d61ef37d8698aabfba40118cb710ff65151da08c6e8a1493523d390e9c31c8264e854c417b04f8a7b8ad0e12f7ec8f22236eedf1a111bf6142cf5a6c220c065f2a3a8fa12f688c9ebdfa5c07fb22de99cc2853b6bee04f4cbbbb20c2fd3b972ecc54bc307106dc053881c57e248b4fb9f711a998fdf8ad8207adc0907c4a699062d73030643eddbbad354c53aaf7ae7cdda132582d720abcaf20e3bc9a580f4f7a389ac77a4644648d4dcc2d5689a532943cb573aae7179cd195d276c852fe4899d82b1766fbe429f1ebf70ec42a3d8965400a06a7d802e5467c65a525157ee97b4fe0b9b8840ee19ec6a6fbc4f2396280a965aa86e4378421cc4c03dc193ed203a70ccb66a02488cb59219924b5e09d82d5391290d14887ab8208fb573455749f0d34de3a0365448ce6c13497789f4b8d71ccde3a0072af6dc41b489065754664d6294a4a1dc05628e72f9dde98f766b8e470fb13eee8f333e0b90c297a46b526d87fb6b6f8eee11df4fae04c54fbf8066211fff23c533e92753a595e09fd8b2f5087678b9fc997833c341efe909be64f6788f7648f63d17c13fe7c0800a60c455ddbcfda2895eaeed0f1a533afbcd9b078e564e90dd5a28d5d2b82a6ff0b16723889296d0de757cb7646b575a5b64b63a9d218c9517ed1e180a9e0575d171f4a4a8dc4862388cee44171ef5556c7453e4e2108068315eaeb11041e75253496c046b02ffd697eb833f74b06203c441305fe4ba7c1836b215d1bdc43a5e309bb5c0105f46b907411b6980d64d4cd01d3cea782ced3aed6e96ae78d2737e92a6c91b515831b80a4ae5fc708c247b097ccb515f395cdbc3f"}}, 0x1011) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x8401, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f00000000c0)={'ipvlan1\x00'}) write$tun(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="01040000020000000000603cdefa00102100fe8800000000000000000000000000000000aa0000dd1270d3bf2a1e3805c900960cee"], 0x42) syz_extract_tcp_res(&(0x7f0000000000)={0x41424344}, 0xb01, 0xffff) write$tun(0xffffffffffffffff, &(0x7f0000001880)={@void, @void, @ipv6=@tipc_packet={0x7, 0x6, "cd7b85", 0x261, 0x6, 0x0, @local, @ipv4={'\x00', '\xff\xff', @multicast2}, {[@dstopts={0x89, 0x14, '\x00', [@calipso={0x7, 0x48, {0x3, 0x10, 0x4, 0x8001, [0x6, 0x4, 0x2, 0x5, 0xb4a, 0x8, 0x7, 0x8262e90]}}, @calipso={0x7, 0x18, {0x1, 0x4, 0x4, 0x3f, [0x8, 0x4]}}, @padn={0x1, 0x3, [0x0, 0x0, 0x0]}, @hao={0xc9, 0x10, @ipv4={'\x00', '\xff\xff', @broadcast}}, @pad1, @calipso={0x7, 0x18, {0x0, 0x4, 0x7, 0x1, [0x4, 0xfffffffffffff2fb]}}, @padn={0x1, 0x2, [0x0, 0x0]}, @jumbo={0xc2, 0x4, 0x20}]}, @hopopts={0x29, 0x1, '\x00', [@padn={0x1, 0x3, [0x0, 0x0, 0x0]}, @jumbo={0xc2, 0x4, 0x1}, @ra]}, @dstopts={0x87, 0x2a, '\x00', [@generic={0x4, 0x41, "378ecd728877cbee460d90f127842b7b0494d9fba726f818f2d58fd60a4360e6658a64ec30f5db44625aff49c4eef247b96736fca7581e20de9cce4dfc988d6bc4"}, @calipso={0x7, 0x20, {0x3, 0x6, 0x0, 0x82a, [0x6, 0x7, 0x2]}}, @generic={0xff, 0x4e, "d562bb132922913931b52e9397bc12afd6783b633b848c381aa045f4fec642bd79fa954ea79c5ec61f36bb15396580ce4882b15ab4ca8e0f1ce375bf5ff0583544ba0c589f69a58db902699cd176"}, @generic={0x3f, 0x20, "3d730a37583d2ada0c0ba6fe84b9ae700b488afe20f84ef9a1a8fe867ff30d56"}, @generic={0x6c, 0x69, "4823691c8826295bdd3d408be3052234cfe433e81d6c379f61f8a1a6e4bda5b54cc9fbaa8645ef268e8fd660d22afb2b497393b01100504a1eae1253e8349b760cd3a9772e4f9536a536060c76e246b056c5e08c686c5be922c99cf62f2629ad5b14229f6b201f3349"}, @generic={0xc0, 0xb, "7840a70b351457ddca489f"}, @ra={0x5, 0x2, 0x1}]}, @hopopts={0x6, 0x1, '\x00', [@jumbo={0xc2, 0x4, 0x2}, @pad1]}], @payload_direct={{{{0x21, 0x0, 0x1, 0x0, 0x0, 0x8, 0x3, 0x2, 0x2ff, 0x0, 0x0, 0x0, 0x0, 0x3, 0x8, 0x7, 0x0, 0x4e21, 0x4e22}, 0x3, 0x4}}, [0x0]}}}}, 0x289) syz_extract_tcp_res$synack(&(0x7f0000000080)={0x41424344}, 0x1, 0x0) write$tun(0xffffffffffffffff, &(0x7f0000000200)={@void, @void, @ipv4=@tcp={{0x2d, 0x4, 0x1, 0x3, 0x12e, 0x67, 0x0, 0x0, 0x6, 0x0, @private=0xa010102, @remote, {[@timestamp_addr={0x44, 0x14, 0xb3, 0x1, 0x1, [{@private=0xa010100, 0x3ff}, {@local, 0x3}]}, @cipso={0x86, 0x3f, 0x1, [{0x0, 0xc, "6da9576bc5130e2352db"}, {0x0, 0xa, "d186221a90ef048b"}, {0x5, 0x2}, {0x5, 0xf, "062ed354d805d9f5c17ca3bb37"}, {0x6, 0xf, "4864a6427dd9169b4f4ae8a238"}, {0x1, 0x3, "d2"}]}, @ssrr={0x89, 0x13, 0xa1, [@empty, @private=0xa010101, @remote, @multicast1]}, @timestamp_addr={0x44, 0x24, 0x81, 0x1, 0x7, [{@initdev={0xac, 0x1e, 0x0, 0x0}, 0x5}, {@multicast2, 0x2}, {@multicast2, 0x7}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x20}]}, @timestamp_prespec={0x44, 0x14, 0x87, 0x3, 0x5, [{@empty, 0x10000}, {@multicast1, 0x7fffffff}]}, @end]}}, {{0x4e20, 0x4e24, r1, r2, 0x1, 0x0, 0x7, 0x57, 0x1, 0x0, 0x100, {[@eol, @exp_fastopen={0xfe, 0x5, 0xf989, "03"}, @sack_perm={0x4, 0x2}]}}, {"ab39590b81e753af825c25ecb1132c38aa05539ac58580ac8b3ec6ba78893f05aadc547f121f539c4b7de3cd7acf08e06c31bb043e57bb623dffa925ed75ff643be45ab331c9015b9f2767fe6cd1c693bae2b90f6ae887be49df0221778e"}}}}, 0x12e) 15:24:12 executing program 6: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 87) 15:24:12 executing program 3: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000100)={0x0, 0x0}) capset(&(0x7f0000000180)={0x20080522, r0}, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/locks\x00', 0x0, 0x0) ioctl$FS_IOC_SETVERSION(r2, 0x40087602, &(0x7f0000000040)=0x20) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000)='wlan1\x00', 0x10) sendfile(r1, r2, 0x0, 0x6) r3 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r3, 0x0, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 12) [ 1477.946846] RBP: 00007f28e8cb71d0 R08: 0000000020000000 R09: 0000000000000000 [ 1477.947489] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1477.948120] R13: 00007ffd318d456f R14: 00007f28e8cb7300 R15: 0000000000022000 15:24:12 executing program 2: syz_emit_ethernet(0x56, &(0x7f0000000080)={@random="20f9bdba2470", @remote, @void, {@canfd={0xd, {{}, 0x0, 0x0, 0x0, 0x0, "7bc74f84dbc157914cd8c864a1bea9a4d30d9eedbf84c7959dd76445502e8debf42a1f820f5fe25e762e614b3d9ae47ca38e6862065da5e5550f0dfc6eba6e8f"}}}}, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x8401, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'ipvlan1\x00'}) r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x105142, 0x0) lseek(r1, 0x0, 0x2) r2 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x4000, 0x128) copy_file_range(r2, 0x0, r1, 0x0, 0x200f5ef, 0x0) ioctl$TUNSETCARRIER(r1, 0x400454e2, &(0x7f0000000140)) write$tun(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="010000000000000000006049defa00102100fe880000000000000000000000000001fe8000000000000000000000000000aaee"], 0x42) 15:24:26 executing program 4: perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) msgget(0x1, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 77) 15:24:26 executing program 6: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 88) 15:24:26 executing program 0: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) setsockopt$packet_rx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0) msgget(0x1, 0x0) ioctl$EXT4_IOC_PRECACHE_EXTENTS(0xffffffffffffffff, 0x6612) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 86) [ 1491.606426] FAULT_INJECTION: forcing a failure. [ 1491.606426] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1491.607720] CPU: 1 PID: 8345 Comm: syz-executor.6 Not tainted 5.10.224 #1 [ 1491.608331] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1491.609073] Call Trace: [ 1491.609319] dump_stack+0x107/0x167 [ 1491.609649] should_fail.cold+0x5/0xa [ 1491.610019] _copy_to_user+0x2e/0x180 [ 1491.610369] do_pages_stat+0x2b4/0x3b0 [ 1491.610730] ? trace_raw_output_mm_migrate_pages+0x290/0x290 15:24:26 executing program 1: syz_emit_ethernet(0x56, &(0x7f0000000080)=ANY=[@ANYBLOB="20f9bdba2470aaaaaaaaaabb000d00000000000000007bc74f84dbc157914cd8c864a1bea9a4d30d9eedb9837d40ff7dbf84c7959dd76445502e8debf42a1f820f5fe25e762e614b3d9ae47ca38e6862065da5e5550f"], 0x0) syz_emit_ethernet(0x22, &(0x7f0000000000)={@local, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}, @val={@void, {0x8100, 0x1, 0x1, 0x2}}, {@can={0xc, {{0x3, 0x1, 0x1, 0x1}, 0x7, 0x0, 0x0, 0x0, "da285fe7a14ca533"}}}}, 0x0) syz_emit_ethernet(0xe5, &(0x7f0000000900)={@multicast, @local, @val={@void, {0x8100, 0x5, 0x0, 0x1}}, {@generic={0x806, "215beb70d938e923b9b9a8d1793157919a6c694c54d56971a0092cd35efc66573ca9a90f3bfc401b8eb0fec53d181b99122b631284ec026b74d9ff28ea93ad6b50a9ad96dab77c8d9ddd32bbb07973e6469e7f9296af980dd993988c543c0184f5bf4c0f17e2e7d13d629cc971446d37db8248dc62afd00927a824d981fd543dc1a7bebb18dae7c95e0b4b110761ce8e93be508635aa7c552f479015406072fa20bb54e99067c6233045502452dd22bf37bf8fb777e7ec47f24e39128a32341e7adabfc6d123dd0959a7385614ee43ee6e9148"}}}, &(0x7f0000000040)={0x1, 0x3, [0xdda, 0x193, 0x9f5, 0xcae]}) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x38d403, 0x0) r1 = ioctl$TUNGETDEVNETNS(r0, 0x54e3, 0x0) preadv(r1, &(0x7f0000000740)=[{&(0x7f0000000180)=""/130, 0x82}, {&(0x7f0000000240)=""/214, 0xd6}, {&(0x7f0000000340)=""/60, 0x3c}, {&(0x7f0000000a00)=""/162, 0xa2}, {&(0x7f0000000440)=""/151, 0x97}, {&(0x7f0000000500)=""/188, 0xbc}, {&(0x7f00000005c0)}, {&(0x7f0000000600)=""/130, 0x82}, {&(0x7f00000006c0)=""/19, 0x13}, {&(0x7f0000000140)=""/18, 0x12}], 0xa, 0x3, 0x1f) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f00000000c0)={'ipvlan1\x00'}) write$tun(r0, &(0x7f0000000840)=ANY=[@ANYBLOB="01040000020000000000603cdefa001021fffe880000000000000000000000000001fe8000000000000000000000000000aa000000000401907800a95d8900960cee34650131a01d91542b86b0c3c83365143c2230ef415248c5f7356419d49497fdc0627b18511951f9a10f347fe7805cc2199b1949653c35d16d1d80eb4b8f3e7ec79530"], 0x42) ioctl$AUTOFS_DEV_IOCTL_FAIL(0xffffffffffffffff, 0xc0189377, &(0x7f00000005c0)={{0x1, 0x1, 0x18, r1, {0x8001, 0x7}}, './file0\x00'}) ioctl$TUNSETQUEUE(r2, 0x400454d9, &(0x7f0000000800)={'vxcan1\x00'}) 15:24:26 executing program 5: perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = gettid() process_vm_readv(r0, &(0x7f0000001a40)=[{&(0x7f00000018c0)=""/31, 0x1f}, {&(0x7f0000001b40)=""/124, 0x7a}, {&(0x7f0000001980)=""/161, 0xa1}], 0x3, &(0x7f0000001ec0)=[{&(0x7f0000001a80)=""/101, 0x65}, {&(0x7f0000002240)=""/183, 0xffffffbc}, {&(0x7f0000001bc0)=""/122, 0x7a}, {&(0x7f0000001c40)=""/163, 0xa3}, {&(0x7f0000001d00)=""/231, 0xe7}, {&(0x7f0000001e00)}, {&(0x7f0000001e40)=""/9, 0x9}, {&(0x7f0000001b00)=""/46, 0x2e}], 0x8, 0x0) clone3(&(0x7f00000011c0)={0x200840000, &(0x7f0000000000), &(0x7f00000000c0), &(0x7f0000000100), {0x20}, &(0x7f0000000140)=""/50, 0x32, &(0x7f0000000180)=""/4096, &(0x7f0000001180)=[r0], 0x1}, 0x58) 15:24:26 executing program 3: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000100)={0x0, 0x0}) capset(&(0x7f0000000180)={0x20080522, r0}, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/locks\x00', 0x0, 0x0) ioctl$FS_IOC_SETVERSION(r2, 0x40087602, &(0x7f0000000040)=0x20) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000)='wlan1\x00', 0x10) sendfile(r1, r2, 0x0, 0x6) r3 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r3, 0x0, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 13) 15:24:26 executing program 2: syz_emit_ethernet(0x56, &(0x7f0000000080)={@random="20f9bdba2470", @remote, @void, {@canfd={0xd, {{}, 0x0, 0x0, 0x0, 0x0, "7bc74f84dbc157914cd8c864a1bea9a4d30d9eedbf84c7959dd76445502e8debf42a1f820f5fe25e762e614b3d9ae47ca38e6862065da5e5550f0dfc6eba6e8f"}}}}, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x8401, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f00000000c0)={'ipvlan1\x00'}) 15:24:26 executing program 7: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000100)={0x0, 0x0}) capset(&(0x7f0000000180)={0x20080522, r0}, &(0x7f00000002c0)={0x40, 0x0, 0xfffffaf2, 0x6, 0xffffffff, 0x40}) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000)='wlan1\x00', 0x10) sendfile(r1, 0xffffffffffffffff, 0x0, 0x6) msgctl$IPC_RMID(0x0, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 32) [ 1491.611265] ? cpuset_mems_allowed+0x1af/0x440 [ 1491.635742] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1491.636209] ? trace_hardirqs_on+0x5b/0x180 [ 1491.636605] kernel_move_pages+0xb8f/0x11c0 [ 1491.637020] ? rcu_read_lock_any_held+0x75/0xa0 [ 1491.637436] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1491.637960] ? fput_many+0x2f/0x1a0 [ 1491.638302] ? ksys_write+0x1a9/0x260 [ 1491.638646] ? __ia32_sys_read+0xb0/0xb0 [ 1491.639033] __x64_sys_move_pages+0xdd/0x1b0 [ 1491.639440] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1491.639905] do_syscall_64+0x33/0x40 [ 1491.640268] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1491.640725] RIP: 0033:0x7f28eb741b19 [ 1491.641079] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1491.642678] RSP: 002b:00007f28e8cb7188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1491.643361] RAX: ffffffffffffffda RBX: 00007f28eb854f60 RCX: 00007f28eb741b19 [ 1491.644017] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1491.644641] RBP: 00007f28e8cb71d0 R08: 0000000020000000 R09: 0000000000000000 [ 1491.645278] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1491.645907] R13: 00007ffd318d456f R14: 00007f28e8cb7300 R15: 0000000000022000 [ 1491.657050] FAULT_INJECTION: forcing a failure. [ 1491.657050] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1491.658140] CPU: 0 PID: 8351 Comm: syz-executor.3 Not tainted 5.10.224 #1 [ 1491.658728] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1491.659453] Call Trace: [ 1491.659695] dump_stack+0x107/0x167 [ 1491.660013] should_fail.cold+0x5/0xa [ 1491.660345] _copy_from_user+0x2e/0x1b0 [ 1491.660684] do_pages_stat+0xf1/0x3b0 [ 1491.661013] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1491.661503] ? cpuset_mems_allowed+0x1af/0x440 [ 1491.661903] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1491.662326] ? trace_hardirqs_on+0x5b/0x180 [ 1491.662694] kernel_move_pages+0xb8f/0x11c0 [ 1491.663067] ? rcu_read_lock_any_held+0x75/0xa0 [ 1491.663499] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1491.663986] ? fput_many+0x2f/0x1a0 [ 1491.664297] ? ksys_write+0x1a9/0x260 [ 1491.664619] ? __ia32_sys_read+0xb0/0xb0 [ 1491.664966] __x64_sys_move_pages+0xdd/0x1b0 [ 1491.665338] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1491.665768] do_syscall_64+0x33/0x40 [ 1491.666082] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1491.666509] RIP: 0033:0x7f1e88ae8b19 [ 1491.666824] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1491.668380] RSP: 002b:00007f1e8605e188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1491.669016] RAX: ffffffffffffffda RBX: 00007f1e88bfbf60 RCX: 00007f1e88ae8b19 [ 1491.669611] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1491.670200] RBP: 00007f1e8605e1d0 R08: 0000000020000000 R09: 0000000000000000 [ 1491.670792] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1491.671396] R13: 00007ffda65e58df R14: 00007f1e8605e300 R15: 0000000000022000 [ 1491.683944] FAULT_INJECTION: forcing a failure. [ 1491.683944] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1491.685271] CPU: 1 PID: 8357 Comm: syz-executor.0 Not tainted 5.10.224 #1 [ 1491.685877] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1491.686612] Call Trace: [ 1491.686856] dump_stack+0x107/0x167 [ 1491.687200] should_fail.cold+0x5/0xa [ 1491.687573] _copy_to_user+0x2e/0x180 [ 1491.687917] do_pages_stat+0x2b4/0x3b0 [ 1491.688294] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1491.688815] ? cpuset_mems_allowed+0x1af/0x440 [ 1491.689250] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1491.689704] ? trace_hardirqs_on+0x5b/0x180 [ 1491.690115] kernel_move_pages+0xb8f/0x11c0 [ 1491.690329] FAULT_INJECTION: forcing a failure. [ 1491.690329] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1491.690508] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1491.690527] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 1491.692524] __x64_sys_move_pages+0xdd/0x1b0 [ 1491.692918] do_syscall_64+0x33/0x40 [ 1491.693267] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1491.693720] RIP: 0033:0x7f6fdcf13b19 [ 1491.694072] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1491.695699] RSP: 002b:00007f6fda489188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1491.696383] RAX: ffffffffffffffda RBX: 00007f6fdd026f60 RCX: 00007f6fdcf13b19 [ 1491.697024] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1491.697649] RBP: 00007f6fda4891d0 R08: 0000000020000000 R09: 0000000000000000 [ 1491.698287] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1491.698912] R13: 00007ffee9bd176f R14: 00007f6fda489300 R15: 0000000000022000 [ 1491.699594] CPU: 0 PID: 8343 Comm: syz-executor.4 Not tainted 5.10.224 #1 [ 1491.700176] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1491.700864] Call Trace: [ 1491.701089] dump_stack+0x107/0x167 [ 1491.701398] should_fail.cold+0x5/0xa [ 1491.701725] _copy_from_user+0x2e/0x1b0 [ 1491.702065] do_pages_stat+0xf1/0x3b0 [ 1491.702403] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1491.702895] ? cpuset_mems_allowed+0x1af/0x440 [ 1491.703289] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1491.703755] ? trace_hardirqs_on+0x5b/0x180 [ 1491.704126] kernel_move_pages+0xb8f/0x11c0 [ 1491.704502] ? rcu_read_lock_any_held+0x75/0xa0 [ 1491.704894] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1491.705382] ? fput_many+0x2f/0x1a0 [ 1491.705701] ? ksys_write+0x1a9/0x260 [ 1491.706024] ? __ia32_sys_read+0xb0/0xb0 [ 1491.706370] __x64_sys_move_pages+0xdd/0x1b0 [ 1491.706746] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1491.707177] do_syscall_64+0x33/0x40 [ 1491.707530] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1491.707993] RIP: 0033:0x7f1c0ae11b19 [ 1491.708314] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1491.709852] RSP: 002b:00007f1c08387188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1491.710497] RAX: ffffffffffffffda RBX: 00007f1c0af24f60 RCX: 00007f1c0ae11b19 [ 1491.711097] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1491.711737] RBP: 00007f1c083871d0 R08: 0000000020000000 R09: 0000000000000000 [ 1491.712335] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1491.712931] R13: 00007ffd2ddfd2cf R14: 00007f1c08387300 R15: 0000000000022000 [ 1491.716048] FAULT_INJECTION: forcing a failure. [ 1491.716048] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1491.717178] CPU: 0 PID: 8349 Comm: syz-executor.7 Not tainted 5.10.224 #1 [ 1491.717753] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1491.718447] Call Trace: [ 1491.718675] dump_stack+0x107/0x167 [ 1491.718992] should_fail.cold+0x5/0xa [ 1491.719321] _copy_to_user+0x2e/0x180 [ 1491.719683] do_pages_stat+0x2b4/0x3b0 [ 1491.720021] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1491.720508] ? cpuset_mems_allowed+0x1af/0x440 [ 1491.720901] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1491.721324] ? trace_hardirqs_on+0x5b/0x180 [ 1491.721693] kernel_move_pages+0xb8f/0x11c0 [ 1491.722069] ? rcu_read_lock_any_held+0x75/0xa0 [ 1491.722460] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1491.722944] ? fput_many+0x2f/0x1a0 [ 1491.723254] ? ksys_write+0x1a9/0x260 [ 1491.723613] ? __ia32_sys_read+0xb0/0xb0 [ 1491.723960] __x64_sys_move_pages+0xdd/0x1b0 [ 1491.724331] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1491.724762] do_syscall_64+0x33/0x40 [ 1491.725075] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1491.725503] RIP: 0033:0x7f8be6d86b19 [ 1491.725817] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1491.727329] RSP: 002b:00007f8be42fc188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1491.727999] RAX: ffffffffffffffda RBX: 00007f8be6e99f60 RCX: 00007f8be6d86b19 [ 1491.728593] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1491.729184] RBP: 00007f8be42fc1d0 R08: 0000000020000000 R09: 0000000000000000 [ 1491.729777] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1491.730368] R13: 00007ffd26b6f95f R14: 00007f8be42fc300 R15: 0000000000022000 15:24:26 executing program 5: r0 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x0, 0x8, 0x81, 0x6, 0x0, 0x1000, 0xc20, 0xf, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x2, 0x4, @perf_bp={&(0x7f0000000300), 0x6}, 0x1, 0x8, 0x80000000, 0x2, 0x1, 0x9, 0xd2e, 0x0, 0x0, 0x0, 0x842f}, 0x0, 0xc, 0xffffffffffffffff, 0x8) pread64(r0, &(0x7f00000005c0)=""/214, 0xd6, 0x80000001) process_vm_readv(r1, &(0x7f0000000140)=[{&(0x7f00000018c0)=""/31, 0x1f}, {&(0x7f0000001b40)=""/121, 0x79}, {&(0x7f0000001980)=""/161, 0xa1}, {&(0x7f00000000c0)=""/91, 0x5b}], 0x4, &(0x7f00000004c0)=[{&(0x7f0000001a80)=""/92, 0x5c}, {&(0x7f0000002240)=""/183, 0xb7}, {&(0x7f0000000180)=""/122, 0x7a}, {&(0x7f0000001c40)=""/160, 0xa0}, {&(0x7f0000000200)=""/245, 0xf5}, {&(0x7f0000001e00)}, {&(0x7f0000000000)=""/9, 0x9}, {&(0x7f0000000580)=""/46, 0x2e}, {&(0x7f00000003c0)=""/232, 0xe8}], 0x9, 0x0) 15:24:26 executing program 1: syz_emit_ethernet(0x44, &(0x7f0000000080)={@random="20f9bdba2470", @remote, @void, {@arp={0x806, @generic={0x302, 0x9, 0x6, 0x0, 0x9, @random="11532e9f386f", "2a244e40b8ff792569e94d8c", @local, "a579cb"}}}}, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x8401, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f00000000c0)={'ipvlan1\x00'}) write$tun(r0, &(0x7f0000000180)=ANY=[@ANYBLOB="01040000020000000000603cdefa00102100fe88142ca55b6200000000000000000000000000011d8100000000000000000000000000aa000000000401907800265d9900960cee"], 0x42) 15:24:26 executing program 7: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000100)={0x0, 0x0}) capset(&(0x7f0000000180)={0x20080522, r0}, &(0x7f00000002c0)={0x40, 0x0, 0xfffffaf2, 0x6, 0xffffffff, 0x40}) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000)='wlan1\x00', 0x10) sendfile(r1, 0xffffffffffffffff, 0x0, 0x6) msgctl$IPC_RMID(0x0, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 33) [ 1491.832965] FAULT_INJECTION: forcing a failure. [ 1491.832965] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1491.834287] CPU: 1 PID: 8368 Comm: syz-executor.7 Not tainted 5.10.224 #1 [ 1491.834891] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1491.835647] Call Trace: [ 1491.835894] dump_stack+0x107/0x167 [ 1491.836243] should_fail.cold+0x5/0xa [ 1491.836595] _copy_from_user+0x2e/0x1b0 [ 1491.836962] do_pages_stat+0xf1/0x3b0 [ 1491.837321] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1491.837836] ? trace_hardirqs_on+0x5b/0x180 [ 1491.838254] ? _raw_spin_unlock_irqrestore+0x25/0x40 [ 1491.838717] kernel_move_pages+0xb8f/0x11c0 [ 1491.839134] ? rcu_read_lock_any_held+0x75/0xa0 [ 1491.839574] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1491.840104] ? fput_many+0x2f/0x1a0 [ 1491.840437] ? ksys_write+0x1a9/0x260 [ 1491.840780] ? __ia32_sys_read+0xb0/0xb0 [ 1491.841167] __x64_sys_move_pages+0xdd/0x1b0 [ 1491.841565] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1491.842036] do_syscall_64+0x33/0x40 [ 1491.842370] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1491.842822] RIP: 0033:0x7f8be6d86b19 [ 1491.843172] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1491.844795] RSP: 002b:00007f8be42fc188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1491.845478] RAX: ffffffffffffffda RBX: 00007f8be6e99f60 RCX: 00007f8be6d86b19 [ 1491.846108] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1491.846737] RBP: 00007f8be42fc1d0 R08: 0000000020000000 R09: 0000000000000000 [ 1491.847374] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1491.848035] R13: 00007ffd26b6f95f R14: 00007f8be42fc300 R15: 0000000000022000 15:24:39 executing program 4: perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) msgget(0x1, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 78) 15:24:39 executing program 7: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000100)={0x0, 0x0}) capset(&(0x7f0000000180)={0x20080522, r0}, &(0x7f00000002c0)={0x40, 0x0, 0xfffffaf2, 0x6, 0xffffffff, 0x40}) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000)='wlan1\x00', 0x10) sendfile(r1, 0xffffffffffffffff, 0x0, 0x6) msgctl$IPC_RMID(0x0, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 34) 15:24:39 executing program 1: syz_emit_ethernet(0x56, &(0x7f0000000080)={@random="20f9bdba2470", @remote, @void, {@canfd={0xd, {{}, 0x0, 0x0, 0x0, 0x0, "7bc74f84dbc157914cd8c864a1bea9a4d30d9eedbf84c7959dd76445502e8debf42a1f820f5fe25e762e614b3d9ae47ca38e6862065da5e5550f0dfc6eba6e8f"}}}}, 0x0) syz_emit_ethernet(0xfa, &(0x7f0000000180)={@local, @empty, @val={@val={0x9100, 0x7, 0x1}, {0x8100, 0x2, 0x0, 0x1}}, {@mpls_mc={0x8848, {[{0x1, 0x0, 0x1}, {0x38, 0x0, 0x1}, {0x800, 0x0, 0x1}, {0x1}], @ipv4=@generic={{0x11, 0x4, 0x0, 0x9, 0xd4, 0x66, 0x0, 0x1, 0x88, 0x0, @broadcast, @multicast1, {[@generic={0x82, 0x8, "4d56d64cf460"}, @timestamp={0x44, 0x24, 0x41, 0x0, 0x8, [0xfffffc01, 0x2, 0x8, 0x4, 0x6, 0xf81a, 0xe9, 0x4]}, @noop]}}, "8a0a193e278c9b9fc739e39b3a5f4a81d48e29242f2766a8d28afeb02a2965ce1076f2ce48c71ba0c1e195e919e4f150f89116f5bbcbf904d528c9cf3ef11868a8bf45be29b94d0311e570c5f868665e7d19fd4ea646653f62a4cf1aaccae1ffebcd9702eb4fca1f343f95b38acb5c95b45e937e50b8ae33e507f81fa9c4af2b8b3d0e8c4aa117ffdffd8d35171d82a3"}}}}}, &(0x7f0000000000)={0x0, 0x1, [0x764, 0xea8, 0x30c, 0xa25]}) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x8401, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f00000000c0)={'ipvlan1\x00'}) write$tun(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="01040000020000000000603cdefa00102100fe880000000000000000000000000001fe800000000000ffff1a7f90efe12b50acffffde00000000aa000000e9040190"], 0x42) 15:24:39 executing program 3: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000100)={0x0, 0x0}) capset(&(0x7f0000000180)={0x20080522, r0}, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/locks\x00', 0x0, 0x0) ioctl$FS_IOC_SETVERSION(r2, 0x40087602, &(0x7f0000000040)=0x20) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000)='wlan1\x00', 0x10) sendfile(r1, r2, 0x0, 0x6) r3 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r3, 0x0, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 14) 15:24:39 executing program 0: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) setsockopt$packet_rx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0) msgget(0x1, 0x0) ioctl$EXT4_IOC_PRECACHE_EXTENTS(0xffffffffffffffff, 0x6612) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 87) 15:24:39 executing program 6: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 89) [ 1505.366106] FAULT_INJECTION: forcing a failure. [ 1505.366106] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1505.368230] CPU: 1 PID: 8381 Comm: syz-executor.0 Not tainted 5.10.224 #1 [ 1505.368797] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1505.370582] Call Trace: [ 1505.370815] dump_stack+0x107/0x167 [ 1505.372220] should_fail.cold+0x5/0xa [ 1505.372553] _copy_from_user+0x2e/0x1b0 [ 1505.372891] do_pages_stat+0xf1/0x3b0 [ 1505.374311] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1505.374798] ? cpuset_mems_allowed+0x1af/0x440 [ 1505.375192] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1505.377528] ? trace_hardirqs_on+0x5b/0x180 [ 1505.377898] kernel_move_pages+0xb8f/0x11c0 [ 1505.378269] ? rcu_read_lock_any_held+0x75/0xa0 [ 1505.378678] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1505.379172] ? copy_kernel_to_fpregs+0x9e/0xe0 [ 1505.380650] ? trace_event_raw_event_x86_fpu+0x390/0x390 [ 1505.381105] ? ksys_write+0x1a9/0x260 [ 1505.381425] ? __ia32_sys_read+0xb0/0xb0 [ 1505.382862] __x64_sys_move_pages+0xdd/0x1b0 [ 1505.383237] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1505.384773] do_syscall_64+0x33/0x40 [ 1505.385100] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1505.385527] RIP: 0033:0x7f6fdcf13b19 [ 1505.386932] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1505.389579] RSP: 002b:00007f6fda489188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1505.391308] RAX: ffffffffffffffda RBX: 00007f6fdd026f60 RCX: 00007f6fdcf13b19 [ 1505.391920] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1505.393599] RBP: 00007f6fda4891d0 R08: 0000000020000000 R09: 0000000000000000 [ 1505.394197] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1505.395908] R13: 00007ffee9bd176f R14: 00007f6fda489300 R15: 0000000000022000 15:24:39 executing program 2: syz_emit_ethernet(0x56, &(0x7f0000000080)={@random="20f9bdba2470", @remote, @void, {@canfd={0xd, {{}, 0x0, 0x0, 0x0, 0x0, "7bc74f84dbc157914cd8c864a1bea9a4d30d9eedbf84c7959dd76445502e8debf42a1f820f5fe25e762e614b3d9ae47ca38e6862065da5e5550f0dfc6eba6e8f"}}}}, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x8401, 0x0) r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x220000, 0x21) ioctl$FAT_IOCTL_SET_ATTRIBUTES(r1, 0x40047211, &(0x7f0000000180)=0x8) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f00000000c0)={'ipvlan1\x00'}) r2 = openat$vcsa(0xffffffffffffff9c, &(0x7f00000001c0), 0x12400, 0x0) ftruncate(r2, 0x7) write$tun(r0, &(0x7f0000000240)=ANY=[@ANYBLOB="02000000000000000000603cdefa00102100fe880000000000000000000000e4ff00fe80040015b20000000100008000000000000000040190c67a6736091f265d9900960ceeb2b3c599b4272783385deb4ac6e9bb22d03ecb373d8d5c5a3bb1c2ee42655f3938d4e232524767bdf0e5215e9d3d0b1f94fce4c60f01ada863e87c9baf11050be98a70491bfd143a74f6c7ad8753d54dd5ac7e5190408b88a61b21342cbfb5f65bf162729857a37317a9bfcfd60500d29c6591203f804ac8084bea6b4f067ab431101683b5cd012b2c55891793d6837b9fe5dd74151417d86c9545c4cb0a656de9feac5ac888d5def6ddf5b30aad97ecb503e63a10bbdfa91264ed"], 0x42) 15:24:39 executing program 5: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_PAN_ID(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x20, r1, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}]}, 0x20}}, 0x0) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000180)={'wpan0\x00', 0x0}) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000080), r3) r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000000180)={'wpan1\x00', 0x0}) sendmsg$IEEE802154_LLSEC_SETPARAMS(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000001c0)={0x24, r4, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_LLSEC_SECLEVEL={0x5, 0x2a, 0x80}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r6}]}, 0x24}}, 0x0) sendmsg$NL802154_CMD_DEL_SEC_DEVKEY(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000280)={0x278, r1, 0x400, 0x1070bd2a, 0x25dfdbfd, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x200000002}, @NL802154_ATTR_SEC_DEVKEY={0x64, 0x24, 0x0, 0x1, [@NL802154_DEVKEY_ATTR_ID={0x60, 0x3, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_SOURCE_SHORT={0x8, 0x4, 0x3}, @NL802154_KEY_ID_ATTR_MODE={0x8, 0x1, 0x3}, @NL802154_KEY_ID_ATTR_IMPLICIT={0x1c, 0x3, 0x0, 0x1, [@NL802154_DEV_ADDR_ATTR_SHORT={0x6, 0x3, 0xaaa3}, @NL802154_DEV_ADDR_ATTR_PAN_ID={0x6, 0x1, 0x2}, @NL802154_DEV_ADDR_ATTR_SHORT={0x6, 0x3, 0xaaa1}]}, @NL802154_KEY_ID_ATTR_INDEX={0x5, 0x2, 0x3}, @NL802154_KEY_ID_ATTR_IMPLICIT={0x28, 0x3, 0x0, 0x1, [@NL802154_DEV_ADDR_ATTR_EXTENDED={0xc, 0x4, {0xaaaaaaaaaaaa0302}}, @NL802154_DEV_ADDR_ATTR_PAN_ID={0x6, 0x1, 0x1}, @NL802154_DEV_ADDR_ATTR_MODE={0x8, 0x2, 0x2}, @NL802154_DEV_ADDR_ATTR_SHORT={0x6, 0x3, 0xaaa1}]}]}]}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x3}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x300000003}, @NL802154_ATTR_SEC_DEVKEY={0x64, 0x24, 0x0, 0x1, [@NL802154_DEVKEY_ATTR_ID={0x18, 0x3, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_SOURCE_EXTENDED={0xc, 0x5, 0x4}, @NL802154_KEY_ID_ATTR_MODE={0x8, 0x1, 0x2}]}, @NL802154_DEVKEY_ATTR_EXTENDED_ADDR={0xc, 0x2, {0xaaaaaaaaaaaa0102}}, @NL802154_DEVKEY_ATTR_FRAME_COUNTER={0x8, 0x1, 0x1}, @NL802154_DEVKEY_ATTR_FRAME_COUNTER={0x8, 0x1, 0xfff}, @NL802154_DEVKEY_ATTR_ID={0x2c, 0x3, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_INDEX={0x5, 0x2, 0x2}, @NL802154_KEY_ID_ATTR_INDEX={0x5, 0x2, 0x1}, @NL802154_KEY_ID_ATTR_IMPLICIT={0x18, 0x3, 0x0, 0x1, [@NL802154_DEV_ADDR_ATTR_MODE={0x8, 0x2, 0x2}, @NL802154_DEV_ADDR_ATTR_EXTENDED={0xc, 0x4, {0xaaaaaaaaaaaa0302}}]}]}]}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x200000002}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r2}, @NL802154_ATTR_SEC_DEVKEY={0x15c, 0x24, 0x0, 0x1, [@NL802154_DEVKEY_ATTR_EXTENDED_ADDR={0xc, 0x2, {0xaaaaaaaaaaaa0102}}, @NL802154_DEVKEY_ATTR_ID={0x7c, 0x3, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_MODE={0x8, 0x1, 0x1}, @NL802154_KEY_ID_ATTR_INDEX={0x5}, @NL802154_KEY_ID_ATTR_IMPLICIT={0x50, 0x3, 0x0, 0x1, [@NL802154_DEV_ADDR_ATTR_PAN_ID={0x6, 0x1, 0xffff}, @NL802154_DEV_ADDR_ATTR_MODE={0x8, 0x2, 0x2}, @NL802154_DEV_ADDR_ATTR_SHORT={0x6, 0x3, 0x639fdf8b896ce2f2}, @NL802154_DEV_ADDR_ATTR_EXTENDED={0xc}, @NL802154_DEV_ADDR_ATTR_EXTENDED={0xc, 0x4, {0xaaaaaaaaaaaa0102}}, @NL802154_DEV_ADDR_ATTR_MODE={0x8, 0x2, 0x2}, @NL802154_DEV_ADDR_ATTR_EXTENDED={0xc, 0x4, {0xaaaaaaaaaaaa0302}}, @NL802154_DEV_ADDR_ATTR_PAN_ID={0x6, 0x1, 0x1}]}, @NL802154_KEY_ID_ATTR_SOURCE_EXTENDED={0xc, 0x5, 0x3}, @NL802154_KEY_ID_ATTR_SOURCE_EXTENDED={0xc, 0x5, 0xffff}]}, @NL802154_DEVKEY_ATTR_EXTENDED_ADDR={0xc}, @NL802154_DEVKEY_ATTR_FRAME_COUNTER={0x8, 0x1, 0x1002}, @NL802154_DEVKEY_ATTR_EXTENDED_ADDR={0xc}, @NL802154_DEVKEY_ATTR_FRAME_COUNTER={0x8, 0x1, 0x9}, @NL802154_DEVKEY_ATTR_ID={0x94, 0x3, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_MODE={0x8, 0x1, 0x3}, @NL802154_KEY_ID_ATTR_SOURCE_EXTENDED={0xc, 0x5, 0x8000}, @NL802154_KEY_ID_ATTR_IMPLICIT={0x60, 0x3, 0x0, 0x1, [@NL802154_DEV_ADDR_ATTR_EXTENDED={0xc, 0x4, {0xaaaaaaaaaaaa0202}}, @NL802154_DEV_ADDR_ATTR_PAN_ID={0x6, 0x1, 0x2}, @NL802154_DEV_ADDR_ATTR_SHORT={0x6, 0x3, 0xaaa1}, @NL802154_DEV_ADDR_ATTR_MODE={0x8, 0x2, 0x3}, @NL802154_DEV_ADDR_ATTR_MODE={0x8, 0x2, 0x3}, @NL802154_DEV_ADDR_ATTR_SHORT={0x6}, @NL802154_DEV_ADDR_ATTR_PAN_ID={0x6, 0x1, 0x3}, @NL802154_DEV_ADDR_ATTR_EXTENDED={0xc, 0x4, {0xaaaaaaaaaaaa0302}}, @NL802154_DEV_ADDR_ATTR_PAN_ID={0x6, 0x1, 0xffff}, @NL802154_DEV_ADDR_ATTR_EXTENDED={0xc, 0x4, {0xaaaaaaaaaaaa0202}}]}, @NL802154_KEY_ID_ATTR_SOURCE_SHORT={0x8, 0x4, 0x1}, @NL802154_KEY_ID_ATTR_IMPLICIT={0x4}, @NL802154_KEY_ID_ATTR_IMPLICIT={0x10, 0x3, 0x0, 0x1, [@NL802154_DEV_ADDR_ATTR_EXTENDED={0xc, 0x4, {0xaaaaaaaaaaaa0302}}]}]}, @NL802154_DEVKEY_ATTR_EXTENDED_ADDR={0xc, 0x2, {0xaaaaaaaaaaaa0302}}, @NL802154_DEVKEY_ATTR_FRAME_COUNTER={0x8, 0x1, 0x1ff}]}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r6}]}, 0x278}, 0x1, 0x0, 0x0, 0x4004}, 0x4) perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x72, 0x0, 0x0, 0xb7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1}, 0x41158, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000}, 0x0, 0x0, 0xffffffffffffffff, 0x2) r7 = gettid() process_vm_readv(r7, &(0x7f0000001a40)=[{&(0x7f00000018c0)=""/31, 0x1f}, {&(0x7f0000001b40)=""/124, 0x7c}, {&(0x7f0000001980)=""/161, 0xa1}], 0x3, &(0x7f0000001ec0)=[{&(0x7f0000001a80)=""/101, 0x65}, {&(0x7f0000002240)=""/183, 0xb7}, {&(0x7f0000001bc0)=""/122, 0x7a}, {&(0x7f0000001c40)=""/163, 0xa3}, {&(0x7f0000001d00)=""/223, 0xdf}, {&(0x7f0000001e00)}, {&(0x7f00000000c0)=""/11, 0xb}, {&(0x7f0000001b00)=""/46, 0x2e}], 0x8, 0x0) [ 1505.419517] FAULT_INJECTION: forcing a failure. [ 1505.419517] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1505.420646] CPU: 0 PID: 8390 Comm: syz-executor.3 Not tainted 5.10.224 #1 [ 1505.421229] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1505.421935] Call Trace: [ 1505.422172] dump_stack+0x107/0x167 [ 1505.422489] should_fail.cold+0x5/0xa [ 1505.422835] _copy_to_user+0x2e/0x180 [ 1505.423174] do_pages_stat+0x2b4/0x3b0 [ 1505.423520] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1505.424091] ? cpuset_mems_allowed+0x1af/0x440 [ 1505.424362] FAULT_INJECTION: forcing a failure. [ 1505.424362] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1505.424492] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1505.425927] ? trace_hardirqs_on+0x5b/0x180 [ 1505.426302] kernel_move_pages+0xb8f/0x11c0 [ 1505.426684] ? rcu_read_lock_any_held+0x75/0xa0 [ 1505.427081] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1505.427578] ? fput_many+0x2f/0x1a0 [ 1505.427906] ? ksys_write+0x1a9/0x260 [ 1505.428233] ? __ia32_sys_read+0xb0/0xb0 [ 1505.428582] __x64_sys_move_pages+0xdd/0x1b0 [ 1505.428967] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1505.429404] do_syscall_64+0x33/0x40 [ 1505.429726] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1505.430161] RIP: 0033:0x7f1e88ae8b19 [ 1505.430480] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1505.432046] RSP: 002b:00007f1e8603d188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1505.432694] RAX: ffffffffffffffda RBX: 00007f1e88bfc020 RCX: 00007f1e88ae8b19 [ 1505.433300] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1505.433908] RBP: 00007f1e8603d1d0 R08: 0000000020000000 R09: 0000000000000000 [ 1505.434509] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1505.435118] R13: 00007ffda65e58df R14: 00007f1e8603d300 R15: 0000000000022000 [ 1505.435762] CPU: 1 PID: 8391 Comm: syz-executor.6 Not tainted 5.10.224 #1 [ 1505.436379] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1505.437106] Call Trace: [ 1505.437355] dump_stack+0x107/0x167 [ 1505.437685] should_fail.cold+0x5/0xa [ 1505.438050] _copy_from_user+0x2e/0x1b0 [ 1505.438419] do_pages_stat+0xf1/0x3b0 [ 1505.438773] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1505.439302] ? cpuset_mems_allowed+0x1af/0x440 [ 1505.439748] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1505.440055] FAULT_INJECTION: forcing a failure. [ 1505.440055] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1505.440204] ? trace_hardirqs_on+0x5b/0x180 [ 1505.440229] kernel_move_pages+0xb8f/0x11c0 [ 1505.440257] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1505.442478] __x64_sys_move_pages+0xdd/0x1b0 [ 1505.442886] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1505.443345] do_syscall_64+0x33/0x40 [ 1505.443702] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1505.444161] RIP: 0033:0x7f28eb741b19 [ 1505.444497] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1505.446109] RSP: 002b:00007f28e8cb7188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1505.446790] RAX: ffffffffffffffda RBX: 00007f28eb854f60 RCX: 00007f28eb741b19 [ 1505.447420] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1505.448075] RBP: 00007f28e8cb71d0 R08: 0000000020000000 R09: 0000000000000000 [ 1505.448706] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1505.449338] R13: 00007ffd318d456f R14: 00007f28e8cb7300 R15: 0000000000022000 [ 1505.450001] CPU: 0 PID: 8380 Comm: syz-executor.4 Not tainted 5.10.224 #1 [ 1505.450598] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1505.451290] Call Trace: [ 1505.451516] dump_stack+0x107/0x167 [ 1505.451844] should_fail.cold+0x5/0xa [ 1505.452172] _copy_to_user+0x2e/0x180 [ 1505.452498] do_pages_stat+0x2b4/0x3b0 [ 1505.452837] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1505.453327] ? cpuset_mems_allowed+0x1af/0x440 [ 1505.453723] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1505.454149] ? trace_hardirqs_on+0x5b/0x180 [ 1505.454521] kernel_move_pages+0xb8f/0x11c0 [ 1505.454897] ? rcu_read_lock_any_held+0x75/0xa0 [ 1505.455294] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1505.455804] ? fput_many+0x2f/0x1a0 [ 1505.456134] ? ksys_write+0x1a9/0x260 [ 1505.456468] ? __ia32_sys_read+0xb0/0xb0 [ 1505.456819] __x64_sys_move_pages+0xdd/0x1b0 [ 1505.457194] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1505.457630] do_syscall_64+0x33/0x40 [ 1505.457955] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1505.458385] RIP: 0033:0x7f1c0ae11b19 [ 1505.458703] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1505.460252] RSP: 002b:00007f1c08387188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1505.460891] RAX: ffffffffffffffda RBX: 00007f1c0af24f60 RCX: 00007f1c0ae11b19 [ 1505.461488] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1505.462086] RBP: 00007f1c083871d0 R08: 0000000020000000 R09: 0000000000000000 [ 1505.462684] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1505.463280] R13: 00007ffd2ddfd2cf R14: 00007f1c08387300 R15: 0000000000022000 [ 1505.470817] FAULT_INJECTION: forcing a failure. [ 1505.470817] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1505.474089] CPU: 1 PID: 8386 Comm: syz-executor.7 Not tainted 5.10.224 #1 [ 1505.474702] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1505.475428] Call Trace: [ 1505.475694] dump_stack+0x107/0x167 [ 1505.476039] should_fail.cold+0x5/0xa [ 1505.476407] _copy_to_user+0x2e/0x180 [ 1505.476757] do_pages_stat+0x2b4/0x3b0 [ 1505.477122] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1505.477647] ? cpuset_mems_allowed+0x1af/0x440 [ 1505.478079] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1505.478529] ? trace_hardirqs_on+0x5b/0x180 [ 1505.478927] kernel_move_pages+0xb8f/0x11c0 [ 1505.479335] ? rcu_read_lock_any_held+0x75/0xa0 [ 1505.479774] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1505.480301] ? fput_many+0x2f/0x1a0 [ 1505.480649] ? ksys_write+0x1a9/0x260 [ 1505.481004] ? __ia32_sys_read+0xb0/0xb0 [ 1505.481375] __x64_sys_move_pages+0xdd/0x1b0 [ 1505.481776] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1505.482235] do_syscall_64+0x33/0x40 [ 1505.482572] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1505.483026] RIP: 0033:0x7f8be6d86b19 [ 1505.483364] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1505.488979] RSP: 002b:00007f8be42fc188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1505.489653] RAX: ffffffffffffffda RBX: 00007f8be6e99f60 RCX: 00007f8be6d86b19 [ 1505.490277] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1505.490901] RBP: 00007f8be42fc1d0 R08: 0000000020000000 R09: 0000000000000000 [ 1505.491526] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1505.492169] R13: 00007ffd26b6f95f R14: 00007f8be42fc300 R15: 0000000000022000 15:24:40 executing program 4: perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) msgget(0x1, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 79) [ 1505.573745] FAULT_INJECTION: forcing a failure. [ 1505.573745] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1505.576549] CPU: 1 PID: 8397 Comm: syz-executor.4 Not tainted 5.10.224 #1 [ 1505.577196] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1505.577945] Call Trace: [ 1505.578209] dump_stack+0x107/0x167 [ 1505.578558] should_fail.cold+0x5/0xa [ 1505.578946] _copy_from_user+0x2e/0x1b0 [ 1505.579332] do_pages_stat+0xf1/0x3b0 [ 1505.579726] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1505.580243] ? cpuset_mems_allowed+0x1af/0x440 [ 1505.580655] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1505.581089] ? trace_hardirqs_on+0x5b/0x180 [ 1505.581470] kernel_move_pages+0xb8f/0x11c0 [ 1505.581851] ? rcu_read_lock_any_held+0x75/0xa0 [ 1505.582243] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1505.582730] ? fput_many+0x2f/0x1a0 [ 1505.583046] ? ksys_write+0x1a9/0x260 [ 1505.583373] ? __ia32_sys_read+0xb0/0xb0 [ 1505.583767] __x64_sys_move_pages+0xdd/0x1b0 [ 1505.584185] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1505.584668] do_syscall_64+0x33/0x40 [ 1505.585023] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1505.585491] RIP: 0033:0x7f1c0ae11b19 [ 1505.585846] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1505.587479] RSP: 002b:00007f1c08387188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1505.588184] RAX: ffffffffffffffda RBX: 00007f1c0af24f60 RCX: 00007f1c0ae11b19 [ 1505.588828] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1505.589476] RBP: 00007f1c083871d0 R08: 0000000020000000 R09: 0000000000000000 [ 1505.590112] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1505.590750] R13: 00007ffd2ddfd2cf R14: 00007f1c08387300 R15: 0000000000022000 15:24:53 executing program 6: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 90) 15:24:53 executing program 4: perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) msgget(0x1, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 80) 15:24:53 executing program 1: syz_emit_ethernet(0x56, &(0x7f0000000180)=ANY=[@ANYBLOB="20f9bdba2470aaaaaaaaaabb000d00000000000000007bc74f84dbc157914cd8c864a1bea9a4d30d9eedbf84c7959dd76445502e8debf42a1f820f5fe25e762e61c7646f4c7e4b3d9ae47ca38e6862065da5e5550f0dfc6eba6e8f2447a4459924ccb95fc85135d6402dddb64a66d9ac19"], 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x8401, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f00000000c0)={'ipvlan1\x00'}) write$tun(r0, &(0x7f0000000100)={@void, @val={0x1, 0x4, 0x0, 0x2}, @ipv6=@dccp_packet={0x0, 0x6, "3cdefa", 0x10, 0x21, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @local, {[], {{0x0, 0x0, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "265d99", 0x0, "960cee"}}}}}, 0x42) 15:24:53 executing program 5: perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = gettid() r1 = gettid() process_vm_readv(r1, &(0x7f0000001a40)=[{&(0x7f00000018c0)=""/31, 0x1f}, {&(0x7f0000001b40)=""/124, 0x7a}, {&(0x7f0000001980)=""/161, 0xa1}], 0x3, &(0x7f0000001ec0)=[{&(0x7f0000001a80)=""/101, 0x65}, {&(0x7f0000002240)=""/183, 0xffffffbc}, {&(0x7f0000001bc0)=""/122, 0x7a}, {&(0x7f0000001c40)=""/163, 0xa3}, {&(0x7f0000001d00)=""/231, 0xe7}, {&(0x7f0000001e00)}, {&(0x7f0000001e40)=""/9, 0x9}, {&(0x7f0000001b00)=""/46, 0x2e}], 0x8, 0x0) pidfd_open(r1, 0x0) r2 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1, 0x20010, 0xffffffffffffffff, 0x10000000) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl$sock_SIOCETHTOOL(r3, 0x8946, &(0x7f0000000240)={'syz_tun\x00', &(0x7f0000000140)=ANY=[@ANYBLOB="02000000000000000000000000000000000000000000000100000000000000000000000000000000000000004f0e081fc34e65ce26c88c439b49e0ed16d70871844a57b568ad7f718019b8804b57d2166f32e086a9f4827034450dc94d7a1cbff62287ad06ca0533f1f08274587c616a1e26be6d0c96a2740a0e680661363aac5313fa6e3abdbd7a671cb2b5258bcd8f7548c8dce0ece4c61cc7263c0c264616c9e48c556fa2ce961dfd76be"]}) r4 = syz_io_uring_setup(0x3ca0, &(0x7f0000000080), &(0x7f0000400000/0xc00000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000280)=0x0) r7 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0) syz_io_uring_submit(r5, r6, &(0x7f0000000000)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, r7}}, 0x0) syz_io_uring_submit(0x0, r2, &(0x7f0000000000)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x3, 0x0, @fd=r3, 0x2, 0x0, 0x5, 0x4, 0x0, {0x0, r7}}, 0x8) process_vm_readv(r0, &(0x7f0000001a40)=[{&(0x7f00000018c0)=""/31, 0x1f}, {&(0x7f0000001b40)=""/124, 0x7a}, {&(0x7f0000001980)=""/161, 0xa1}], 0x3, &(0x7f0000001ec0)=[{&(0x7f0000001a80)=""/101, 0x65}, {&(0x7f0000002240)=""/183, 0xffffffbc}, {&(0x7f0000001bc0)=""/122, 0x7a}, {&(0x7f0000001c40)=""/163, 0xa3}, {&(0x7f0000001d00)=""/231, 0xe7}, {&(0x7f0000001e00)}, {&(0x7f0000001e40)=""/9, 0x9}, {&(0x7f0000001b00)=""/46, 0x2e}], 0x8, 0x0) 15:24:53 executing program 0: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) setsockopt$packet_rx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0) msgget(0x1, 0x0) ioctl$EXT4_IOC_PRECACHE_EXTENTS(0xffffffffffffffff, 0x6612) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 88) 15:24:53 executing program 7: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000100)={0x0, 0x0}) capset(&(0x7f0000000180)={0x20080522, r0}, &(0x7f00000002c0)={0x40, 0x0, 0xfffffaf2, 0x6, 0xffffffff, 0x40}) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000)='wlan1\x00', 0x10) sendfile(r1, 0xffffffffffffffff, 0x0, 0x6) msgctl$IPC_RMID(0x0, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 35) [ 1518.931944] FAULT_INJECTION: forcing a failure. [ 1518.931944] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1518.933054] CPU: 1 PID: 8411 Comm: syz-executor.6 Not tainted 5.10.224 #1 [ 1518.933669] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1518.934425] Call Trace: [ 1518.934682] dump_stack+0x107/0x167 [ 1518.934999] should_fail.cold+0x5/0xa [ 1518.935376] _copy_to_user+0x2e/0x180 [ 1518.935715] do_pages_stat+0x2b4/0x3b0 [ 1518.936199] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1518.936752] ? cpuset_mems_allowed+0x1af/0x440 [ 1518.937156] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1518.937612] ? trace_hardirqs_on+0x5b/0x180 [ 1518.937991] kernel_move_pages+0xb8f/0x11c0 [ 1518.938396] ? rcu_read_lock_any_held+0x75/0xa0 [ 1518.938797] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1518.939296] ? fput_many+0x2f/0x1a0 [ 1518.939657] ? ksys_write+0x1a9/0x260 [ 1518.940018] ? __ia32_sys_read+0xb0/0xb0 [ 1518.940389] __x64_sys_move_pages+0xdd/0x1b0 [ 1518.940800] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1518.941263] do_syscall_64+0x33/0x40 [ 1518.941609] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1518.942065] RIP: 0033:0x7f28eb741b19 [ 1518.942411] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1518.944012] RSP: 002b:00007f28e8cb7188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1518.944714] RAX: ffffffffffffffda RBX: 00007f28eb854f60 RCX: 00007f28eb741b19 [ 1518.945350] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1518.945994] RBP: 00007f28e8cb71d0 R08: 0000000020000000 R09: 0000000000000000 [ 1518.946644] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1518.947277] R13: 00007ffd318d456f R14: 00007f28e8cb7300 R15: 0000000000022000 [ 1518.957861] FAULT_INJECTION: forcing a failure. [ 1518.957861] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1518.958918] CPU: 1 PID: 8418 Comm: syz-executor.7 Not tainted 5.10.224 #1 [ 1518.959527] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1518.960267] Call Trace: [ 1518.960498] dump_stack+0x107/0x167 [ 1518.960846] should_fail.cold+0x5/0xa [ 1518.961194] _copy_from_user+0x2e/0x1b0 [ 1518.961333] FAULT_INJECTION: forcing a failure. [ 1518.961333] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1518.961561] do_pages_stat+0xf1/0x3b0 [ 1518.961584] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1518.963428] ? cpuset_mems_allowed+0x1af/0x440 [ 1518.963862] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1518.964315] ? trace_hardirqs_on+0x5b/0x180 [ 1518.964707] kernel_move_pages+0xb8f/0x11c0 [ 1518.965106] ? rcu_read_lock_any_held+0x75/0xa0 [ 1518.965517] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1518.966036] ? fput_many+0x2f/0x1a0 [ 1518.966347] ? ksys_write+0x1a9/0x260 [ 1518.966692] ? __ia32_sys_read+0xb0/0xb0 [ 1518.967069] __x64_sys_move_pages+0xdd/0x1b0 [ 1518.967459] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1518.967936] do_syscall_64+0x33/0x40 [ 1518.968270] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1518.968727] RIP: 0033:0x7f8be6d86b19 [ 1518.969061] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1518.970658] RSP: 002b:00007f8be42fc188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1518.971340] RAX: ffffffffffffffda RBX: 00007f8be6e99f60 RCX: 00007f8be6d86b19 [ 1518.971999] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1518.972615] RBP: 00007f8be42fc1d0 R08: 0000000020000000 R09: 0000000000000000 [ 1518.973257] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1518.973885] R13: 00007ffd26b6f95f R14: 00007f8be42fc300 R15: 0000000000022000 [ 1518.974543] CPU: 0 PID: 8419 Comm: syz-executor.0 Not tainted 5.10.224 #1 [ 1518.975161] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1518.975883] Call Trace: [ 1518.976121] dump_stack+0x107/0x167 [ 1518.976434] should_fail.cold+0x5/0xa [ 1518.976771] _copy_to_user+0x2e/0x180 [ 1518.977112] do_pages_stat+0x2b4/0x3b0 [ 1518.977449] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1518.977943] ? cpuset_mems_allowed+0x1af/0x440 [ 1518.978351] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1518.978781] ? trace_hardirqs_on+0x5b/0x180 [ 1518.979169] kernel_move_pages+0xb8f/0x11c0 15:24:53 executing program 2: syz_emit_ethernet(0x56, &(0x7f0000000080)={@random="20f9bdba2470", @remote, @void, {@canfd={0xd, {{}, 0x0, 0x0, 0x0, 0x0, "7bc74f84dbc157914cd8c864a1bea9a4d30d9eedbf84c7959dd76445502e8debf42a1f820f5fe25e762e614b3d9ae47ca38e6862065da5e5550f0dfc6eba6e8f"}}}}, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x8401, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f00000000c0)={'ipvlan1\x00'}) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl$sock_SIOCETHTOOL(r1, 0x8946, &(0x7f0000000240)={'syz_tun\x00', &(0x7f0000000200)=ANY=[@ANYBLOB="020035a2e2086dbbbc07000000000000000000000000000100"/44]}) dup3(r0, r1, 0x80000) write$tun(r0, &(0x7f0000000100)={@void, @val={0x1}, @ipv6=@dccp_packet={0x0, 0x6, "3cdefa", 0x10, 0x21, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @local, {[], {{0x0, 0x0, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "265d99", 0x0, "960cee"}}}}}, 0x42) 15:24:53 executing program 3: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000100)={0x0, 0x0}) capset(&(0x7f0000000180)={0x20080522, r0}, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/locks\x00', 0x0, 0x0) ioctl$FS_IOC_SETVERSION(r2, 0x40087602, &(0x7f0000000040)=0x20) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000)='wlan1\x00', 0x10) sendfile(r1, r2, 0x0, 0x6) r3 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r3, 0x0, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 15) 15:24:53 executing program 1: setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000003200)=0x800, 0x4) syz_emit_ethernet(0x56, &(0x7f0000000080)=ANY=[@ANYBLOB="20f9bdba2470aaaaaaaaaabb000d00000000000000007bc74f84dbc157914cd8c864a1bea9a4d30d9eedbf84c7959d976445502e8debf42a1f820f5fe25e762e614b3d9ae47ca38e6862065da5e5550f0dfc6eba6e8f"], 0x0) r0 = openat$hpet(0xffffffffffffff9c, &(0x7f00000031c0), 0x400000, 0x0) setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x41, &(0x7f0000003240)={'nat\x00', 0x3, [{}, {}, {}]}, 0x58) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x8401, 0x0) ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f00000000c0)={'ipvlan1\x00'}) recvmmsg(0xffffffffffffffff, &(0x7f0000003040)=[{{&(0x7f0000000100)=@rc, 0x80, &(0x7f0000000000)=[{&(0x7f00000001c0)=""/198, 0xc6}], 0x1, &(0x7f00000002c0)=""/176, 0xb0}, 0x80000}, {{0x0, 0x0, &(0x7f0000000600)=[{&(0x7f0000000380)=""/9, 0x9}, {&(0x7f00000003c0)=""/186, 0xba}, {&(0x7f0000000480)=""/93, 0x5d}, {&(0x7f0000000500)=""/74, 0x4a}, {&(0x7f0000000580)=""/15, 0xf}, {&(0x7f00000005c0)=""/56, 0x38}], 0x6}, 0x8}, {{&(0x7f0000000680)=@in6={0xa, 0x0, 0x0, @empty}, 0x80, &(0x7f00000019c0)=[{&(0x7f0000000700)=""/147, 0x93}, {&(0x7f00000007c0)=""/227, 0xe3}, {&(0x7f00000008c0)=""/237, 0xed}, {&(0x7f00000009c0)=""/4096, 0x1000}], 0x4, &(0x7f0000001a00)=""/111, 0x6f}, 0x2}, {{&(0x7f0000001a80)=@qipcrtr, 0x80, &(0x7f0000001d00)=[{&(0x7f0000001b00)=""/224, 0xe0}, {&(0x7f0000001c00)=""/94, 0x5e}, {&(0x7f0000001c80)=""/83, 0x53}], 0x3, &(0x7f0000001d40)=""/150, 0x96}}, {{&(0x7f0000001e00)=@nfc_llcp, 0x80, &(0x7f0000002fc0)=[{&(0x7f0000001e80)=""/4096, 0x1000}, {&(0x7f0000002e80)=""/70, 0x46}, {&(0x7f0000002f00)=""/92, 0x5c}, {&(0x7f0000002f80)=""/41, 0x29}], 0x4, &(0x7f0000003000)=""/11, 0xb}, 0x7f}], 0x5, 0x10000, &(0x7f0000003180)={0x77359400}) write$tun(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="000000176058defa00102100ee8800000000000000000000000000fdfc027a8800000000001be7e83ee141d313000000041aa07800265d9900960cee"], 0x3c) [ 1518.979548] ? rcu_read_lock_any_held+0x75/0xa0 [ 1518.979953] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1518.981324] ? fput_many+0x2f/0x1a0 [ 1518.981642] ? ksys_write+0x1a9/0x260 [ 1518.981965] ? __ia32_sys_read+0xb0/0xb0 [ 1518.982330] __x64_sys_move_pages+0xdd/0x1b0 [ 1518.982708] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1518.983147] do_syscall_64+0x33/0x40 [ 1518.983475] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1518.983932] RIP: 0033:0x7f6fdcf13b19 [ 1518.984248] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1518.986857] RSP: 002b:00007f6fda489188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1518.987493] RAX: ffffffffffffffda RBX: 00007f6fdd026f60 RCX: 00007f6fdcf13b19 [ 1518.988119] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1518.988728] RBP: 00007f6fda4891d0 R08: 0000000020000000 R09: 0000000000000000 [ 1518.989331] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1518.989937] R13: 00007ffee9bd176f R14: 00007f6fda489300 R15: 0000000000022000 [ 1519.007076] FAULT_INJECTION: forcing a failure. [ 1519.007076] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1519.008408] CPU: 0 PID: 8408 Comm: syz-executor.4 Not tainted 5.10.224 #1 [ 1519.009008] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1519.009989] FAULT_INJECTION: forcing a failure. [ 1519.009989] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1519.010787] Call Trace: [ 1519.010808] dump_stack+0x107/0x167 [ 1519.010828] should_fail.cold+0x5/0xa [ 1519.012700] _copy_to_user+0x2e/0x180 [ 1519.013042] do_pages_stat+0x2b4/0x3b0 [ 1519.013386] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1519.013886] ? cpuset_mems_allowed+0x1af/0x440 [ 1519.014292] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1519.014723] ? trace_hardirqs_on+0x5b/0x180 [ 1519.015108] kernel_move_pages+0xb8f/0x11c0 [ 1519.015486] ? rcu_read_lock_any_held+0x75/0xa0 [ 1519.015901] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1519.017481] ? fput_many+0x2f/0x1a0 [ 1519.017803] ? ksys_write+0x1a9/0x260 [ 1519.018128] ? __ia32_sys_read+0xb0/0xb0 [ 1519.018490] __x64_sys_move_pages+0xdd/0x1b0 [ 1519.018873] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1519.019317] do_syscall_64+0x33/0x40 [ 1519.019636] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1519.020086] RIP: 0033:0x7f1c0ae11b19 [ 1519.020419] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1519.021985] RSP: 002b:00007f1c08387188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1519.022642] RAX: ffffffffffffffda RBX: 00007f1c0af24f60 RCX: 00007f1c0ae11b19 [ 1519.023247] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1519.023871] RBP: 00007f1c083871d0 R08: 0000000020000000 R09: 0000000000000000 [ 1519.024471] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1519.025100] R13: 00007ffd2ddfd2cf R14: 00007f1c08387300 R15: 0000000000022000 [ 1519.025753] CPU: 1 PID: 8416 Comm: syz-executor.3 Not tainted 5.10.224 #1 [ 1519.026390] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1519.027125] Call Trace: [ 1519.027356] dump_stack+0x107/0x167 [ 1519.027697] should_fail.cold+0x5/0xa [ 1519.028066] _copy_from_user+0x2e/0x1b0 [ 1519.028431] do_pages_stat+0xf1/0x3b0 [ 1519.028788] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1519.029302] ? cpuset_mems_allowed+0x1af/0x440 [ 1519.029723] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1519.030166] ? trace_hardirqs_on+0x5b/0x180 [ 1519.030581] kernel_move_pages+0xb8f/0x11c0 [ 1519.030981] ? rcu_read_lock_any_held+0x75/0xa0 [ 1519.031378] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1519.031904] ? fput_many+0x2f/0x1a0 [ 1519.032246] ? ksys_write+0x1a9/0x260 [ 1519.032590] ? __ia32_sys_read+0xb0/0xb0 [ 1519.032961] __x64_sys_move_pages+0xdd/0x1b0 [ 1519.033355] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1519.033818] do_syscall_64+0x33/0x40 [ 1519.034151] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1519.034610] RIP: 0033:0x7f1e88ae8b19 [ 1519.034944] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1519.036547] RSP: 002b:00007f1e8605e188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1519.037237] RAX: ffffffffffffffda RBX: 00007f1e88bfbf60 RCX: 00007f1e88ae8b19 [ 1519.037864] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1519.038482] RBP: 00007f1e8605e1d0 R08: 0000000020000000 R09: 0000000000000000 [ 1519.039113] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1519.039762] R13: 00007ffda65e58df R14: 00007f1e8605e300 R15: 0000000000022000 15:24:53 executing program 0: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) setsockopt$packet_rx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0) msgget(0x1, 0x0) ioctl$EXT4_IOC_PRECACHE_EXTENTS(0xffffffffffffffff, 0x6612) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 89) 15:24:53 executing program 6: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 91) 15:24:53 executing program 5: perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = gettid() process_vm_readv(r0, &(0x7f0000001a40)=[{&(0x7f00000018c0)=""/31, 0x1f}, {&(0x7f0000001b40)=""/124, 0x7a}, {&(0x7f0000001980)=""/161, 0xa1}], 0x3, &(0x7f0000001ec0)=[{&(0x7f0000001a80)=""/101, 0x65}, {&(0x7f0000002240)=""/183, 0xffffffbc}, {&(0x7f0000001bc0)=""/122, 0x7a}, {&(0x7f0000001c40)=""/163, 0xa3}, {&(0x7f0000001d00)=""/231, 0xe7}, {&(0x7f0000001e00)}, {&(0x7f0000001e40)=""/9, 0x9}, {&(0x7f0000001b00)=""/46, 0x2e}], 0x8, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) ftruncate(r1, 0x1000003) ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000)) io_uring_register$IORING_REGISTER_BUFFERS(r1, 0x0, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/170, 0xaa}], 0x1) 15:24:53 executing program 7: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000100)={0x0, 0x0}) capset(&(0x7f0000000180)={0x20080522, r0}, &(0x7f00000002c0)={0x40, 0x0, 0xfffffaf2, 0x6, 0xffffffff, 0x40}) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000)='wlan1\x00', 0x10) sendfile(r1, 0xffffffffffffffff, 0x0, 0x6) msgctl$IPC_RMID(0x0, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 36) [ 1519.110961] FAULT_INJECTION: forcing a failure. [ 1519.110961] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1519.112053] CPU: 0 PID: 8427 Comm: syz-executor.0 Not tainted 5.10.224 #1 [ 1519.112653] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1519.113361] Call Trace: [ 1519.113598] dump_stack+0x107/0x167 [ 1519.113914] should_fail.cold+0x5/0xa [ 1519.114253] _copy_from_user+0x2e/0x1b0 [ 1519.114613] do_pages_stat+0xf1/0x3b0 [ 1519.114947] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1519.115464] ? cpuset_mems_allowed+0x1af/0x440 [ 1519.115877] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1519.116307] ? trace_hardirqs_on+0x5b/0x180 [ 1519.116693] kernel_move_pages+0xb8f/0x11c0 [ 1519.117072] ? rcu_read_lock_any_held+0x75/0xa0 [ 1519.117472] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1519.117977] ? fput_many+0x2f/0x1a0 [ 1519.118293] ? ksys_write+0x1a9/0x260 [ 1519.118631] ? __ia32_sys_read+0xb0/0xb0 [ 1519.118982] __x64_sys_move_pages+0xdd/0x1b0 [ 1519.119360] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1519.119824] do_syscall_64+0x33/0x40 [ 1519.120141] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1519.120570] RIP: 0033:0x7f6fdcf13b19 [ 1519.120901] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1519.122435] RSP: 002b:00007f6fda489188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1519.123085] RAX: ffffffffffffffda RBX: 00007f6fdd026f60 RCX: 00007f6fdcf13b19 [ 1519.123684] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1519.124301] RBP: 00007f6fda4891d0 R08: 0000000020000000 R09: 0000000000000000 [ 1519.124907] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1519.125506] R13: 00007ffee9bd176f R14: 00007f6fda489300 R15: 0000000000022000 [ 1519.136988] FAULT_INJECTION: forcing a failure. [ 1519.136988] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1519.138064] CPU: 1 PID: 8432 Comm: syz-executor.6 Not tainted 5.10.224 #1 [ 1519.138679] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1519.139390] Call Trace: [ 1519.139622] dump_stack+0x107/0x167 [ 1519.139945] should_fail.cold+0x5/0xa [ 1519.140275] _copy_from_user+0x2e/0x1b0 [ 1519.140652] do_pages_stat+0xf1/0x3b0 [ 1519.140984] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1519.141498] ? cpuset_mems_allowed+0x1af/0x440 [ 1519.141897] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1519.142329] ? trace_hardirqs_on+0x5b/0x180 [ 1519.142719] kernel_move_pages+0xb8f/0x11c0 [ 1519.143094] ? rcu_read_lock_any_held+0x75/0xa0 [ 1519.143488] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1519.144007] ? fput_many+0x2f/0x1a0 [ 1519.144326] ? ksys_write+0x1a9/0x260 [ 1519.144688] ? __ia32_sys_read+0xb0/0xb0 [ 1519.145035] __x64_sys_move_pages+0xdd/0x1b0 [ 1519.145408] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1519.145879] do_syscall_64+0x33/0x40 [ 1519.146195] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1519.146624] RIP: 0033:0x7f28eb741b19 [ 1519.146963] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1519.148523] RSP: 002b:00007f28e8cb7188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1519.149179] RAX: ffffffffffffffda RBX: 00007f28eb854f60 RCX: 00007f28eb741b19 [ 1519.149776] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1519.150397] RBP: 00007f28e8cb71d0 R08: 0000000020000000 R09: 0000000000000000 [ 1519.151009] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1519.151608] R13: 00007ffd318d456f R14: 00007f28e8cb7300 R15: 0000000000022000 15:24:53 executing program 2: syz_emit_ethernet(0x56, &(0x7f0000000080)={@random="20f9bdba2470", @remote, @void, {@canfd={0xd, {{}, 0x0, 0x0, 0x0, 0x0, "7bc74f84dbc157914cd8c864a1bea9a4d30d9eedbf84c7959dd76445502e8debf42a1f820f5fe25e762e614b3d9ae47ca38e6862065da5e5550f0dfc6eba6e8f"}}}}, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x8401, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f00000000c0)={'ipvlan1\x00'}) r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x105142, 0x0) lseek(r1, 0x0, 0x2) r2 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x4000, 0x128) copy_file_range(r2, 0x0, r1, 0x0, 0x200f5ef, 0x0) ioctl$TUNSETQUEUE(r1, 0x400454d9, &(0x7f0000000000)={'bond_slave_1\x00'}) write$tun(r0, &(0x7f0000000100)={@void, @val={0x1}, @ipv6=@dccp_packet={0x0, 0x6, "3cdefa", 0x10, 0x21, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @local, {[], {{0x0, 0x0, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "265d99", 0x0, "960cee"}}}}}, 0x42) 15:24:53 executing program 4: perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) msgget(0x1, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 81) [ 1519.156978] FAULT_INJECTION: forcing a failure. [ 1519.156978] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1519.159850] CPU: 0 PID: 8430 Comm: syz-executor.7 Not tainted 5.10.224 #1 [ 1519.160442] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1519.161175] Call Trace: [ 1519.161410] dump_stack+0x107/0x167 [ 1519.161726] should_fail.cold+0x5/0xa [ 1519.162075] _copy_to_user+0x2e/0x180 [ 1519.162407] do_pages_stat+0x2b4/0x3b0 [ 1519.162753] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1519.163262] ? cpuset_mems_allowed+0x1af/0x440 [ 1519.163663] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1519.164115] ? trace_hardirqs_on+0x5b/0x180 [ 1519.164490] kernel_move_pages+0xb8f/0x11c0 [ 1519.164873] ? rcu_read_lock_any_held+0x75/0xa0 [ 1519.165281] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1519.165777] ? fput_many+0x2f/0x1a0 [ 1519.167180] ? ksys_write+0x1a9/0x260 [ 1519.167520] ? __ia32_sys_read+0xb0/0xb0 [ 1519.167892] __x64_sys_move_pages+0xdd/0x1b0 [ 1519.168280] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1519.168715] do_syscall_64+0x33/0x40 [ 1519.169031] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1519.169474] RIP: 0033:0x7f8be6d86b19 [ 1519.169792] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1519.171400] RSP: 002b:00007f8be42fc188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1519.172062] RAX: ffffffffffffffda RBX: 00007f8be6e99f60 RCX: 00007f8be6d86b19 [ 1519.173747] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1519.174351] RBP: 00007f8be42fc1d0 R08: 0000000020000000 R09: 0000000000000000 [ 1519.174968] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1519.175583] R13: 00007ffd26b6f95f R14: 00007f8be42fc300 R15: 0000000000022000 15:24:53 executing program 1: syz_emit_ethernet(0x56, &(0x7f0000000080)={@random="20f9bdba2470", @remote, @void, {@canfd={0xd, {{}, 0x0, 0x0, 0x0, 0x0, "7bc74f84dbc157914cd8c864a1bea9a4d30d9eedbf84c7959dd76445502e8debf42a1f820f5fe25e762e614b3d9ae47ca38e6862065da5e5550f0dfc6eba6e8f"}}}}, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x8401, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f00000000c0)={'ipvlan1\x00'}) write$tun(r0, &(0x7f0000000100)={@void, @val={0x1, 0x4, 0x0, 0x2002, 0x0, 0x1}, @ipv6=@dccp_packet={0x0, 0x6, "3cdefa", 0x10, 0x21, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @local, {[], {{0x0, 0x0, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x4, "265d99", 0x0, "960cee"}}}}}, 0x42) [ 1519.203263] FAULT_INJECTION: forcing a failure. [ 1519.203263] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1519.204357] CPU: 1 PID: 8438 Comm: syz-executor.4 Not tainted 5.10.224 #1 [ 1519.204958] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1519.205691] Call Trace: [ 1519.205920] dump_stack+0x107/0x167 [ 1519.206249] should_fail.cold+0x5/0xa [ 1519.206608] _copy_from_user+0x2e/0x1b0 [ 1519.206952] do_pages_stat+0xf1/0x3b0 15:24:53 executing program 3: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000100)={0x0, 0x0}) capset(&(0x7f0000000180)={0x20080522, r0}, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/locks\x00', 0x0, 0x0) ioctl$FS_IOC_SETVERSION(r2, 0x40087602, &(0x7f0000000040)=0x20) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000)='wlan1\x00', 0x10) sendfile(r1, r2, 0x0, 0x6) r3 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r3, 0x0, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 16) [ 1519.207300] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1519.207837] ? cpuset_mems_allowed+0x1af/0x440 [ 1519.208253] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1519.208708] ? trace_hardirqs_on+0x5b/0x180 [ 1519.209249] kernel_move_pages+0xb8f/0x11c0 [ 1519.209645] ? rcu_read_lock_any_held+0x75/0xa0 [ 1519.210057] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1519.210572] ? fput_many+0x2f/0x1a0 [ 1519.210906] ? ksys_write+0x1a9/0x260 [ 1519.211257] ? __ia32_sys_read+0xb0/0xb0 [ 1519.211623] __x64_sys_move_pages+0xdd/0x1b0 [ 1519.212056] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1519.212507] do_syscall_64+0x33/0x40 [ 1519.212850] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1519.213305] RIP: 0033:0x7f1c0ae11b19 [ 1519.213632] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1519.215229] RSP: 002b:00007f1c08387188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1519.215936] RAX: ffffffffffffffda RBX: 00007f1c0af24f60 RCX: 00007f1c0ae11b19 [ 1519.216550] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1519.217189] RBP: 00007f1c083871d0 R08: 0000000020000000 R09: 0000000000000000 [ 1519.217823] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1519.218420] R13: 00007ffd2ddfd2cf R14: 00007f1c08387300 R15: 0000000000022000 [ 1519.246325] FAULT_INJECTION: forcing a failure. [ 1519.246325] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1519.247409] CPU: 0 PID: 8441 Comm: syz-executor.3 Not tainted 5.10.224 #1 [ 1519.248002] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1519.248714] Call Trace: [ 1519.248952] dump_stack+0x107/0x167 [ 1519.249266] should_fail.cold+0x5/0xa [ 1519.249613] _copy_to_user+0x2e/0x180 [ 1519.249945] do_pages_stat+0x2b4/0x3b0 [ 1519.250285] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1519.250790] ? trace_hardirqs_on+0x5b/0x180 [ 1519.251169] ? _raw_spin_unlock_irqrestore+0x25/0x40 [ 1519.251617] kernel_move_pages+0xb8f/0x11c0 [ 1519.252011] ? rcu_read_lock_any_held+0x75/0xa0 [ 1519.252407] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1519.252911] ? fput_many+0x2f/0x1a0 [ 1519.253229] ? ksys_write+0x1a9/0x260 [ 1519.253555] ? __ia32_sys_read+0xb0/0xb0 [ 1519.253921] __x64_sys_move_pages+0xdd/0x1b0 [ 1519.254301] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1519.254749] do_syscall_64+0x33/0x40 [ 1519.255068] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1519.255500] RIP: 0033:0x7f1e88ae8b19 [ 1519.255839] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1519.257406] RSP: 002b:00007f1e8605e188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1519.258062] RAX: ffffffffffffffda RBX: 00007f1e88bfbf60 RCX: 00007f1e88ae8b19 [ 1519.258665] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 15:24:53 executing program 5: perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = gettid() process_vm_readv(r0, &(0x7f0000001a40)=[{&(0x7f0000000000)=""/33, 0x21}, {&(0x7f0000001b40)=""/124, 0x7c}, {&(0x7f0000001980)=""/161, 0xa1}], 0x3, &(0x7f00000010c0)=[{&(0x7f0000001a80)=""/101, 0x65}, {&(0x7f0000002240)=""/183, 0xb7}, {&(0x7f0000001bc0)=""/122, 0x7a}, {&(0x7f0000001c40)=""/163, 0xa3}, {&(0x7f0000001d00)=""/231, 0xe7}, {&(0x7f0000001180)=""/14, 0xe}, {&(0x7f0000001e40)=""/9, 0x9}, {&(0x7f0000001b00)=""/46, 0x2e}, {&(0x7f00000000c0)=""/4096, 0x1000}], 0x9, 0x0) 15:24:53 executing program 6: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 92) [ 1519.259277] RBP: 00007f1e8605e1d0 R08: 0000000020000000 R09: 0000000000000000 [ 1519.259899] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1519.260514] R13: 00007ffda65e58df R14: 00007f1e8605e300 R15: 0000000000022000 15:24:53 executing program 0: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) setsockopt$packet_rx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0) msgget(0x1, 0x0) ioctl$EXT4_IOC_PRECACHE_EXTENTS(0xffffffffffffffff, 0x6612) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 90) [ 1519.291336] FAULT_INJECTION: forcing a failure. [ 1519.291336] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1519.292568] CPU: 0 PID: 8447 Comm: syz-executor.0 Not tainted 5.10.224 #1 [ 1519.293165] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1519.293872] Call Trace: [ 1519.294105] dump_stack+0x107/0x167 [ 1519.294419] should_fail.cold+0x5/0xa [ 1519.294765] _copy_to_user+0x2e/0x180 [ 1519.295113] do_pages_stat+0x2b4/0x3b0 [ 1519.295455] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1519.295979] ? cpuset_mems_allowed+0x1af/0x440 [ 1519.296381] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1519.296810] ? trace_hardirqs_on+0x5b/0x180 [ 1519.297197] kernel_move_pages+0xb8f/0x11c0 [ 1519.297574] ? rcu_read_lock_any_held+0x75/0xa0 [ 1519.297969] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1519.298472] ? fput_many+0x2f/0x1a0 [ 1519.298790] ? ksys_write+0x1a9/0x260 [ 1519.299115] ? __ia32_sys_read+0xb0/0xb0 [ 1519.299475] __x64_sys_move_pages+0xdd/0x1b0 [ 1519.299867] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1519.300315] do_syscall_64+0x33/0x40 [ 1519.300634] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1519.301071] RIP: 0033:0x7f6fdcf13b19 [ 1519.301402] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1519.302970] RSP: 002b:00007f6fda489188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1519.303627] RAX: ffffffffffffffda RBX: 00007f6fdd026f60 RCX: 00007f6fdcf13b19 [ 1519.304244] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1519.304856] RBP: 00007f6fda4891d0 R08: 0000000020000000 R09: 0000000000000000 [ 1519.305458] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1519.306072] R13: 00007ffee9bd176f R14: 00007f6fda489300 R15: 0000000000022000 [ 1519.322001] FAULT_INJECTION: forcing a failure. [ 1519.322001] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1519.323133] CPU: 1 PID: 8451 Comm: syz-executor.6 Not tainted 5.10.224 #1 [ 1519.323758] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1519.324496] Call Trace: [ 1519.324728] dump_stack+0x107/0x167 [ 1519.325058] should_fail.cold+0x5/0xa [ 1519.325408] _copy_to_user+0x2e/0x180 [ 1519.325762] do_pages_stat+0x2b4/0x3b0 [ 1519.326120] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1519.326639] ? cpuset_mems_allowed+0x1af/0x440 [ 1519.327060] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1519.327509] ? trace_hardirqs_on+0x5b/0x180 [ 1519.327909] kernel_move_pages+0xb8f/0x11c0 [ 1519.328315] ? rcu_read_lock_any_held+0x75/0xa0 [ 1519.328733] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1519.329267] ? fput_many+0x2f/0x1a0 [ 1519.329585] ? ksys_write+0x1a9/0x260 [ 1519.329937] ? __ia32_sys_read+0xb0/0xb0 [ 1519.330306] __x64_sys_move_pages+0xdd/0x1b0 [ 1519.330708] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1519.331161] do_syscall_64+0x33/0x40 [ 1519.331504] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1519.331967] RIP: 0033:0x7f28eb741b19 [ 1519.332313] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1519.333911] RSP: 002b:00007f28e8cb7188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1519.334595] RAX: ffffffffffffffda RBX: 00007f28eb854f60 RCX: 00007f28eb741b19 15:24:53 executing program 2: syz_emit_ethernet(0x56, &(0x7f0000000080)=ANY=[@ANYBLOB="20f9bdba2470aaaaaaaaaaf523f944000000000000007bc74f84dbc157914cd8c864a1bea9a4d30d9eedbf84c7959dd76445502e8debf42a1f820f5fe2f6655e762e614b3d9ae47ca38e68620679a5e5550f0dfc6eba"], 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x8401, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f00000000c0)={'ipvlan1\x00'}) r1 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setown(r1, 0x8, 0xffffffffffffffff) close(r1) close_range(r1, 0xffffffffffffffff, 0x0) ioctl$TUNSETQUEUE(r1, 0x400454d9, &(0x7f0000000000)={'ip6_vti0\x00'}) r2 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setown(r2, 0x8, 0xffffffffffffffff) close(r2) close_range(r2, 0xffffffffffffffff, 0x0) ioctl$TUNSETCARRIER(r2, 0x400454e2, &(0x7f0000000180)) write$tun(r0, &(0x7f0000000100)={@void, @val={0x1}, @ipv6=@dccp_packet={0x0, 0x6, "3cdefa", 0x10, 0x21, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @local, {[], {{0x0, 0x0, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "265d99", 0x0, "960cee"}}}}}, 0x42) [ 1519.335234] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1519.335862] RBP: 00007f28e8cb71d0 R08: 0000000020000000 R09: 0000000000000000 [ 1519.336508] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1519.337342] R13: 00007ffd318d456f R14: 00007f28e8cb7300 R15: 0000000000022000 15:24:53 executing program 4: perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) msgget(0x1, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 82) 15:24:53 executing program 1: epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000000)) syz_emit_ethernet(0x56, &(0x7f0000000080)={@random="20f9bdba2470", @remote, @void, {@canfd={0xd, {{}, 0x0, 0x0, 0x0, 0x0, "7bc74f84dbc157914cd8c864a1bea9a4d30d9eedbf84c7959dd76445502e8debf42a1f820f5fe25e762e614b3d9ae47ca38e6862065da5e5550f0dfc6eba6e8f"}}}}, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x8401, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f00000000c0)={'ipvlan1\x00'}) write$tun(r0, &(0x7f0000000100)={@void, @val={0x1, 0x4, 0x0, 0x2}, @ipv6=@dccp_packet={0x0, 0x6, "3cdefa", 0x10, 0x21, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @local, {[], {{0x0, 0x0, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "265d99", 0x0, "960cee"}}}}}, 0x42) 15:24:53 executing program 3: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000100)={0x0, 0x0}) capset(&(0x7f0000000180)={0x20080522, r0}, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/locks\x00', 0x0, 0x0) ioctl$FS_IOC_SETVERSION(r2, 0x40087602, &(0x7f0000000040)=0x20) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000)='wlan1\x00', 0x10) sendfile(r1, r2, 0x0, 0x6) r3 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r3, 0x0, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 17) 15:24:53 executing program 5: perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff, 0x0, @perf_bp={0x0}, 0x28, 0x0, 0x0, 0x6, 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = gettid() process_vm_readv(r0, &(0x7f0000001a40)=[{&(0x7f00000018c0)=""/31, 0x1f}, {&(0x7f0000001b40)=""/124, 0x7a}, {&(0x7f0000001980)=""/161, 0xa1}], 0x3, &(0x7f0000001ec0)=[{&(0x7f0000001a80)=""/101, 0x65}, {&(0x7f0000002240)=""/183, 0xffffffbc}, {&(0x7f0000001bc0)=""/122, 0x7a}, {&(0x7f0000001c40)=""/163, 0xa3}, {&(0x7f0000001d00)=""/231, 0xe7}, {&(0x7f0000001e00)}, {&(0x7f0000001e40)=""/9, 0x9}, {&(0x7f0000001b00)=""/46, 0x2e}], 0x8, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x105142, 0x0) lseek(r1, 0x0, 0x2) r2 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x4000, 0x128) copy_file_range(r2, 0x0, r1, 0x0, 0x200f5ef, 0x0) r3 = perf_event_open(&(0x7f00000001c0)={0x6, 0x80, 0x20, 0x7f, 0x9, 0x2, 0x0, 0x6, 0x400, 0xc, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x80000001, 0x4, @perf_bp={&(0x7f00000000c0), 0x3}, 0x18000, 0xffffffffffffffff, 0x7f, 0x4, 0x3, 0x4, 0x0, 0x0, 0xb8d, 0x0, 0x8}, r0, 0xa, r2, 0x0) r4 = gettid() splice(r3, &(0x7f0000000100)=0x306e9672, 0xffffffffffffffff, &(0x7f0000000240)=0x7, 0x5bde4ce1, 0xc) process_vm_readv(r4, &(0x7f0000001a40)=[{&(0x7f0000000000)=""/43, 0x2b}, {&(0x7f0000000140)=""/124, 0x7c}, {&(0x7f0000001980)=""/161, 0xa1}], 0x3, &(0x7f00000000c0), 0x0, 0x0) [ 1519.389775] FAULT_INJECTION: forcing a failure. [ 1519.389775] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1519.390854] CPU: 1 PID: 8456 Comm: syz-executor.4 Not tainted 5.10.224 #1 [ 1519.391474] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1519.392192] Call Trace: [ 1519.392446] dump_stack+0x107/0x167 [ 1519.392783] should_fail.cold+0x5/0xa [ 1519.393266] _copy_to_user+0x2e/0x180 [ 1519.393628] do_pages_stat+0x2b4/0x3b0 [ 1519.393966] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1519.394477] ? cpuset_mems_allowed+0x1af/0x440 [ 1519.394898] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1519.395340] ? trace_hardirqs_on+0x5b/0x180 [ 1519.395747] kernel_move_pages+0xb8f/0x11c0 [ 1519.396145] ? rcu_read_lock_any_held+0x75/0xa0 [ 1519.396566] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1519.397097] ? fput_many+0x2f/0x1a0 [ 1519.397428] ? ksys_write+0x1a9/0x260 [ 1519.397755] ? __ia32_sys_read+0xb0/0xb0 [ 1519.398127] __x64_sys_move_pages+0xdd/0x1b0 [ 1519.398521] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1519.398994] do_syscall_64+0x33/0x40 [ 1519.399310] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1519.399791] RIP: 0033:0x7f1c0ae11b19 [ 1519.400149] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1519.401696] RSP: 002b:00007f1c08387188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1519.402352] RAX: ffffffffffffffda RBX: 00007f1c0af24f60 RCX: 00007f1c0ae11b19 [ 1519.402948] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1519.403561] RBP: 00007f1c083871d0 R08: 0000000020000000 R09: 0000000000000000 [ 1519.404170] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1519.404785] R13: 00007ffd2ddfd2cf R14: 00007f1c08387300 R15: 0000000000022000 [ 1519.423237] FAULT_INJECTION: forcing a failure. [ 1519.423237] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1519.424372] CPU: 0 PID: 8459 Comm: syz-executor.3 Not tainted 5.10.224 #1 [ 1519.424952] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1519.425671] Call Trace: [ 1519.425910] dump_stack+0x107/0x167 [ 1519.426233] should_fail.cold+0x5/0xa [ 1519.426573] _copy_from_user+0x2e/0x1b0 [ 1519.426919] do_pages_stat+0xf1/0x3b0 [ 1519.427263] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1519.427769] ? cpuset_mems_allowed+0x1af/0x440 [ 1519.428186] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1519.428619] ? trace_hardirqs_on+0x5b/0x180 [ 1519.428999] kernel_move_pages+0xb8f/0x11c0 [ 1519.429394] ? rcu_read_lock_any_held+0x75/0xa0 [ 1519.429793] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1519.430296] ? fput_many+0x2f/0x1a0 [ 1519.430616] ? ksys_write+0x1a9/0x260 [ 1519.430946] ? __ia32_sys_read+0xb0/0xb0 [ 1519.431301] __x64_sys_move_pages+0xdd/0x1b0 [ 1519.431693] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1519.432157] do_syscall_64+0x33/0x40 [ 1519.432487] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1519.432923] RIP: 0033:0x7f1e88ae8b19 [ 1519.433241] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1519.434806] RSP: 002b:00007f1e8605e188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1519.435453] RAX: ffffffffffffffda RBX: 00007f1e88bfbf60 RCX: 00007f1e88ae8b19 [ 1519.436082] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1519.436692] RBP: 00007f1e8605e1d0 R08: 0000000020000000 R09: 0000000000000000 [ 1519.437290] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1519.437897] R13: 00007ffda65e58df R14: 00007f1e8605e300 R15: 0000000000022000 15:25:08 executing program 7: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000100)={0x0, 0x0}) capset(&(0x7f0000000180)={0x20080522, r0}, &(0x7f00000002c0)={0x40, 0x0, 0xfffffaf2, 0x6, 0xffffffff, 0x40}) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000)='wlan1\x00', 0x10) sendfile(r1, 0xffffffffffffffff, 0x0, 0x6) msgctl$IPC_RMID(0x0, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 37) 15:25:08 executing program 3: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000100)={0x0, 0x0}) capset(&(0x7f0000000180)={0x20080522, r0}, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/locks\x00', 0x0, 0x0) ioctl$FS_IOC_SETVERSION(r2, 0x40087602, &(0x7f0000000040)=0x20) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000)='wlan1\x00', 0x10) sendfile(r1, r2, 0x0, 0x6) r3 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r3, 0x0, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 18) 15:25:08 executing program 5: perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = gettid() process_vm_readv(r0, &(0x7f0000001a40)=[{&(0x7f00000018c0)=""/31, 0x1f}, {&(0x7f0000001b40)=""/124, 0x7a}, {&(0x7f0000001980)=""/161, 0xa1}], 0x3, &(0x7f0000001ec0)=[{&(0x7f0000001a80)=""/101, 0x65}, {&(0x7f0000002240)=""/183, 0xffffffbc}, {&(0x7f0000001bc0)=""/122, 0x7a}, {&(0x7f0000001c40)=""/163, 0xa3}, {&(0x7f0000001d00)=""/231, 0xe7}, {&(0x7f0000001e00)}, {&(0x7f0000001e40)=""/9, 0x9}, {&(0x7f0000001b00)=""/46, 0x2e}], 0x8, 0x0) process_vm_readv(r0, &(0x7f0000000680)=[{&(0x7f00000000c0)=""/206, 0xce}, {&(0x7f00000001c0)=""/239, 0xef}, {&(0x7f0000000000)=""/15, 0xf}, {&(0x7f00000002c0)=""/115, 0x73}, {&(0x7f0000000340)=""/74, 0x4a}, {&(0x7f00000003c0)=""/120, 0x78}, {&(0x7f0000000440)=""/90, 0x5a}, {&(0x7f00000004c0)=""/208, 0xd0}, {&(0x7f00000005c0)=""/182, 0xb6}], 0x9, &(0x7f0000000d40)=[{&(0x7f0000000740)=""/98, 0x62}, {&(0x7f00000007c0)=""/172, 0xac}, {&(0x7f0000000880)=""/98, 0x62}, {&(0x7f0000000900)=""/182, 0xb6}, {&(0x7f00000009c0)=""/205, 0xcd}, {&(0x7f0000000ac0)=""/61, 0x3d}, {&(0x7f0000000b00)=""/170, 0xaa}, {&(0x7f0000000bc0)=""/95, 0x5f}, {&(0x7f0000000c40)=""/216, 0xd8}], 0x9, 0x0) 15:25:08 executing program 4: perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) msgget(0x1, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 83) 15:25:08 executing program 0: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) setsockopt$packet_rx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0) msgget(0x1, 0x0) ioctl$EXT4_IOC_PRECACHE_EXTENTS(0xffffffffffffffff, 0x6612) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 91) 15:25:08 executing program 6: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 93) 15:25:08 executing program 1: syz_emit_ethernet(0x56, &(0x7f0000000080)={@random="20f9bdba2470", @remote, @void, {@canfd={0xd, {{}, 0x0, 0x0, 0x0, 0x0, "7bc74f84dbc157914cd8c864a1bea9a4d30d9eedbf84c7959dd76445502e8debf42a1f820f5fe25e762e614b3d9ae47ca38e6862065da5e5550f0dfc6eba6e8f"}}}}, 0x0) write$tun(0xffffffffffffffff, &(0x7f0000000180)={@void, @void, @x25={0x1, 0x3f, 0xf, "5bdd77da2026f0f6948e91f83901f800f084209f4af45ebaf5f502c7b20e01db53671060e89ef9467f5a0b89353ca67f673ca158db84dfaf2fe1e46c1979f8e47db92804f244a2e20855226f022deb503eed211ddd4720ed47773c9422a5c2faeace55963ad66978ab01d36b9cf0c66e65e6d29791792a1fc3378ff1a5576bb08d38a5b752395bc4f75f662f71f2f2d3691ef93a1262fc495840a668db449899f8203536a7a4aa6296aec66e73cae863b37241cac00355254442cf0ebd66bf222969d63ff1c2beac3d7a89fde22493ff9d9995195c28e222ae813ad93f74e63903506c25e5f14fd6ddb0fcecb0"}}, 0xf0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x8401, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f00000000c0)={'ipvlan1\x00'}) write$tun(r0, &(0x7f0000000100)={@void, @val={0x1, 0x4, 0x0, 0x2}, @ipv6=@dccp_packet={0x0, 0x6, "3cdefa", 0x10, 0x21, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @local, {[], {{0x0, 0x0, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "265d99", 0x0, "960cee"}}}}}, 0x42) r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x105142, 0x0) lseek(r1, 0x0, 0x2) r2 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x4000, 0x128) copy_file_range(r2, 0x0, r1, 0x0, 0x200f5ef, 0x0) openat$cgroup_ro(r2, &(0x7f0000000000)='cpu.stat\x00', 0x0, 0x0) 15:25:08 executing program 2: syz_emit_ethernet(0x56, &(0x7f0000000080)={@random="20f9bdba2470", @remote, @void, {@canfd={0xd, {{}, 0x0, 0x0, 0x0, 0x0, "7bc74f84dbc157914cd8c864a1bea9a4d30d9eedbf84c7959dd76445502e8debf42a1f820f5fe25e762e614b3d9ae47ca38e6862065da5e5550f0dfc6eba6e8f"}}}}, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x8401, 0x0) write$tun(r0, &(0x7f0000000100)={@void, @val={0x1}, @ipv6=@dccp_packet={0x0, 0x6, "3cdefa", 0x10, 0x21, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @local, {[], {{0x0, 0x0, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "265d99", 0x0, "960cee"}}}}}, 0x42) [ 1533.947223] FAULT_INJECTION: forcing a failure. [ 1533.947223] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1533.948489] CPU: 0 PID: 8472 Comm: syz-executor.7 Not tainted 5.10.224 #1 [ 1533.949131] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1533.949965] Call Trace: [ 1533.950230] dump_stack+0x107/0x167 [ 1533.950600] should_fail.cold+0x5/0xa [ 1533.950712] FAULT_INJECTION: forcing a failure. [ 1533.950712] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1533.950985] _copy_from_user+0x2e/0x1b0 [ 1533.953516] do_pages_stat+0xf1/0x3b0 [ 1533.953914] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1533.954481] ? cpuset_mems_allowed+0x1af/0x440 [ 1533.954946] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1533.955427] ? trace_hardirqs_on+0x5b/0x180 [ 1533.955868] kernel_move_pages+0xb8f/0x11c0 [ 1533.956326] ? rcu_read_lock_any_held+0x75/0xa0 [ 1533.956784] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1533.957383] ? fput_many+0x2f/0x1a0 [ 1533.957753] ? ksys_write+0x1a9/0x260 [ 1533.958138] ? __ia32_sys_read+0xb0/0xb0 [ 1533.958539] __x64_sys_move_pages+0xdd/0x1b0 [ 1533.958985] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1533.959469] do_syscall_64+0x33/0x40 [ 1533.959892] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1533.960471] RIP: 0033:0x7f8be6d86b19 [ 1533.960836] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1533.963447] RSP: 002b:00007f8be42fc188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1533.964282] RAX: ffffffffffffffda RBX: 00007f8be6e99f60 RCX: 00007f8be6d86b19 [ 1533.965028] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1533.965743] RBP: 00007f8be42fc1d0 R08: 0000000020000000 R09: 0000000000000000 [ 1533.966503] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1533.967246] R13: 00007ffd26b6f95f R14: 00007f8be42fc300 R15: 0000000000022000 [ 1533.972467] CPU: 1 PID: 8484 Comm: syz-executor.4 Not tainted 5.10.224 #1 [ 1533.975769] FAULT_INJECTION: forcing a failure. [ 1533.975769] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1533.976401] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1533.976406] Call Trace: [ 1533.976425] dump_stack+0x107/0x167 [ 1533.976443] should_fail.cold+0x5/0xa [ 1533.978919] _copy_from_user+0x2e/0x1b0 [ 1533.979259] do_pages_stat+0xf1/0x3b0 [ 1533.979588] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1533.980302] ? cpuset_mems_allowed+0x1af/0x440 [ 1533.981325] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1533.982420] ? trace_hardirqs_on+0x5b/0x180 [ 1533.983377] kernel_move_pages+0xb8f/0x11c0 [ 1533.984329] ? rcu_read_lock_any_held+0x75/0xa0 [ 1533.985347] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1533.986612] ? fput_many+0x2f/0x1a0 [ 1533.987411] ? ksys_write+0x1a9/0x260 [ 1533.988246] ? __ia32_sys_read+0xb0/0xb0 [ 1533.989151] __x64_sys_move_pages+0xdd/0x1b0 [ 1533.990127] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1533.991262] do_syscall_64+0x33/0x40 [ 1533.992099] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1533.993240] RIP: 0033:0x7f1c0ae11b19 [ 1533.994060] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1533.998138] RSP: 002b:00007f1c08387188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1533.999798] RAX: ffffffffffffffda RBX: 00007f1c0af24f60 RCX: 00007f1c0ae11b19 [ 1534.001354] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1534.002907] RBP: 00007f1c083871d0 R08: 0000000020000000 R09: 0000000000000000 [ 1534.004467] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1534.006017] R13: 00007ffd2ddfd2cf R14: 00007f1c08387300 R15: 0000000000022000 [ 1534.007614] CPU: 0 PID: 8481 Comm: syz-executor.0 Not tainted 5.10.224 #1 [ 1534.008375] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1534.009242] Call Trace: [ 1534.009528] dump_stack+0x107/0x167 [ 1534.009913] should_fail.cold+0x5/0xa [ 1534.010333] _copy_from_user+0x2e/0x1b0 [ 1534.010764] do_pages_stat+0xf1/0x3b0 [ 1534.011182] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1534.011743] ? cpuset_mems_allowed+0x1af/0x440 [ 1534.012227] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1534.012717] ? trace_hardirqs_on+0x5b/0x180 [ 1534.013176] kernel_move_pages+0xb8f/0x11c0 [ 1534.013613] ? rcu_read_lock_any_held+0x75/0xa0 [ 1534.014073] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1534.014649] ? fput_many+0x2f/0x1a0 [ 1534.015004] ? ksys_write+0x1a9/0x260 [ 1534.015389] ? __ia32_sys_read+0xb0/0xb0 [ 1534.015782] __x64_sys_move_pages+0xdd/0x1b0 [ 1534.016243] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1534.016736] do_syscall_64+0x33/0x40 [ 1534.017103] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1534.017626] RIP: 0033:0x7f6fdcf13b19 [ 1534.017992] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1534.019797] RSP: 002b:00007f6fda489188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1534.020580] RAX: ffffffffffffffda RBX: 00007f6fdd026f60 RCX: 00007f6fdcf13b19 [ 1534.021267] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1534.021985] RBP: 00007f6fda4891d0 R08: 0000000020000000 R09: 0000000000000000 [ 1534.022686] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1534.023372] R13: 00007ffee9bd176f R14: 00007f6fda489300 R15: 0000000000022000 [ 1534.036967] FAULT_INJECTION: forcing a failure. [ 1534.036967] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1534.038280] CPU: 0 PID: 8483 Comm: syz-executor.6 Not tainted 5.10.224 #1 [ 1534.038950] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1534.039806] Call Trace: [ 1534.040084] dump_stack+0x107/0x167 [ 1534.040435] should_fail.cold+0x5/0xa [ 1534.040845] _copy_from_user+0x2e/0x1b0 [ 1534.041236] do_pages_stat+0xf1/0x3b0 [ 1534.041640] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1534.042216] ? cpuset_mems_allowed+0x1af/0x440 [ 1534.042716] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1534.043226] ? trace_hardirqs_on+0x5b/0x180 [ 1534.043650] kernel_move_pages+0xb8f/0x11c0 [ 1534.044112] ? rcu_read_lock_any_held+0x75/0xa0 [ 1534.044576] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1534.045159] ? fput_many+0x2f/0x1a0 [ 1534.045523] ? ksys_write+0x1a9/0x260 [ 1534.045924] ? __ia32_sys_read+0xb0/0xb0 [ 1534.046352] __x64_sys_move_pages+0xdd/0x1b0 [ 1534.046801] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1534.047339] do_syscall_64+0x33/0x40 [ 1534.047708] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1534.048232] RIP: 0033:0x7f28eb741b19 [ 1534.048614] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1534.050438] RSP: 002b:00007f28e8cb7188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1534.051214] RAX: ffffffffffffffda RBX: 00007f28eb854f60 RCX: 00007f28eb741b19 [ 1534.051937] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1534.052666] RBP: 00007f28e8cb71d0 R08: 0000000020000000 R09: 0000000000000000 [ 1534.053389] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1534.054072] R13: 00007ffd318d456f R14: 00007f28e8cb7300 R15: 0000000000022000 [ 1534.058017] FAULT_INJECTION: forcing a failure. [ 1534.058017] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1534.059232] CPU: 0 PID: 8482 Comm: syz-executor.3 Not tainted 5.10.224 #1 [ 1534.059899] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1534.060736] Call Trace: [ 1534.061005] dump_stack+0x107/0x167 [ 1534.061356] should_fail.cold+0x5/0xa [ 1534.061749] _copy_to_user+0x2e/0x180 [ 1534.062148] do_pages_stat+0x2b4/0x3b0 [ 1534.062557] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1534.063143] ? cpuset_mems_allowed+0x1af/0x440 [ 1534.063604] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1534.064130] ? trace_hardirqs_on+0x5b/0x180 [ 1534.064572] kernel_move_pages+0xb8f/0x11c0 [ 1534.065020] ? rcu_read_lock_any_held+0x75/0xa0 [ 1534.065483] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1534.066071] ? fput_many+0x2f/0x1a0 [ 1534.066431] ? ksys_write+0x1a9/0x260 [ 1534.066811] ? __ia32_sys_read+0xb0/0xb0 [ 1534.067247] __x64_sys_move_pages+0xdd/0x1b0 [ 1534.067684] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1534.068228] do_syscall_64+0x33/0x40 [ 1534.068595] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1534.069088] RIP: 0033:0x7f1e88ae8b19 [ 1534.069488] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1534.071171] RSP: 002b:00007f1e8605e188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1534.071825] RAX: ffffffffffffffda RBX: 00007f1e88bfbf60 RCX: 00007f1e88ae8b19 [ 1534.072449] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1534.073049] RBP: 00007f1e8605e1d0 R08: 0000000020000000 R09: 0000000000000000 [ 1534.073664] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1534.074261] R13: 00007ffda65e58df R14: 00007f1e8605e300 R15: 0000000000022000 15:25:08 executing program 2: syz_emit_ethernet(0x56, &(0x7f0000000080)={@random="20f9bdba2470", @remote, @void, {@canfd={0xd, {{}, 0x0, 0x0, 0x0, 0x0, "7bc74f84dbc157914cd8c864a1bea9a4d30d9eedbf84c7959dd76445502e8debf42a1f820f5fe25e762e614b3d9ae47ca38e6862065da5e5550f0dfc6eba6e8f"}}}}, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x8401, 0x0) openat$nvram(0xffffffffffffff9c, &(0x7f0000000000), 0x40, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f00000000c0)={'ipvlan1\x00'}) write$tun(r0, &(0x7f0000000100)={@void, @val={0x1}, @ipv6=@dccp_packet={0x0, 0x6, "3cdefa", 0x10, 0x21, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @local, {[], {{0x0, 0x0, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "265d99", 0x0, "960cee"}}}}}, 0x42) 15:25:08 executing program 5: r0 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() process_vm_readv(r1, &(0x7f0000001a40)=[{&(0x7f00000018c0)=""/31, 0x1f}, {&(0x7f0000001b40)=""/124, 0x7a}, {&(0x7f0000001980)=""/161, 0xa1}], 0x3, &(0x7f0000001ec0)=[{&(0x7f0000001a80)=""/101, 0x65}, {&(0x7f0000002240)=""/183, 0xffffffbc}, {&(0x7f0000001bc0)=""/122, 0x7a}, {&(0x7f0000001c40)=""/163, 0xa3}, {&(0x7f0000001d00)=""/231, 0xe7}, {&(0x7f0000001e00)}, {&(0x7f0000001e40)=""/9, 0x9}, {&(0x7f0000001b00)=""/46, 0x2e}], 0x8, 0x0) r2 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x2000001, 0x50, 0xffffffffffffffff, 0x10000000) perf_event_open(&(0x7f0000000140)={0x4, 0x80, 0x8, 0x8, 0x1, 0x9, 0x0, 0x7, 0x1, 0x8, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x2, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x9, 0x4, @perf_bp={&(0x7f0000000100), 0x8}, 0x8102, 0x80000001, 0x81, 0x1, 0xffffffff, 0x84f, 0x4, 0x0, 0x5, 0x0, 0x4}, r1, 0xc, r0, 0x3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x8, 0x110, 0xffffffffffffffff, 0x0) syz_io_uring_submit(0x0, r2, &(0x7f00000000c0)=@IORING_OP_EPOLL_CTL=@mod={0x1d, 0x2, 0x0, 0xffffffffffffffff, &(0x7f0000000000)={0x2}, r0}, 0x401) 15:25:08 executing program 3: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000100)={0x0, 0x0}) capset(&(0x7f0000000180)={0x20080522, r0}, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/locks\x00', 0x0, 0x0) ioctl$FS_IOC_SETVERSION(r2, 0x40087602, &(0x7f0000000040)=0x20) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000)='wlan1\x00', 0x10) sendfile(r1, r2, 0x0, 0x6) r3 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r3, 0x0, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 19) [ 1534.161109] FAULT_INJECTION: forcing a failure. [ 1534.161109] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1534.162428] CPU: 0 PID: 8496 Comm: syz-executor.3 Not tainted 5.10.224 #1 [ 1534.163097] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1534.163947] Call Trace: [ 1534.164228] dump_stack+0x107/0x167 [ 1534.164601] should_fail.cold+0x5/0xa [ 1534.164983] _copy_from_user+0x2e/0x1b0 [ 1534.165405] do_pages_stat+0xf1/0x3b0 [ 1534.165786] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1534.166369] ? cpuset_mems_allowed+0x1af/0x440 [ 1534.166822] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1534.167320] ? trace_hardirqs_on+0x5b/0x180 [ 1534.167783] kernel_move_pages+0xb8f/0x11c0 [ 1534.168236] ? rcu_read_lock_any_held+0x75/0xa0 [ 1534.168711] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1534.169292] ? fput_many+0x2f/0x1a0 [ 1534.169675] ? ksys_write+0x1a9/0x260 [ 1534.170050] ? __ia32_sys_read+0xb0/0xb0 [ 1534.170448] __x64_sys_move_pages+0xdd/0x1b0 [ 1534.170914] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1534.171417] do_syscall_64+0x33/0x40 [ 1534.171812] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1534.172320] RIP: 0033:0x7f1e88ae8b19 [ 1534.172699] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1534.174500] RSP: 002b:00007f1e8605e188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1534.175276] RAX: ffffffffffffffda RBX: 00007f1e88bfbf60 RCX: 00007f1e88ae8b19 [ 1534.175995] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1534.176690] RBP: 00007f1e8605e1d0 R08: 0000000020000000 R09: 0000000000000000 [ 1534.177405] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1534.178122] R13: 00007ffda65e58df R14: 00007f1e8605e300 R15: 0000000000022000 15:25:08 executing program 1: syz_emit_ethernet(0x56, &(0x7f0000000080)={@random="20f9bdba2470", @remote, @void, {@canfd={0xd, {{}, 0x0, 0x0, 0x0, 0x0, "7bc74f84dbc157914cd8c864a1bea9a4d30d9eedbf84c7959dd76445502e8debf42a1f820f5fe25e762e614b3d9ae47ca38e6862065da5e5550f0dfc6eba6e8f"}}}}, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x8401, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f00000000c0)={'ipvlan1\x00'}) write$tun(r0, &(0x7f0000000180)={@val={0x0, 0x5}, @val={0x2, 0x4, 0xb8, 0x7ff, 0x2, 0xfffb}, @mpls={[{0xff, 0x0, 0x1}, {0x7}, {0x4a1b, 0x0, 0x1}, {0xb912}, {0x4000, 0x0, 0x1}, {}], @ipv6=@icmpv6={0x0, 0x6, 'R7c', 0x11ee, 0x3a, 0xff, @ipv4={'\x00', '\xff\xff', @multicast2}, @rand_addr=' \x01\x00', {[@hopopts={0x21, 0xf, '\x00', [@hao={0xc9, 0x10, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}, @calipso={0x7, 0x48, {0x2, 0x10, 0x80, 0x401, [0x29, 0x8, 0x5, 0x9, 0x3, 0x5, 0x1, 0x6]}}, @hao={0xc9, 0x10, @rand_addr=' \x01\x00'}, @jumbo={0xc2, 0x4, 0x297f}, @ra={0x5, 0x2, 0x20}, @pad1]}, @fragment={0x32, 0x0, 0x5, 0x1, 0x0, 0x8, 0x68}, @srh={0x2e, 0x4, 0x4, 0x2, 0x7, 0x18, 0x2, [@dev={0xfe, 0x80, '\x00', 0x1d}, @mcast1]}, @hopopts={0x5e, 0x213, '\x00', [@calipso={0x7, 0x28, {0x0, 0x8, 0x9, 0x0, [0x100000000, 0x3, 0xfff, 0x368]}}, @padn={0x1, 0x3, [0x0, 0x0, 0x0]}, @padn={0x1, 0x7, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, @jumbo={0xc2, 0x4, 0x4}, @padn={0x1, 0x4, [0x0, 0x0, 0x0, 0x0]}, @hao={0xc9, 0x10, @private2={0xfc, 0x2, '\x00', 0x1}}, @calipso={0x7, 0x30, {0x3, 0xa, 0x8a, 0x1, [0x80000000, 0x8, 0xd5, 0x6, 0x2]}}, @generic={0x3, 0x1000, "f2d6bb9fa8d98de88b3d1320e7e2fc33e4fd4076d6fe5e72b78d7f28074c62fedab484347670f353aceb58a2529bd30282f7b56043d166c25a30d98c8d7f36301cf1dc45db745cbd53b01f96b9c1672386e8fc18af771ad391ed183cd28b978318184724a2df81aefe25d0c7d893ba47d2cdd09433200d9b008425a7cc81567ffbf56840689d9caa79ee4a29180eab8c648478f3c835293a13ceb46a9fa62a403d22d313df8094d3d122c11be560426006e908dd36a19692166e90f38eab21bf489d671e45659af12a72cdecc3f184bf8693968b922140b1f31f0e9c34db3951e997bcefbb15cf691c549a564c958f7521fbf80ab519b6beb8aacebeea9ff70d17ac16fafa591b167f736c883f2d6e5f873535af476c9a771b8470f23e32a360ce5ead21317605d8c7643411d68007a0647ff91404cd1e977a08b24f81221011f81d5a0897a6ee1dd6cae9627f8a4d26d80ea4479e8beae95ce6df58fc3f1a0ce6d3d51edde7f3138aefa6548e5d1e0f876d980a0da3a2c085c948aa79175f9d98bbb47ccc1143e89799e5383dd4a85cdb44085eb0d792d91143b1f7a83d26b6fe0d598007112b6a2dab7a06881c4889f54f89f54b360a65cbb152d5c4118f40756a41184e8f90f74e51bb2ee71262bac65bb9d916e0f27dab0e3872dc7e4bd6cb5e3c5c22c1a6af92fa32152bd372bf0dfaffb55ca4aaed9494f88170b66979d11f827142ba085f3a221959f7b1dd7cc82dae4021f5e30c2f595e470b4b340b0d3a30d615a314cfbae9c7626093a33127a1026e88b3ba1729192e6172a00efaf05e4e9c674ac321486c74e65f5687ddc0bbbc846c4bc12616b79e8bd98ca740fd93ad4c212c7375276f07c63af872ff0a274aab1d3b5aaaa00918ada0f15cf8c40ba20f7a00f74eabdd6b9a454d1ae2944e1cf74d32d39e18712573b87304c54eb889e3d20d95e58930da6ab80f61ad9efa2608f822e4bc5746e74c921f9f61a23d742bd5cce5088a9b782b697f58610e45fe75395c2a917c73f988b03e925db02f9c2276b38b6c6cf5375081870aaf5b435205924cfbb97d4764d2bc5613b0e2e00ede35f0787c1055b0dde1b2167062dafcb812d94c1ecdca16a70518712519304cf4a6bce60e7efc4522388f0aba9ea3c6c3f8565408efc986fb3e99e58cc8e491be84571dd66bc3707af702152ff6e86903b51d087bcc172a5e8557649e8ad7b6b7dd88624099823fddb847ec2f763242f4b9bba48ffa976146f9de58405db7497c222214210ed41aee2ea892c078be20a6dd999872565d2dedbd555f13ffef56b49e3c50a96902d4a5fd069adcd3f300286fbcf6f1cc6989d6a9d31c4781731903f0eb356facfd9a76aab02f26cf3b4781cf778c6ad2d345f242c91cf11dc2c1cb867d45c12a61ac365c589a6ea2b88d4cfa098c9caf1decdf8ea83e08bdb4c35916bdb62964f84dedee04df09ff6bd659154056432e622b75ee70f38bdaa4f34b48a2d09b6f89f9fdba67d33881d30962d59839911cb66f22a08365d519db00e8849e05e70221deb2cfb159f287c899ed632f45b16b6345e130607be74e785aacbdbe7d429ee570221063d32dcb3817d7acc194919af7c94a28ed52f969a7095897cd8a5e79c1f9c2da9c0f7fe26026d12fdd3a3d3a3d368d8f3ca2821fc65b87f0a0bbe1deca438d4344331fcebc74c2ff5f626661078dad31a546976f803f2155e3321d61d430c4ce1cd2266fcb1f363f4a96d578c4ab3b6707a9f332714ac281c6c537483e6e8b3f5cabb13f39b90ffe5a1b5d334fd564aa611ee9262b9c605a8fee16cd8988a5efef55dc03e3bdbc7cfb7a0d6f4c44df0c8e6582467397ab25fb49e1dfa68d95f447d201d1d91a2ca872334c0f6811a93b4dc583671df57f166004a6875406f1aaaa33c0186be092347f57832e67f49a08e2613cd395a7cfdedbab55071c41269347d1dec14b316c850adc4b0db48d753b8288ed5d182dbd9392cf128ee01902da33a7f19d2f6a01afecd57a27ffbd385bbf29d764741fab294db4a501abb72d8fa46c996b88ca11a5f81c87f90929c9e4a8e2bdf78574514b62a0fce9a1e546f41ed4bdcab275f8dcf9722db5c31a29a2275d30deb8474259546ba4aa93b3dae3fac722b25217285c1a381c95762b2be19e70aba095ed574c4e04856007f4d36b443df2dc26540b1d5181bb7f566032780b36d6501ce7ada8b16a260b09c2ef903bb535be8ef46622b2661bb42498d05e1038efc492a4a1aaed345daebb9f6e02d6bb673cf56aef88a3fdb3c374349499e8b3f175dcc5f750eaa8bc7b7c54e39fe8ec60a7a9eebd0f351ed9b732922f9787d3ab83b497790f55a54cd406b248dd0fba0ac0667b0256cd24ecc9fe02ba864008c1cc9d18ee9fb4d3d89c06b18ce9b5b2b0a0fd6282da6ffe1f09468ce88d0b8bba11c53487cf233bbb6d692c3a2cb8d5aef60e5d2012dff43af4b3ec0e3346183e64d30a0dc66758ebeeae85f4c5b1a64091058a771f9391a6e2e0204216867ce6e80dda07c918fc17e7d8036e6f14be3f681458edb7aeb5658deeb42678b1dcad731c48a9ef4f6fe38fb01b2e4f4a32a6a26f5327f83e87e3ebb7442af63a2fe8a60951762de8eaae5923b0d82c0ac278287da2a3fbc64b67ad832049cf20c0e293d855c57f77b9ca3d4c192383efc4b6d5329841f2caf81709c05c6172056a32d43e5514b95816fd8045c786776a89a4859de03feb42a2b4b4e5b0ee96a2932228b6e691635a73ac41cfefac64b901212dac304c6df738023f90a1b96f4af1854547cd415d86c5063c4a6d20305ee94d054232b992ab6e496ffbdf67bcb5a532c623ccf1b3e2f2821a0eb5c641db38b56dced4baf99ce180ebace7e1b3ee890ab4b0b0b4c4d33992529a0db0e7831fe86eb31e8000e59ff52110a2e81752d2b5c4dc66a44f57ab9f067234a9454c6fa660e81525a3627c24a6aad9bd55ac7a105feab2ad7b64e331779f922724bd5ce13abd31ae9165047f24844f91779db5630e16d5eef2ff4bab6ea2568b8e0c139d09e7e47216013339219d7e912fbac615d3bde041f35df10420ccafed9c273a28c1c8a578c71f73cb2219152697af594d372a3f8b2c20a051705453b2c4510acf1793a66e34600e37207564899518aa76fdf3a3803715b4b47f947340a25bab992f3305dc767c607d38ce7a05a7040a6d019cbb410f38f742502143bd7676c06698412622bed8cebb811dc83c074a9d045285bc736ecc747d869d38d096669f290816328a23c3f343d9de829bbb733d30aea33aeea33ca10d5f4d4acfa0ec01c8c421fd798343929f53f28168ef5d8ad3796bf5dc8cfb4e6bd32c9e9f6efced0b15e961d1410d0ac51198e1a9ada1a445ef15c5fac68d7deb5828f3bfa635dc1e7767038d9da865d89923c9cf3d6aba86ba5190d3c285e4c3e93ccccddb6161688527e4d97f7a41dcbc65f7a627cc0fe131123fd260b1cecceed2f14230592881cbd9cd3a5177874ed5919e22d385349da86d5825e6ee2b4c833999e8795acf80a99635964a2f2cbd74dbf5e6460d8d7fd88548be358c7ae0c20055f16f31a88f0ae2dca784b1edac28000fd95f0998e81c7ed3897c32840f8b71ca2df5086bcab182d2296ba7cfb40e2857a71b88ebe471d5579010e9c9308e46ffb3f9a5c04373e05ccd99128510083eb40684451ec8ec9012b15b75c6acae09b9c3442813f8a14d25ef786e7b3917ba0d528ef807a1bcc69d26a57ba05c5f1f48c82ccc8a13f80e95c6e066839efcfb100a1178eba0fade0b53e448476c4bcecc0f1cac111a6fcf7633363ea98a6dc2f9227a5671c05337d4603d62acb87b4e8d1c6383ae4a9f63c0d1386531f3503e6468dfe5bc3698a1c7bf3a9c23f6f12b1c2c2fe6223d848cdf6e2619274ce902cac8a23f6fa33d8ad728f33c344d8924c8920d81364e487dfd0fdda8589cfad726eca1c87ee0b9496d08c724035d007bb2d42b6ad8b07bc2ed08ea8b69a585effa5f45a07f68bd5503093f1f5b4e488269f903c7211b1877b2ce0c716602ff094ca7b70412c1e02f226b059155d5324bfb2b7d45acb70912b2d18a293148ca7645c00de12c657e5ec194bcedec02d64f8ba3b92d2210b8ef51c1ea99be793be2ba033b69fd38b633fc39038173e2eb46cab1f61240afc2f8578f9776e89a5ecc36bc6ca7808a8664ab032f84aa7cb60c61681e676287a9b409156d4827be505df73bbd08c89e5f645d865eb6518a1b43fd0a9ebb03349e9c2e6567a074bd19bafb5a97ea6ddc8e1560a2f30bdc1188b6cfa62904a8f4ca216356a33419f0b380caf05e1d62686188505ec1ac75476fec195646ca4a4ab98684be804f73d8ee9e9e865a5f07801dd4e7d3f616d7edde1ed773b9142028fff3eb4e396cdcd02a3e68af069047f9a06035e75b8651280254fabbd860931da4bcd7a61df23d7dd642255b34162dc835dd9c2f030f39bcb994a33ac878abdee851882d3b8ba1fa2b2df7a72ba41193e6107f62aab4c94dc03a95b4a8fcad70191300964c88927b20a04d4ff715db2c40d5aab2045d2396a3188f7ae47f9f22d8ab532371abbdc137c45ff06126091f4e47dbaf910da486dd98262308481cc0acf52b3dece1544e852c4e0e82895bfe12a9ef12adaf0cbf8be5c91707a805dcac044996e19d954ad482d84afd9bc4fb2c9f82a0b94fed953e409c2e730d6701cb215988c4f29fc685d355f93c0301e2eb8146bf5ba44564040bcbce6c7d9d8b0dfd430eed1e62c1efa9e77ab329b75eb3d61bdf8a6eb966f5f3d076303cdf90779d701390b3234c0029419c8357404c6711c59fcb20503ef9881750c50dc6a98b23e587bb6db4bfabb3f4e9db48e16933ec5ac74c97daea7d9426fa6e4dc02a0a98de8cd311b6c8560ce14db8bbbd8da03c7e0628a15ec5c61ccbca94a3cce43ff3a634dc35a6ee0ce9d89c5c11e51e809a3f0f105eae9411c268181d8336c10e9f09c5485087e069989c628d0581d2f3a92f2ebe60c3409550dd4421c2391ef76a388789954a6a8cc2a136be87338b405708781a8b1a4c5636ebf7b160236db035b4f0e8e10d3df2357b5a373cabc76628a8b83e157dbb0a82ddf3b440389f7f19e6ae5fd0615f1fff6662b8da5a2ba06e9f3619ca30eb77be50117e5b1e827f162dbf14a35e6ce6c0e32f9393a44118c7fc32bf05fa92381a808866cea1fad3ebd046ee3ff93fdd970f71afcc8ee47e73f7dc9d925a93dd8327aefefc70e15c1f3a943329680428e5442d8bb546608a40803913243ab91d51c7b9ad4cd8614a77e29cf8661e3407eb78ffe0c26b02c2db22aa4316f25f82b023a11508efce6f08c77b9bb258d9c1086a94bd2e171cd28d01b479129d471afe4c455e3a769ae5f4407bb751dbe4e0e29fd459fcef79f3a11d3de5ad2bee831b3d85b65da90c37947b7923d84c5111b6264c1dba7f71b58ce446fe8d68ebd6195883a253fd57bc9165959a936402e858915f7d103f4b496e2c945e6b90ed44e9166d0bbeb60630e90580d4af14046d50094dad42574a2102b7e70e01399cad83ef573cfb9470637250c0255fcb7f668d13bc8b67b18c7c1aaa2cea34a3fd4ba8667bee4d589ce2c181e4fbff53493cc5fedad7b65a24b878ffc502ed8f5df8f85b756a6b46befefb5310ed36713ae35eed4b10ee993f730f16aebd49a417bd1f3c3d0da76bf725a863dd18f7d59d137799ffe9f77122bacad01412759cd66de803d8e17d5922b5b11ad4c530dbf453fc4b05001cc816"}, @hao={0xc9, 0x10, @empty}]}, @srh={0x73, 0x8, 0x4, 0x4, 0xc0, 0x68, 0xd8ff, [@ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x1, 0x0}}, @mcast2, @mcast2, @rand_addr=' \x01\x00']}], @ni={0x8c, 0x0, 0x0, 0x4, 0xffc0, 0x151f, "b581f6b62aa8d61cafe620d4f43f49f75e3862200ceefc6b3a5947baadd0b00880d6f2a0c81c3f2cd228dd2693e7c2fa980b2a8fd6a2"}}}}}, 0x123c) write$tun(r0, &(0x7f0000000100)={@void, @val={0x1, 0x4, 0x0, 0x2}, @ipv6=@dccp_packet={0x0, 0x6, "3cdefa", 0x10, 0x21, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @local, {[], {{0x0, 0x0, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "265d99", 0x0, "960cee"}}}}}, 0x42) 15:25:08 executing program 5: r0 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) process_vm_readv(0x0, &(0x7f0000001a40)=[{&(0x7f00000018c0)=""/31, 0x1f}, {&(0x7f0000001b40)=""/124, 0x7c}, {&(0x7f0000001980)=""/161, 0xa1}], 0x3, &(0x7f0000001ec0)=[{&(0x7f0000001a80)=""/101, 0x65}, {&(0x7f00000000c0)=""/187, 0xbb}, {&(0x7f0000001bc0)=""/122, 0x7a}, {&(0x7f0000001c40)=""/163, 0xa3}, {&(0x7f0000001d00)=""/231, 0xe7}, {&(0x7f0000001e00)}, {&(0x7f0000001e40)=""/9, 0x9}, {&(0x7f0000001b00)=""/46, 0x2e}], 0x8, 0x0) perf_event_open(&(0x7f0000000180)={0x5, 0x80, 0xe5, 0x0, 0x9, 0x73, 0x0, 0xffffffffffff0000, 0x21, 0x4, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x2, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x3, 0xf2a999911b0e04e6, @perf_config_ext={0x1, 0x1}, 0x110, 0x7, 0xfffffe00, 0x8, 0x1, 0x4a, 0x7f, 0x0, 0x400, 0x0, 0x7cd1}, 0xffffffffffffffff, 0x8, r0, 0x1) 15:25:08 executing program 0: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) setsockopt$packet_rx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0) msgget(0x1, 0x0) ioctl$EXT4_IOC_PRECACHE_EXTENTS(0xffffffffffffffff, 0x6612) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 92) 15:25:08 executing program 6: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 94) 15:25:08 executing program 2: syz_emit_ethernet(0x56, &(0x7f0000000080)={@random="20f9bdba2470", @remote, @void, {@canfd={0xd, {{}, 0x0, 0x0, 0x0, 0x0, "7bc74f84dbc157914cd8c864a1bea9a4d30d9eedbf84c7959dd76445502e8debf42a1f820f5fe25e762e614b3d9ae47ca38e6862065da5e5550f0dfc6eba6e8f"}}}}, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x105142, 0x0) lseek(r0, 0x0, 0x2) r1 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x4000, 0x128) copy_file_range(r1, 0x0, r0, 0x0, 0x200f5ef, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454d9, &(0x7f0000000000)={'ip6gre0\x00'}) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x8401, 0x0) ioctl$TUNSETQUEUE(r2, 0x400454ca, &(0x7f00000000c0)={'ipvlan1\x00'}) write$tun(r2, &(0x7f0000000100)={@void, @val={0x1}, @ipv6=@dccp_packet={0x0, 0x6, "3cdefa", 0x10, 0x21, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @local, {[], {{0x0, 0x0, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "265d99", 0x0, "960cee"}}}}}, 0x42) 15:25:08 executing program 7: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000100)={0x0, 0x0}) capset(&(0x7f0000000180)={0x20080522, r0}, &(0x7f00000002c0)={0x40, 0x0, 0xfffffaf2, 0x6, 0xffffffff, 0x40}) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000)='wlan1\x00', 0x10) sendfile(r1, 0xffffffffffffffff, 0x0, 0x6) msgctl$IPC_RMID(0x0, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 38) [ 1534.269389] FAULT_INJECTION: forcing a failure. [ 1534.269389] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1534.269928] FAULT_INJECTION: forcing a failure. [ 1534.269928] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1534.272038] CPU: 1 PID: 8506 Comm: syz-executor.6 Not tainted 5.10.224 #1 [ 1534.275393] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1534.277225] Call Trace: [ 1534.277809] dump_stack+0x107/0x167 [ 1534.278616] should_fail.cold+0x5/0xa [ 1534.279463] _copy_to_user+0x2e/0x180 [ 1534.280324] do_pages_stat+0x2b4/0x3b0 [ 1534.281188] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1534.282454] ? cpuset_mems_allowed+0x1af/0x440 [ 1534.283469] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1534.284595] ? trace_hardirqs_on+0x5b/0x180 [ 1534.285549] kernel_move_pages+0xb8f/0x11c0 [ 1534.286504] ? rcu_read_lock_any_held+0x75/0xa0 [ 1534.287524] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1534.288829] ? fput_many+0x2f/0x1a0 [ 1534.289634] ? ksys_write+0x1a9/0x260 [ 1534.290471] ? __ia32_sys_read+0xb0/0xb0 [ 1534.291364] __x64_sys_move_pages+0xdd/0x1b0 [ 1534.292343] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1534.293472] do_syscall_64+0x33/0x40 [ 1534.294289] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1534.295413] RIP: 0033:0x7f28eb741b19 [ 1534.296255] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1534.300299] RSP: 002b:00007f28e8cb7188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1534.301958] RAX: ffffffffffffffda RBX: 00007f28eb854f60 RCX: 00007f28eb741b19 [ 1534.303513] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1534.305255] RBP: 00007f28e8cb71d0 R08: 0000000020000000 R09: 0000000000000000 [ 1534.306110] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1534.306839] R13: 00007ffd318d456f R14: 00007f28e8cb7300 R15: 0000000000022000 [ 1534.307576] CPU: 0 PID: 8507 Comm: syz-executor.0 Not tainted 5.10.224 #1 [ 1534.309129] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1534.310968] Call Trace: [ 1534.311552] dump_stack+0x107/0x167 [ 1534.312385] should_fail.cold+0x5/0xa [ 1534.313250] _copy_to_user+0x2e/0x180 [ 1534.314109] do_pages_stat+0x2b4/0x3b0 [ 1534.314987] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1534.316283] ? cpuset_mems_allowed+0x1af/0x440 [ 1534.317330] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1534.318449] ? trace_hardirqs_on+0x5b/0x180 [ 1534.319418] kernel_move_pages+0xb8f/0x11c0 [ 1534.320399] ? rcu_read_lock_any_held+0x75/0xa0 [ 1534.321446] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1534.322738] ? fput_many+0x2f/0x1a0 [ 1534.323555] ? ksys_write+0x1a9/0x260 [ 1534.324404] ? __ia32_sys_read+0xb0/0xb0 [ 1534.324914] FAULT_INJECTION: forcing a failure. [ 1534.324914] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1534.325312] __x64_sys_move_pages+0xdd/0x1b0 [ 1534.325332] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1534.328625] do_syscall_64+0x33/0x40 [ 1534.329459] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1534.330614] RIP: 0033:0x7f6fdcf13b19 [ 1534.331448] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1534.335544] RSP: 002b:00007f6fda489188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1534.337250] RAX: ffffffffffffffda RBX: 00007f6fdd026f60 RCX: 00007f6fdcf13b19 [ 1534.338820] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1534.340420] RBP: 00007f6fda4891d0 R08: 0000000020000000 R09: 0000000000000000 [ 1534.341996] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1534.343585] R13: 00007ffee9bd176f R14: 00007f6fda489300 R15: 0000000000022000 [ 1534.345206] CPU: 1 PID: 8512 Comm: syz-executor.7 Not tainted 5.10.224 #1 [ 1534.345912] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1534.346754] Call Trace: [ 1534.347044] dump_stack+0x107/0x167 [ 1534.347434] should_fail.cold+0x5/0xa [ 1534.347853] _copy_to_user+0x2e/0x180 [ 1534.348267] do_pages_stat+0x2b4/0x3b0 [ 1534.348683] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1534.349302] ? cpuset_mems_allowed+0x1af/0x440 [ 1534.349800] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1534.350316] ? trace_hardirqs_on+0x5b/0x180 [ 1534.350773] kernel_move_pages+0xb8f/0x11c0 [ 1534.351228] ? rcu_read_lock_any_held+0x75/0xa0 [ 1534.351736] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1534.352354] ? fput_many+0x2f/0x1a0 [ 1534.353172] ? ksys_write+0x1a9/0x260 [ 1534.354011] ? __ia32_sys_read+0xb0/0xb0 [ 1534.354939] __x64_sys_move_pages+0xdd/0x1b0 [ 1534.355400] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1534.356600] do_syscall_64+0x33/0x40 [ 1534.357420] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1534.358542] RIP: 0033:0x7f8be6d86b19 [ 1534.359355] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1534.363878] RSP: 002b:00007f8be42fc188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1534.365543] RAX: ffffffffffffffda RBX: 00007f8be6e99f60 RCX: 00007f8be6d86b19 [ 1534.367094] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1534.368667] RBP: 00007f8be42fc1d0 R08: 0000000020000000 R09: 0000000000000000 [ 1534.370224] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1534.371781] R13: 00007ffd26b6f95f R14: 00007f8be42fc300 R15: 0000000000022000 15:25:08 executing program 3: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000100)={0x0, 0x0}) capset(&(0x7f0000000180)={0x20080522, r0}, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/locks\x00', 0x0, 0x0) ioctl$FS_IOC_SETVERSION(r2, 0x40087602, &(0x7f0000000040)=0x20) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000)='wlan1\x00', 0x10) sendfile(r1, r2, 0x0, 0x6) r3 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r3, 0x0, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 20) [ 1534.450341] FAULT_INJECTION: forcing a failure. [ 1534.450341] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1534.453251] CPU: 1 PID: 8517 Comm: syz-executor.3 Not tainted 5.10.224 #1 [ 1534.453950] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1534.454790] Call Trace: [ 1534.455075] dump_stack+0x107/0x167 [ 1534.455454] should_fail.cold+0x5/0xa [ 1534.455863] _copy_to_user+0x2e/0x180 [ 1534.456271] do_pages_stat+0x2b4/0x3b0 [ 1534.456672] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1534.457254] ? cpuset_mems_allowed+0x1af/0x440 [ 1534.457730] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1534.458241] ? trace_hardirqs_on+0x5b/0x180 [ 1534.459244] kernel_move_pages+0xb8f/0x11c0 [ 1534.460263] ? rcu_read_lock_any_held+0x75/0xa0 [ 1534.461383] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1534.462732] ? fput_many+0x2f/0x1a0 [ 1534.463575] ? ksys_write+0x1a9/0x260 [ 1534.464474] ? __ia32_sys_read+0xb0/0xb0 [ 1534.465414] __x64_sys_move_pages+0xdd/0x1b0 [ 1534.466428] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1534.467612] do_syscall_64+0x33/0x40 [ 1534.468488] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1534.469669] RIP: 0033:0x7f1e88ae8b19 [ 1534.470518] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1534.474713] RSP: 002b:00007f1e8605e188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1534.476448] RAX: ffffffffffffffda RBX: 00007f1e88bfbf60 RCX: 00007f1e88ae8b19 [ 1534.478086] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1534.479731] RBP: 00007f1e8605e1d0 R08: 0000000020000000 R09: 0000000000000000 [ 1534.481383] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1534.483015] R13: 00007ffda65e58df R14: 00007f1e8605e300 R15: 0000000000022000 [ 1549.322914] FAULT_INJECTION: forcing a failure. [ 1549.322914] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1549.324239] CPU: 1 PID: 8533 Comm: syz-executor.6 Not tainted 5.10.224 #1 [ 1549.324975] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1549.325866] Call Trace: [ 1549.326178] dump_stack+0x107/0x167 [ 1549.326585] should_fail.cold+0x5/0xa [ 1549.327030] _copy_from_user+0x2e/0x1b0 [ 1549.327473] do_pages_stat+0xf1/0x3b0 [ 1549.327905] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1549.328531] ? cpuset_mems_allowed+0x1af/0x440 [ 1549.329049] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1549.329601] ? trace_hardirqs_on+0x5b/0x180 [ 1549.330086] kernel_move_pages+0xb8f/0x11c0 [ 1549.330567] ? rcu_read_lock_any_held+0x75/0xa0 [ 1549.331089] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1549.331718] ? fput_many+0x2f/0x1a0 [ 1549.332133] ? ksys_write+0x1a9/0x260 [ 1549.332495] ? __ia32_sys_read+0xb0/0xb0 [ 1549.332879] __x64_sys_move_pages+0xdd/0x1b0 [ 1549.333305] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1549.333776] do_syscall_64+0x33/0x40 [ 1549.334137] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1549.334608] RIP: 0033:0x7f28eb741b19 [ 1549.334962] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1549.336637] RSP: 002b:00007f28e8cb7188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1549.337345] RAX: ffffffffffffffda RBX: 00007f28eb854f60 RCX: 00007f28eb741b19 [ 1549.338002] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1549.338650] RBP: 00007f28e8cb71d0 R08: 0000000020000000 R09: 0000000000000000 [ 1549.339308] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1549.339965] R13: 00007ffd318d456f R14: 00007f28e8cb7300 R15: 0000000000022000 [ 1549.368560] FAULT_INJECTION: forcing a failure. [ 1549.368560] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1549.369813] CPU: 1 PID: 8525 Comm: syz-executor.7 Not tainted 5.10.224 #1 [ 1549.370395] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1549.371095] Call Trace: [ 1549.371333] dump_stack+0x107/0x167 [ 1549.371657] should_fail.cold+0x5/0xa [ 1549.372000] _copy_from_user+0x2e/0x1b0 [ 1549.372379] do_pages_stat+0xf1/0x3b0 [ 1549.372729] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1549.373246] ? cpuset_mems_allowed+0x1af/0x440 [ 1549.373665] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1549.374111] ? trace_hardirqs_on+0x5b/0x180 [ 1549.374503] kernel_move_pages+0xb8f/0x11c0 [ 1549.374926] ? rcu_read_lock_any_held+0x75/0xa0 [ 1549.375366] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1549.375911] ? fput_many+0x2f/0x1a0 [ 1549.376284] ? ksys_write+0x1a9/0x260 [ 1549.376641] ? __ia32_sys_read+0xb0/0xb0 [ 1549.377051] __x64_sys_move_pages+0xdd/0x1b0 [ 1549.377460] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1549.377943] do_syscall_64+0x33/0x40 [ 1549.378302] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1549.378769] RIP: 0033:0x7f8be6d86b19 [ 1549.379134] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1549.380820] RSP: 002b:00007f8be42fc188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1549.381531] RAX: ffffffffffffffda RBX: 00007f8be6e99f60 RCX: 00007f8be6d86b19 [ 1549.382190] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1549.382825] RBP: 00007f8be42fc1d0 R08: 0000000020000000 R09: 0000000000000000 [ 1549.383465] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1549.384314] R13: 00007ffd26b6f95f R14: 00007f8be42fc300 R15: 0000000000022000 15:25:23 executing program 4: perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) msgget(0x1, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 84) 15:25:23 executing program 3: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000100)={0x0, 0x0}) capset(&(0x7f0000000180)={0x20080522, r0}, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/locks\x00', 0x0, 0x0) ioctl$FS_IOC_SETVERSION(r2, 0x40087602, &(0x7f0000000040)=0x20) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000)='wlan1\x00', 0x10) sendfile(r1, r2, 0x0, 0x6) r3 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r3, 0x0, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 21) 15:25:23 executing program 7: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000100)={0x0, 0x0}) capset(&(0x7f0000000180)={0x20080522, r0}, &(0x7f00000002c0)={0x40, 0x0, 0xfffffaf2, 0x6, 0xffffffff, 0x40}) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000)='wlan1\x00', 0x10) sendfile(r1, 0xffffffffffffffff, 0x0, 0x6) msgctl$IPC_RMID(0x0, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 39) 15:25:23 executing program 2: syz_emit_ethernet(0x56, &(0x7f0000000080)={@random="20f9bdba2470", @remote, @void, {@canfd={0xd, {{}, 0x0, 0x0, 0x0, 0x0, "7bc74f84dbc157914cd8c864a1bea9a4d30d9eedbf84c7959dd76445502e8debf42a1f820f5fe25e762e614b3d9ae47ca38e6862065da5e5550f0dfc6eba6e8f"}}}}, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x8401, 0x0) r1 = timerfd_create(0x4, 0x40000) dup2(0xffffffffffffffff, r1) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f00000000c0)={'ipvlan1\x00'}) write$tun(r0, &(0x7f0000000180)=ANY=[@ANYBLOB="01000000000000000000603cdefa00102100fe880000000000000000000000000001fe8000000000000000000000000000aa170000000401907800265d9900960ceefa2eff4e938a"], 0x42) 15:25:23 executing program 5: perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0x1}, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x4, 0xffffffffffffffff, 0x0) gettid() 15:25:23 executing program 6: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 95) 15:25:23 executing program 0: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) setsockopt$packet_rx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0) msgget(0x1, 0x0) ioctl$EXT4_IOC_PRECACHE_EXTENTS(0xffffffffffffffff, 0x6612) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 93) 15:25:23 executing program 1: syz_emit_ethernet(0x56, &(0x7f0000000080)={@random="20f9bdba2470", @remote, @void, {@canfd={0xd, {{}, 0x0, 0x0, 0x0, 0x0, "7bc74f84dbc157914cd8c864a1bea9a4d30d9eedbf84c7959dd76445502e8debf42a1f820f5fe25e762e614b3d9ae47ca38e6862065da5e5550f0dfc6eba6e8f"}}}}, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x8401, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f00000000c0)={'ipvlan1\x00'}) r1 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setown(r1, 0x8, 0xffffffffffffffff) close(r1) close_range(r1, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f00000011c0), 0x6, 0x400000) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000001200)='/proc/slabinfo\x00', 0x0, 0x0) write$tun(r2, &(0x7f0000001240)={@void, @void, @mpls={[{0x8bc}, {0x2, 0x0, 0x1}, {0x2, 0x0, 0x1}], @generic="f6ca15e75ef0e98c6ea205d1d30e08fc8b708877b48704d971a37ff21ce7c187212762b5afa99da7b75d55dd81109ca66d25529127a0f582f4d0aa1a0dd7982f4e8ed418a407fc07fea63c640746a6bf59e5cdf5d8d9fcb180a8b22d5205d20712ac807b25c6b376a05b9e633bc98fcd4159a8ec4ddf3d1ef86357209377f9b1c0166cd56869f7cf025dde60352431"}}, 0x9b) write$tun(r1, &(0x7f0000000180)={@val={0x0, 0x8863}, @void, @x25={0x3, 0x3, 0xf, "f447fb8d148d4e36607e8dcdcdaf1d540a8ffbe650e46ab7c3ab2e99016e55293edcb187a0229a83e346857dfbbf3f61db5a933280b3601fe45d7c0c9ef9ed581be716110cc994f29c76df3a98939efa228d2624c1b610d54cd2585da86e38052625e41608a8622e266a104051af1b1c53a0c8c94f1fdc0ddfaf0b4e3c33b1181aa90b03c218ab391ed6f9bbe715aec1a28619317d57c3224cfcf902850b57f83cd64a6339dcdb55e84f6838b8eb32dadbea009e77a1fd1743bd48755b267b9dedb7f360778030ca8ee6b952c5ba0346cea1d7ed5dbd0d92f4455dc3ccfbb248d94a28154e6f8d16b9ad5afdc67db29e6fd06ae5981c66a6a15469ba95cdf195671d5369043dd950fe060a71bae32fcca61dc0d82c7d0885e80ce83776f49156eac2aeca9ff33a1484bdc89abe234d6b9e9b348f5d008324ab9003072a6615e37ee3b52552dfbad0505913c72808ae8dae4a2592314d1d898a36343ed95c8fac7204aa7b3657b12a9b25dd1b44cd61d966300064baed0a59cedc8b7e8d274653aa0f1854cdd11500447ff13f4ec3a5fc9e40a4598d377eb542632d13bd317179975fbded3160f9ef357fe75c982cbe42037ab39f76dfbeec774c178b2bda4503a2c4be0bdd9fd2f4107c78ec4126e56d413e4d95fa2529ac6a0c2af492bad7afd012c1f569639cf4f8e8536d4f04ae6c70ddc51b12628a70bbbc025fd6f85c18accc1df101b197dbe5f80b13f6e6e6d8b8a34cbd0ba736967d09daed60db7fd5d4e4a60b2a401195c79b99faa73e5f1b3f4c8d4818fcdf808a40938a3b872cd62945b671ba5c68255ab158d6bafcbff68f78108c6098d3d6a7aaaec166466ba3d5a9d8391f80837d08180401eef6b19a3b6debfb60a10f75d5c9bedf8a99f6a0b617b8a1875471eda0545a863dcc8821ae3e4299072ef1fa5dc08b8f383b1bc1e3b452b02221291a2b229ec5a75c2b9406bd837fa3413546c18edd90cbd032e567e791bc48d80de456878c693b46f699a36a8d0e2abaadb2a41bcab420f33eff174d4110aea65e488263c7120a417b7936ea433e4c2c86e9f1f1ebd978a7fcea43ba40fef8edb872c023f5ba4a08d23702ac6b9493ffc8db982e6e673a7183d490ab03c43d3c72c47c365c9fa863214e76abd103c838d305db245f66f55a8639656861dbb7a513992de53e5907ee259ca6942b4e8d20020a7ac46ceda4ab922613e3e214c939e8d1dcb21b68a5951212c0968204b728056c8af04f7af5804d9c5cea388aee9ab593329d647d02d704953beaa615a10a791d7ea35c84ed53af070463639479c1fe41537188b398e6c9ca0b094683fe3fabb4516060782237089d99b138bad7556cd06b9fa9215d2daa9815684c4ca95332dcc1e2061990819aa1a8bcbe5adf40baf231955a1977c6efdd40bba6ce482d5ba1acb07785437cbb12d8f4d7759f451cbc68d94e830537e9ff65f65ab6ddb6d930bfd7af2095900c74fbc0b8493465f3d857101aaf8d1fdfc412de41fee967e8dcd1a72bee597f12f26037a03b67652ccbed2f92ae6aa3c7f7162b83733e4216ce552f4515526306d269c4852c0025fce80385d762d38a844bc960a0eebc00d065dbb69f7c43256be6f767a1ad45c8bdcd0723ebf6b9559b8de8ea325087ce1a40d3c5279f052fad2edaf25b61710930d4ced67a1681ac493f7f15efc32d4c98a6ec0233eef903899e74e343660381bdb3cd55624e6fd3d1440a84ac995be6ca429a2a7e33bb54cd60b0cd09d3a11b41d2301b6843e618a348dfea55c688d03a18b2bc2592549387d392926cc9f0724787c34a761fe16e10c2d05b737bb7d48cde4a46691953371d51e7f6b2a38feb9b30b84b41ea678c29afdf89cfe304e11897f422c53aa3cc1ff61253eeefa448b06b4098b93530d4f849dca476ed68ed4e1dbdd9080b56678e0ab2562a7c61f7b4d6f24aea901e259b087fd559182cc900941671ed11d3565f14f7cd25de2a2ec54c9c375548df6573e192c96a6ae518ce99f2678ae151408e01f549c6eaf69b674825121f2e8d2acc54c20640e8817414aa983ac31ec214d35d22612ab9fd151e7558076ad8840c164a34f6e7fa8e08ee47a41cd058cfbc6f2e2e420f9b34117afde0ffa8810ac0ea094b57e3aade1a38bf768ca05597961fa8ab427fcf8887128e8a3a70bd791d5e92dcd9156a099b2699e724c29857e90caa7409154bd023a5f87ef368c747fed033b934435cf6c2c75c12be65d16c022ed16b9ee3ae23bed34a2d4e3b3c0092aa5fb2b822371dffea5c1bb81efdb2ece7d13db319153384a9b7f70b5c0e433f67f3000c0d08323b2773aea26b80202a9a97c9371f8d7e20a258a531207a31b21b71f238cb0e46120b96f4c726afc7f257d3193304d2cf11e4bcc88416f5851837a52d79bc052c0c69bc776b27729294fd35184832410e7d5c17306f9c97a9465f9dbec34fe6b9cd7bf92cf884aefdeff30db1d5a32dc34cd5f66b90138aad6a4a57186092976a4f514ec3089eadb0b8efc4fba7b854b40eef0795f0a32202e1d59fbd9b06ad1b202dfe90bd2969c003bcd2751f3f19ecc64ff3ee4973326c282e162f21a271329b663f22fc27231c145f8001c207e4773795f8787b014bea0f4a0dbcc1646c7f5ed7860752e090d087663cf21e8212a96586ada791d8ff6cc3aeb82cb12ed0eabf63f3fd6025b04660914eeab3b09cf3ce6bdfbfef8dd30c49d97920981b236f97b7967a6a6bc44750a92dc5e1286f57f67d4b2fadfd5683c03c347790206cbf1e2fa195d1906c5d1322eafc57f51dfce1e35c0762fb45972d9c7c0b72605f0a0e1273881d8170ee085b566ae3a27a157f1a17308240641470d186d61c3f884692e6c85df57164ca3c6c40a1df4a8832d1977760e3372cd87c0cb2ca3c903ac9c8b98742590f6636d63ef800e75404c239968506fa96ae76d74df0c85d1ace21db0df310bfa142efdc575c593ebcd682ac99463ecb7e31e4071eaad7e46de5ffb0f70b8518d199e10ab7f6503c90edf391ec61c177105aae2e1a421507898baecffe6ed16a2a2fe9786d22c142fcfff48fb7e1e765286cae16944a822d0fa75fbb2a7e9d25c1f9d53b1b451704473fe142e1e5e4b6a76c56f1b05be6e819456f415399044daaaf436b9179e791a554f169d526adf1dfd4acc40723f6095f2859235592ff73e21b7032c466b42affdf7fac66b8a4a998b322097a4e8f36f1e88c20150edf563107576b44ebb9dbef0f9a2a4eaf4c73ebf77c02e199b95de476959c8e0fe28855c9c0d6b225fafd7d9eb726dfe9f7dff1b8ac9574fdbc50ce0ed13e32c27e8aa9939e6ae4ffc66c8ade1bf7d1788423494fad39346fbcecd62625d4fa5c4fdd792fead3cc1951903921f4eeb88dfc293ad37ab7a9759157e9ac0e218f7c1feae1d05d6a00906255217551fdc3edb7449c9658178f9c4464b32f9a5bcedade0e8945810d97950d8a1287dff4b4a2f99f70ab091f49d7077c71c69db9c9e938c54678f4bd2ea27968fac2aaf6effa2adc4c1772f223bd2b15628f13545dd387d2a126353d13f1d6a7a653f6c40314828c46ef6449abe5fed04d6f763742e123106de003cc37402fb8a649df0a6b44bcdcadb5c7939fbc7bd947ae2ecacce380dde0480b9fecdef1af7be05779f99671ddceedf75d53bd975a5d88acca996807794fdfc108ecdee05ecae38dec556244beeebd046ff0bb1c06f5d07001bf2f6ef688148c1979d54e077509f8bd4b5b40860a52acf6859756e1ca02eaae75fbe70c8f70aab9afaa5de55bace5a4a79577b59958a8ab5bc9ed7d2343515ff1d3ac59868b73af73e8db003a36db34a20da55c406d4c9fb76f797b701138d6ff39bbca3952b5c116991498696457891b8a60481ff4a70eff43aa03f4a992a964c064540b368fdf15e5002715571eca354439b03f4f3cc987961ee64e050f2143a13943861c2a7f8fc3e9450f2fb2581c2697cb7cc4d1b4271d2848fe158a32a37092678cf020590c874d212e391804f179d460b18c0c12c2e3e751d8d404ad0bf80953f93e1fbcc307e7973adc3513823e119f2c72e83b567b15d2475703a2fb35b975c64529495ba9960b168ffbbeb00ca35aed05176eb33333337e0ba586cc2ee3954fcb285f1b7f94d47f8229ca986ddad8c43c061eb66bfa2bf32dea1766251f204937c28caa2235785b3f3a22d875f7f6a933c4a71e30d5b127600ad591f1eb1f8c2a4018b909ffb39c65fff164fc62f59eb4095e36a7f0fe447886e7063a7542197c5fa89e6298cb7946a655961c0500eb634d1e7c5949b457b0b2eda51353c2f6c05dd35f9520316e2ef9c3c33c40aaee903c735797405a0bace87b4155ecde4371810056a186230ba90b792cce4cdf7effe24417379db0b1418d75d7784b7586e7c91f03998b8ea4ce9907c18d8550435d88cba1c2d83506b01377f5a54e7f7f303e207b8534bb1b27626fe7b811662a8ed8c905d783ddba4459c7a131ea83a2f9a4034ca4e3ae13d6849f1c3d0cb18247287b1cb2daf25d2c4dc2329fe629b78644f2fd97cac50f8119407aaae30ede4da7b247c7282a49cc40fa52476b800a354d3e7c6d384aba201e5631d177f5713820c6af10eacab5871375ec4b08f266486eb908948d4caa291c2d7c7def0e9ac128bb718cdfbc0ecaa6982943768c8b5e13c107575a84eb32e454fb4b70942f42601543d8109042a604f9fc7f0779fda351520d6b2faabf63360306a19d0bd3ea7f814301a47bcc9d52703a912258150edff729175fb207d00cc2ba10298bc5c3b051b5227fd994b4f0dca8fbd00b6d6edd178e8b08e764b808309e8d70ca4351e4653da4ce32d1a65a05e07a209e574be7e55053f8b116d2484a4076919c0faf0b67e734f5bb8317839097269105efa203ec83044a14ce9240cf01443f129ca0c19a6e1269111c132315763320aa540797025bddd23fba448af107f5a1598521a40071afa0b65560a6ea851466c7c199973c4644e46a4ddf51abe2c623cd2e6d67242503bf8179954183529c9e38465c4dd3dda7043bfb49ec7e0d21391fbf500531f2dc0982e5f5087545e66afcbe705b191e428cadf5429868f55f75a52d070287fafe697322454a3c3e7ce3b68833921ee3dccc1dc173f3e98c3f910dbc632c5b5173ccb662b9bdb1d60dd31f4c23960fe6d653ee088e77b419e9a6bf9ba9e234aecfe614934d344a858a6bb43bc4513b07c4c7d9dbdc2087d32c599f9d3a8ffe1ded04a9f2a44720c38cec1883d9cf0f0172c29a8a1d1f451e1c77d563776da5ae5b3950c5e20935754fc3bf43dac13d20a2cd84397f830bcd889a4a382cd09dd9dfbb8d83140b2c22f17844522a25f0a5545eb48ddaffc32891c6e90eea15b4ef203641969aa1844ac9f0db53726064bcf0c9cf0292d6bc2e36ab7d86ed0e959a06d14e073c443ec679a143550d8e829f2a26c4a2034c3946bddcdc34df370b29090d413409b784b4fe51dbee9bc00a1b884a149c3e73c7ba2e8b7d78b0ee04abc398dbe7670b1d2c02cb1d6ccf2433b3abf7b7e9460eb9fd46a10362ac38d9e8f76796950c8774332163a362ecfbf0a0dd79a577c9513aeb23963e9fbb46953cab3f93772e4d5a18f6856fad7c32b9167d9f0b79ff670130ec17b2db342a8532804c574e7afac841ee28e443418ffc30b7429d09ce12a8c2e61a07102840ffe1efd59e2b93846385ee26f1961f1220f0d290d25fcb5f4ca3b38e88f35e920c259a10e2cc116a97eaba97b58c12d698b839"}}, 0x1007) r3 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x105142, 0x0) lseek(r3, 0x0, 0x2) r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x4000, 0x128) copy_file_range(r4, 0x0, r3, 0x0, 0x200f5ef, 0x0) write$tun(r4, &(0x7f0000000100)={@val={0x0, 0x22f0}, @val={0x1, 0x4, 0xac, 0x2, 0x8000}, @ipv6=@dccp_packet={0x0, 0x6, '\b\b\x00', 0x1b, 0x21, 0x0, @private2={0xfc, 0x2, '\x00', 0x1}, @local, {[], {{0x0, 0x0, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "265d99", 0x0, "960cee"}, '\x00'/11}}}}, 0x51) [ 1549.409908] FAULT_INJECTION: forcing a failure. [ 1549.409908] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1549.411057] CPU: 1 PID: 8538 Comm: syz-executor.3 Not tainted 5.10.224 #1 [ 1549.411848] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1549.412730] Call Trace: [ 1549.413014] dump_stack+0x107/0x167 [ 1549.413360] should_fail.cold+0x5/0xa [ 1549.413727] _copy_from_user+0x2e/0x1b0 [ 1549.414136] do_pages_stat+0xf1/0x3b0 [ 1549.414194] FAULT_INJECTION: forcing a failure. [ 1549.414194] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1549.414498] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1549.417067] ? cpuset_mems_allowed+0x1af/0x440 [ 1549.417433] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1549.417813] ? trace_hardirqs_on+0x5b/0x180 [ 1549.418149] kernel_move_pages+0xb8f/0x11c0 [ 1549.418528] ? rcu_read_lock_any_held+0x75/0xa0 [ 1549.418971] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1549.419510] ? fput_many+0x2f/0x1a0 [ 1549.419850] ? ksys_write+0x1a9/0x260 [ 1549.420239] ? __ia32_sys_read+0xb0/0xb0 [ 1549.420639] __x64_sys_move_pages+0xdd/0x1b0 [ 1549.421067] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1549.421540] do_syscall_64+0x33/0x40 [ 1549.421896] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1549.422378] RIP: 0033:0x7f1e88ae8b19 [ 1549.422739] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1549.424441] RSP: 002b:00007f1e8605e188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1549.425162] RAX: ffffffffffffffda RBX: 00007f1e88bfbf60 RCX: 00007f1e88ae8b19 [ 1549.425810] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1549.426482] RBP: 00007f1e8605e1d0 R08: 0000000020000000 R09: 0000000000000000 [ 1549.427155] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1549.427806] R13: 00007ffda65e58df R14: 00007f1e8605e300 R15: 0000000000022000 [ 1549.428516] CPU: 0 PID: 8539 Comm: syz-executor.0 Not tainted 5.10.224 #1 [ 1549.429103] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1549.430889] Call Trace: [ 1549.431126] dump_stack+0x107/0x167 [ 1549.431439] should_fail.cold+0x5/0xa [ 1549.432889] _copy_from_user+0x2e/0x1b0 [ 1549.433236] do_pages_stat+0xf1/0x3b0 [ 1549.433568] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1549.435150] ? cpuset_mems_allowed+0x1af/0x440 [ 1549.435555] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1549.437091] ? trace_hardirqs_on+0x5b/0x180 [ 1549.437467] kernel_move_pages+0xb8f/0x11c0 [ 1549.437844] ? rcu_read_lock_any_held+0x75/0xa0 [ 1549.439329] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1549.439821] ? fput_many+0x2f/0x1a0 [ 1549.441252] ? ksys_write+0x1a9/0x260 [ 1549.441583] ? __ia32_sys_read+0xb0/0xb0 [ 1549.441929] __x64_sys_move_pages+0xdd/0x1b0 [ 1549.443400] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1549.443839] do_syscall_64+0x33/0x40 [ 1549.444178] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1549.445723] RIP: 0033:0x7f6fdcf13b19 [ 1549.446042] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1549.449773] RSP: 002b:00007f6fda489188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1549.450417] RAX: ffffffffffffffda RBX: 00007f6fdd026f60 RCX: 00007f6fdcf13b19 [ 1549.452131] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1549.453841] RBP: 00007f6fda4891d0 R08: 0000000020000000 R09: 0000000000000000 [ 1549.454443] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1549.456149] R13: 00007ffee9bd176f R14: 00007f6fda489300 R15: 0000000000022000 [ 1549.477949] FAULT_INJECTION: forcing a failure. [ 1549.477949] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1549.479122] CPU: 1 PID: 8541 Comm: syz-executor.6 Not tainted 5.10.224 #1 [ 1549.479991] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1549.480761] Call Trace: [ 1549.481026] dump_stack+0x107/0x167 [ 1549.481379] should_fail.cold+0x5/0xa [ 1549.481744] _copy_to_user+0x2e/0x180 [ 1549.482119] do_pages_stat+0x2b4/0x3b0 [ 1549.482506] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1549.483049] ? cpuset_mems_allowed+0x1af/0x440 [ 1549.483498] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1549.483975] ? trace_hardirqs_on+0x5b/0x180 [ 1549.484411] kernel_move_pages+0xb8f/0x11c0 [ 1549.484832] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1549.485393] __x64_sys_move_pages+0xdd/0x1b0 [ 1549.485783] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1549.486269] do_syscall_64+0x33/0x40 [ 1549.486612] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1549.487088] RIP: 0033:0x7f28eb741b19 [ 1549.487442] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1549.489099] RSP: 002b:00007f28e8cb7188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1549.489799] RAX: ffffffffffffffda RBX: 00007f28eb854f60 RCX: 00007f28eb741b19 [ 1549.490460] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1549.491115] RBP: 00007f28e8cb71d0 R08: 0000000020000000 R09: 0000000000000000 [ 1549.491766] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1549.492569] R13: 00007ffd318d456f R14: 00007f28e8cb7300 R15: 0000000000022000 15:25:23 executing program 6: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 96) 15:25:24 executing program 5: perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = gettid() r1 = gettid() process_vm_readv(r1, &(0x7f0000001a40)=[{&(0x7f00000018c0)=""/31, 0x1f}, {&(0x7f0000001b40)=""/124, 0x7a}, {&(0x7f0000001980)=""/161, 0xa1}], 0x3, &(0x7f0000001ec0)=[{&(0x7f0000001a80)=""/101, 0x65}, {&(0x7f0000002240)=""/183, 0xffffffbc}, {&(0x7f0000001bc0)=""/122, 0x7a}, {&(0x7f0000001c40)=""/163, 0xa3}, {&(0x7f0000001d00)=""/231, 0xe7}, {&(0x7f0000001e00)}, {&(0x7f0000001e40)=""/9, 0x9}, {&(0x7f0000001b00)=""/46, 0x2e}], 0x8, 0x0) ptrace(0x8, r1) r2 = gettid() r3 = gettid() r4 = getpgrp(r1) rt_tgsigqueueinfo(r4, r3, 0x1f, &(0x7f0000000280)={0x3e, 0x4af, 0x400}) process_vm_readv(r3, &(0x7f0000001a40)=[{&(0x7f00000018c0)=""/31, 0x1f}, {&(0x7f0000001b40)=""/124, 0x7a}, {&(0x7f0000001980)=""/161, 0xa1}], 0x3, &(0x7f0000001ec0)=[{&(0x7f0000001a80)=""/101, 0x65}, {&(0x7f0000002240)=""/183, 0xffffffbc}, {&(0x7f0000001bc0)=""/122, 0x7a}, {&(0x7f0000001c40)=""/163, 0xa3}, {&(0x7f0000001d00)=""/231, 0xe7}, {&(0x7f0000001e00)}, {&(0x7f0000001e40)=""/9, 0x9}, {&(0x7f0000001b00)=""/46, 0x2e}], 0x8, 0x0) rt_sigqueueinfo(r3, 0x31, &(0x7f0000000140)={0x9, 0xdb3, 0x9}) process_vm_readv(r2, &(0x7f0000001a40)=[{&(0x7f00000018c0)=""/31, 0x1f}, {&(0x7f0000001b40)=""/124, 0x7a}, {&(0x7f0000001980)=""/161, 0xa1}], 0x3, &(0x7f0000001ec0)=[{&(0x7f0000001a80)=""/101, 0x65}, {&(0x7f0000002240)=""/183, 0xffffffbc}, {&(0x7f0000001bc0)=""/122, 0x7a}, {&(0x7f0000001c40)=""/163, 0xa3}, {&(0x7f0000001d00)=""/231, 0xe7}, {&(0x7f0000001e00)}, {&(0x7f0000001e40)=""/9, 0x9}, {&(0x7f0000001b00)=""/46, 0x2e}], 0x8, 0x0) perf_event_open(&(0x7f00000000c0)={0x0, 0x80, 0x1f, 0xfc, 0x7, 0x5, 0x0, 0x2, 0x0, 0x7, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x3, 0x4, @perf_bp={&(0x7f0000000000), 0x1}, 0x11029, 0x8, 0xffff, 0x2, 0x8, 0x7, 0xf546, 0x0, 0x800, 0x0, 0x200}, r2, 0xe, 0xffffffffffffffff, 0x11) process_vm_readv(r0, &(0x7f0000001a40)=[{&(0x7f00000001c0)=""/38, 0x26}, {&(0x7f0000001b40)=""/124, 0x7c}, {&(0x7f0000001980)=""/161, 0xa1}], 0x3, &(0x7f0000001ec0), 0x1, 0x0) migrate_pages(r1, 0x1, &(0x7f0000000200), &(0x7f0000000240)=0x9) [ 1549.530932] FAULT_INJECTION: forcing a failure. [ 1549.530932] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1549.532196] CPU: 0 PID: 8529 Comm: syz-executor.4 Not tainted 5.10.224 #1 [ 1549.532780] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1549.533475] Call Trace: [ 1549.533709] dump_stack+0x107/0x167 [ 1549.534022] should_fail.cold+0x5/0xa [ 1549.534360] _copy_to_user+0x2e/0x180 [ 1549.534693] do_pages_stat+0x2b4/0x3b0 [ 1549.535033] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1549.535530] ? cpuset_mems_allowed+0x1af/0x440 [ 1549.535931] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1549.536374] ? trace_hardirqs_on+0x5b/0x180 [ 1549.536748] kernel_move_pages+0xb8f/0x11c0 [ 1549.537125] ? rcu_read_lock_any_held+0x75/0xa0 [ 1549.537518] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1549.538009] ? fput_many+0x2f/0x1a0 [ 1549.538325] ? ksys_write+0x1a9/0x260 [ 1549.538651] ? __ia32_sys_read+0xb0/0xb0 [ 1549.538998] __x64_sys_move_pages+0xdd/0x1b0 [ 1549.539375] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1549.539810] do_syscall_64+0x33/0x40 [ 1549.540145] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1549.540583] RIP: 0033:0x7f1c0ae11b19 [ 1549.540900] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1549.542428] RSP: 002b:00007f1c08387188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1549.543068] RAX: ffffffffffffffda RBX: 00007f1c0af24f60 RCX: 00007f1c0ae11b19 [ 1549.543666] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1549.544290] RBP: 00007f1c083871d0 R08: 0000000020000000 R09: 0000000000000000 [ 1549.544889] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1549.545489] R13: 00007ffd2ddfd2cf R14: 00007f1c08387300 R15: 0000000000022000 15:25:24 executing program 7: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000100)={0x0, 0x0}) capset(&(0x7f0000000180)={0x20080522, r0}, &(0x7f00000002c0)={0x40, 0x0, 0xfffffaf2, 0x6, 0xffffffff, 0x40}) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000)='wlan1\x00', 0x10) sendfile(r1, 0xffffffffffffffff, 0x0, 0x6) msgctl$IPC_RMID(0x0, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 40) 15:25:24 executing program 1: syz_emit_ethernet(0x56, &(0x7f00000002c0)=ANY=[@ANYBLOB="20f9bdba2470aaaaaaaaaabb000d00000000000000007bc74f84dbc157914cd8c864a1bea9a4d30d9eedbf84c7959dd76445502e8debf42a1f820f5fe25e762e614b3d9ae47ca38e6862065da5e5550f0dfc6eba6e8fe284ae6a8c9c74ad18226537dd948069046b71962483154430308aca5dfa38549a63569ddeb40f55678faeccb3f113e8873b2377234d90e2ddcfd3d0cc54174d2d85eac78baa3f49709813d91b93c61d6427851cd4b84d3b2a81bb96c68afc3037f5c0f0ef415f8d88d7f33f565639642319eef9d067047859cfee6a98fe5a806a1516ee67d31a2b8b5831c08824a8d98d9e7de58616c0be190bedec44a4f32610a54a249420d9ee514b8b72693e2623be2152ee6991ace8a5aed39e9b6108526ee26431969e77f4a5db8c2c51387d8319f5e9f5bd2692de59d49c1f3149ddc6949bbf0f9b846e87514b09ca5c8399c97e75b880cba7d209bdef9ecb988dffe57a5801b20a9ebd8144d8c9e085dcb3ba43d3420f0cf90f7d2a86fab6e8707a5df872c9d30470519ef75c74c8aee8a768e601bb57a416ecb658c976a181ac936cc9a4c16e013d2f0180bdeff4f7955aec47031acfee6b01f6073bb5b58cbbe61fb0f9e928fadc572a08fe11b7cc28bf741a793f485db5ce02fa22a416565d3ad30dea33e820016b4f6142e1da5c37d9d3a33319a84447740c38e40546137ec9cca0d31ed07a30af1cc5d151372e8188ac0a1c6d88215f"], 0x0) write$tun(0xffffffffffffffff, &(0x7f0000000500)=ANY=[@ANYBLOB="0100ff0109007200fffb4d0000b500680000001190787f0000017f000001018917506401010164010101e0000001ac1414bb64010100070717ffffffff004e214e21008190780bd7ab2bfbd4532804faada93ba5237f91cd4de2db15b56a34bb85c0efe2a381242c8326e628ccde0b942d9ac493747936cc1e674b8f3a3eab3797b7c5703b2249d3ff9d8372aff806dd495298052db501d82743987ccf702cb427b30f0f431d1f91b35288e5aa3f89790cfb154943904642b1602f88e2d039"], 0xbf) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x8401, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f00000000c0)={'ipvlan1\x00'}) r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x105142, 0x0) lseek(r1, 0x0, 0x2) r2 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x4000, 0x128) copy_file_range(r2, 0x0, r1, 0x0, 0x200f5ef, 0x0) write$tun(r1, &(0x7f0000000180)={@val={0x0, 0x809b}, @void, @ipv4=@dccp={{0x6, 0x4, 0x2, 0x1f, 0x9a, 0x64, 0x0, 0x9, 0x21, 0x0, @private=0x7, @local, {[@ra={0x94, 0x4}]}}, {{0x4e22, 0x4e21, 0x4, 0x1, 0x0, 0x0, 0x0, 0x4, 0x4, "1d24b5", 0x40, "cc3483"}, "dd40a813afe48ffeaf7b0175ecdd1ab93f48faae615408936e2b1089ecc5794df0394dea4424e6f5040592143377cafbcc936d2298c76216036c888345f53bf59452dc2623809232944123ee9e5346ebc18c6fd25fc9af169bf9c24c8098074038c267165949f919aee5baedb9891a8ec857"}}}, 0x9e) write$tun(r0, &(0x7f0000000100)={@void, @val={0x1, 0x4, 0x0, 0x2}, @ipv6=@dccp_packet={0x0, 0x6, "3cdefa", 0x10, 0x21, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @local, {[], {{0x0, 0x0, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "265d99", 0x0, "960cee"}}}}}, 0x42) 15:25:24 executing program 3: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000100)={0x0, 0x0}) capset(&(0x7f0000000180)={0x20080522, r0}, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/locks\x00', 0x0, 0x0) ioctl$FS_IOC_SETVERSION(r2, 0x40087602, &(0x7f0000000040)=0x20) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000)='wlan1\x00', 0x10) sendfile(r1, r2, 0x0, 0x6) r3 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r3, 0x0, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 22) [ 1549.577237] FAULT_INJECTION: forcing a failure. [ 1549.577237] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1549.578416] CPU: 0 PID: 8547 Comm: syz-executor.7 Not tainted 5.10.224 #1 [ 1549.579004] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1549.579711] Call Trace: [ 1549.579944] dump_stack+0x107/0x167 [ 1549.580278] should_fail.cold+0x5/0xa [ 1549.580617] _copy_to_user+0x2e/0x180 [ 1549.580949] do_pages_stat+0x2b4/0x3b0 [ 1549.581293] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1549.581796] ? cpuset_mems_allowed+0x1af/0x440 [ 1549.582201] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1549.582636] ? trace_hardirqs_on+0x5b/0x180 [ 1549.583016] kernel_move_pages+0xb8f/0x11c0 [ 1549.583400] ? rcu_read_lock_any_held+0x75/0xa0 [ 1549.583803] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1549.584314] ? fput_many+0x2f/0x1a0 [ 1549.584634] ? ksys_write+0x1a9/0x260 [ 1549.584966] ? __ia32_sys_read+0xb0/0xb0 [ 1549.585322] __x64_sys_move_pages+0xdd/0x1b0 [ 1549.585706] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1549.586147] do_syscall_64+0x33/0x40 [ 1549.586469] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1549.586905] RIP: 0033:0x7f8be6d86b19 [ 1549.587227] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1549.588794] RSP: 002b:00007f8be42fc188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1549.589434] RAX: ffffffffffffffda RBX: 00007f8be6e99f60 RCX: 00007f8be6d86b19 [ 1549.590032] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1549.590634] RBP: 00007f8be42fc1d0 R08: 0000000020000000 R09: 0000000000000000 [ 1549.591238] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1549.591845] R13: 00007ffd26b6f95f R14: 00007f8be42fc300 R15: 0000000000022000 [ 1549.646407] FAULT_INJECTION: forcing a failure. [ 1549.646407] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1549.647602] CPU: 1 PID: 8552 Comm: syz-executor.3 Not tainted 5.10.224 #1 [ 1549.648125] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1549.648751] Call Trace: [ 1549.648972] dump_stack+0x107/0x167 [ 1549.649241] should_fail.cold+0x5/0xa [ 1549.649546] _copy_to_user+0x2e/0x180 [ 1549.649828] do_pages_stat+0x2b4/0x3b0 [ 1549.650134] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1549.650571] ? cpuset_mems_allowed+0x1af/0x440 [ 1549.650920] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1549.651301] ? trace_hardirqs_on+0x5b/0x180 [ 1549.651644] kernel_move_pages+0xb8f/0x11c0 [ 1549.651995] ? rcu_read_lock_any_held+0x75/0xa0 [ 1549.652351] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1549.652782] ? fput_many+0x2f/0x1a0 [ 1549.653070] ? ksys_write+0x1a9/0x260 [ 1549.653349] ? __ia32_sys_read+0xb0/0xb0 [ 1549.653664] __x64_sys_move_pages+0xdd/0x1b0 [ 1549.654004] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1549.654382] do_syscall_64+0x33/0x40 [ 1549.654668] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1549.655050] RIP: 0033:0x7f1e88ae8b19 [ 1549.655323] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1549.656685] RSP: 002b:00007f1e8605e188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1549.657247] RAX: ffffffffffffffda RBX: 00007f1e88bfbf60 RCX: 00007f1e88ae8b19 [ 1549.657776] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1549.658296] RBP: 00007f1e8605e1d0 R08: 0000000020000000 R09: 0000000000000000 [ 1549.658818] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1549.659339] R13: 00007ffda65e58df R14: 00007f1e8605e300 R15: 0000000000022000 15:25:37 executing program 4: perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) msgget(0x1, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 85) 15:25:37 executing program 2: syz_emit_ethernet(0x56, &(0x7f0000000080)={@random="20f9bdba2470", @remote, @void, {@canfd={0xd, {{}, 0x0, 0x0, 0x0, 0x0, "7bc74f84dbc157914cd8c864a1bea9a4d30d9eedbf84c7959dd76445502e8debf42a1f820f5fe25e762e614b3d9ae47ca38e6862065da5e5550f0dfc6eba6e8f"}}}}, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x8401, 0x0) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x8000, 0x0) r2 = gettid() process_vm_readv(r2, &(0x7f0000001a40)=[{&(0x7f00000018c0)=""/31, 0x1f}, {&(0x7f0000001b40)=""/124, 0x7a}, {&(0x7f0000001980)=""/161, 0xa1}], 0x3, &(0x7f0000001ec0)=[{&(0x7f0000001a80)=""/101, 0x65}, {&(0x7f0000002240)=""/183, 0xffffffbc}, {&(0x7f0000001bc0)=""/122, 0x7a}, {&(0x7f0000001c40)=""/163, 0xa3}, {&(0x7f0000001d00)=""/231, 0xe7}, {&(0x7f0000001e00)}, {&(0x7f0000001e40)=""/9, 0x9}, {&(0x7f0000001b00)=""/46, 0x2e}], 0x8, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0xa, 0x13, r3, 0x0) syz_io_uring_complete(r4) r5 = eventfd(0x6) syz_io_uring_submit(r4, 0x0, &(0x7f00000005c0)=@IORING_OP_WRITEV={0x2, 0x4, 0x6000, @fd=r5, 0x81, &(0x7f0000000580)=[{&(0x7f0000000300)="09bdd991d2d07d3a240d4cca6386c63b8fa4", 0x12}, {&(0x7f0000000340)="19291808c1665999edee806dd0244d7a0507c9ab08d35c", 0x17}, {&(0x7f0000000380)="ad3e229386d37579e80541abde289fc65f21412d260e323083535ea21478ce7bf9ab919706812340bd42b95f6b971a9b631cddcc70b7ee493fb3ab10d91b8b030f662baf0d51636d322457331e470d08afd6a0d44c954d66b24d97f0b6467cd57af0dbecbb12bb4121378a00a55038e709c783034d00a8a734ba0def2c499de99fea51d1493154aa31b4addbe2abff4c5f5614d5435440617ef7607ce1cd142f4569627b578b893c0d62dfaa38cc9b72ecec20cd34c672f9c348305fb09dbd5d3255618d4ecc3435bc81e92b77111b24638c334ba80ffbfcab167b1f21ba65c321441660010262d6261a02cc24aa21", 0xef}, {&(0x7f0000000480)="5a417b9e0fbac28d0044ffce49028ff1d14b415e05b1fa81a47c5ec38e065993b7d8d83bf615c798a87fd618473fe6c2692a8fcce4024499bbdffe7842469c8119e7aef01f5a6b2b93c3eafe6768e3a292078372b843c33fed32e0bca21cc15168c8d0447bee259d4da0284e85e0dfcb4d662aff6e2c1bc55872a47a732f086158bcfee5f586fce95fed530328b1e9869e3034b801cc89e696ed03642e8084c02cf7701885a069fb32b5f4f41205c987623f1ecd1af445c319145fece87e821e1006d06c2f40ff6f68c6a209ccb006b3b7c5e568c90735c53c4aeb0642567550d4beecb08317dfa3286ca1a0be96", 0xee}], 0x4, 0x2, 0x1, {0x1}}, 0x80) sendmsg$nl_generic(r1, &(0x7f00000002c0)={&(0x7f0000000180), 0xc, &(0x7f0000000280)={&(0x7f00000001c0)={0xa8, 0x24, 0x200, 0x70bd2a, 0x25dfdbfb, {0x12}, [@typed={0xc, 0x90, 0x0, 0x0, @str='ipvlan1\x00'}, @nested={0x75, 0x94, 0x0, 0x1, [@generic="6efd8b5138cab525d718bf895f1fd570d30bf294b2908ea2debdb2823272939ec106f4834594690b329d0f5afa9a8c53054918a1172191800b3404011578ddab357f0fd6572e5fb1522d70018a385e488e08c76c05", @typed={0x8, 0x86, 0x0, 0x0, @ipv4=@rand_addr=0x64010102}, @typed={0x8, 0x88, 0x0, 0x0, @u32=0x1f}, @typed={0xc, 0x5b, 0x0, 0x0, @u64=0x8}]}, @typed={0x8, 0x49, 0x0, 0x0, @ipv4=@multicast1}, @typed={0x8, 0x28, 0x0, 0x0, @pid=r2}]}, 0xa8}, 0x1, 0x0, 0x0, 0x20008880}, 0x20004001) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f00000000c0)={'ipvlan1\x00'}) write$tun(r0, &(0x7f0000000100)={@void, @val={0x1}, @ipv6=@dccp_packet={0x0, 0x6, "3cdefa", 0x10, 0x21, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @local, {[], {{0x0, 0x0, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "265d99", 0x0, "960cee"}}}}}, 0x42) 15:25:37 executing program 3: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000100)={0x0, 0x0}) capset(&(0x7f0000000180)={0x20080522, r0}, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/locks\x00', 0x0, 0x0) ioctl$FS_IOC_SETVERSION(r2, 0x40087602, &(0x7f0000000040)=0x20) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000)='wlan1\x00', 0x10) sendfile(r1, r2, 0x0, 0x6) r3 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r3, 0x0, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 23) 15:25:37 executing program 7: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000100)={0x0, 0x0}) capset(&(0x7f0000000180)={0x20080522, r0}, &(0x7f00000002c0)={0x40, 0x0, 0xfffffaf2, 0x6, 0xffffffff, 0x40}) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000)='wlan1\x00', 0x10) sendfile(r1, 0xffffffffffffffff, 0x0, 0x6) msgctl$IPC_RMID(0x0, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 41) 15:25:37 executing program 0: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) setsockopt$packet_rx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0) msgget(0x1, 0x0) ioctl$EXT4_IOC_PRECACHE_EXTENTS(0xffffffffffffffff, 0x6612) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 94) 15:25:37 executing program 1: syz_emit_ethernet(0x56, &(0x7f0000000080)={@random="20f9bdba2470", @remote, @void, {@canfd={0xd, {{}, 0x0, 0x0, 0x0, 0x0, "7bc74f84dbc157914cd8c864a1bea9a4d30d9eedbf84c7959dd76445502e8debf42a1f820f5fe25e762e614b3d9ae47ca38e6862065da5e5550f0dfc6eba6e8f"}}}}, 0x0) syz_emit_ethernet(0x1011, &(0x7f0000000180)={@empty, @broadcast, @void, {@llc={0x4, {@llc={0xfc, 0x4e, "96", "0c7446063beb5c3e7d61839233c5e9a3b23be125bd4d950ab8112056a126e926adf39f234bb2fa884ea6bfa1e72f276482b3e77aa46b7aa10608f8ec59a21ccd19cd0eeec421580e233784dba099a0b3f2218d8f3239efb2ee660b9cf562b340922db62cf83ff1b00573b247a42b243a17879c1772190b7fb1606450a5be542e04e4d51cc3736681749dde6363e437c226a30144c7f9915648b1ae9935fea0fe079c942a7c21c65163cbd84d8b6ad0da22653d9226ce6788209e42f8451f8be1149569c00777634cb02e2ff187d7ba4ee94435cff54e02da54a4d5518714def4451fdd97f95cbeaaa9de7475d9345fe6e7076f90ea419f9bcf2943f3be83c8985a64bd69730349b21a152c13ed390949cb425bd9661c1d785e82f243f74f6911d3a017f7f11c0d2eb1d7310d136b704997d855dc39cb2615d7814965a0a23667448eb72367bf7a436eac50b016581170e2d62a32b667df1d0d47e4f87a3a817f127e165bae8471352b72fe74967d440e52b692eece7fdb8dd1e9d99d963ffb1edebec0de83343354da0183ef02d72c0ef9e29cfd65556c180b9a550788b9dfe786e2d1cae1dbf09ced1cf728a50daaccf9dcefbd2f76ce6f8d09ee57de59b8b3b5371ba7c7e25327770241c31c72a3b2c73c6147cc9ba4fd1043a3a82853f6229a797f747a2ce6ba9fc5e0f79b5b147c78b8cfd59ed6a61043ae0b2a77b15ba37e63d7e0bd9f5452abdf6d611350371b203f0ffdf2ec1044c76358bc5a30eb697953242c1274d1ee2fdf90d771cff6f322ef145c24ace566c7b277ba0fe8ed6807141970b50a2ffe61bb5464ff4537c9d375d438e46dcf7302f9782a479a2b1ee428dd651e12a65c7e90d918be64de34baf4a3d3a8438f29474bc89f9a80a3f201f1d9dda0c9082a33918bc1ccbda37dd1c539654afed6395cd2eddc921fa545dc07d0611fbd64904f8f75f6a1286dd10913710404d18dde02f9b8ed8a584d3cf9af08e7fd2127d4e33f5193830393cf3b524f8dc1d2610487dc52e78270a0a7969c5925bb321c199beea6078d60161cc69cbd476e0c832e6b4e5f15f63c5a1c180de24bf665270adb1bfb9695488b7e09bbf6feae242775f1edd7b2809e314bb08a0016745639c073f755df93147fd5aeae23197a154e2593053118eb50c43c13ff870eb9e2578f443c2850ef6fced57076a404b154a6fe28a4ae12e8c8dd922e91de473c2d1fea882e0d666450e4f660400243823b8a04df71d3d0672875b1d4d1ec95f0b67241017858dc0b0ac93bca57ce13a9c7dedfac7cf62c630324e70c89e9a125c44245e5ad830434a48f881c073a87c8fedb71d73488f03022a77f501f6e20887506b950006d4e6ace669ff28c9ed666d8aef9bebcdde7d37e21728efc30d3c2f4273b050acc55bfaf7f9989339abe7a284b27b3f1f62fc06c479cfe97669f225ea8704a63760423a00854f807ca12c2c5d4b413ca73daef4efb41b52463bde0014c9f7733b1f4252351f98812d2ccb219544a0316a07e338937194e2e239e4661cfeeeb73fdcc74ffcc3cf5e2d526e45ff39a3e50669f024b124d38475661a306a751de9505c2631fe4fed23e8fd1344c71e74ee0eb67964fba5d4a846c15b8532abae3704845a05e1b98a1e92d1041d51d39f4793367c4f873d14fe3c8831ed9c6409a00e1f5719bccf85de0c1cd0ef537443f5ed7ca9e60c273b0f96d58996f5b5a02b14c46540f566173f4f31763189f4e0419a007ce0ec16891cc6a3f9f6e02e18a4a7daaa476fcf338c8627ad1992e840ef3e75e7464f55ca15a94b97cdfb89ab729e797572e3e51af709b6a70b03dab6a0350015d70dd020401efc733ea9ab7f4655ef6de831d369305b125904205d47bca1a3365c5cae896e1388dffcf32ef39aa1d2dde49a6fdb60b7591aac98f3a3d4b89f308ce1ce549d72ecc8b0c69ceb639e7fce78dc91b092e460586cb7b983fb6488660956b9589d25403276d0ce4dfa4c07e7b1524680c6e9ee72a0679bec014883495659b2e9828f7e6f2986561751cca22d693cee347f3e77ad7c4d8eee44912c9be4f2efb8a3b27fdfb2ee0c0734cc43c1b825723b4b33cef9424733acbd682b46ecac12b326089e4ced659a1c65df5ab1298498bc05fdf13067e4eaf5e8077e1adc95e087c2169873f13de133191f81b0304ec1163dce15db7575090ce3f1918b9fead8e711e9024e077698eacd751bbd0c310cf8ea2d756a0e1e45974d24c3175fff5ac33c4d8741ab77e0bdf4820d9e3e55f541b30a0b2b54af7e6e12fd9de9926e6a5951cab97f05339da9db350ac94102214ed14eaf09260c17d992a14d64ae3ce7f3f6dec2606d36af3cbf1aa6daab28ef3a75b9f071d7bb710fb7f22f307b32f72962f0ce448faf56531bde0fc3362a190116d4edc45e533a3b1dcbbcc6de9e1062b9e558b807f16b683ea0b76e8a34e0039190d5c4a6d162ea05eb35a8cd5e0a2a821c9f543bfde57ab131c22138a6262146070cabaeb104d1af9c4baa48569986f88e3fdedccbee9af3f76e87d7ac1bbe83eef787d77581d71095c967bc6789d0ad0357bcc12b153411b866e27106021826436f43c80c56da84cdf20c9912ca29bf8e177c4a3c36ea4f27df1a871f32d75953eaa0d483b8cffc6a6953ed84101afb0e91d916de5ae0fc8c6300cd877961531871c472efea4ddeeb5ad1d71122715dcdc1ddb2c17b6e2f820f25a681a6284f1927c680ca7e5bde6251032759a24d5e0e89ed64f6bf0ba19ac003daeb0e57e0cc0b7add83432b0bbb1e9cb5047eb683f3ad9e8afb4e9dd98d8a3593604ea3571a3db56fb18566ccc706c0b5438d7d38e1c34c95651f6d261dd2f70b03eec104608f4fbbc7d9e6b3347b288aeb9fa8a0b4763621f4d8669e51b9b4d7269b18c5702bbc2c5bba332c1093538ab764bf7103ceba75d37cc6935457719d3e92c5147c0ca9f404d7d2ac4cff438e83b93810b4904cb96218bcb9df7f2b9131cec027b0ce8f6135222ef1bd32aba06796f4fdf1c7ebdeb5b6d1df7e2aa992ae9a4dd910da174e2feb3ee29e1802fba66e8b5a5556793b1bcaa7c2fa985712e40a1c9ed327dffc0868c882f2996f250144d265d65ad34e618862ddebf08f591cab65576929ee8cd364c1f94f846272453460229a3b10ae7b2d1e6006845faee6434005230cc3aaa2d4e13f16f238628b543582297aaafc0eee34716391b1f9947e032729539b081664d75f555e5e2a023d51c1c2b51eef121af5c4c307b14293eca68d9e78d4995c2ff6225b188842e799450e1e2823ad97b3f8d3e37f2d886acb064046c8658be8bd82b1c90d14cf975924d1b3c03897d97f89146e7e27f9a4b50f3f2d603f0dbe33c8590589b7723ac8c74e579f9b5b4fc0162660450a57cc262ae3f5799f51609cd76798e5e7012c8f375130cdab426363fcf749709908fdbe94deb9a92e7591e65f75c4f73169dd1dc99ab65f720c32e2a7e0520d207e57d8ae2650773f57073184dd473fee0369279663e93240bce7b4515e6c4051e9eba68778945ebdf098b90c09bad85b60c157a10dc6f0bf951600f4634e4ca8ba08b3a35eb9e00b656a6acc96c276c90b9be1dc01a116b891b72216722f693939386a2e1ddd3d8292323d26a0d35fbcb5c15a609a2b3d03cfe7fa0983bc90bbf8919ae06f4bd397e522fe70bfeab4346115d7f3e813936dcaab45e39084c00828ae585d8560f38c0071c022cd9f96f903895d55b3a5538223d614d21a02ba50ee0d438e377a13cbe70572fc36b9c3cfb1cc7ba73ea2afff72ce27203bbf1a7315a3e193b36ddab1a02a360039e68cff1cc225df596f0652809e5ea02ee4e09873389d358a6935b0a73e61e455130dbd88155cd69ffe3c55f51dd910f2f7f0d29c9db700a74e0080709826a6ef766f4bf8587700ecdf1d99c9bb408bf6a201eb4f7aedf6843596fcb7fdee93f70cad71aa0eeb1979a98d3e7cfddd48b89741cfd5b70139453b8fa39c06892b55f681db7e6d988cc858edebfdcf50ad2d35230ea309015f8396eed7a694c9392075e503475cc71d09e9e6cfa6d3676fe4419cadc8ef18ff2d4bbe9b743f72a548eed2ea0a65f02a203a7fe29e2b6784f5c540d99cf03feaf43c79ecee53cc473d329b0d48775251ac6fadb1539afe46dfb5e74c2a7cc2cbee07082be83040e8f938d3da1a6ec8c35773a6629b1fb34a7eb81e86a3c1c164fcb9ae1400c466a7a5a8ac52c33c0feb9d19f480f067548854aa2d6579be4030cc199d8dc681e530b9e8df01ff1bd5183164e942e3e4951de0500f6849b6ed55ca85fd933bb01ab640fde37bc85d3478acd3a7a32faaa5cee5f42d2bd982ad0169f0e8d435ae72ba9ff87545390d4d7522778c4c8b4057d78796586bc724f501212706de74b6cb5a58058083dffaba1f26845683fda7993c876d1eaf0bfaf015c6f9e55c3a11a00e325b0aa849bacb1aa034045052a645e4c4a2281c1274841df76dcd1214db421868558206aae750da06213049d4e85d4ff3cdee939ed367b19d800782e4421bbe3183ea4851f270badf8174d2c72e13e17db9410c8862bc5e244affa6d45b4270da15a112000127851a404bc1ea259670ba50098a6016ca4755a0d5eb9673539b421869ef21e5558ee37c19005bfdb210ffc45be4a5e0bf88760c26896d29f4def47d5f2c3a7f9646c4c0e88e319a5039ab219656b45592cee1d2945ed1819f0ae1f3b1b54126593cffa656dde21ebf65a290cb01e2e01df4c32307fce4a1f7475de6e240c43e25d1d04ec0d099b532c1fc69f0d00ebde13e54bd711e71dc3b804934eec8ade71479cf5428524a176a58a5742ae05f4ae400463fd79056dbc19beb467d9679baf15c66d549cae165787f4d8b54351fbc46e460f508d6ee9e118dc5e8c135e065f061ab845fae665bb1ffffce21b3277af19df68e2ce90249d35cd040a35b62889cdc98a43d9dc24be038462aff3e124fec2bb1943d3a25b66cd3b3556d41f1c26876a6f362397694ba33412964845be4b14385eb97f130acd6bb59d3ae66537ea4070c1c7eb1a92074738702f3f2edfbd482f062e4f9429841f5e247845992b4312fe8d66384c63619e3a51f592b63816725568d341d6fd75f694e8192ca2db7f84f69bc65fbe189bfd7a75d5f2c07a193e067ddd1fc80a47b83cfdfd5b93d33369e11fc50a0c927ab21846650b84b5af88e6ab8286e00bcc1fa412ac953fdacc00687c28c52e0aeb3493233b234cb6ebc22736da3ce81bccfd074de1f243fc9db6d78c778f68e77da98fae487dd20d08bc76b80d099c00669f45b0a766b6de28591d1fade7f9f483e97fef86cc5cff6a6844a65c652791464489dd8319a256319e25ce1de0212730660a191f8fc25598405f6be86568b9242fbb73b61b686dc9f80c4fabe6f2f548e44749ad036d90fdcd851fbc3531ceba14e89282504041570fed34c34cf1ee9190c55fbd1f4605cfb86c0ceb1fa0829c16c0c0efe7b10c9004a916f9d800b21e84f3daa7648badd407e5b8035d315d668b4450679899b9de868b1505c1386e0ee16a556269a1ec0021860a65b323258229d15362b91ee9497f824b1861a7cc022748b1c3cbc440b9183298fcf7104d7f6013014847672f1409c61344e3d83c48ebc3a75be1dd220f8202af9e5fad2ca0813ddd9ad35c4454a4b1b93e31aa12a5f1f7875fad5b641f2dbd1a98b255b50d419ee7c9ed670c1430d598420a7c7e183b1d3f20d51466c578ae755b8bca03400cc4972d7d95215cb2"}}}}}, &(0x7f0000000000)={0x1, 0x2, [0x56, 0x6e2, 0x114, 0xabe]}) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x8401, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f00000000c0)={'ipvlan1\x00'}) write$tun(r0, &(0x7f0000000100)={@void, @val={0x1, 0x4, 0x0, 0x2}, @ipv6=@dccp_packet={0x0, 0x6, "3cdefa", 0x10, 0x21, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @local, {[], {{0x0, 0x0, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "265d99", 0x0, "960cee"}}}}}, 0x42) ptrace(0x10, 0x0) 15:25:37 executing program 6: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 97) 15:25:37 executing program 5: r0 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() process_vm_readv(r1, &(0x7f0000001a40)=[{&(0x7f00000018c0)=""/31, 0x1f}, {&(0x7f0000001b40)=""/124, 0x7a}, {&(0x7f0000001980)=""/161, 0xa1}], 0x3, &(0x7f0000001ec0)=[{&(0x7f0000001a80)=""/101, 0x65}, {&(0x7f0000002240)=""/183, 0xffffffbc}, {&(0x7f0000001bc0)=""/122, 0x7a}, {&(0x7f0000001c40)=""/163, 0xa3}, {&(0x7f0000001d00)=""/231, 0xe7}, {&(0x7f0000001e00)}, {&(0x7f0000001e40)=""/9, 0x9}, {&(0x7f0000001b00)=""/46, 0x2e}], 0x8, 0x0) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl$sock_SIOCETHTOOL(r2, 0x8946, &(0x7f0000000240)={'syz_tun\x00', &(0x7f0000000200)=@ethtool_cmd={0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000}}) fcntl$dupfd(r0, 0x406, r2) [ 1563.472763] FAULT_INJECTION: forcing a failure. [ 1563.472763] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1563.474016] CPU: 1 PID: 8563 Comm: syz-executor.0 Not tainted 5.10.224 #1 [ 1563.474691] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1563.475479] Call Trace: [ 1563.475742] dump_stack+0x107/0x167 [ 1563.476081] should_fail.cold+0x5/0xa [ 1563.476553] _copy_to_user+0x2e/0x180 [ 1563.476934] do_pages_stat+0x2b4/0x3b0 [ 1563.477340] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1563.478001] ? cpuset_mems_allowed+0x1af/0x440 [ 1563.478579] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1563.479098] ? trace_hardirqs_on+0x5b/0x180 [ 1563.479609] kernel_move_pages+0xb8f/0x11c0 [ 1563.480054] ? rcu_read_lock_any_held+0x75/0xa0 [ 1563.480592] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1563.481186] ? fput_many+0x2f/0x1a0 [ 1563.481622] ? ksys_write+0x1a9/0x260 [ 1563.482000] ? __ia32_sys_read+0xb0/0xb0 [ 1563.482418] __x64_sys_move_pages+0xdd/0x1b0 [ 1563.482929] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1563.483561] do_syscall_64+0x33/0x40 [ 1563.483954] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1563.484541] RIP: 0033:0x7f6fdcf13b19 [ 1563.484931] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1563.486853] RSP: 002b:00007f6fda489188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1563.487678] RAX: ffffffffffffffda RBX: 00007f6fdd026f60 RCX: 00007f6fdcf13b19 [ 1563.488383] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1563.489178] RBP: 00007f6fda4891d0 R08: 0000000020000000 R09: 0000000000000000 [ 1563.489939] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1563.490715] R13: 00007ffee9bd176f R14: 00007f6fda489300 R15: 0000000000022000 [ 1563.499246] FAULT_INJECTION: forcing a failure. [ 1563.499246] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1563.500514] CPU: 1 PID: 8569 Comm: syz-executor.6 Not tainted 5.10.224 #1 [ 1563.501135] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1563.501937] Call Trace: [ 1563.502187] dump_stack+0x107/0x167 [ 1563.502609] should_fail.cold+0x5/0xa [ 1563.502970] _copy_from_user+0x2e/0x1b0 [ 1563.503352] do_pages_stat+0xf1/0x3b0 [ 1563.503807] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1563.504396] ? cpuset_mems_allowed+0x1af/0x440 [ 1563.504936] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1563.505484] ? trace_hardirqs_on+0x5b/0x180 [ 1563.505931] kernel_move_pages+0xb8f/0x11c0 [ 1563.506380] ? rcu_read_lock_any_held+0x75/0xa0 [ 1563.506914] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1563.507575] ? fput_many+0x2f/0x1a0 [ 1563.507953] ? ksys_write+0x1a9/0x260 [ 1563.508365] ? __ia32_sys_read+0xb0/0xb0 [ 1563.508828] __x64_sys_move_pages+0xdd/0x1b0 [ 1563.509265] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1563.509835] do_syscall_64+0x33/0x40 [ 1563.510223] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1563.510797] RIP: 0033:0x7f28eb741b19 [ 1563.511161] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1563.513121] RSP: 002b:00007f28e8cb7188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1563.513952] RAX: ffffffffffffffda RBX: 00007f28eb854f60 RCX: 00007f28eb741b19 [ 1563.514711] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1563.515418] RBP: 00007f28e8cb71d0 R08: 0000000020000000 R09: 0000000000000000 [ 1563.516223] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1563.516998] R13: 00007ffd318d456f R14: 00007f28e8cb7300 R15: 0000000000022000 [ 1563.528250] FAULT_INJECTION: forcing a failure. [ 1563.528250] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1563.529748] CPU: 0 PID: 8562 Comm: syz-executor.3 Not tainted 5.10.224 #1 [ 1563.530497] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1563.531504] Call Trace: [ 1563.531764] dump_stack+0x107/0x167 [ 1563.532101] should_fail.cold+0x5/0xa [ 1563.532598] _copy_from_user+0x2e/0x1b0 [ 1563.532972] do_pages_stat+0xf1/0x3b0 [ 1563.533565] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1563.534123] ? cpuset_mems_allowed+0x1af/0x440 [ 1563.536730] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1563.537221] ? trace_hardirqs_on+0x5b/0x180 [ 1563.537916] kernel_move_pages+0xb8f/0x11c0 [ 1563.538398] ? rcu_read_lock_any_held+0x75/0xa0 [ 1563.538946] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1563.539677] ? fput_many+0x2f/0x1a0 [ 1563.540039] ? ksys_write+0x1a9/0x260 [ 1563.540561] ? __ia32_sys_read+0xb0/0xb0 [ 1563.541034] __x64_sys_move_pages+0xdd/0x1b0 [ 1563.541454] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1563.542012] do_syscall_64+0x33/0x40 [ 1563.542530] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1563.543089] RIP: 0033:0x7f1e88ae8b19 [ 1563.543460] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1563.545459] RSP: 002b:00007f1e8605e188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1563.546406] RAX: ffffffffffffffda RBX: 00007f1e88bfbf60 RCX: 00007f1e88ae8b19 [ 1563.547077] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1563.548085] RBP: 00007f1e8605e1d0 R08: 0000000020000000 R09: 0000000000000000 [ 1563.548858] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1563.549626] R13: 00007ffda65e58df R14: 00007f1e8605e300 R15: 0000000000022000 [ 1563.551936] FAULT_INJECTION: forcing a failure. [ 1563.551936] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1563.553287] CPU: 0 PID: 8570 Comm: syz-executor.7 Not tainted 5.10.224 #1 [ 1563.554017] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1563.555038] Call Trace: [ 1563.555286] dump_stack+0x107/0x167 [ 1563.555704] should_fail.cold+0x5/0xa [ 1563.556232] _copy_from_user+0x2e/0x1b0 [ 1563.556733] do_pages_stat+0xf1/0x3b0 [ 1563.557184] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1563.557841] ? cpuset_mems_allowed+0x1af/0x440 [ 1563.558423] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1563.558995] ? trace_hardirqs_on+0x5b/0x180 [ 1563.559516] kernel_move_pages+0xb8f/0x11c0 [ 1563.560061] ? rcu_read_lock_any_held+0x75/0xa0 [ 1563.560671] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1563.561350] ? fput_many+0x2f/0x1a0 [ 1563.561885] ? ksys_write+0x1a9/0x260 [ 1563.562274] ? __ia32_sys_read+0xb0/0xb0 [ 1563.562780] __x64_sys_move_pages+0xdd/0x1b0 [ 1563.563332] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1563.563920] do_syscall_64+0x33/0x40 [ 1563.564284] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1563.565016] RIP: 0033:0x7f8be6d86b19 [ 1563.565381] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1563.567520] RSP: 002b:00007f8be42fc188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1563.568110] FAULT_INJECTION: forcing a failure. [ 1563.568110] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1563.568323] RAX: ffffffffffffffda RBX: 00007f8be6e99f60 RCX: 00007f8be6d86b19 [ 1563.568336] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1563.571005] RBP: 00007f8be42fc1d0 R08: 0000000020000000 R09: 0000000000000000 [ 1563.571846] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1563.572593] R13: 00007ffd26b6f95f R14: 00007f8be42fc300 R15: 0000000000022000 [ 1563.573516] CPU: 1 PID: 8565 Comm: syz-executor.4 Not tainted 5.10.224 #1 [ 1563.574209] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1563.575247] Call Trace: [ 1563.575572] dump_stack+0x107/0x167 [ 1563.575948] should_fail.cold+0x5/0xa [ 1563.576356] _copy_from_user+0x2e/0x1b0 [ 1563.576805] do_pages_stat+0xf1/0x3b0 [ 1563.577194] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1563.577847] ? cpuset_mems_allowed+0x1af/0x440 [ 1563.578313] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1563.578911] ? trace_hardirqs_on+0x5b/0x180 [ 1563.579356] kernel_move_pages+0xb8f/0x11c0 [ 1563.579860] ? rcu_read_lock_any_held+0x75/0xa0 [ 1563.580334] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1563.580966] ? fput_many+0x2f/0x1a0 [ 1563.581347] ? ksys_write+0x1a9/0x260 [ 1563.581802] ? __ia32_sys_read+0xb0/0xb0 [ 1563.582209] __x64_sys_move_pages+0xdd/0x1b0 [ 1563.582721] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1563.583239] do_syscall_64+0x33/0x40 [ 1563.583691] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1563.584204] RIP: 0033:0x7f1c0ae11b19 [ 1563.584649] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1563.586605] RSP: 002b:00007f1c08387188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1563.587624] RAX: ffffffffffffffda RBX: 00007f1c0af24f60 RCX: 00007f1c0ae11b19 [ 1563.588579] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1563.589489] RBP: 00007f1c083871d0 R08: 0000000020000000 R09: 0000000000000000 [ 1563.590378] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1563.591286] R13: 00007ffd2ddfd2cf R14: 00007f1c08387300 R15: 0000000000022000 15:25:38 executing program 6: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 98) [ 1563.652837] FAULT_INJECTION: forcing a failure. [ 1563.652837] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1563.654134] CPU: 0 PID: 8578 Comm: syz-executor.6 Not tainted 5.10.224 #1 [ 1563.654792] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1563.655588] Call Trace: [ 1563.655856] dump_stack+0x107/0x167 [ 1563.656202] should_fail.cold+0x5/0xa [ 1563.656634] _copy_to_user+0x2e/0x180 [ 1563.657031] do_pages_stat+0x2b4/0x3b0 [ 1563.657437] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1563.658063] ? cpuset_mems_allowed+0x1af/0x440 [ 1563.658553] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1563.659086] ? trace_hardirqs_on+0x5b/0x180 [ 1563.659546] kernel_move_pages+0xb8f/0x11c0 [ 1563.660020] ? rcu_read_lock_any_held+0x75/0xa0 [ 1563.660522] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1563.661145] ? fput_many+0x2f/0x1a0 [ 1563.661539] ? ksys_write+0x1a9/0x260 [ 1563.661956] ? __ia32_sys_read+0xb0/0xb0 [ 1563.662389] __x64_sys_move_pages+0xdd/0x1b0 [ 1563.662854] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1563.663404] do_syscall_64+0x33/0x40 [ 1563.663805] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1563.664364] RIP: 0033:0x7f28eb741b19 [ 1563.664755] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1563.666601] RSP: 002b:00007f28e8cb7188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1563.667342] RAX: ffffffffffffffda RBX: 00007f28eb854f60 RCX: 00007f28eb741b19 [ 1563.668014] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1563.668703] RBP: 00007f28e8cb71d0 R08: 0000000020000000 R09: 0000000000000000 [ 1563.669380] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1563.670065] R13: 00007ffd318d456f R14: 00007f28e8cb7300 R15: 0000000000022000 15:25:52 executing program 4: perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) msgget(0x1, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 86) 15:25:52 executing program 0: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) setsockopt$packet_rx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0) msgget(0x1, 0x0) ioctl$EXT4_IOC_PRECACHE_EXTENTS(0xffffffffffffffff, 0x6612) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 95) 15:25:52 executing program 2: syz_emit_ethernet(0x56, &(0x7f0000000080)={@random="20f9bdba2470", @remote, @void, {@canfd={0xd, {{}, 0x0, 0x0, 0x0, 0x0, "7bc74f84dbc157914cd8c864a1bea9a4d30d9eedbf84c7959dd76445502e8debf42a1f820f5fe25e762e614b3d9ae47ca38e6862065da5e5550f0dfc6eba6e8f"}}}}, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x105142, 0x0) lseek(r0, 0x0, 0x2) r1 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x4000, 0x128) copy_file_range(r1, 0x0, r0, 0x0, 0x200f5ef, 0x0) [ 1577.555336] FAULT_INJECTION: forcing a failure. [ 1577.555336] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1577.556958] CPU: 1 PID: 8598 Comm: syz-executor.4 Not tainted 5.10.224 #1 [ 1577.557792] FAULT_INJECTION: forcing a failure. [ 1577.557792] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1577.557889] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1577.557895] Call Trace: [ 1577.557920] dump_stack+0x107/0x167 [ 1577.560986] should_fail.cold+0x5/0xa [ 1577.561458] _copy_to_user+0x2e/0x180 [ 1577.562027] do_pages_stat+0x2b4/0x3b0 [ 1577.562513] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1577.565050] ? cpuset_mems_allowed+0x1af/0x440 [ 1577.565652] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1577.566380] ? trace_hardirqs_on+0x5b/0x180 [ 1577.566926] kernel_move_pages+0xb8f/0x11c0 [ 1577.567724] ? rcu_read_lock_any_held+0x75/0xa0 [ 1577.568199] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1577.569033] ? fput_many+0x2f/0x1a0 [ 1577.569407] ? ksys_write+0x1a9/0x260 [ 1577.569933] ? __ia32_sys_read+0xb0/0xb0 [ 1577.570344] __x64_sys_move_pages+0xdd/0x1b0 [ 1577.571032] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1577.571635] do_syscall_64+0x33/0x40 [ 1577.572085] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1577.572787] RIP: 0033:0x7f1c0ae11b19 [ 1577.573243] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1577.575615] RSP: 002b:00007f1c08366188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1577.576674] RAX: ffffffffffffffda RBX: 00007f1c0af25020 RCX: 00007f1c0ae11b19 [ 1577.577386] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1577.578326] RBP: 00007f1c083661d0 R08: 0000000020000000 R09: 0000000000000000 [ 1577.579347] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1577.580134] R13: 00007ffd2ddfd2cf R14: 00007f1c08366300 R15: 0000000000022000 [ 1577.581127] CPU: 0 PID: 8588 Comm: syz-executor.6 Not tainted 5.10.224 #1 [ 1577.581884] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1577.582844] Call Trace: [ 1577.583187] dump_stack+0x107/0x167 [ 1577.583589] should_fail.cold+0x5/0xa [ 1577.584062] _copy_from_user+0x2e/0x1b0 [ 1577.584506] do_pages_stat+0xf1/0x3b0 [ 1577.584982] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1577.585632] ? cpuset_mems_allowed+0x1af/0x440 [ 1577.586193] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1577.586744] ? trace_hardirqs_on+0x5b/0x180 [ 1577.587301] kernel_move_pages+0xb8f/0x11c0 [ 1577.587782] ? rcu_read_lock_any_held+0x75/0xa0 write$tun(r0, &(0x7f0000000200)={@val={0x0, 0x800}, @void, @ipv6=@gre_packet={0x2, 0x6, "bb13b7", 0x2212, 0x2f, 0x1, @remote, @mcast2, {[@routing={0x16, 0xc, 0x1, 0x8, 0x0, [@rand_addr=' \x01\x00', @local, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @private0={0xfc, 0x0, '\x00', 0x1}, @local, @local]}, @routing={0x0, 0x8, 0x1, 0x2, 0x0, [@remote, @private0, @empty, @loopback]}, @hopopts={0x32, 0x14, '\x00', [@hao={0xc9, 0x10, @private2={0xfc, 0x2, '\x00', 0x1}}, @hao={0xc9, 0x10, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}, @calipso={0x7, 0x50, {0x3, 0x12, 0xff, 0x0, [0x1, 0x0, 0xfffffffffffffbff, 0x7, 0xca1, 0x7fffffff, 0x87c8, 0x1, 0x3b1]}}, @ra={0x5, 0x2, 0x9}, @enc_lim={0x4, 0x1, 0x4}, @hao={0xc9, 0x10, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, @padn={0x1, 0x6, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, @pad1, @padn={0x1, 0x4, [0x0, 0x0, 0x0, 0x0]}, @padn={0x1, 0x1, [0x0]}]}, @fragment={0x89, 0x0, 0x7f, 0x1, 0x0, 0x5, 0x65}, @fragment={0x3a, 0x0, 0x1f, 0x1, 0x0, 0x5, 0x67}, @srh={0x3a, 0x4, 0x4, 0x2, 0x7, 0x20, 0x3, [@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01']}], {{0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x880b, 0xf, 0x3, [0xcc8], "77a66734011d4fc0f0db07323245aa"}, {0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x800, [], "ef2a2bd57d6ad5244439a3ac5e497b542070be1512a35631396ddbfe0d8586a37e31e0e6b99ce75723882b62745c5858a2a31e4cc374393e9662d1ba51a529ec70a21057a0bf8966dbfa15c578b920b6036a17617d692230a76837b804dd6d098c9addabafd82cac19f8868ad822ce2ba7749c441aaa413f35e18bde1c2f27552c883a81b0959b87a705862c0f2084bdffaeeab95711aa2ed92d938de3e9868b49267cf18d56f24734f23c53444f5e6a3630b088ad8b8382fa5a4751173f3c7140c29cf2909a14589227bc20ccd561485f9c77b047bddaa78b30d77d8bd044fe0e8fbb53d228d0d4a6d9c3ac7b6a65558b1ffe9fffaa2ff40e2dfb318a4de7df11219a938e5fb03c3ec303472d9cd20bbbee11a85f1c9f43764ea0a389e2b0c2733fb5269f4ece36f7f0c8a1dc37aa3e3dbf6e085744c08c9cdf2816cf787e9374bc22b91f97f1340d591e31f04438f25d9f8ce2a8e1b56b5fb20d8264d1ca50e61caf50c12b596a342934ead2a68762d75d48f2ff6ea7ef8c7250e7ec4e36c3231d8a628c0447d8290c35ceaaa2c20d8e288656b5f86846d27b5afb0d7aa95faf7058e9ba892652df53854011634497de57d76e84e0bc96d3146487ba8b2c5dbbdd3cc88591873ec9abe5f180d9c54d9c248cae89ab3fc9f3c77d3b967d323637ba4be9993eeb4463d484914d97f0cd73a7ade83acbe8c519cf7c6d454162f664e3c8aead93a1348b2375c4a2f79ca1816b2e4047d331d9a69de3f2e2f2d123a3f061d1fa851592994d301302d75444b3ffa0015d204d04c08bbda44c744622e4a4f36f25a604b168a3115a5b7948f91cca8e6eb18084c32a201a977e9d4d281c8874094d7d05f9a5025f6ccce025ebc1a431c1f3185c92d81028426f584a0693b744018fe7c5ca78b8d5c44445a7d96642694dd6c543dd3bfac78773d48e32b09e8026163f5f4340e840d3b42d30adc9c6d1d653dcbacdbb160c891d7f6cd132bc028746b18cd68f5a9f3caa89b6d3d157215672c7d0bc20558a0221a82ff1d6d6a63d432533e7cf79f38d5c1b3a32e52273a2fa446cc472f662677bd42239f3f0993b3e2d131cb75522c0bda4ab9926146c763930159b8ed2758c03df68dc631e5ebeda5b2cc30062bdb0c7443a30c01ba1a88ed52ca0c370cabce447d562d36e52722a2ef5f4de8338390fb2c9d241e344f21a559b12df63d49ca843585a1bb65d1ccd61bdc2872e67483450a909172e31d426edc17b4746a6e84e7da2992b77cbd110c14e5483a0b1057a1a9687c602bf9c45507361a9a0cea43dc3d91c9589fb88e4c7fa5137592cb7cbacc6ebd23c812807cbaabef54e6ba5a57f7e16c978169301ac47eef7f001de30a5e1432e7baf01f6eea11948df418b8be14cdaf05bbaae5bb99ffac9552335a4e4b6bd1a5d2d5b35ac6c06622a750007067aeaa23d0c2e2c21974c18f73673cbbf6c0190cb5e1e1bfbc3e7301cdddd4ce901677662dcf107c06fdf4774c4f566c92d0401f0cde76919241f8b7e9e542efa7b72ea0b043be7791a8f7547021853d415480a81568d3e12f30ec35bf17d7a71a92db60a91f186bb8926365428779344e4dac549f7a4f0fe3b635f6a20493a05744cf978002c593b7f5ac87759a9bfa3c15698cb7929f15dc60fe04045fe79c13c7b2cb972e5434a02db05bbfb2a1d85bcf5e623f7ad09698b247151f1aa5519d5e3744646cea60dc450c154bb3785ca6b40bbfb3a0aab5d3f1ffe203371367aac74fb737d3ee8bcb819d11da486d032bab31c5aa990739e96dbf590dd96093217665c9b83439a94efadefa3fd2a2e38b344b174135f0be6ee5263248154f237909fbe9253a5cfa8d15341cf58876603bdd3be98b94fb8d87d8f34d176e69d95ba03daa82d110d9d00f4997e0cfa6f692c60955eaeff7f533e8c86d7af7dec760d0939a3bc94ba512eab64e61bae21260acf422280ca229c5717f9abe12b56fb2148f92307d1001cc23cc61d1be78e753634679b218e0186dc42cb93343df0950694c4eb3ea357e751a593187954b142947e5e70ac8c3ade5ce13fd957a36d76dfd8ac4440c40fc62b1252d99925fbfe23ed12a51a6dbb67890c96683c09b5286396b886cc4acbfab2c2c0b025ad8ccd027277bb0fc38e5c1d62baa0c2e149a94e4f3c18e38e586df0cd342148a943cf1de9a3dec38b0e4553e5fb5a48a2a9ad4e7dbcc807150b52d5e6426403b1fad37bbf1a6d944a9371c11a32835be468b3ddad2e7846150858d246e557071acb5353d560070363bd79a3631e0e7f1400e953cf9ea18dda20179f5684bd4b7a3d58779ed598c2d88f7e385fc841c36898238d81321f13888b917b9f8bbea047f483002339c60b71eb253c4ebb647149e209e720406cd608081c15528acdab871106de10161b787cb54bf615008496f4c65a704a89ef623247c40592366751ebe85251a522a3e830c34b298b7d7223d42a704a1d6512d274a93bc25284ef11fcad767efc6131b0bea89209920305af9e6ec9482e2ce9a0520d9137221eb5cae066069f357333c5ecf7e491611f26cc9dc219b39230eaad6a99d395153ab692ce6d14ed0a79f7d2b3734a71d40775d63a2ca648763297ab7c064c8a9338d6092c162366fa08d809bab39f34c8d7c2ee104ce2bab070e44b9ef8ad2692061b38ae4cb42d0444b20098c00e69027b05113eb2cdf83530283d918061d27a2f21c92a6b55f64c19ec6ecc600821af7101a43eddaf87dbcb66d8180eec19d5cdc85fe0b20f6a7c7fee6b565c47a99c2a394b98fd1f0f17b4d2af33cee4f65afb1c33b81bd02ab36c09ba84cf9fdcff3e1793a8e70a9b4ac92a74e84d8588f0a8985ab14960a5b2b886a1d3fa857d8de5b82d0291b30b43e79fd407a5fa379cab7d5a60e10347a79ed875db31697277fc7659385646df4b79b3f8d5b223f6e43bb84bc89be506c5384a5769d222df2b7d77c047f7d1aba59146419eae250d32842c2362072e18bf32425a3ad923af4533fab853d66572a312eb676227a46d69e9206b32e06acc5e8f347059e44c9322ed4fbee25b9b31eacd4bc70bea95f5ac677fb70b112e8d12a2c572d102417b04fd8b0532dd490325c560017725334f0607781c70923185e8e3cfca9591b24f37e44cdd5fca06de081d0dc88b6dfc9d2d5975b488f175bde4af76ab3fb20644bf9cbe84cbdba9525cd2809145154a3e67bdde5e882be72ed411d49b600d89d4435519e23cbb3181e51f8e8faaf010d7075b913f3e086fc3215e601c8a529b0f3721417220bb524dd197000bbd9f36fca9df4d61428aa8eb01ee62e4bb20dcae74565e8d7638e6036cd80abe00a49474631b8f736dbd75cd0cd64104ea31b8b8113833cb922b505d45a8d29468cb1146cdfbfeda1f59759be5d7d8d75f46b9068d8fb6bd2e4b93fcfc483c9e092c7a61cdd87f1d2bf749a5abe19fff3b565c6afc223db9e3b25aa5c0aa4e42781e8dd4b4db07b71b5544430bfdcf1ab51759fb27c9f58868524ce1f5cc2e6ec243b84555531dfb2a14f80b22bb1ea5899ad7ff19326bb36756e9abee0ded082ba1848174e066e8f021d1f66c49414cf24e36faaf69621d3c37b3c2fa3be9edaa4c275ea10cb4fa954c25ad01d38ae5ebf199ac0241a6293d5e188778f40e93ea6f49f60a5354fa8ef1e505bada5185da5c7b363ac072f5484c26f2b42b634b3141a8cc570db00fd6d7de99bbf37adeb98522225a1b49910520c9b9b4acab48aae46855648e9294ad9573f7fc1d1eaec5d13e8843445436316538c01499cfad89823d9d4146da7f5914525934479fa5712b0ca6df4499c714fda2ee36f1233eae60648eee29459fc112cb1ad70205891b9cced308af935a8e81c8e755f66531425985c2e547352868d31eaa70293c88530fd6da32a512ff56c546e2d86e822a901e90836698e976c595e3fb4eb380be0b6d1d897fffe598c63924f6bbcc4ab972259e3d012885d2af6dbc9ba6c9067f7f5d9c5e43ede914c59b2a2ecb0e9c1652e78fc60577f62e1ab21bfd36ee9f4d46f1b30893c8d820d5374342d83a6c979a259be3f3191ffb21307afa0389c7c359ba15ec2271efedcb0758c3b84a8224cec95d2a7dec5b889a75e4eb1714c9359b46f3a076a601b34fffe2448efd29db4efccee76790a597c1d9513aaf777d8ace6531b1f49fd351b73f17be313f059f4905a06fc16eb807848acaafc578f50d6f661975c722f5d7cb126f10c3aa966d552ce39cce068ab2b4031cadbf2ecdc477fc5f12519b046473fccf1bf2adc846b5cd70a3b3b2c23ef79f6bf1c4776ebd80ec898ca5a452cd29203aa3a69cf5f9dd9842d16486b700ee0a7c2ff48be7ffd1cb20c507f7b0ee25fb4fb268d438c9c237a2f2b260e91328bda64de9e9b325b02ae6a9f9702b5d85045e090a23f6cbeeca7228e8f9b1c842a72eb08b1a875fe5d11f4b4d56365b33d5f27436ed7672108019b6f8d66b8439f1b55a97432f6e1567755f6b241599e6b3fc5cdf26a8b3a4e53cfdf3cba08fa435059d1fe0820437ca3208a8da86ede3e7cc056512c2afcb773289bea4afa92896d8d3b2ab1dbe256b28fb8b0b00be274e447e5b70c0a0f1d7bb7d0459b6a36c3e096b2ee1585c3f94b526e0233dbc18edc431478edb5747b49aa0582c1a5e79c555046292523971c1734fe84c79d73b998ea2e2e8b61c1ee57b77b6eb4413e0f43a11a5ab261196ab6c4a81f8e14582b6f2d2265abc2959568e060d3c1f19c144a6bfdca55d8bd89912d597c46040d96ea07ebc6c14434440ae4d41e3e7f1f268ffacbd8be201380c53f228cd927701669de97cd6d3f984840e2173d329e5c8ef70993e3c6cf6cfaddf5ca4e2ea31206420816834598255a52e7bd76153304c01b0324b7f73eea458eed0c6ccec76c7e877ddd78c771c2ad3ae2622c7d5a81e5ee2cf8f2dd61b69e06354faae917ab18059911e34d0eb888395a6e7e7939a330c395c9324a55ce6e5773223060c06a24f83986858bca7580d7b1cb785bafe95692874a8c518aabd79668e402b7dd29d9184874368319b3f123135bea153fe620549531ad8f62582375b429aacc20f254f05fdbb3c187b3d79483a510bab96499e64b100f31e3425b868dfa212a09315915f996ca4eb1259483dc5875a0358e0455f64f62b2a9530cdcd54f194b011112c0ba648b384bf9a7addb878dfce80817e96927463d5a5c5a54a151924c24ee117a2d96e77052e2d719f92bd8df612eec6b20a6b1c590aad3c4e27ec03bfd834aa0bbb56424a62b81780d7ca77942e1df59803f75feb5ded491ffb7d5822087d11d218bc059fe69c83975c2b6633ca6c67dbf1d44da2e653fde301cafd80794d2f6919823bd84a4223e26bfec495b13ba8eca279ea5cf4718b1524f63e739de6616f8d866a74e421f0022532efd5a5687664363361275707670dbc40be5f7b4ca684a4c3db78e7fd3eb5609c504f2e4e2fbb33de1498570ff2a0285d8fc7c3840ecfab40dc4b66e9bf59c10cbd701a596b96c22bbfde5dd3cd98251201313ef16ee7414dac47487aac45843f35a891064c3eb1516fc41a6b06c55eb15a2551367450bcec318c2ffb53ac5752393d839287d77e7fcb03ddc8404737561dcdcf818e456e767f609e4b5b89900bd4f4b1403456c8463844836f0c09a8a55cee9695badf15d9cb5870e1fc6b92cfa63eebf8eeaa115529fc6e947be03b3e1697532e8ce844252ed0f88b8279bb631e2ecc7afe62b498f6297da230f3a838ea3a5c9ab285c42e"}, {0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x86dd, [0x8000], "6a8726c207826b034cafdb9d0ef5a3d3599288860217c969385ecd7570d966a956f27ed1c8248c9abcf1658b0f57ae188d5d2dac827770588608e04f4d9aec898f0eabdef2d92a5d5b1e70040257c766ff94433ac2021943d2ca80d6eedf300145cde00b49faed6aeb0194b441176a5cf16ff09a2650b00b65b2e764324e69f3cd5214f22144236bdd5c260505cf915976ae14e0f33b9aa014916b19af7a24bce506de4cdb9f7bcbf8defe4cc5828874dc70142b4d5478af701d162b1285b691f51f029ac718885b5729e0330d9dc83529851ae19654607f387d34daa966be22f7637686b9b8f6e359e2942308bd20cd19575232b67d23194df5d0e71b2f900ed463a2cee1ee045a4422615ce17063078fd7ee01b3dcd00ee9a0adbe9fd9f2234da7c2f19f8453a1b37a81afe16e9dfc5a919a6a73410fe98f2d7c7baf069522b673bf9c3a09e2e53da7f8e375808ac22ff8840f14263b51b563867ec1431526e24c3ac8df85dd922bcf0836368a30803093fd9c3f280f86c2fbf434dc9fa63120757dc046662cfb724f7241253f0bda0d26beabb44d0302c8b129bf2b18d0c398671cfc2240e8e1e98f3db19deeb0cc4dec521cfe2c0e3fe664e5c3ab76ddaec513e565e83a8505de6c70c28264bef31487a7da1946e38b39206a276b64bb9604aa145f4f0dd3c11d83d8bd6bb53ab3d43898cc4efff13a66c8ef9eccad1a0f63ae1231488f487b8a2ef23c79ebd5cef9cd514ddf361700c8d89d41972086fa5bbe64d745d90aa1067522267903f721efc8a524a5377a7c1f55ab75581959d859f444202ea2321770564d2eb29bd27cb4b23cf09af56668c4022d3de04945f54955bb8c92802987009000947365176fb96ad23ddfa9ef16f0f845790f9c348772ae64c5c1cbc3cb772786038c8bb7348e4d220038b7beb304539ec0dc12c89be8b804b085deaa5e2039b62c16f27ecf57dba2dffe3c83baab69652c90cef0f59a2ef79c17ec97f9417a1827da15d2ce1db5ae0bb59945ebb8c6d0a310ec578b46297ac91e3db2c0e85f2570f6fcbe3145198a089ae9ade853899c8838907120b9b284736bcacbe9196514b4215421f68078da5f85c03fb999a05a04c1307ccaeefc67196568916f2aa90cabdf6055af80759ffa2ba658421e3b50cc8c3725ee84664e5edd9c1bd35fb379b33279e6722fab27fa9d52bb7f0c403d695e43aaa7df57811ddf9f50ab8b265e0ead4351d4cc38576f68638f1327ae4ea06d668964167b5c71c2324ba29072a826e7ad998e180d19d807d0b452f9f4a2360a22ad6ea84dea5c091a9cfc5bfd36144066d4f8936cc819d6c0305fc2a6b777702c18611b92a38265dcceaf8ab49f9cb7c04e208998ca36c4267259f436aff5c68146f3449a75f471e295b83a2a08f5e21bc664b204d42e1622407a72111f5088c6c056996216ad4983cb9778903a3a76e95dbe0c0bce839f7a0ab14eff28c02bfe02e70a65ddc3990bc61d250a62dc688024915296d6816048f4ca8f94d177109af75a5995d4ef08ff6875c6f7f9bb81c7ebf9261c329d5eced6829c4f5245604c88492142dc6f8ae6ce46aefe7db7543412a37431a46054f69f19832868f52f343eac9330109c487204958949d4c8a36587792cbca002a93daf6af83be7013f4085f2835d2d487a39e824a9462355d2dc9e6220e43e8552708361fe883a165d865b1e4e4ff95a9a004731efc23a2bdd879cd1cceecf832c54f3bea7cf2daf39eb47c1ceed5d8c0287f1ea817b3a3b807eb5d540669aadab3096990bd9eae408abb7af1db6b5590dc08160b4283e3642079618323c4114e9cd3d7700ddbdca0866dff7ec04a8e56f37734c2b662603d5fdcc209db870925cdff67fe4f6ae73c9c00b6bbbcc5ff5bf1209dc2ab404c774cecc3c73e49d6fd9b5e8bbfe6280314bf2e8a4abab8f9d682ab8f0e7b004739a824308c2fca16230c99f68e608033ee8d1fe00a0dc4a0ac9e666c9c28fd4475685e3be22322b3c43a1b523d1d9156100c9540bdf7a1b7d9ec4100f1e71ef1a7a26b3b49dab58ca9a36b9f465e7b081997c847db9a1021d24a21b0e875c97e85aae5a2756a5be61bd29146fdf3e63a89166ecb24d285f92b677f683314ff5155cd27960cee8c6655cb7daeade24b2445d2eec5d222bc2a4c8482cf19641ed2b4adca44b1ce5d08c1a3d2043076ba0ae625b68b2aad6bea6f1b77cc82ba079748b5687688fb73b6d0ce1916883db5bed841cf011ba12ade175f19731a9eceb918f9025bd6f90fb7517ff8d7cee4a048c8e3425659e8991e7f2a44c604c399cf71ba8b0f4b07a2f2f1772db06ef10702f719d694e6d9fbf3b6df7e7c57248e56bbe0c625196765dab52bdb0f55d9307e4e24de03d53f721333bab177b1bca949729ebc27b2811187a4c7547ad5e71b64f670270d4f6791be3b0687c68f3e39e04b5ab20f8af5e025614c3bb9f37ef52c71c985aed57664207d4c2bf9db9b306060d19df186fed2a08cf66e2eebf18503556e1c4fdbefb30409f44dc833102798421fb910c4161b015154ba92a7ad0584bb1a5faf29a15406a8d616e100642967d36fe2d34a07a5aeafae5752397584fb25fd2185555ed433df5fdcb12e4bd16dc6b3af1317755c059120b8aa20b94d0f43d463f427425ea0936986041a42c804794254c57a1df9e7ab4301b4d3e0903a55efaa09df858609e668bbf076c1614462c3ebd0607de321b1b6476ccbb21bbaf2cca771e1ef56c1dbd5c99dbaa625b7bb3ae895321f167fbe8246716de9bfcdf89118f6e26b7af80a404652e5d62e451d2ab0b32d198dc4cad50d06271f62286d5b4acc0d4f968cb3c7a8c7d2e0b36a84c00567d2083a285a88ae59077cf1506d06124be938a6bc9cde0750060ae33ca5b099661a817c6ca765939416ae1841301a6794bae437ed4b73059308711b9b2f90ccd51975877fd94a1d14e4f69ea28e422b17a5dff0c1062f168a6738d6eab84d933e63d1c53a0f4cfe8aa379602730b5897145c3afa89a13efd21e4f8c01bd0e1915c2844b1044656dc67ad45dbe3a2fdd7f72e6086903131f947edb87e8efce562305433c56c7ff7f442e2c80398621d507819b4c0a70db39520b8a7b24a405187e7ae1a6b831c4bd88725afefe9b0d81327ddb3d95a9f3585b34f7b9217883a0540e955e6c7f27f0a553fce9156ee3bf978d190d44943951643ab5762e1933806433732a5bb89ed70ea1136f018f52c3eaa7442b6de30bf05015a0b663ef293dc4cd0ab05b73e148dd47117fe9bcdccde8ddbc4fa7733f3c12d2509e639be229e28a9b09a939772d0911fdad8d64a54fa25b8d95f4cc0533e8a015570f841c33b21688708db7644e028bfc3c3c48d49d7f1e26e5cf2e5d1521aadb11b246f9c65d9750c4f0fd54b6977f23c4372c1cbd42b7268af3f66b567e2aa43c211e2cf317771884b8075a75490a03d6ade61143bb81e9871ba6a4b0ad8fff8a56fd2544fc7cdda0dd2b39856a0b5899bf0918093fc0c9823a11c7d8c7db4a6f7830efd2fb5077c2d8e8abb83c3bd5220f01128d7fe9849f44d53b287776b5315be95ab42015703acf0adba61d26467078eab0a562439a350621822c81b4c6cb1a3c77f805f9cdb3d9f0397d5e49c57ebf04f81010304802ca9bba343ea375668d046d8feaf26b710a7c7045633244790bcee6ae37322117cd60d24f0ff9c568225d6a1d11ba85a5e08d6a5e3b55a175c41596682cfacd450d6bbec4540d7f38e1fcd23ab8008a838d34c1e13bdfc31c41ccae8e7131df4e107402e7bf188abee3d7f8e1d6b84e96643e03703b64c946ca634934a8f777e98ad72de4ec81e0ee9efb795fa78d47138668a53f6416e026cb0c86a68ac02c863af11b1b93a9975a46cd122dcbb41be9d6af8f8e439c28f899980e6f45d158d0d5fbf8303717c3be11cd574582c315eb6744547f4693f6feb77dce5235bb517abb9a343da197917b247e033f2043ea4276dadf0aaeeca3b55627bdaa75e137635ddd5884b245f2f6e732a55c1eb59ea471f29c6f982b9c9ad560c4051cf3ffb01543cde47018a872823f4f4ae1ba6c7cd05c47e0e01358d6e7852144c465d5e398fc7dca63ec1c0564ed436b2527bb18b8feb48c0b757d68e5bebacb18644031f6cc60d4c38c7e36b833f681091c4b787787910bf9bcb6182399179b3d545e43526961fc2050cbd8dad6a6fb5b21680590ff253070e8be1d276398f87dde730641d37dd6ea3f38926db4d2d43deb951d738fa7a28ab76dde76537a64e4e24f0fd031f5fdb8e7d85a16c69b25d66e6610e83061414a3aee6194330112c76c4a31920bf4f1ff462e5debecc2cacf135c3ea5f52f9e490a2150743c7742fff9d624544ea3a6e5f95c1be645fab90aedb4004c099584c08777f20809c02535a344d389bd1b03d64d5cf8842024e41a8d3ecebaf0e9eb0ac699116d32e4b19e7bef72ae5288d995a6de73036f7d274e9219bfd3c279dc04395acb1a6d0d53ab6d2a75a47332e33f70dc0a7d534e95bd73e54abe7701c40707f589f59ee22dc33a3408e959c6a0f5cf14d8658da63955b30a4ec0bcc7ad51c1d69fee713ec3e6186675615fb3894de011a00a09ae40f8f851f04b03c4a9a6ad5b7a6f0c3354160d39a581867766bb157651a67f45411d2378a34de3a23162823e92bd6ffb341d5e47e0f806255dc33b298d6d1d82b8901e8fd09a374b6918ef6ce96a62935d8afb99973fb100b347e054781d965a33070be3acc3e3dcf7430ef1e5b3f4a5309a63be99fc3449cc9c844599cf6f4f42f85b9ebc17de2c51a7dd3c146642726aaf7c07fa68ff3e9b72ac31bd8f6072150588be664d8d6d37b6496c349ac109e31875f5778d2c572c11f730420dbfb92c093a11ac6840d2cb1edc0ba16b31586b99bd23fa8e7c5b81ecbf7a87b944d9c3d83fa70465214ab6b44e960c5d96d27a9f2ba6933b4e773b996dd73b8d21dc63fb91212f6415dbcefecb59076eb4c4b6a5493a48ccbbe8982624e403ae559d4c605185b12d22927123613d99eace0a72a57b76db0cbfdfc2923e5b0979645b56658553d8e02d469636714850e1061600871324c1b4080e25a84171daae3d46c14910091d26d7639b7ab5bedadb97fb4f25461bc3eec9d185ef2b5918ac4f1a8b9ef074a6ca6d7594078af5e9dcc07216bf429d20c81cc02ba7c62b2801391d418e0bbaadef889d8795a3fca5ea06a3720edbad12a4e12443210255528a858a14d0dc86318112b127a399f9384bcde4fedf5e1d9b597344b9087bc48fd1902572e8d87bdefb7867664875d0e7baadf6783fc7a25556edfad06d92c1a96bdabe210cb8eb7a65a51a8b64e438e1988a8577d11616d5a2a7091b3fdac5c65aad5a723a9a83e8bfce7fef902baed99280835076945a6f1af3c388404849932790f76035afba3797c45d219468ce397aa828416edbfac528a3a684865821525a9f470ef8d9036fc578a1b4d2f3cbe0d6d1915cce72b59aa3ae4e1ea0f107654a10e91862ade959a790fb44082dce1678a78337e9d6e17cbcefcb38cf210862f76f8912253f1327680385e90b14bf959a9486983d2792ea6ee04bd567fa2c0a4c4439aa7de28860f671e8774222f819573fc614789f668275caef4dbbf933b8979b10dd5a6e0a356975d4fc8644803ad253fac4fef0c2e4ce2a03da027a3360483cb2fbf0ee2defd2b415b119c9d75c7a75cdd6a7023068a6ccd13c72a53646a151b68eb1e2c27f16856227e74b7c2107b308f43f5"}, {0x8, 0x88be, 0x1, {{0xe, 0x1, 0x8, 0x0, 0x0, 0x1, 0x3, 0x1}, 0x1, {0x80000000}}}, {0x8, 0x22eb, 0x2, {{0x7, 0x2, 0x26, 0x3, 0x1, 0x2, 0x1, 0xef}, 0x2, {0xac77, 0x57b, 0x3, 0xf, 0x1, 0x0, 0x0, 0x0, 0x1}}}, {0x8, 0x6558, 0x3, "7836ef099b6773ad807c792ab3ba45861cb5514fd3630ffeb6ee6d8a1d3008919b1d02"}}}}}, 0x223e) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x8801, 0x0) ioctl$TUNSETQUEUE(r2, 0x400454ca, &(0x7f00000000c0)={'ipvlan1\x00'}) ioctl$EXT4_IOC_ALLOC_DA_BLKS(r2, 0x660c) write$tun(r2, &(0x7f0000000180)=ANY=[@ANYBLOB="01000000000000000000603cdefa00102100fe880000000000000000000000000001fe800000000000ed5dd7ede7d5b3c7df81887a810000000000000000aa4e24000004019078003e5d9900960cee"], 0x42) [ 1577.588437] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1577.589884] ? fput_many+0x2f/0x1a0 [ 1577.590615] ? ksys_write+0x1a9/0x260 [ 1577.591380] ? __ia32_sys_read+0xb0/0xb0 [ 1577.592219] __x64_sys_move_pages+0xdd/0x1b0 [ 1577.593259] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1577.594298] do_syscall_64+0x33/0x40 [ 1577.595059] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1577.596092] RIP: 0033:0x7f28eb741b19 [ 1577.596948] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1577.600556] RSP: 002b:00007f28e8cb7188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1577.602121] RAX: ffffffffffffffda RBX: 00007f28eb854f60 RCX: 00007f28eb741b19 [ 1577.603502] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1577.605070] RBP: 00007f28e8cb71d0 R08: 0000000020000000 R09: 0000000000000000 [ 1577.606437] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1577.607826] R13: 00007ffd318d456f R14: 00007f28e8cb7300 R15: 0000000000022000 15:25:52 executing program 6: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 99) 15:25:52 executing program 7: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000100)={0x0, 0x0}) capset(&(0x7f0000000180)={0x20080522, r0}, &(0x7f00000002c0)={0x40, 0x0, 0xfffffaf2, 0x6, 0xffffffff, 0x40}) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000)='wlan1\x00', 0x10) sendfile(r1, 0xffffffffffffffff, 0x0, 0x6) msgctl$IPC_RMID(0x0, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 42) 15:25:52 executing program 3: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000100)={0x0, 0x0}) capset(&(0x7f0000000180)={0x20080522, r0}, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/locks\x00', 0x0, 0x0) ioctl$FS_IOC_SETVERSION(r2, 0x40087602, &(0x7f0000000040)=0x20) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000)='wlan1\x00', 0x10) sendfile(r1, r2, 0x0, 0x6) r3 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r3, 0x0, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 24) 15:25:52 executing program 1: syz_emit_ethernet(0x56, &(0x7f0000000080)={@random="20f9bdba2470", @remote, @void, {@canfd={0xd, {{}, 0x0, 0x0, 0x0, 0x0, "7bc74f84dbc157914cd8c864a1bea9a4d30d9eedbf84c7959dd76445502e8debf42a1f820f5fe25e762e614b3d9ae47ca38e6862065da5e5550f0dfc6eba6e8f"}}}}, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x8401, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f00000000c0)={'ipvlan1\x00'}) write$tun(r0, &(0x7f0000000200)={@void, @val={0x1, 0x4, 0x0, 0x3}, @ipv6=@gre_packet={0xb, 0x6, "eabc8e", 0x2c5, 0x2f, 0x0, @mcast1, @ipv4={'\x00', '\xff\xff', @loopback}, {[@dstopts={0x5e, 0x1, '\x00', [@enc_lim={0x4, 0x1, 0x5}, @jumbo={0xc2, 0x4, 0xfff}]}, @srh={0x6c, 0xe, 0x4, 0x7, 0xd6, 0x20, 0x1ff, [@loopback, @private0, @private0={0xfc, 0x0, '\x00', 0x1}, @private1={0xfc, 0x1, '\x00', 0x1}, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @remote, @private0={0xfc, 0x0, '\x00', 0x1}]}], {{0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x880b, 0xda, 0x0, [], "0a15a453ce3b67b0d42a25487c2088ff3164d1b11d9d042605c47347adcfbb0d14008b9dded36b05ae02cf31c31dd4d30544c8bb71a3c90ed617308d79aa046f1edb63965fa36db42e202aa0345b1cfbb028baa6dd28e14611298dd8bec6e6e5abf633d4adeca51108973cad1be144df7272a270f52c190f4987012bb3651ed0302f9d9943746484e2d6ecaa4d8c317fc5d0d7d067ef42500655887b4d53ccc401e101649d6b0a9a0ce333b39a847d69af9725823905b4e12e8ea17da1b671b7c669147b4bab69b757281876378f4a3c818ec2a107fa308c656b"}, {0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x800, [0x7df9], "8b4f876895e7eb3f9d7afcc76fe1e042409820a7dcf0133da0fda1ad227244b95c954fab94ac676e333fc8e3e10f86e1331f4ca286b2f014c9eaac56e07144e042908ca93759147422baa5348160a9e7e92ebe61c12bcd3dcf1792cd5d85e878c6343bafbeaa9f43db529a3dd0c58f801e8b9e3dd2dc2dcde5825d136340188f86a6910bdfd3bb15d1477fd2c9058a2919561b374b54172c409cb79d345c26fc609b3d5e1d3cc6bee8c424b8e3390edbe38f204ab5aeae4447136f00a13d4e8d9ec50e3a1e95cf5984c3db879e5594454b9c"}, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd, [0x2, 0x3], "04dad3fae5c5af94b394264f280a6908417547be88d8b4e1ff3eb892619431cb77f3434e3b657073a51458f403aed6addcda2d"}, {0x8, 0x88be, 0x2, {{0x4, 0x1, 0x6, 0x0, 0x1, 0x1, 0x3, 0x5}, 0x1, {0x81}}}, {0x8, 0x22eb, 0x3, {{0x5, 0x2, 0x2, 0x3, 0x0, 0x3, 0x2, 0x5}, 0x2, {0x7, 0x8, 0x1, 0x12, 0x1, 0x1, 0x1}}}, {0x8, 0x6558, 0x4, "d67997f2859fcd506b7e48dd"}}}}}, 0x2f7) 15:25:52 executing program 5: perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = gettid() gettid() process_vm_readv(r0, &(0x7f0000001a40)=[{&(0x7f00000018c0)=""/31, 0x1f}, {&(0x7f0000001b40)=""/124, 0x7a}, {&(0x7f0000001980)=""/161, 0xa1}], 0x3, &(0x7f0000001ec0)=[{&(0x7f0000001a80)=""/101, 0x65}, {&(0x7f0000002240)=""/183, 0xffffffbc}, {&(0x7f0000001bc0)=""/122, 0x7a}, {&(0x7f0000001c40)=""/163, 0xa3}, {&(0x7f0000001d00)=""/231, 0xe7}, {&(0x7f0000001e00)}, {&(0x7f0000001e40)=""/9, 0x9}, {&(0x7f0000001b00)=""/46, 0x2e}], 0x8, 0x0) [ 1577.616358] FAULT_INJECTION: forcing a failure. [ 1577.616358] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1577.619059] CPU: 0 PID: 8597 Comm: syz-executor.0 Not tainted 5.10.224 #1 [ 1577.620377] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1577.622350] Call Trace: [ 1577.622837] dump_stack+0x107/0x167 [ 1577.623567] should_fail.cold+0x5/0xa [ 1577.624339] _copy_from_user+0x2e/0x1b0 [ 1577.625164] do_pages_stat+0xf1/0x3b0 [ 1577.625878] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1577.627051] ? cpuset_mems_allowed+0x1af/0x440 [ 1577.627941] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1577.628685] ? trace_hardirqs_on+0x5b/0x180 [ 1577.629126] kernel_move_pages+0xb8f/0x11c0 [ 1577.630726] ? rcu_read_lock_any_held+0x75/0xa0 [ 1577.633510] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1577.634076] ? fput_many+0x2f/0x1a0 [ 1577.634406] ? ksys_write+0x1a9/0x260 [ 1577.634747] ? __ia32_sys_read+0xb0/0xb0 [ 1577.635167] __x64_sys_move_pages+0xdd/0x1b0 [ 1577.635565] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1577.636079] do_syscall_64+0x33/0x40 [ 1577.636415] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1577.636879] RIP: 0033:0x7f6fdcf13b19 [ 1577.637286] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1577.638988] RSP: 002b:00007f6fda489188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1577.639662] RAX: ffffffffffffffda RBX: 00007f6fdd026f60 RCX: 00007f6fdcf13b19 [ 1577.640341] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1577.641026] RBP: 00007f6fda4891d0 R08: 0000000020000000 R09: 0000000000000000 [ 1577.641655] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1577.642352] R13: 00007ffee9bd176f R14: 00007f6fda489300 R15: 0000000000022000 [ 1577.651545] FAULT_INJECTION: forcing a failure. [ 1577.651545] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1577.652711] CPU: 0 PID: 8603 Comm: syz-executor.7 Not tainted 5.10.224 #1 [ 1577.653357] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1577.654135] Call Trace: [ 1577.654378] dump_stack+0x107/0x167 [ 1577.654708] should_fail.cold+0x5/0xa [ 1577.655109] _copy_to_user+0x2e/0x180 [ 1577.655456] do_pages_stat+0x2b4/0x3b0 [ 1577.655819] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1577.656408] ? cpuset_mems_allowed+0x1af/0x440 [ 1577.656850] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1577.657344] ? trace_hardirqs_on+0x5b/0x180 [ 1577.657742] kernel_move_pages+0xb8f/0x11c0 [ 1577.658194] ? rcu_read_lock_any_held+0x75/0xa0 [ 1577.658613] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1577.659179] ? fput_many+0x2f/0x1a0 [ 1577.659509] ? ksys_write+0x1a9/0x260 [ 1577.659854] ? __ia32_sys_read+0xb0/0xb0 [ 1577.660274] __x64_sys_move_pages+0xdd/0x1b0 [ 1577.660690] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1577.661216] do_syscall_64+0x33/0x40 [ 1577.661551] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1577.662050] RIP: 0033:0x7f8be6d86b19 [ 1577.662384] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1577.664074] RSP: 002b:00007f8be42fc188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1577.664758] RAX: ffffffffffffffda RBX: 00007f8be6e99f60 RCX: 00007f8be6d86b19 [ 1577.665430] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1577.666133] RBP: 00007f8be42fc1d0 R08: 0000000020000000 R09: 0000000000000000 [ 1577.666759] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1577.667441] R13: 00007ffd26b6f95f R14: 00007f8be42fc300 R15: 0000000000022000 [ 1577.679490] FAULT_INJECTION: forcing a failure. [ 1577.679490] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1577.680620] CPU: 0 PID: 8590 Comm: syz-executor.3 Not tainted 5.10.224 #1 [ 1577.681271] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1577.682058] Call Trace: [ 1577.682299] dump_stack+0x107/0x167 [ 1577.682627] should_fail.cold+0x5/0xa [ 1577.683217] _copy_to_user+0x2e/0x180 [ 1577.683565] do_pages_stat+0x2b4/0x3b0 [ 1577.683973] ? trace_raw_output_mm_migrate_pages+0x290/0x290 15:25:52 executing program 4: perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) msgget(0x1, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 87) [ 1577.684500] ? cpuset_mems_allowed+0x1af/0x440 [ 1577.685001] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1577.685449] ? trace_hardirqs_on+0x5b/0x180 [ 1577.685844] kernel_move_pages+0xb8f/0x11c0 [ 1577.686298] ? rcu_read_lock_any_held+0x75/0xa0 [ 1577.686717] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1577.687287] ? fput_many+0x2f/0x1a0 [ 1577.687618] ? ksys_write+0x1a9/0x260 [ 1577.688010] ? __ia32_sys_read+0xb0/0xb0 [ 1577.688384] __x64_sys_move_pages+0xdd/0x1b0 [ 1577.688793] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1577.689303] do_syscall_64+0x33/0x40 [ 1577.689639] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1577.690167] RIP: 0033:0x7f1e88ae8b19 [ 1577.690504] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1577.692204] RSP: 002b:00007f1e8605e188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1577.692934] RAX: ffffffffffffffda RBX: 00007f1e88bfbf60 RCX: 00007f1e88ae8b19 [ 1577.693575] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1577.694247] RBP: 00007f1e8605e1d0 R08: 0000000020000000 R09: 0000000000000000 [ 1577.694882] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1577.695591] R13: 00007ffda65e58df R14: 00007f1e8605e300 R15: 0000000000022000 [ 1577.709546] FAULT_INJECTION: forcing a failure. [ 1577.709546] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1577.710607] CPU: 1 PID: 8605 Comm: syz-executor.4 Not tainted 5.10.224 #1 [ 1577.711178] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1577.711878] Call Trace: [ 1577.712110] dump_stack+0x107/0x167 [ 1577.712425] should_fail.cold+0x5/0xa [ 1577.712768] _copy_from_user+0x2e/0x1b0 [ 1577.713110] do_pages_stat+0xf1/0x3b0 [ 1577.713443] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1577.713938] ? cpuset_mems_allowed+0x1af/0x440 [ 1577.714335] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1577.714766] ? trace_hardirqs_on+0x5b/0x180 [ 1577.715137] kernel_move_pages+0xb8f/0x11c0 [ 1577.715511] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1577.716007] ? io_schedule_timeout+0x140/0x140 [ 1577.716398] ? copy_kernel_to_fpregs+0x9e/0xe0 [ 1577.716799] ? trace_event_raw_event_x86_fpu+0x390/0x390 [ 1577.717260] ? ksys_write+0x1a9/0x260 [ 1577.717589] __x64_sys_move_pages+0xdd/0x1b0 [ 1577.717966] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1577.718398] do_syscall_64+0x33/0x40 [ 1577.718715] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1577.719152] RIP: 0033:0x7f1c0ae11b19 [ 1577.719468] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1577.721024] RSP: 002b:00007f1c08387188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1577.721664] RAX: ffffffffffffffda RBX: 00007f1c0af24f60 RCX: 00007f1c0ae11b19 [ 1577.722270] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1577.722864] RBP: 00007f1c083871d0 R08: 0000000020000000 R09: 0000000000000000 [ 1577.723463] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1577.724063] R13: 00007ffd2ddfd2cf R14: 00007f1c08387300 R15: 0000000000022000 15:25:52 executing program 1: syz_emit_ethernet(0x56, &(0x7f0000000080)=ANY=[@ANYBLOB="20f9bdba2470aaaaaac74f84dbc157914cd8c864a1bea9a4d30d9eedbb84c7959dd76445502e8debf42a1f820f5fe25e762e614b3d9ae47ca38e6862065da5e5570f0dfc6eba6e8f"], 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x8401, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f00000000c0)={'ipvlan1\x00'}) write$tun(r0, &(0x7f0000000200)={@void, @val={0x1, 0x4, 0x0, 0x2, 0x8}, @ipv6=@dccp_packet={0x0, 0x6, "3cdefa", 0xfffffd4a, 0x21, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @local, {[@dstopts={0x2c, 0x2, '\x00', [@pad1, @hao={0xc9, 0x10, @private0={0xfc, 0x0, '\x00', 0x1}}]}], {{0x0, 0x0, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "265d99", 0x0, "960cee"}, "cc435649222643bf7c983bec46fc19ae34278b68d1746a2554d3a3f971a5654865a244419271515babe9407962d4ee82b368247985faad046f9fee347ecdb9cd682a6fac4c5323cddd63e21ded2c7fdabbe99b7e3c0860a2fb5ab3"}}}}, 0xbd) 15:25:52 executing program 0: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) setsockopt$packet_rx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0) msgget(0x1, 0x0) ioctl$EXT4_IOC_PRECACHE_EXTENTS(0xffffffffffffffff, 0x6612) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 96) 15:25:52 executing program 7: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000100)={0x0, 0x0}) capset(&(0x7f0000000180)={0x20080522, r0}, &(0x7f00000002c0)={0x40, 0x0, 0xfffffaf2, 0x6, 0xffffffff, 0x40}) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000)='wlan1\x00', 0x10) sendfile(r1, 0xffffffffffffffff, 0x0, 0x6) msgctl$IPC_RMID(0x0, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 43) [ 1577.778191] FAULT_INJECTION: forcing a failure. [ 1577.778191] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1577.779392] CPU: 1 PID: 8610 Comm: syz-executor.0 Not tainted 5.10.224 #1 [ 1577.779971] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1577.780687] Call Trace: [ 1577.780921] dump_stack+0x107/0x167 [ 1577.781234] should_fail.cold+0x5/0xa [ 1577.781570] _copy_to_user+0x2e/0x180 [ 1577.781900] do_pages_stat+0x2b4/0x3b0 [ 1577.782241] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1577.782736] ? cpuset_mems_allowed+0x1af/0x440 [ 1577.783136] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1577.783564] ? trace_hardirqs_on+0x5b/0x180 [ 1577.783937] kernel_move_pages+0xb8f/0x11c0 [ 1577.784315] ? rcu_read_lock_any_held+0x75/0xa0 [ 1577.784720] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1577.785211] ? fput_many+0x2f/0x1a0 [ 1577.785526] ? ksys_write+0x1a9/0x260 [ 1577.785852] ? __ia32_sys_read+0xb0/0xb0 [ 1577.786201] __x64_sys_move_pages+0xdd/0x1b0 [ 1577.786579] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1577.787014] do_syscall_64+0x33/0x40 [ 1577.787331] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1577.787764] RIP: 0033:0x7f6fdcf13b19 [ 1577.788082] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1577.789650] RSP: 002b:00007f6fda489188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1577.790293] RAX: ffffffffffffffda RBX: 00007f6fdd026f60 RCX: 00007f6fdcf13b19 [ 1577.790893] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1577.791494] RBP: 00007f6fda4891d0 R08: 0000000020000000 R09: 0000000000000000 [ 1577.792095] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1577.792710] R13: 00007ffee9bd176f R14: 00007f6fda489300 R15: 0000000000022000 [ 1577.794726] FAULT_INJECTION: forcing a failure. [ 1577.794726] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1577.795800] CPU: 1 PID: 8609 Comm: syz-executor.7 Not tainted 5.10.224 #1 [ 1577.796375] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1577.797092] Call Trace: [ 1577.797319] dump_stack+0x107/0x167 [ 1577.797634] should_fail.cold+0x5/0xa [ 1577.797962] _copy_from_user+0x2e/0x1b0 [ 1577.798302] do_pages_stat+0xf1/0x3b0 [ 1577.798638] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1577.799135] ? cpuset_mems_allowed+0x1af/0x440 [ 1577.799532] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1577.799958] ? trace_hardirqs_on+0x5b/0x180 [ 1577.800330] kernel_move_pages+0xb8f/0x11c0 [ 1577.800722] ? rcu_read_lock_any_held+0x75/0xa0 [ 1577.801123] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1577.801614] ? fput_many+0x2f/0x1a0 [ 1577.801926] ? ksys_write+0x1a9/0x260 [ 1577.802251] ? __ia32_sys_read+0xb0/0xb0 [ 1577.802601] __x64_sys_move_pages+0xdd/0x1b0 [ 1577.802976] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1577.803409] do_syscall_64+0x33/0x40 [ 1577.803724] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1577.804158] RIP: 0033:0x7f8be6d86b19 [ 1577.804483] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1577.806037] RSP: 002b:00007f8be42fc188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1577.806678] RAX: ffffffffffffffda RBX: 00007f8be6e99f60 RCX: 00007f8be6d86b19 [ 1577.807277] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1577.807876] RBP: 00007f8be42fc1d0 R08: 0000000020000000 R09: 0000000000000000 15:25:52 executing program 2: syz_emit_ethernet(0x56, &(0x7f0000000080)={@random="20f9bdba2470", @remote, @void, {@canfd={0xd, {{}, 0x0, 0x0, 0x0, 0x0, "7bc74f84dbc157914cd8c864a1bea9a4d30d9eedbf84c7959dd76445502e8debf42a1f820f5fe25e762e614b3d9ae47ca38e6862065da5e5550f0dfc6eba6e8f"}}}}, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x8401, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f00000000c0)={'ipvlan1\x00'}) write$tun(r0, &(0x7f0000000180)={@void, @val={0x1}, @ipv4=@udp={{0x24, 0x4, 0x0, 0x0, 0xc0, 0x68, 0x0, 0x4, 0x11, 0x0, @dev={0xac, 0x14, 0x14, 0x32}, @multicast1, {[@end, @timestamp_prespec={0x44, 0x24, 0x95, 0x3, 0x4, [{@broadcast, 0x6}, {@remote, 0x7fffffff}, {@broadcast, 0x7fff}, {@multicast1, 0x1}]}, @lsrr={0x83, 0xb, 0x35, [@dev={0xac, 0x14, 0x14, 0x44}, @local]}, @timestamp_prespec={0x44, 0x3c, 0x44, 0x3, 0x1, [{@loopback, 0x81}, {@broadcast, 0x6}, {@local, 0x4}, {@loopback, 0x1000}, {@broadcast, 0x8e}, {@remote, 0x8}, {@multicast2, 0x7}]}, @cipso={0x86, 0xf, 0x0, [{0x0, 0x9, "88b4ff60ce9e35"}]}]}}, {0x4e21, 0x4e20, 0x30, 0x0, @gue={{0x1, 0x1, 0x0, 0x8, 0x100, @void}, "70725fa87e29063a40d92a9311993aa097c61a0a62cb4600ee744b98e4969cb987381980"}}}}, 0xca) [ 1577.808483] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1577.809086] R13: 00007ffd26b6f95f R14: 00007f8be42fc300 R15: 0000000000022000 15:25:52 executing program 3: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000100)={0x0, 0x0}) capset(&(0x7f0000000180)={0x20080522, r0}, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/locks\x00', 0x0, 0x0) ioctl$FS_IOC_SETVERSION(r2, 0x40087602, &(0x7f0000000040)=0x20) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000)='wlan1\x00', 0x10) sendfile(r1, r2, 0x0, 0x6) r3 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r3, 0x0, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 25) 15:25:52 executing program 6: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 100) 15:25:52 executing program 4: perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) msgget(0x1, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 88) [ 1577.876482] FAULT_INJECTION: forcing a failure. [ 1577.876482] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1577.877513] CPU: 1 PID: 8618 Comm: syz-executor.4 Not tainted 5.10.224 #1 [ 1577.878090] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1577.878784] Call Trace: [ 1577.879016] dump_stack+0x107/0x167 [ 1577.879327] should_fail.cold+0x5/0xa [ 1577.879660] _copy_to_user+0x2e/0x180 [ 1577.879989] do_pages_stat+0x2b4/0x3b0 [ 1577.880328] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1577.880830] ? cpuset_mems_allowed+0x1af/0x440 [ 1577.881229] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1577.881656] ? trace_hardirqs_on+0x5b/0x180 [ 1577.882029] kernel_move_pages+0xb8f/0x11c0 [ 1577.882405] ? rcu_read_lock_any_held+0x75/0xa0 [ 1577.882801] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1577.883291] ? fput_many+0x2f/0x1a0 [ 1577.883609] ? ksys_write+0x1a9/0x260 [ 1577.883934] ? __ia32_sys_read+0xb0/0xb0 [ 1577.884282] __x64_sys_move_pages+0xdd/0x1b0 [ 1577.884670] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1577.885106] do_syscall_64+0x33/0x40 [ 1577.885424] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1577.885856] RIP: 0033:0x7f1c0ae11b19 [ 1577.886173] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1577.887705] RSP: 002b:00007f1c08387188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1577.888345] RAX: ffffffffffffffda RBX: 00007f1c0af24f60 RCX: 00007f1c0ae11b19 [ 1577.888961] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1577.889560] RBP: 00007f1c083871d0 R08: 0000000020000000 R09: 0000000000000000 [ 1577.890157] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1577.890757] R13: 00007ffd2ddfd2cf R14: 00007f1c08387300 R15: 0000000000022000 15:25:52 executing program 1: syz_emit_ethernet(0x56, &(0x7f0000000080)={@random="20f9bdba2470", @remote, @void, {@canfd={0xd, {{}, 0x0, 0x0, 0x0, 0x0, "7bc74f84dbc157914cd8c864a1bea9a4d30d9eedbf84c7959dd76445502e8debf42a1f820f5fe25e762e614b3d9ae47ca38e6862065da5e5550f0dfc6eba6e8f"}}}}, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x8401, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f00000000c0)={'ipvlan1\x00'}) write$tun(r0, &(0x7f0000000100)={@void, @val={0x1, 0x4, 0x0, 0x2}, @ipv6=@dccp_packet={0x0, 0x6, "3cdefa", 0x10, 0x21, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @local, {[], {{0x0, 0x0, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "265d99", 0x0, "960cee"}}}}}, 0x42) write$tun(r0, &(0x7f0000001280)={@void, @val={0x0, 0x1, 0x2, 0x40, 0x4, 0x1}, @ipv4=@udp={{0x7, 0x4, 0x3, 0x18, 0x7c, 0x67, 0x0, 0x9, 0x11, 0x0, @broadcast, @empty, {[@generic={0x44, 0x5, "984813"}]}}, {0x4e21, 0x4e23, 0x60, 0x0, @opaque="cf5bec3aabf52afb1d38dbae342d5aa1ecd0bcd19daca588c06e98df4f3c7c7e788ceeb9dcff16be3dd8c08260df6a47d40955593ac84b7ca6f287af5cdd9af218b5d2ffb5850106c494ee4df32d7dff596ecb6d41671f55"}}}, 0x86) r1 = syz_open_dev$ttys(0xc, 0x2, 0x1) ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(r0, 0xc0c89425, &(0x7f0000000180)={"aacb6ac53856f15aedc448f771e358ce", 0x0, 0x0, {0x0, 0x2000000}, {0x7fffffff, 0x1}, 0x1, [0x0, 0x7ff, 0xe94, 0x100000000, 0x8, 0x5, 0x2, 0x505b, 0x7fff, 0x7, 0x80000001, 0xfffffffffffffffd, 0x1, 0x3, 0x3ffc00000000000, 0x7ff]}) ioctl$BTRFS_IOC_SNAP_CREATE_V2(r1, 0x50009417, &(0x7f0000000280)={{}, r2, 0x18, @unused=[0x6, 0x8, 0xb0, 0x8], @name="5d86630a3e358e609996ef173ee7d5fa42b0e9f8850134230c96f644b21ef7f7cefe37d6e3ac7b05b7544eb7638b1b9d951be3ca593ebc3aa69cdd2c9af4839c1598f802db9018878591fb899c45445bf719c9fc395680b36f13b030c0287e52dd6cdb6169eab44bbc64586968e24e969aada66dd0e73e3e2a6da589d596e59907f66c3419c3e69feb57f3093aef1d9f81e432101c3c20294503ed337bac0c7fda54493906c78a4f4c5c65ef0ba4b94c3fb3fd147f37c24480ed72e979f4c2b8b38760620dfe280e1f02fe55a59be03342df34e3a58a72b207b1dcf004fd4081e72d4192a25105c369cbf6e4db809463432f1442a81f82bd8641322110de33fd5dde8bff46ba771fe54d43235080bebabb08312e57f328721b8345ba8d9c1da13e99fa0c1ec8c0b12f2d823c41cccd2b1e5967084a4ed1d0d95b4ec05dc8d38040d95c753caa996723e7163f01897637053a117efc8894882673c67a565612ad8567c616505d235d1652309d5c40023a3b78ea1769c98db0a570190cd7299e3c633e60f2367876782fbaa961968a16c7ad161f286966c6bf18a8994630941c64d25d0cb5bae7a6e6619bf5482040f503f0bdac185a8db72633e67e8917447c93e9257576beaac3076a9d0a2a9a205ed5220fe9701bc8d9a51d35208a0ef25023c3db4f53e11c2d755a1653ed5cf36581dc423da62b455d547a535867f80d3a30cf96b37e2288ad1fb48d2a4f9ebdbc41c6cd67e95b056efbd55ef7c4fdc4edbd50bec2b7dc33c8650c841c39cd1669530fbe3ed1cd0b1bba4cd11ec80701c103fe9b7814265c224113be5b0783c7114fa945fda0c7c25503e955894db7087bd3bd684450b48ae92d1f168b04612c51545d6f604b1885802ff30c97e2bc5437d039734ecec3e5cf4504f4287c97f3c734574608b930f2b21d150ce7445519272c5fa618fab882ed4c511431368c74f0137e9b5a460c3a9a16f911ccb6709f92d270cb1f15020fd9748a8b50e66b65db17408f93465efde9ee740f27dfc17fba65cc8f4302340167c5fd113f5a792b92d207f6eb6b8f024672784749cf9968723fd6267c446db695aab1df43640cb2597ae4cdaa32b6e5cc2d0c2677a34360766fc9263074e883148efdd4b49c60ddf82f9d85a267424fe5cf17e97420370e9750805151e123d3ce848543b5fa489c64043313dd2134a819a88246df6ce6b7c46e2e3545445b3fe13b502c78dacd75c337dcef969b43dcfd04b165d118a07ecd8fee587b7f14d936af5d7648d9af8980552aa07c991c95b6a8a052b485446b74070eb3bc4464ca5ad6042b4ce8cdcb502c66712514834c0a14c0178e888c9e21767b44b2aaa33098b1692aaf29f673d9ce4a5be289df90bf7fe4a398280f0aa13e55a181c9bfd57518a91e71bd6ad847677becb7ad68fac1806d975870ef9690643014aca65336e8a70e6e8f690f8e6c63fd823fd7d225dcc89130685aa9884542a0594469dd79ec37cb165111c3a136987eb2964c3cc12932c41d5ec28fb100bc0becd883846fc43fe56ad6d0149c8f7493bdf77c27802848d8deabae0783cc349ae69100aae2c7ce36ac957d29a2f98b3b951ea04ac93ab79947f1769eba3314f69ea772ce0b410a89cd9e9f2e0ad2dc4e2d29498a2f9383817c3e50da708d7ff1a3b5a2f53ed7ca66fc5a384d56bb1e4d0b548406b9cd442c8e7804f1499f0e94aac2d99f6c7a2a2a4b1bf0b4def37fe5db90cb30245f8bbd010d6b7e2d4412419929a66faed5c3730d20301bd63ef9855e5bb1bc72f38b259062c7d79104a60e93e66f2f564712959fcde4e4dfaa0f008b5bb8e1ed4de2b9db240009a260dc2e1c9842e6ab996754e117d4c084a086d233a0a366c6676147f2f613917e060327c2b5ca4ea48726430378d8ee218308b2f7576785cae23c872e39703987dc659b0f016432bc2bda271b43b76061feb001451947e57610d4f5ad4fd8de9f12c2b16c0a07245e57388c4de4515396ead0999806e9c2b4db58f3feeed5adc65b522e9f0e4c1c58b319c6377686ec3f75c092cec4e94a0fe75910456840ef12c4e9539350afc3e8f51d70a468467ab5807bfe2b4605b59d712b8ffc64bc6f826de2d7605aa4a466d4bd0206dabcf5fe836eb3be33453c255676152893659c8fde4cac41a2c07c1748f7b77279309328be6b1833a869bc3a6a072924275a8306552554b336ffe8799fb60c69051a73e271ab3810a578d2a52a7d0bed0927de61c3f62853fd5f79dcdf107fb8b061ebd8e681efdf6f1ec50f25f5bd9c73676e7f86b41d5e9eaa9e6e72f1ab179849fea5eadae8dae6d3890f85bc0a9075ec40a6a39e0a46aff6c1d1aedceb46bf13791538917548b847c84d901b55eb1073025453f6bc711b8a5986f4c0c2cace02723c3bee10251c36cd44a08bf772e57d0ab97310a623cf6fcc12de1e06a5c392e3e89d007f72339a79fea08e64611b0600adc9771aa59e1411f7a7faf92d9b93c6415fbc0f01aae4d337ea55394057b42d827d74116860288413efbc726f60e0bb57ae2c5801c6a97a495b75852f766b7932365316da0c48d6366494534514dc3877863b01e47e662348055cb71ad48348b7f5b34561b71426a8699e8b2b1d25fe1d5b49548305bad16c6704a1e17f87f3f07ef415d64e9e740d21ba948b805847188e863f78167f98eb502bcccf18a1ec5f8219f6811dcd7f2276da9d22653571e02c76d2aae915bc2832f5cee15950927f1860532b1206eb5074d41fcec4ff95865d05ed14d9a0553cc37ceffc3a088a4fa2d7fe12894ff3f81ec8a73b2a46de086a7556bf6bb4e6dce6d3cc567da231f5ab4e6c897958f8d1372cdc48b26e9deb7e620f208f60c9ec4f9bf8e703485a22948d5c1d4ec63d8751b18cafc744f3a2420f43d652ab386b6dff02dbb050f27f4101bfa8b18a926f66cc19ee75f120faae347e5ce0c2e54762f390b702845ea6595e9c5c8822ccf705076392d6c981cb25a87178a7f33a7d1e7fc61e90bab5dd69078bf64381d21a641f771b1212afb15b9627be400ad9de154bdebce5045e9d3ee33a7577fef937a15d94d2e98b845d0bba299cfaf072a9a081c7a749439734d655c9cf0962f29b39b2ad7f4345287801083fc249d816114532709236337e1c3a7a648cbe770ec72d6e94884539ae74298bb2e4e6135e78b529591c276aec82a674bb05b62c8594b8d1198b6af6b86a86209625d142a589ed8d17edbcb5c3f1e23ad42babe9e7bead1265c7e976859510a5b278541b0bdd134923712dd1fd67b3e93312451ebe168a73a5c66d94388f7fc173f3422a8932fdcb2d35f5769eea71c8da1d71f1b98c425b212b4ac9c6be62685f46415c5ab64d3f48ba46034cfe403710d2a12b062a3a91ee26fe4b116309c10951a0bdca2e8fe94eee868b45e6047171340616413d736891f3991e7be4d940c7b8db9b46fe945977695531427910501ce1b02198db482bade5cc4860f27d2bd8ce8adbce5aa0db942d063635a76c17de8e61bee538cbd9bdf1ea7d4c0ca37af37a0b57635ff3fa3dac293199318d200dcfb26536d553534bbe52984b19f8791ea51b7355b88987b373dbfc76d1cada4ba92cbd921a5e0c5bdcec523b21f6d04faecb0025aa3a9c0ea0cf73c6286d0eb73cc847142aa6ba844db80bd967dc09a89fc62bfba4e956ca22689f8ae3deec4aec4b3afbc05eda14e0a393621d4d80e86a7d3ade08273b422574a4eb5b4bbe86ae0d7ee4ab67d9ef0ffe3aa68e0e830e637ed997742a3d6c9f77f0cb5364c969badb322d31faa9d7c4dfa785f31a83cd51f6eb5ea43104209478f8c5d542759c50daa8934c06f7eb4e33d7fd682282c8c4d4eb9eb75a0e493d9f8125cafa08211c4f5cf5327918f7a640b5e7903e94d51e983a9cfb84aa96a3f5491b8af0ddef6b79048f05bd88cc2737ae8ea4ecb7bc07bf240fd7571afa9501e9cc226ec14928070d0e8f6b3706f6b9047478d90a9c958243ced74ccf9f910f6a6e769c5a5c0e26dac85219ce2554d97ee8efb41ff39d4f27c0c953ffd7abb8a48e80db980e5fcb4cc0b47503e13419200a110475121c2ef1c4e84d76c7d1966784445721ab935365f98c1b8d032c9cf93afc00fe37dac9185cf7f48b4b1ce0fca25977419653813cf021e7cf03da34af804b14d8bcabe564642afc28decd3b7e91f6bcf5a03e43af78a10052306b5d3eb6283da2bbddad355fe08b4eb232517fd63da033556aefdb15d94849354889b1e42e8b0359c2da198a841cc8067e31859bec02afc8db35da771063159d2fc1712ef4cab795cb07c003235e35f222597a289ff508986d28580057020400c7dd62dc4a4d4790d303d668af6bff640d2ceeabe18fb798fe53687b99b10ac08a0f5b7711f08fd56765893abc4d577b4f8573af760fc1efa50386fc131c9fbe294403bd87f9fa3d29d22105493c2877bd3190f1d4eb501e3ed9c00c22f5a852b323d1887a14a7d07794780f34292a2ed3a06222a70ab73a0022de4203b278d80328ba637f6220e05d7f7de0da77b2f16c7abe935e375fc408e6e024c305110982609e9bdf77a45f1e7922b8a0dc4278a410499901e6c450c85b91e0c6b97b5eb06df70de4c1ae96d344874f3f16b5e9ac39540449f8f5be35f4074b852ef48de525b779b670d001bec7937ea81484aa152787467169670870739a0c0a1a4a8325f957e34a21becc6d58c70f5b664c429f48032cd6536f63df30f909e1c762a5a4c2147fe97565d63138f063ff4347adb6d32be667efe0fb4f6cf48ef7451a7eb2fd14179b2ecbc8afca135d542e1735bf1211262c4942234537e1b17080431f30c1a609cbde88e5a181a89858f1943a611e924724d571b5f6525dcb28034e7e08518851d6c7fe558a27e3a89602892490a7b63a3f17707facaa3f3256de59e60b8d84cf98d34a7bf3faabc9723acce29fe9e4e3f3012238b28372aed32ddf6f149e4b4599ff1e9e1ae1b889d55205973eac105085265802181034a8370f1a901d5cba9f1921b5a1a399583247ae0cc1c863b7ae35ac110e446e3f347efb44ef0854ddaf84142544b5a5d27b9858cc7dd5a4d094837d7728bc486ea057a59c95cc502d31b8daad313ef9bb7d26a9cee0d7295e0081993d400b0bb000c615e1776f27021fb01f84ab020f6f18ed2c373cd82d25b40da4c639f107cb6a5f582ede1322ef5b7373d916261c9f901c70e5504b1f6c87988377863809fd424963b21e4abd95a438b4abd81b7f8c1a197f7e9d047b00ff6197b6a4581024f6c536c0b26994653e343a559a51ceb0896e7f5516189c7f59bbe8f28855b406cdbf1a8c7f0671725ff89ad19acd2b93a7d7fd5cb20f76c0f350513a1ec1f924bb3b4e2a08c0f8108fb3a607b58296f00f20e901860adbf018d778e6bd8884be1c3759b78f2167fe9725da0b2f886726df11c173e80051eddf964865eea04686993513b67debcdb2b55632144a6c4398adb70c8e49ce2155772aae99e225454440ac1b37b3068fa21471519afc089f8a59144bc0f79ef66e73891827f51f9d1c793238b05c362f1070d6cb703491b81626d1ac9bce27164fc5afe3d6b9461f2680587f1689125f9e56fcfd59a8bf286cfd85911168f275a3fd9318affa44100d835f33fe319a19939c2d2d60656e6b6d7825dc6c80c57aba9187775d9ad132802109b19e"}) [ 1577.918146] FAULT_INJECTION: forcing a failure. [ 1577.918146] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1577.919151] CPU: 1 PID: 8622 Comm: syz-executor.6 Not tainted 5.10.224 #1 [ 1577.919722] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1577.920414] Call Trace: [ 1577.920662] dump_stack+0x107/0x167 [ 1577.920976] should_fail.cold+0x5/0xa [ 1577.921303] _copy_to_user+0x2e/0x180 [ 1577.921630] do_pages_stat+0x2b4/0x3b0 [ 1577.921968] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1577.922456] ? cpuset_mems_allowed+0x1af/0x440 [ 1577.922851] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1577.923276] ? trace_hardirqs_on+0x5b/0x180 [ 1577.923649] kernel_move_pages+0xb8f/0x11c0 [ 1577.924022] ? rcu_read_lock_any_held+0x75/0xa0 [ 1577.924416] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1577.924928] ? fput_many+0x2f/0x1a0 [ 1577.925239] ? ksys_write+0x1a9/0x260 [ 1577.925564] ? __ia32_sys_read+0xb0/0xb0 [ 1577.925913] __x64_sys_move_pages+0xdd/0x1b0 [ 1577.926286] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1577.926718] do_syscall_64+0x33/0x40 [ 1577.927035] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1577.927464] RIP: 0033:0x7f28eb741b19 [ 1577.927781] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1577.929330] RSP: 002b:00007f28e8cb7188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1577.929971] RAX: ffffffffffffffda RBX: 00007f28eb854f60 RCX: 00007f28eb741b19 [ 1577.930568] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1577.931164] RBP: 00007f28e8cb71d0 R08: 0000000020000000 R09: 0000000000000000 [ 1577.931760] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000003 [ 1577.932355] R13: 00007ffd318d456f R14: 00007f28e8cb7300 R15: 0000000000022000 [ 1577.943323] FAULT_INJECTION: forcing a failure. [ 1577.943323] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1577.944649] CPU: 0 PID: 8619 Comm: syz-executor.3 Not tainted 5.10.224 #1 [ 1577.945269] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1577.946058] Call Trace: [ 1577.946331] dump_stack+0x107/0x167 [ 1577.946606] should_fail.cold+0x5/0xa [ 1577.946914] _copy_from_user+0x2e/0x1b0 [ 1577.947224] do_pages_stat+0xf1/0x3b0 [ 1577.947522] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1577.947982] ? cpuset_mems_allowed+0x1af/0x440 [ 1577.948327] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1577.948714] ? trace_hardirqs_on+0x5b/0x180 [ 1577.949059] kernel_move_pages+0xb8f/0x11c0 [ 1577.949400] ? rcu_read_lock_any_held+0x75/0xa0 [ 1577.949747] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1577.950192] ? fput_many+0x2f/0x1a0 [ 1577.950471] ? ksys_write+0x1a9/0x260 [ 1577.950758] ? __ia32_sys_read+0xb0/0xb0 [ 1577.951131] __x64_sys_move_pages+0xdd/0x1b0 [ 1577.951558] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1577.952006] do_syscall_64+0x33/0x40 [ 1577.952326] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1577.952764] RIP: 0033:0x7f1e88ae8b19 [ 1577.953095] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1577.954653] RSP: 002b:00007f1e8605e188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1577.955307] RAX: ffffffffffffffda RBX: 00007f1e88bfbf60 RCX: 00007f1e88ae8b19 [ 1577.955900] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1577.956517] RBP: 00007f1e8605e1d0 R08: 0000000020000000 R09: 0000000000000000 [ 1577.957114] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1577.957723] R13: 00007ffda65e58df R14: 00007f1e8605e300 R15: 0000000000022000 15:26:05 executing program 0: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) setsockopt$packet_rx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0) msgget(0x1, 0x0) ioctl$EXT4_IOC_PRECACHE_EXTENTS(0xffffffffffffffff, 0x6612) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 97) [ 1590.904289] FAULT_INJECTION: forcing a failure. [ 1590.904289] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1590.905373] CPU: 1 PID: 8640 Comm: syz-executor.7 Not tainted 5.10.224 #1 [ 1590.905944] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1590.906635] Call Trace: [ 1590.906867] dump_stack+0x107/0x167 [ 1590.907179] should_fail.cold+0x5/0xa [ 1590.907512] _copy_to_user+0x2e/0x180 [ 1590.907841] do_pages_stat+0x2b4/0x3b0 [ 1590.908180] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1590.908684] ? cpuset_mems_allowed+0x1af/0x440 [ 1590.909085] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1590.909509] ? trace_hardirqs_on+0x5b/0x180 [ 1590.909886] kernel_move_pages+0xb8f/0x11c0 [ 1590.910260] ? rcu_read_lock_any_held+0x75/0xa0 [ 1590.910652] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1590.911142] ? fput_many+0x2f/0x1a0 [ 1590.911455] ? ksys_write+0x1a9/0x260 [ 1590.911780] ? __ia32_sys_read+0xb0/0xb0 [ 1590.912129] __x64_sys_move_pages+0xdd/0x1b0 [ 1590.912504] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1590.912961] do_syscall_64+0x33/0x40 [ 1590.913278] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1590.913708] RIP: 0033:0x7f8be6d86b19 [ 1590.914024] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1590.915552] RSP: 002b:00007f8be42fc188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1590.916195] RAX: ffffffffffffffda RBX: 00007f8be6e99f60 RCX: 00007f8be6d86b19 [ 1590.916811] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1590.917408] RBP: 00007f8be42fc1d0 R08: 0000000020000000 R09: 0000000000000000 [ 1590.918005] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1590.918602] R13: 00007ffd26b6f95f R14: 00007f8be42fc300 R15: 0000000000022000 [ 1590.921707] FAULT_INJECTION: forcing a failure. [ 1590.921707] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1590.922724] CPU: 1 PID: 8641 Comm: syz-executor.0 Not tainted 5.10.224 #1 [ 1590.923295] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1590.923984] Call Trace: [ 1590.924209] dump_stack+0x107/0x167 15:26:05 executing program 3: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000100)={0x0, 0x0}) capset(&(0x7f0000000180)={0x20080522, r0}, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/locks\x00', 0x0, 0x0) ioctl$FS_IOC_SETVERSION(r2, 0x40087602, &(0x7f0000000040)=0x20) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000)='wlan1\x00', 0x10) sendfile(r1, r2, 0x0, 0x6) r3 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r3, 0x0, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 26) 15:26:05 executing program 5: r0 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000000000)) r2 = dup2(r0, r1) r3 = gettid() process_vm_readv(r3, &(0x7f0000001a40)=[{&(0x7f00000018c0)=""/31, 0x1f}, {&(0x7f0000001b40)=""/124, 0x7a}, {&(0x7f0000001980)=""/161, 0xa1}], 0x3, &(0x7f0000001ec0)=[{&(0x7f0000001a80)=""/101, 0x65}, {&(0x7f0000002240)=""/183, 0xffffffbc}, {&(0x7f0000001bc0)=""/122, 0x7a}, {&(0x7f0000001c40)=""/163, 0xa3}, {&(0x7f0000001d00)=""/231, 0xe7}, {&(0x7f0000001e00)}, {&(0x7f0000001e40)=""/9, 0x9}, {&(0x7f0000001b00)=""/46, 0x2e}], 0x8, 0x0) r4 = mmap$IORING_OFF_SQES(&(0x7f00007bb000/0x4000)=nil, 0x4000, 0x1000000, 0x20011, r2, 0x10000000) r5 = syz_open_dev$hidraw(&(0x7f00000000c0), 0xff, 0x662000) r6 = syz_io_uring_setup(0x3ca0, &(0x7f0000000080), &(0x7f0000400000/0xc00000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000280)=0x0) r9 = io_uring_register$IORING_REGISTER_PERSONALITY(r6, 0x9, 0x0, 0x0) syz_io_uring_submit(r7, r8, &(0x7f0000000000)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, r9}}, 0x0) r10 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) ftruncate(r10, 0x1000003) perf_event_open(&(0x7f00000001c0)={0x5, 0x80, 0x5, 0xa6, 0x98, 0xe3, 0x0, 0x0, 0x480b7c42a3e7dfcc, 0x9, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x3, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x6, 0x4, @perf_bp={&(0x7f0000000180)}, 0x400, 0x6, 0x6, 0x7, 0xce, 0xf6, 0x3, 0x0, 0x1, 0x0, 0x2}, 0x0, 0x8, r10, 0x1) syz_io_uring_setup(0x162d, &(0x7f00000002c0)={0x0, 0x968d, 0x0, 0x2, 0x212, 0x0, r10}, &(0x7f0000ee6000/0x2000)=nil, &(0x7f0000c30000/0x2000)=nil, &(0x7f0000000240), &(0x7f0000000340)=0x0) r12 = accept4$bt_l2cap(0xffffffffffffffff, &(0x7f0000000380)={0x1f, 0x0, @none}, &(0x7f00000003c0)=0xe, 0x800) r13 = syz_io_uring_setup(0x3ca0, &(0x7f0000000080), &(0x7f0000400000/0xc00000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000280)=0x0) r16 = io_uring_register$IORING_REGISTER_PERSONALITY(r13, 0x9, 0x0, 0x0) syz_io_uring_submit(r14, r15, &(0x7f0000000000)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, r16}}, 0x0) syz_io_uring_submit(0x0, r11, &(0x7f0000000440)=@IORING_OP_ACCEPT={0xd, 0x5, 0x0, r12, &(0x7f0000000400), 0x0, 0x0, 0x80000, 0x1, {0x0, r16}}, 0xf1) syz_io_uring_submit(0x0, r4, &(0x7f0000000140)=@IORING_OP_WRITE={0x17, 0x1, 0x2007, @fd=r5, 0x80, &(0x7f0000000100)="23be07fecc51b10427765ab298dcfaa94d0e3843199616d9c17048e76c92c8c4e429275c2aa3fb16486ff2", 0x2b, 0x2, 0x1, {0x0, r9}}, 0x80800) 15:26:05 executing program 7: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000100)={0x0, 0x0}) capset(&(0x7f0000000180)={0x20080522, r0}, &(0x7f00000002c0)={0x40, 0x0, 0xfffffaf2, 0x6, 0xffffffff, 0x40}) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000)='wlan1\x00', 0x10) sendfile(r1, 0xffffffffffffffff, 0x0, 0x6) msgctl$IPC_RMID(0x0, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 44) 15:26:05 executing program 4: perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) msgget(0x1, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 89) 15:26:05 executing program 2: syz_emit_ethernet(0x56, &(0x7f0000000080)={@random="000000000002", @remote, @void, {@canfd={0xd, {{}, 0x0, 0x0, 0x0, 0x0, "7bc74f84dbc157914cd8c864a1bea9a4d30d9eedbf84c7959dd76445502e8debf42a1f820f5fe25e762e614b3d9ae47ca38e6862065da5e5550f0dfc6eba6e8f"}}}}, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x8401, 0x0) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x1001, 0x0) ioctl$TUNSETSNDBUF(r1, 0x400454d4, &(0x7f0000000180)=0x8) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f00000000c0)={'ipvlan1\x00'}) write$tun(r0, &(0x7f0000000100)={@void, @val={0x1}, @ipv6=@dccp_packet={0x0, 0x6, "3cdefa", 0x10, 0x21, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @local, {[], {{0x0, 0x0, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "265d99", 0x0, "960cee"}}}}}, 0x42) 15:26:05 executing program 1: syz_emit_ethernet(0x56, &(0x7f0000000080)=ANY=[@ANYBLOB="20f9bdba2470aaaaaaaaaabb000d0000000000100000730d9eedca84c7959dd76445502e8debf42a1f820f5fe278762e614b3d9ae47ca38e68620651a5e5550f0dfc6eba6e8f"], 0x0) ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454ca, &(0x7f00000000c0)={'ipvlan1\x00'}) syz_emit_ethernet(0xce, &(0x7f0000000380)={@link_local, @remote, @val={@void, {0x8100, 0x0, 0x0, 0x1}}, {@llc_tr={0x11, {@llc={0xf8, 0x1, "6812", "bee2439c4311b415ffdda3f02c38ad9c6e6c4e006e9fc443ea506faeec8cabd174440fbd8770e030d3407e541a71ce7aed46774851f13e75d5f4adac71f10e692981b484e882a05146f92109978a162eb27b19d6c2c25ae217727300219a906d6426e6140c1cb6d43765c4ac69f392568ea674ac8748829e7b3d4f12c4989a55c4cae6626aff268ecadf6de22741ca7a2fb0f33eb36a9f283bc08ef33be1cbe4efde37f5538369d84b43c806791ee01206bcae33b5c013e7"}}}}}, &(0x7f0000000480)={0x0, 0x2, [0x135, 0x7da, 0xe69, 0xeb9]}) write(0xffffffffffffffff, &(0x7f0000000180)="b0966fd75ec0cda040f466526c3ad6cdd154bb7fa3b4d62e04608e84b770c39c91ee01eaa545453ecdafca069d083f96c270729fac333df04be0416b467845103b28c280df04972a2f71f300d56a9b67f17f77dc4f16b5688afcbe7782104a36c74390e8a893e96671dfaa4a8dbe000d4be38343c7eb65428b69e2e0e946a2ecf769a341fe483ee7d919d3a879f3140ba916426bee3b8ad0dee364b6c34bb10db9bd58a78896a198e77f9dd8c13a9aafe5a648fe67155563b2ccb2e9469127e6cbc8423a19395c3c3aec9efd24208c4dc9897da152b4bb1bc60298607116ad117b5ab7108875cc72b6393e3a5af7434a6761da667d5685d2728937", 0xfb) write$tun(0xffffffffffffffff, &(0x7f0000000100)={@void, @val={0x1, 0x4, 0x0, 0x2}, @ipv6=@dccp_packet={0x0, 0x6, "3cdefa", 0x10, 0x21, 0x0, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @local, {[], {{0x0, 0x0, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "265d99", 0x0, "960cee"}}}}}, 0x42) syz_extract_tcp_res(&(0x7f0000000000)={0x41424344, 0x41424344}, 0x672, 0x2) syz_emit_ethernet(0xa1, &(0x7f0000000280)={@remote, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}, @void, {@ipv4={0x800, @tcp={{0xc, 0x4, 0x1, 0x1a, 0x93, 0x67, 0x6, 0x1, 0x6, 0x0, @remote, @initdev={0xac, 0x1e, 0x0, 0x0}, {[@rr={0x7, 0xf, 0xa5, [@empty, @loopback, @local]}, @noop, @end, @ssrr={0x89, 0x7, 0x7d, [@dev={0xac, 0x14, 0x14, 0x16}]}, @end]}}, {{0x4e24, 0x4e24, r0, 0x41424344, 0x0, 0x0, 0x18, 0x10, 0x7fff, 0x0, 0x1, {[@mptcp=@ack={0x1e, 0x11, 0x5, 0x4, "8eb9dc59550b0f6bf1b322fdc1"}, @timestamp={0x8, 0xa, 0x8}, @fastopen={0x22, 0xb, "fc51c986b0c13bf121"}, @exp_fastopen={0xfe, 0xd, 0xf989, "7c7887747ea79c70ec"}, @eol, @mss={0x2, 0x4}, @sack={0x5, 0x12, [0x9, 0x3, 0x9, 0x7]}]}}, {"4461f0"}}}}}}, &(0x7f0000000340)={0x0, 0x4, [0x4bd, 0xc86, 0xe63, 0x8a5]}) [ 1590.924519] should_fail.cold+0x5/0xa [ 1590.924877] _copy_from_user+0x2e/0x1b0 [ 1590.925246] do_pages_stat+0xf1/0x3b0 [ 1590.925616] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1590.926347] ? cpuset_mems_allowed+0x1af/0x440 [ 1590.926744] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1590.927167] ? trace_hardirqs_on+0x5b/0x180 [ 1590.927538] kernel_move_pages+0xb8f/0x11c0 [ 1590.927910] ? rcu_read_lock_any_held+0x75/0xa0 [ 1590.928304] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1590.928809] ? fput_many+0x2f/0x1a0 [ 1590.929123] ? ksys_write+0x1a9/0x260 [ 1590.929446] ? __ia32_sys_read+0xb0/0xb0 [ 1590.929803] __x64_sys_move_pages+0xdd/0x1b0 [ 1590.930176] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1590.930609] do_syscall_64+0x33/0x40 [ 1590.930924] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1590.931354] RIP: 0033:0x7f6fdcf13b19 [ 1590.931670] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1590.933223] RSP: 002b:00007f6fda489188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1590.933859] RAX: ffffffffffffffda RBX: 00007f6fdd026f60 RCX: 00007f6fdcf13b19 [ 1590.934454] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1590.935049] RBP: 00007f6fda4891d0 R08: 0000000020000000 R09: 0000000000000000 [ 1590.935645] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1590.936245] R13: 00007ffee9bd176f R14: 00007f6fda489300 R15: 0000000000022000 [ 1590.942544] FAULT_INJECTION: forcing a failure. [ 1590.942544] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1590.943591] CPU: 1 PID: 8642 Comm: syz-executor.3 Not tainted 5.10.224 #1 [ 1590.944164] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1590.944880] Call Trace: [ 1590.945108] dump_stack+0x107/0x167 [ 1590.945419] should_fail.cold+0x5/0xa [ 1590.945747] _copy_to_user+0x2e/0x180 [ 1590.946073] do_pages_stat+0x2b4/0x3b0 [ 1590.946410] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1590.946902] ? cpuset_mems_allowed+0x1af/0x440 [ 1590.947299] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1590.947726] ? trace_hardirqs_on+0x5b/0x180 [ 1590.948098] kernel_move_pages+0xb8f/0x11c0 [ 1590.948472] ? rcu_read_lock_any_held+0x75/0xa0 [ 1590.948893] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1590.949490] ? fput_many+0x2f/0x1a0 [ 1590.949875] ? ksys_write+0x1a9/0x260 [ 1590.950200] ? __ia32_sys_read+0xb0/0xb0 [ 1590.950549] __x64_sys_move_pages+0xdd/0x1b0 [ 1590.950925] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1590.951358] do_syscall_64+0x33/0x40 [ 1590.951675] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1590.952106] RIP: 0033:0x7f1e88ae8b19 [ 1590.952423] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1590.953967] RSP: 002b:00007f1e8605e188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1590.954605] RAX: ffffffffffffffda RBX: 00007f1e88bfbf60 RCX: 00007f1e88ae8b19 [ 1590.955201] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1590.955796] RBP: 00007f1e8605e1d0 R08: 0000000020000000 R09: 0000000000000000 [ 1590.956394] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1590.957015] R13: 00007ffda65e58df R14: 00007f1e8605e300 R15: 0000000000022000 15:26:05 executing program 6: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) 15:26:05 executing program 1: ioctl$FAT_IOCTL_SET_ATTRIBUTES(0xffffffffffffffff, 0x40047211, &(0x7f0000000000)=0x1) syz_emit_ethernet(0x56, &(0x7f0000000080)={@random="20f9bdba2470", @remote, @void, {@canfd={0xd, {{}, 0x0, 0x0, 0x0, 0x0, "7bc74f84dbc157914cd8c864a1bea9a4d30d9eedbf84c7959dd76445502e8debf42a1f820f5fe25e762e614b3d9ae47ca38e6862065da5e5550f0dfc6eba6e8f"}}}}, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x8401, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f00000000c0)={'ipvlan1\x00'}) write$tun(r0, &(0x7f0000000200)=ANY=[@ANYBLOB="01040000020000000000603c09fa00102100fe880000000000000000000000000001fe800000eb971038a37a66a4bc4b4d0000000000265d9900960cee68c1ca1091f5affd0d69ff830e2e5a18264d0c7e92e1b6edc7fceb8b2038e273966bb24988b643102cf18abb6cbbff9ab4492ec8d329fe7319c34d97b40a3756cd84ea7ac956de39cb44f53578ce328f204d36499e408cedf767a8c7fe51834f2bb1d36bfdc542261c0817abc0ad3d19c1de4344cfe0196ec132cc7d57a65841452f049e6e875eb256afd45af66c221717f1bdce1b34de1601103ccf4361bec28f6e5936ce11f4287fd2"], 0x42) 15:26:05 executing program 0: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) setsockopt$packet_rx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0) msgget(0x1, 0x0) ioctl$EXT4_IOC_PRECACHE_EXTENTS(0xffffffffffffffff, 0x6612) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 98) 15:26:05 executing program 7: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000100)={0x0, 0x0}) capset(&(0x7f0000000180)={0x20080522, r0}, &(0x7f00000002c0)={0x40, 0x0, 0xfffffaf2, 0x6, 0xffffffff, 0x40}) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000)='wlan1\x00', 0x10) sendfile(r1, 0xffffffffffffffff, 0x0, 0x6) msgctl$IPC_RMID(0x0, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 45) 15:26:05 executing program 3: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000100)={0x0, 0x0}) capset(&(0x7f0000000180)={0x20080522, r0}, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/locks\x00', 0x0, 0x0) ioctl$FS_IOC_SETVERSION(r2, 0x40087602, &(0x7f0000000040)=0x20) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000)='wlan1\x00', 0x10) sendfile(r1, r2, 0x0, 0x6) r3 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r3, 0x0, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 27) 15:26:05 executing program 6: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x21) [ 1591.059385] FAULT_INJECTION: forcing a failure. [ 1591.059385] name fail_usercopy, interval 1, probability 0, space 0, times 0 15:26:05 executing program 2: syz_emit_ethernet(0x56, &(0x7f0000000080)={@random="20f9bdba2470", @remote, @void, {@canfd={0xd, {{}, 0x0, 0x0, 0x0, 0x0, "7bc74f84dbc157914cd8c864a1bea9a4d30d9eedbf84c7959dd76445502e8debf42a1f820f5fe25e762e614b3d9ae47ca38e6862065da5e5550f0dfc6eba6e8f"}}}}, 0x0) syz_emit_ethernet(0x42, &(0x7f0000000180)={@multicast, @local, @void, {@arp={0x806, @ether_ipv6={0x1, 0x86dd, 0x6, 0x10, 0x4, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x12}, @private2={0xfc, 0x2, '\x00', 0x1}, @random="fca4d48539a9", @remote}}}}, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x8401, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f00000000c0)={'ipvlan1\x00'}) r1 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000000), 0x400900, 0x0) ioctl$TUNSETOWNER(r1, 0x400454cc, 0xffffffffffffffff) r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) ftruncate(r2, 0x1000003) ioctl$FS_IOC_FSSETXATTR(r2, 0x40086602, &(0x7f0000000000)) write$tun(r2, &(0x7f0000000200)={@void, @val={0x1}, @ipv6=@dccp_packet={0x0, 0x6, "3cdefa", 0x90, 0x21, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @local, {[@dstopts={0xff, 0x0, '\x00', [@enc_lim={0x4, 0x1, 0x6}, @generic={0x6}]}, @srh={0x1d, 0xc, 0x4, 0x6, 0x5, 0x8, 0x6, [@dev={0xfe, 0x80, '\x00', 0x1}, @empty, @remote, @private1={0xfc, 0x1, '\x00', 0x1}, @private0, @empty]}, @hopopts={0x16}], {{0x0, 0x0, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, "960cee"}}}}}, 0xc2) lseek(r2, 0x10000, 0x4) [ 1591.060443] CPU: 1 PID: 8656 Comm: syz-executor.0 Not tainted 5.10.224 #1 [ 1591.061046] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1591.061741] Call Trace: [ 1591.061969] dump_stack+0x107/0x167 [ 1591.062284] should_fail.cold+0x5/0xa [ 1591.062615] _copy_to_user+0x2e/0x180 [ 1591.062942] do_pages_stat+0x2b4/0x3b0 [ 1591.063279] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1591.063770] ? cpuset_mems_allowed+0x1af/0x440 [ 1591.064164] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1591.064589] ? trace_hardirqs_on+0x5b/0x180 [ 1591.064973] kernel_move_pages+0xb8f/0x11c0 [ 1591.065346] ? rcu_read_lock_any_held+0x75/0xa0 [ 1591.065739] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1591.066278] ? fput_many+0x2f/0x1a0 [ 1591.066973] ? ksys_write+0x1a9/0x260 [ 1591.067629] ? __ia32_sys_read+0xb0/0xb0 [ 1591.068328] __x64_sys_move_pages+0xdd/0x1b0 [ 1591.069252] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1591.070164] do_syscall_64+0x33/0x40 [ 1591.070819] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1591.071718] RIP: 0033:0x7f6fdcf13b19 [ 1591.072371] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1591.074047] RSP: 002b:00007f6fda489188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1591.074685] RAX: ffffffffffffffda RBX: 00007f6fdd026f60 RCX: 00007f6fdcf13b19 [ 1591.075278] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1591.075888] RBP: 00007f6fda4891d0 R08: 0000000020000000 R09: 0000000000000000 [ 1591.076482] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1591.077849] R13: 00007ffee9bd176f R14: 00007f6fda489300 R15: 0000000000022000 [ 1591.084765] FAULT_INJECTION: forcing a failure. [ 1591.084765] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1591.087196] CPU: 1 PID: 8658 Comm: syz-executor.7 Not tainted 5.10.224 #1 [ 1591.088338] FAULT_INJECTION: forcing a failure. [ 1591.088338] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1591.088370] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1591.088381] Call Trace: [ 1591.091633] dump_stack+0x107/0x167 [ 1591.092271] should_fail.cold+0x5/0xa [ 1591.093037] _copy_from_user+0x2e/0x1b0 [ 1591.093722] do_pages_stat+0xf1/0x3b0 [ 1591.094376] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1591.095368] ? cpuset_mems_allowed+0x1af/0x440 [ 1591.096160] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1591.096851] ? trace_hardirqs_on+0x5b/0x180 [ 1591.097222] kernel_move_pages+0xb8f/0x11c0 [ 1591.097592] ? rcu_read_lock_any_held+0x75/0xa0 [ 1591.097992] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1591.098480] ? fput_many+0x2f/0x1a0 [ 1591.098796] ? ksys_write+0x1a9/0x260 [ 1591.099120] ? __ia32_sys_read+0xb0/0xb0 [ 1591.099466] __x64_sys_move_pages+0xdd/0x1b0 [ 1591.099846] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1591.100276] do_syscall_64+0x33/0x40 [ 1591.100591] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1591.101703] RIP: 0033:0x7f8be6d86b19 [ 1591.102353] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1591.105865] RSP: 002b:00007f8be42fc188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1591.107177] RAX: ffffffffffffffda RBX: 00007f8be6e99f60 RCX: 00007f8be6d86b19 [ 1591.108398] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1591.109143] RBP: 00007f8be42fc1d0 R08: 0000000020000000 R09: 0000000000000000 [ 1591.109740] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1591.110335] R13: 00007ffd26b6f95f R14: 00007f8be42fc300 R15: 0000000000022000 [ 1591.113319] perf: interrupt took too long (35421 > 20606), lowering kernel.perf_event_max_sample_rate to 5000 [ 1591.114391] CPU: 0 PID: 8639 Comm: syz-executor.4 Not tainted 5.10.224 #1 [ 1591.115066] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1591.115838] Call Trace: [ 1591.116071] dump_stack+0x107/0x167 [ 1591.116388] should_fail.cold+0x5/0xa [ 1591.116865] _copy_from_user+0x2e/0x1b0 [ 1591.117205] do_pages_stat+0xf1/0x3b0 [ 1591.117637] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1591.118127] ? cpuset_mems_allowed+0x1af/0x440 [ 1591.118635] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1591.119062] ? trace_hardirqs_on+0x5b/0x180 [ 1591.119502] kernel_move_pages+0xb8f/0x11c0 [ 1591.119900] ? rcu_read_lock_any_held+0x75/0xa0 [ 1591.120292] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1591.120889] ? fput_many+0x2f/0x1a0 [ 1591.121199] ? ksys_write+0x1a9/0x260 [ 1591.121625] ? __ia32_sys_read+0xb0/0xb0 [ 1591.121988] __x64_sys_move_pages+0xdd/0x1b0 [ 1591.122367] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1591.122905] do_syscall_64+0x33/0x40 [ 1591.123227] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1591.123728] RIP: 0033:0x7f1c0ae11b19 [ 1591.124059] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1591.125758] RSP: 002b:00007f1c08387188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1591.126415] RAX: ffffffffffffffda RBX: 00007f1c0af24f60 RCX: 00007f1c0ae11b19 [ 1591.127136] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1591.127800] RBP: 00007f1c083871d0 R08: 0000000020000000 R09: 0000000000000000 [ 1591.128406] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1591.129086] R13: 00007ffd2ddfd2cf R14: 00007f1c08387300 R15: 0000000000022000 [ 1591.136859] FAULT_INJECTION: forcing a failure. [ 1591.136859] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1591.137874] CPU: 1 PID: 8660 Comm: syz-executor.3 Not tainted 5.10.224 #1 [ 1591.138445] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1591.139135] Call Trace: [ 1591.139362] dump_stack+0x107/0x167 [ 1591.139672] should_fail.cold+0x5/0xa [ 1591.140002] _copy_from_user+0x2e/0x1b0 [ 1591.140341] do_pages_stat+0xf1/0x3b0 [ 1591.140681] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1591.141175] ? cpuset_mems_allowed+0x1af/0x440 [ 1591.141570] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1591.141995] ? trace_hardirqs_on+0x5b/0x180 [ 1591.142367] kernel_move_pages+0xb8f/0x11c0 [ 1591.142739] ? rcu_read_lock_any_held+0x75/0xa0 [ 1591.143134] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1591.143623] ? fput_many+0x2f/0x1a0 [ 1591.143933] ? ksys_write+0x1a9/0x260 [ 1591.144259] ? __ia32_sys_read+0xb0/0xb0 [ 1591.144608] __x64_sys_move_pages+0xdd/0x1b0 [ 1591.145017] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1591.145449] do_syscall_64+0x33/0x40 [ 1591.145765] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1591.146195] RIP: 0033:0x7f1e88ae8b19 [ 1591.146510] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1591.148035] RSP: 002b:00007f1e8605e188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1591.148681] RAX: ffffffffffffffda RBX: 00007f1e88bfbf60 RCX: 00007f1e88ae8b19 [ 1591.149277] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1591.149870] RBP: 00007f1e8605e1d0 R08: 0000000020000000 R09: 0000000000000000 [ 1591.150464] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1591.151056] R13: 00007ffda65e58df R14: 00007f1e8605e300 R15: 0000000000022000 15:26:05 executing program 0: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) setsockopt$packet_rx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0) msgget(0x1, 0x0) ioctl$EXT4_IOC_PRECACHE_EXTENTS(0xffffffffffffffff, 0x6612) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 99) 15:26:05 executing program 6: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x2000) [ 1591.237178] FAULT_INJECTION: forcing a failure. [ 1591.237178] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1591.238342] CPU: 1 PID: 8667 Comm: syz-executor.0 Not tainted 5.10.224 #1 [ 1591.238917] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1591.239608] Call Trace: [ 1591.239838] dump_stack+0x107/0x167 [ 1591.240149] should_fail.cold+0x5/0xa [ 1591.240479] _copy_from_user+0x2e/0x1b0 [ 1591.240837] do_pages_stat+0xf1/0x3b0 [ 1591.241168] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1591.241664] ? cpuset_mems_allowed+0x1af/0x440 [ 1591.242059] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1591.242484] ? trace_hardirqs_on+0x5b/0x180 [ 1591.242857] kernel_move_pages+0xb8f/0x11c0 [ 1591.243230] ? rcu_read_lock_any_held+0x75/0xa0 [ 1591.243624] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1591.244113] ? fput_many+0x2f/0x1a0 [ 1591.244425] ? ksys_write+0x1a9/0x260 [ 1591.244765] ? __ia32_sys_read+0xb0/0xb0 [ 1591.245114] __x64_sys_move_pages+0xdd/0x1b0 [ 1591.245490] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1591.245924] do_syscall_64+0x33/0x40 [ 1591.246239] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1591.246669] RIP: 0033:0x7f6fdcf13b19 [ 1591.246985] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1591.248515] RSP: 002b:00007f6fda489188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1591.249171] RAX: ffffffffffffffda RBX: 00007f6fdd026f60 RCX: 00007f6fdcf13b19 [ 1591.249766] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1591.250362] RBP: 00007f6fda4891d0 R08: 0000000020000000 R09: 0000000000000000 [ 1591.250961] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1591.251558] R13: 00007ffee9bd176f R14: 00007f6fda489300 R15: 0000000000022000 15:26:20 executing program 4: perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) msgget(0x1, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 90) [ 1605.893803] FAULT_INJECTION: forcing a failure. [ 1605.893803] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1605.894882] CPU: 1 PID: 8689 Comm: syz-executor.4 Not tainted 5.10.224 #1 [ 1605.895507] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1605.896205] Call Trace: [ 1605.896485] dump_stack+0x107/0x167 [ 1605.896810] should_fail.cold+0x5/0xa 15:26:20 executing program 7: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000100)={0x0, 0x0}) capset(&(0x7f0000000180)={0x20080522, r0}, &(0x7f00000002c0)={0x40, 0x0, 0xfffffaf2, 0x6, 0xffffffff, 0x40}) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000)='wlan1\x00', 0x10) sendfile(r1, 0xffffffffffffffff, 0x0, 0x6) msgctl$IPC_RMID(0x0, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 46) 15:26:20 executing program 5: r0 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() process_vm_readv(r1, &(0x7f0000001a40)=[{&(0x7f00000018c0)=""/31, 0x1f}, {&(0x7f0000001b40)=""/124, 0x7c}, {&(0x7f0000001980)=""/161, 0xa1}], 0x3, &(0x7f0000001ec0)=[{&(0x7f0000001a80)=""/101, 0x65}, {&(0x7f00000000c0)=""/189, 0xbd}, {&(0x7f0000001bc0)=""/122, 0x7a}, {&(0x7f0000001c40)=""/163, 0xa3}, {&(0x7f0000001d00)=""/217, 0xd9}, {&(0x7f0000001e00)}, {&(0x7f0000001e40)=""/9, 0x9}, {&(0x7f0000001b00)=""/46, 0x2e}], 0x8, 0x0) getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f00000017c0)={{{@in=@dev, @in6=@initdev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@empty}, 0x0, @in6=@mcast2}}, &(0x7f0000001900)=0xe8) r3 = gettid() process_vm_readv(r3, &(0x7f0000001a40)=[{&(0x7f00000018c0)=""/31, 0x1f}, {&(0x7f0000001b40)=""/124, 0x7a}, {&(0x7f0000001980)=""/161, 0xa1}], 0x3, &(0x7f0000001ec0)=[{&(0x7f0000001a80)=""/101, 0x65}, {&(0x7f0000002240)=""/183, 0xffffffbc}, {&(0x7f0000001bc0)=""/122, 0x7a}, {&(0x7f0000001c40)=""/163, 0xa3}, {&(0x7f0000001d00)=""/231, 0xe7}, {&(0x7f0000001e00)}, {&(0x7f0000001e40)=""/9, 0x9}, {&(0x7f0000001b00)=""/46, 0x2e}], 0x8, 0x0) r4 = getpid() fstat(r0, &(0x7f0000003580)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r6 = fcntl$getown(r0, 0x9) r7 = geteuid() getresuid(&(0x7f0000000240), &(0x7f0000000280)=0x0, &(0x7f00000002c0)) r9 = getgid() sendmsg$unix(0xffffffffffffffff, &(0x7f0000000400)={&(0x7f00000000c0)=@abs={0x0, 0x0, 0x4e23}, 0x6e, 0x0, 0x0, &(0x7f0000000300)=[@cred={{0x1c, 0x1, 0x2, {0xffffffffffffffff, r7}}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xee00}}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {0x0, r8}}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0xee01, r9}}}], 0x98, 0x4a6d9b9f314c1032}, 0x0) r10 = gettid() process_vm_readv(r10, &(0x7f0000001a40)=[{&(0x7f00000018c0)=""/31, 0x1f}, {&(0x7f0000001b40)=""/124, 0x7a}, {&(0x7f0000001980)=""/161, 0xa1}], 0x3, &(0x7f0000001ec0)=[{&(0x7f0000001a80)=""/101, 0x65}, {&(0x7f0000002240)=""/183, 0xffffffbc}, {&(0x7f0000001bc0)=""/122, 0x7a}, {&(0x7f0000001c40)=""/163, 0xa3}, {&(0x7f0000001d00)=""/231, 0xe7}, {&(0x7f0000001e00)}, {&(0x7f0000001e40)=""/9, 0x9}, {&(0x7f0000001b00)=""/46, 0x2e}], 0x8, 0x0) r11 = geteuid() getresuid(&(0x7f0000000240), &(0x7f0000000280)=0x0, &(0x7f00000002c0)) r13 = getgid() sendmsg$unix(0xffffffffffffffff, &(0x7f0000000400)={&(0x7f00000000c0)=@abs={0x0, 0x0, 0x4e23}, 0x6e, 0x0, 0x0, &(0x7f0000000300)=[@cred={{0x1c, 0x1, 0x2, {0xffffffffffffffff, r11}}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xee00}}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {0x0, r12}}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0xee01, r13}}}], 0x98, 0x4a6d9b9f314c1032}, 0x0) [ 1605.897225] _copy_to_user+0x2e/0x180 [ 1605.897799] do_pages_stat+0x2b4/0x3b0 [ 1605.898194] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1605.898915] ? cpuset_mems_allowed+0x1af/0x440 [ 1605.899617] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1605.900042] ? trace_hardirqs_on+0x5b/0x180 [ 1605.900409] kernel_move_pages+0xb8f/0x11c0 [ 1605.900846] ? rcu_read_lock_any_held+0x75/0xa0 [ 1605.901344] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1605.901933] ? fput_many+0x2f/0x1a0 [ 1605.902251] ? ksys_write+0x1a9/0x260 [ 1605.902625] ? __ia32_sys_read+0xb0/0xb0 [ 1605.902971] __x64_sys_move_pages+0xdd/0x1b0 [ 1605.903343] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1605.903826] do_syscall_64+0x33/0x40 [ 1605.904143] entry_SYSCALL_64_after_hwframe+0x67/0xd1 sendmsg$netlink(0xffffffffffffffff, &(0x7f0000001e00)={0x0, 0x0, &(0x7f0000003500)=[{&(0x7f0000003680)=ANY=[@ANYBLOB="4c1400002d0020002bbd7000fbdbdf25400138805978978526215f313cfc4df6929c78b1adb7a5f6bb7107bb14004d00fe8000000000000000000000000000bb02017200e4aeb41e8dc58f5f0a5d5964152b1c6d2bdf8cbdd73c3f6692d0f20dc3e4572222215797bd08004557d596e2bfc47520c55941dee1ac4c620eb26bfc63090661b750ac0570be6c01107ed987a0fd29ed3f63a713e41db23ac9330543cfd17b23e5bbc6585abd409f431c89a838f8df01c19152000c9f5d45d3789db66f0dec35478121f66230df887eda3d8775cc6c50cf63f823bf12043aa3fee9e47f2fe115189dda4a0264810f4ad82861c4ca2f05eaf6d26a29a18c9892fb0c3b5dd2685885f589279f4e6e77477414b6a100a564e99acb837777d979e9bd64b58e7144d13ba8f2b4b22a3dafce95860a13aa6b3ef637e7bed0b4225aaaa02165ec9400000a0084002b2c5b405d0000000c001b8005004800000000003c11358017cfca98976f1329605d92f159841b118154af3f23d5df03afba0796c3561b5b3adebd7251597ffcf995ad47803ddf79c47435ae6c67e3cd806996e0e1c8281086db28c51cce2f93ef0054001d3e32a31d3cbd0aaf70a6c2e6a202ecc35a6a74cfb275e1179d1c6f7cc1cb2038b6bfa76c43fadb13a21e6090e9d36f84176e926ea7f8164043097645d3884d9f9dae6ba666df3086f40af19839b71b3f2d542fcaf2bcdd9f4ff41e84d441087f36b99307fdb6a88fae59fdaf1296aeec1a2b42c935a74420dc4de91246eda7c842d2366f2c1f0f2d0e2b62d45672dbb76471986731c31690668cbc27061a8198f400774723facb10a79e3fe1bbc4e7795b720f4fb76fb21358916883b7dfa49c577e9553c2dd7feb5781b88f796ae569da5c9100be8f6c9243d62ae9ec4e47a2a2c9737ca1539152b64700f9248d2d3d0f5f4a432d43d7da7c823f31cb7e868040a481675dca38f5c0d08c1b671fe381e4d0efcd22e08c1aa745bc94d68e5a8b79cd3bd4ddbcb2984a73583095c168fe95fae7b2ff643309878adf9103a4d9f0c8ef79702392f51f1110c26c09fe3a095f03ef98f9449596229b9b6f0f6a4867cd06df03d103695cfca2cd4a66be7efecf21d2303af290ab1fd20cbe8384c8bebfcfe46f4bc431865ba449c9e7362009f8a386a4e8a54c92bb276a28a842d30f2478c8baa33b8abd8c2594435f3e6d7e0ab89bc5c9f9ea82dc29d30e236fb39baeeea33d17924f9c391aec76b9007f8d216ce43350d25d7470b6fd89a9082ff5efc4bc521de6b3ce0c919a6144f5b2d6aa3f51599e26086ef270927563d6e8c32b7ca54749f98ceeaa461ad6a0dfa8e7ded296daec79dbb9496f10aff04622923bec67b3233e3cc6f865b70ded568b54202714bc12bd36770d7f21c598798ee9672cdac87b2874bae4af4ffb603338790171e1419899793d0b2e4ef40f263bf8130f74955bdfe69783e6f606e3df1dbd48e5a3fc734dc4347d34598df1d30178d9e3c3f090cbdc641ba4ea7b51f22bc1d40012ede59098bad3fa41f7348d9dff3a7e97909680de03adfa55bf58733590edc3c8bcd9280fcbc60c5c4dd6673b24279966f5c2790b8131c944ff50eda45be0cecbf02729d83c43025dbfad282d9e9d4e7b10952428cf50281b6e22113af30b802a480e45eccd4fa5869ad98c19aca2bae6ef9980e1cc556bcb0585b38d58753fd436afcdb16b93469e996bf4a28666c92a17937bf3469fb34a6c41f004b2ffcd2f3edd0d2a8a0e9a0881816af7dfe573dd5c82a771471e41794552c5b69e48b26f080c5202f13d23e01b7ae7b3791e83d93f0cd18e390e9749b514f2a720c802dc9676e7fa8edd3f7acc943d6a968b84b981b926e60fa7d565ef4e5ad19772c195c354c4d463effa36ed202be2f4b04e703580dab0a9ca95674bf66f97fc03291791d52b17009e49696529a0da0397ccc799c042850c6e9356c20c55660b45f9c9a1e753252a533e87c78319ab642ac43d16b459af33e08ccb44f6cd32254123f363b5e1b6e4f7ba51c3b1f6205e6bd33bce84990379f3e4e8e6d9470b23653e80b0e88403bef62979ef74394f3c46197cecc9fe69ea8680bc579aea82c3f34bfc7ae9f0f063fd9c3df47570e6f477bb204d2490db371ba9fc4c773441a21e36cd7c838a1563b7b1b7dd1c3a88e21aeef9b8019841ac3858f981fa22ce914bb45ec6b8e78ad8a81e4639fb3784e30c30b600d5b2aef2f4954d682320928abda041cb3ff09df38fc99afd68dd4439c34d8a10ebc97eb8123ff6962159a5e365928f09cef918bbd7198a76723267aa0c77bf7370bbc39be6954f4d44465e23e83bc93ae685760241c72048950ecd40ee09ea5a6cc3b740ce3dbad9b9aedb7f643cb223a74c13832e228400d293cc6ca4d9b48ae494e464de4d79a936e6870d22339014f69364c9854f32bf4e156b32bdcc334329f40534873a28cadc19942f0a1109a416a13badede33f6a80c7891f126e5b929f12c0408b180b6005b063f175a2042e93115e2bdca244d6d990e0e35d052666fc6c576bcf83b63d91aa93fe21ef25a986b204d4f3d6f165759ca9345b75ccf141ac2e2a8cf28b882a00ea83b13c6f930dff3cbd8dfc16ced21aff77fe9bfcc472b037bb35080fedc31f7b8deb33559663eebbbcdcf35a707ed4d2c3663fd19cda5d32275221cf9f691a5230ade80e355a6a4aa1db6162e48bafdce9a8a2bd8360cc951ed8a6b66ea367a5400184cc3f1f4126a63a042bda059ca28ccdd57232fe58f5de18956e7a6f6a90d095bb6a89b6fc9583ae48b2a34a11ea1edae9cc51577ba0d35cdc123e14b421b02c876d1a964f1e59730f02abe3877ebff44828befdc6d51c3ab9283537b2edca4306d2117356f6b7fadcdcbc57250fcec5b07088c7968a510fc5881d1de4b34621ddb50feaff224d9448732b76e0e6d9179edbeea8ef9d8a54b02e8c50f8609c7f57f0b6e1310f2bc6c9e601f811f5613fd18a9324e93658668a498e0313bd1daecb17804f8814ef6cede52c284c02957be5ec572fa49bf314d57455934c661d78c4058a836536db45995bcbd6edfd5f6163e9e4e7095d3e3628ca85041d399a8ae96dfc73febf24e873a41f4ce8a0698d8c94b8099efa39e5319b4d34aa80081e5ddf412c1713cdf8a30be0acd7149c48542fdb4579977c19fd96f6e9a934d25aa424b2d7ce7ee19b7c24a74ce2f410b917e2dade4d8fed972de8bc59be07e2fca66bd00b1149033fbeb9fbc8041e91a4f790b6a558bbd504748613a2de33310255c5661b2c5f0fa04285d733881771125520df03f034aa87bd1250450b0ff1eb2143f290e39d8b6d941aae54d917730adbe98fc9a2719b44d12aecb15c026b0343ff1ea5831413faaa60221ee3f71a22d43213e4a6f4e373232a76d6bb4b2485a08e720a33798ec9063beaf13d81c19345b64736b18fc2ced12286ccc171af9cd0f7f7e323c6eb3b4df79da00395383687ade0adabb9f52df860673fc7758c9ce323f8a6c45ad62c40a21921066ee647eff9b99e5f3e66eec74275faff07c28557898a46901b72dd7be221a5c692dd741727857f6ced568851ebc80ff222f6948657011b05f4caf1c308ee58fb4ad5b86ed9692801f06299ad39296559d4b44d0e8146b23adc691eb717d1248dfd0e1bcea71ce2bcffbcebb281998b543944f8806fb72e224aa7b98a68f5d7c3cb043914df41b86500d74496c9516041a45b7adcec5de5c0596c78208e8111c02bc71b73cbc7b42fd424d883c87d06d22a18f8d8e41d1307f3892ce64ea157bd9562c3618e3662a8bece3ef7928be252d9001983fb977945dd568cb5d21a97c122b18027641ce01a7c2d7584dbfab15d2143034d07fd68c29a25e2132488b4425df071883b529d41b76eaca09536668824e6ab4d797d1fd53a84004a921963f85f69266e3b7193a3ce519ba800e63fdf601dc6e2139b833e91d5c92c7137b0b05bb082293e609f163edafb8d103d99d804683397af05803ccee805a58de50079f51d097ceac6c04ab7f566b4ad007a595f57b23f817eeb609d9b39105ace7c8064f35bdb5a4e05be0fe1d5a246c1b4dfa6c7aba4e4ea5301693f95fe9192557fd348520a9392b5a0965ee0ff33305f45f22d1de1dae7f4143f75675e5afb051d433c6e19b7e70d47b17b463e3693ad67ae808407531e1aff332c6359a6e664fac6e3db0212c539ebe12128b6a18477992d25f48045099ff52e76d7d5a6fadea87844183561eba35da60e480c8afa44ff67e290fffb458616cf8174e78b8773e74ab82c6194af2faf97095522d05edad4a7fc391d651f955a8e099f9245a0ead41897a474c2c0463c34bece2994b1ff253cf893a621e424faed6a1a9ea6324307bf4b582d514e64bea3bdaf481a88e5083c7a7493063056dbbc957049d653c60d36d46edac400ebd8b625ed25d96ac09e76f979b3dc7653f98801a5de909ebdffb55e36840d0deb436402edce27f6ec2a332057d45146cd920ab415f8d058bd5d540dfbc5febda3f4d02a28e8f8e6503f623cbcddd0e60957ef6b05ae340e57786be79463480b841ad678c22daa0628085540c0c85ff88593575a41b638b345a2614999c048fa38741a06f9a053adcc08c1701cfc5275f397e6d2f597aee1b7d9622b431f355eee45e50e7907726dd94ce8633b28f90df50c0524bf283d6720fd8628239e3946391187048e7b8df6fe0c171be5ab712b82e16216d2f2b248f35c15ad81cff8be26dc69990bafd40cba68ee6b98d1aa70249f42a40741617d80457162e8af049ad3252d583d71301533272afdb78275483f7dae80525e5c891a1b4ef922b7137c8c91d3848eb51b2a77c168e8f5e68a8e49ba2b69a77ab42770e1473c9d419a129084877069c3f84ab21db4074d7c43e91d418f0a3b83b67466b532be17172cd5a41939c50d4b70e9eefd3f168b794e9b0ded5a6c7654bf0085fb51a84b545a15991bf2385975e797f937cf7e2a74a83c0e77ea8164549c59ca10452f8ad4e360bda5122d102c2b5b48665ae632963e505d227248671fedd767a030c4664eed33f9d72d2eda61adb4004d227ba868a7d93b6787d0da34756c9f765030514797148829efab235cedf6485b3fa6ac7c155ddd81963648f404211acd2d81da1fbba998c6d7a03c522841ab804ece99f4622fcdeb82121ae94bbfce717a42bc84733b7caae6105caf5614e29f439c38767afbed2335e75f31370dc0164735ef4ced78dbb1c103992fac59bbcfa471f1ee4d19f8ba3f16bf57e9f223e1127d2fc2d4667c2f15ed7712ddafab71f48d7fcf2d1adea39eea2ee8a35c769b99863adf71ef473a9d4aab2ab91ca87c9d9a27a7a3d0073029cea5f54d44ca4329314c30dfa2136a5d3aec982d4c020d5abaedb8ad1018db453a82d3b34def4a7aa2c26b349a3475122616dfbce0f18cc64773c750316fe51214f2566196bc3bf062e04d566e81ff2de1427460e76c2ca4bc8aac6ffbe442d1d0aa8683c5e2da03c4ba04d7e5f3031094dc685c43c73b76e625df68c1043fc039d8506449ba9408aa7b67bd48787910260167a47ae3a5c59de7890e6e5c2f03b8c50395b19802c215df13069df742a2c720a3a592c0b7598e8f917f1d133e84dfa10f446ad33e45161ba5576aea554ae781e6a9a5575abcac7054b8db8b9f089261d7d16384701a10a2b2a994bfc962ef518c525c2527d0f50adb97c2eec5ba8d72f6b9e916af2bab2f143aca297480c3a954914787124f8dbfe9de9621d1a1a2caeb641939305f06f2721e644c2e298013cad9689916b0afc5a011883513ac1130642b45e6dbe18fb9898be4ccaa0e2925e0c130e42d715838d8d3d59b86ac12ba90714010057930be9c0c106e2c850b2a91b81a0433382536036cf6d2cb6bb0c5a0ceab30fb344d1454bac96eb9400e5b53f9ccf093d06f32da41f1bee418867731b8eb11f82eef8c93ac6a5b53775ff86bb011c618d7b872bd949dd43f36a7e83b70d3139bd71437285857bd4f91ac204c8f92396d32a846e890d97c043e95a6505824e813df30e8edff9febe74e5ea6447615ffbde7940c90d5de7b1efa99fd11a299911574bd6de58d58c588f566e92dc55d5b089d79c528ce7ae1e8cb6ab6cc36a3c4b6d423f33b18f38498e37e51765c59a7b8ff8c20d016bd4e7a17cddc8a6573efd3f5229f0ddaafd3e13d652ed9e1c8e00e838560c0b9b5b3729f5c6ef024ea61305d50fa4b423010871ed99fbc9dccfbfdbdd778524bf00038581adb33bcc69e6cc06b787f1ce9aa2890b62c94f3a4c2857f8339cdde610fa2a4188fea2fd1e126deb3d96ed30059796ee35d5da89ca49dea71d57ea7002322e57b3193eccadc92bc4aa288a0e4d4130f457e370e8981fcf4a0ea5c967e8869fd84964a274117ae0f033109538c2b3ffd4bca3cc9aeb0c6b9f65c5bceefa013623cf50f18c1d2c7a8132dcd211ee61b3ca3a36350eaa4044fed02a097496796762e98999ca01fb91e1c92b8cf2cd04d5160728dfd81634578ac16a4928c2b455523d9e1c9c2c9a13eca65d686b16a68592fe68b9bbfc900fd36cfc9748d6eaf5be8c2f7780cbab2999a8be329333549b0ff38abfdb1bd1c39d9e26301b12ae9c404d6d6fc5a04af9a5f3bc480757114023283754a6d76640cd1f4ae92c9fadb8dbcfc1370d4337b0e0a680677ec04004200af012c80080074000752201b877e9d61358c30fdc6410d8ab4f6fcaff7c749dd9ab4acaf269355fe1f78dca41ce3321c8b11f4544dc901a422c3135200c876268fff713a01a3a613c2d58081b8b0d4470baa829d06166cb926ddf3bbbb25f708b341dd3b03e334f94001366968f924d882dea85130f37d610020561d67d805c11ed96db5f8a3f63ac4f0dfb77ac74f88920c06dca4606cf66a45fb3d86ce08c377eea4647e0321f90c0905848f16ea32b40b98224600001497a06206e30b8029a2b15b842a85d90975c275f82d91034d4600fa2bf0f7b23e327a53f688134233f986cfe15d9bc85aa20943e933890c81819af6bd337f59c0ac6098a46a345d7fa87f735bd1c8088c4fea8f7e57528fb0d3122e76e596248ab9ce8ffee812d838765a8ef0af00004170796f3e422388cc0da18bad38b6b1889e17460877d3067ead475f139ef9215be23990875da8527711e3ac1478678ebbaffb05b02979793afab8b21e716b6eb483645accb9bb3077e04c3ddbfaff41f657c66083f9286e6d0f5fd98a573915fa03385121b67f64a6adab0a462730ff722868821da38764f3fec7a8eed5fadbcfecfb03740b612d4825860863945a2c5436294abc077dd23dde0f000000", @ANYRES32, @ANYBLOB="040075009551af695815d78ce4bcf65187ddf7b1498850f5f0ee6c13a371b636dc34f89d3d596660b8af464e997f134dbc27f07a45843db0010d58c5cf56ad76b6fe28ffdb2ca744c0ef28f687e306c1d107ce4965a2aff60ebd0ec2769eaa845aa0dcb14b32774b018ce1ebd189cc38d89eb157d63214a8e0f4814a677afcc877a00f7d36e68a8f955269f458dd21451e0016857fdb68146dcbf59eeb16e6a3fc62d1d4b15852cd66fbe5307b5f205d7d8ffbe62580b01c893e98424d9e68a572493f8f1571e681c78fcf2e28b46e85dd21f35a933cc8bf1b7817a650aaa374f0246541e299fc1459f2d0a6ac1f6c1f490d3ab248ce34ab6564688fd052fc650fa75d5efe342650e072e553f5c756198a7c47ba257931fc4ce18058bf1d8ffd62bfc8f047e58187ce13de79d89587af2fe408b9d2683314b1a73a870482368f27c651e6e16bd415d4e584408025f47c1704db3e7891f30c7950e8131e7d5868d3b8499ae94dbfc168e64d0850a36b428fd319f12df54e0e7fdc509a717800210028006019624414cc23e92b26dfb9006a8675bbe2bf1fcfa49c6d21e4999c4300000000"], 0x144c}, {&(0x7f0000001600)={0x50, 0x1e, 0x800, 0x70bd2d, 0x25dfdbfb, "", [@generic="8c4b41b0f555fe7f8a107766fde9dca6f42dc8abe84fad61f9f85e524d5b61912afe47a5e44b26fd1df7a67da87a70cfe36d7576c943a6c06896eb041bc072c9"]}, 0x50}, {&(0x7f0000001f40)={0x430, 0x36, 0x200, 0x70bd2b, 0x25dfdbfd, "", [@generic="1c4186d7b448445cee61ab3c7500463bcf7e31738f35c4211cd1aae76e5e7718195fd09c195d7b7b1fb2068317c7171676a3e56f1ab3cb5d4eea5d002ddfc46805a95ec3a6b5ad8cbe75f8451a45a58efdd2a24783603fc674625b3c034015b6fd3d9a62ef22c4aaf23581d45e416220417368a91b4fd541e3704747c2b008847154927bdff25b13e199cfe2147d30114ac5a9708341dff8b452d712a0d89730cf3a98c67b2386107b9845fd9450af482617dad7025f49575dab569566136f5b825c423677dded9977e09b5bb51f3012e97dcbaea1c97ba25d", @generic="0da36095509489ffb56286f35fd13c5e4e5b4f873b83033b4d0a55828e30672a15d61419", @nested={0x1c5, 0x94, 0x0, 0x1, [@typed={0x8, 0x88, 0x0, 0x0, @uid=0xee01}, @typed={0x8, 0x56, 0x0, 0x0, @uid}, @generic="4ab9a25b8db0ecf6409928064d747dc543dcf943e502a3ee4920a91559d4a93f20e77fc514871b334b0af74b0e9d721ff39c4abcce307c06fcf7429a813ead04d5cbf8c26817fa6ff7da470860611a106b", @typed={0x4, 0x5b}, @generic="19759cf2b4fe0e94431c16dde2ae34c45da16be58eff218bf6553f72f218982ab4762d92bf6ce7f4f6dd181f89e5f20c3ccf679d5abb85dbdd0a80872c8c66c90c86745a811653a8dbacb8a9576dc9be8d6df37aa964eca024c335e66f38bb21d80b9bb0202637e795e5de70ea35facf46d10482808f53a6da46044456dde7f82740da8d341409ea1106427550ae4eb69b6f746cc5f87430f5eda5", @generic="a1f9e15811047a2f38c0c966067d317b56ec276906096edb45b205453f4ab59a52e512607ab4a3d147e541c4bed9e3145138b0757ab36d98cd79988851e71968dff6bfc56a86f6cc42f468b4b1db0f4aec4e319ef249f175d81151124f8f4d283390a42c8417cbac84e20c3498eaa28672200a66e3e8b2be9bcba3c11e4cd90827f7c7158180042aa50bcdaa7848b540dc44545175e19ede9d74a8b406ccea1998fcaf3769cdfc560c", @typed={0x8, 0xc, 0x0, 0x0, @u32=0xfffffffb}, @typed={0x8, 0x3a, 0x0, 0x0, @fd}, @typed={0x8, 0x1c, 0x0, 0x0, @str='-${\x00'}]}, @typed={0x8, 0x51, 0x0, 0x0, @uid}, @nested={0x146, 0x9, 0x0, 0x1, [@generic="eaca698d89bb473d4d9a81526f580f38c051340587a0f42dc0e5868a731ffc5ee207", @typed={0x4, 0x8}, @typed={0x8, 0x65, 0x0, 0x0, @uid=0xffffffffffffffff}, @typed={0x100, 0x74, 0x0, 0x0, @binary="94b2a679fe1e9432e21a7b2685cfd7926c476c1993481bcd3874c2ddb6b573b8d1214c86a7259a2ef3a909aa6916e011e823c5f628431b7e7847c4264a7aae4d14ae02445b4ec16cbbe6e7fdd6c2c472397f5b00a4e0af5b4e97d31450bed08760024afef2e40318ebe094ce677b1c711a4eecee11df6e47d88a3d7bf32d96c25bf5783474f820e3cba1c033217a5794e114074e903e43c59f09f161bafa05cd9c897f08d39d10c516770dfe3e627bc636b7b568ed17212e71e0d77eccfff05fc60048fbf6651aadb0f32ed23279f13ca453de7f9256b68617f49a0707eacae15106f48622e1a2b1b1af6fe22058f83b78b62817c76d38c55cf1ccfd"}, @typed={0x14, 0x7e, 0x0, 0x0, @ipv6=@local}]}, @typed={0x5, 0x5c, 0x0, 0x0, @str='\x00'}]}, 0x430}, {&(0x7f0000001780)={0x40, 0x36, 0x4, 0x8, 0x25dfdbfd, "", [@typed={0x2e, 0x6c, 0x0, 0x0, @binary="ed593de9e4d9b538085fedc9151e7272f2385e9e42277b730aaafd8f753b22590a61d357273f05a4f468"}]}, 0x40}, {&(0x7f0000002500)={0x39c, 0x33, 0x400, 0x70bd26, 0x25dfdbfd, "", [@generic="d335c796f8ff16274b8c0b10", @nested={0x1e9, 0x6c, 0x0, 0x1, [@generic="24303e47b96fa4bc9243f09cd2d78a3f7d11c41537a75b51b152bac97ec7b6adf26140c100c2e34770cb3101c994edb2c05f820ea18b3228386abe2ace1670d60f0c5d007a798ea39adf25412174e57d868601b1450694b049cd51a425136e9bef5655ed5207cb7f838264d14b69117833c4f302c02f5d93f6647edcdc93518bf63a5ee3b2fa39299de276117ebf35eed00aa7dd8fb15c2c51ce07c13380c68b801be6cd77d425fe7091feb1b54eb72a2a8db9cc67d35f47ab29", @generic="8461d67bf4015ee46ac0f88ba40a8151a382d138f68c9e00a9dd84ce59388f66e5f3197ddd6f5e4730f19901940e4c4ac6431fc511acc8546a5ce38b98d763d844ad5d265e1625d53a3e2bf7ab018bfdfa7bc5ceda553b81f40b3f60a7c99a97bf6fd8949b4e2af7fe", @typed={0x4, 0x1c}, @generic="9a4206d3d052f0977fc76cac999a6e775741475fc594365c2182ff0e468d4371ca8c4ce61b795afe701fba1bf75be749044aba54dee21cddb715431e5274a8ab9902c3681b50d3498d713e55d94c1cf4539d26235ed5c6039006f18dd5642dc797e319ea5eca3d193d757353efd3c0a126dc8064c462ac1421e44b95e5d13734052f87df6d486568f7629a83d7dd408e96eb8cae6e96f47e6752100f49b57910695e77d0b71bd2638c4bed8ec3f35a80cb43a7e346471e42ba9975898dae"]}, @generic="678a33ab1dd4fe190cb61d807a55fd8b0fc27687d4d89968c02365b0794d50b6625e5521bbca73cfbefc5939983bbeb754112e36862dbb579c56ef3ddfff124639a04202e1c406a20008283991d00a9ccbcf6918e30bd37d135ed82e934f8dcf4709a2f08151c146c8b531ff030d7de9b8f3049a7b82e3d0539fb638fa570584d2a5", @generic="1956041e1458ef1b6533c531af3e850aedf44df7657f442dbd5b51f175459c139c63f1084ef2d06176095a0bd3afbba0c3772598f56771ebf42e258ad7d14804773a39e8ed9cb7b78893582ad65add9bbb569c43073ad484fa6a698b01e87f75a1b1f3c243efa2ae4bd5894e7750c13496f3cb1e744f86d29a4b6917c60eaac2d67f430161d3bc65dc07dd37b6425dd5aa8dca81df15642ba3eedbf593234c02c8daf74c2be35d3b1e58d10806e12659b25711cf67d9de07f2734d1e390547b3639d1a9ecd47883e740e5f9000e461", @typed={0x14, 0x34, 0x0, 0x0, @ipv6=@private2={0xfc, 0x2, '\x00', 0x1}}, @typed={0x6, 0x4, 0x0, 0x0, @str='[\x00'}, @nested={0xc, 0x3, 0x0, 0x1, [@typed={0x8, 0x76, 0x0, 0x0, @uid=0xee00}]}, @typed={0x8, 0x42, 0x0, 0x0, @uid=r2}, @typed={0x8, 0x3c, 0x0, 0x0, @pid=r1}, @typed={0x8, 0x92, 0x0, 0x0, @pid=r3}]}, 0x39c}, {&(0x7f00000028c0)={0x374, 0x41, 0x300, 0x70bd2b, 0x25dfdbff, "", [@generic="75ad430032a2b3f206ac9d1158fbfc402dec038cb213b7b31aca74a13c430a30fb127d5f4a30122e42078eae822581547f111eb79559392166ebc0e6ad87307b", @typed={0x8, 0x12, 0x0, 0x0, @pid}, @generic="0fd4cf45e245299b7fc44c0d849302671a974ac98aefad768b4f1014c54e7903d039447306c6", @nested={0x165, 0x52, 0x0, 0x1, [@generic="ef989a6a723567f552c09965c46a988b6da23f35b26b63f2f3c361f0eeb72f0dce1f5e0716fdaf151a80dbb11c8fe306c94ca995b07d6c82248a602c3d033a057165c9fedd382bdf825409bfaa7bee8f235f78db4294f2355c37731bd24cbf2d4c6b2d0ebf96a93ca2eec20521d33592c042d7700282cc3d1ecb96dc32c2415b0d9ad12a37717322d9817a638ef21a66da1934b0cd90fe1c99b04e7f1c860395aeb52ea11d32cd8c3abc6606787fd480125b3ad1e30cc893e0fabb6b53b8d50964585ca04ab2702da6bd5e23f56c93ff191b9e27d5bbb16205fcc105177760c9c933e48137fa4373463afe8f", @generic="1c42bcb1bd3e6cbda4d61ba37cb7fb9d7be579f6d9122f0cc9321bc17c070f00c360399dcfbece6c572afb4051c69e27d303284f4db918c0c2793acefdc1d8fe43f04b6f05155c5aff7a68a990", @typed={0xc, 0x20, 0x0, 0x0, @u64=0x1}, @typed={0x8, 0x8e, 0x0, 0x0, @u32}, @typed={0x14, 0x4d, 0x0, 0x0, @ipv6=@local}]}, @typed={0x8, 0x1c, 0x0, 0x0, @ipv4=@private=0xa010101}, @typed={0xc, 0x95, 0x0, 0x0, @u64=0x2}, @generic="1bfe6fec1c6e4be6bf6ed7817941f3f1f8ca11a4b9ac32c2fc6cf8ce0a62c318c3ea4963f7ed9b4b936d476bca3cbc6a5d20954bfff4e5b9bd2335c600ecabaf7905b0a254005e5597208505c5b8af7fd1b8f28ff1004eb72b2e13e494a786bd7b04736e59b75dd951167c5e494a5f4064ee1224e7395b121135bfe2d039dd869a608871ed31279a82e16059984b0371ad42062b617566619b6d6db54951eacc7d65ce460c3c36185922c8cedff9e590646d6fc5c9e1ad612c315fd72c57182f7163021c4339ecee4edffd0ac9", @typed={0xa9, 0x49, 0x0, 0x0, @binary="cfe40158b209885f9eb1eddcd50235d04a4fe389e07a4f0d309a2db2735b15cf7b17113841017aca397f4edf553339626962ead16b8e50f9fa81c3f6dc19c6d44e9237fa548388e42d274818d57f7f812ab964fc19225ac2ff8d3825fd0f6e80252d89423b3e3f379b3e60e1db26a8fa1831d0982b231d239cde311cb88f5170fefb9f397686407eed52a2dd711dd4bac0ddc91236c5b98b073f2fd55f30ddaed129d7991b"}]}, 0x374}, {&(0x7f0000001940)={0x18, 0x3c, 0x2, 0x70bd26, 0x9, "", [@typed={0x8, 0x87, 0x0, 0x0, @uid}]}, 0x18}, {&(0x7f0000002c40)={0x890, 0x15, 0x100, 0x70bd27, 0x25dfdbff, "", [@generic="3f37a8988f15feb0752035b569197379d30c", @nested={0x8a, 0x57, 0x0, 0x1, [@typed={0x8, 0x44, 0x0, 0x0, @u32=0xffffac1e}, @generic="0d9a21dc2adbc20d942d2647d597c9bf2e5de4222dc5bd7ad7e95e3d33680f8f17512f460ea80b5d9676bc00455592c74d773dda6fd74e76abe984bc45b5dada4099f59afb19675617038b997f209e81b0f83e1c9289fba0689e4ebf488074e02d687e0b90920b4e10331941b38fe72cd64f88a4d56a", @typed={0x8, 0x43, 0x0, 0x0, @pid=r1}]}, @nested={0x176, 0x8d, 0x0, 0x1, [@generic="5a462f66beb5b387c034a840f17714a038033b1eb90cd549cb48218803e9835f05bfa276ae50e1d4aecee0dd9b40612d2bc4c457aadebe8ae812aa8c04a8c4ad834e0659c4dd4f6cd882ab093d5705dcd7969c170487e02f1c5e3b72e98717682327f2f2f0fdfce31b94", @typed={0xe, 0x4, 0x0, 0x0, @str='$),$\x1f%[\x9a}\x00'}, @typed={0x8, 0x5b, 0x0, 0x0, @pid=r4}, @typed={0x8, 0x52, 0x0, 0x0, @ipv4=@rand_addr=0x64010100}, @generic="bb642f1a49f9bc8a5065f4fc69f20a1000f1399d567fd7ba2f729d51807ac964b64dab32d8abe0ce8fb544fa188b014f301188310d8f342ce02ce977807f2f5394bd27cafe24a9276e066268ed7ac62708459a73d88712d580d7bdb052c137bae8bfdfc9b77da92010d979e99f5b010dda130a29b23565ef7f247f7ab96ec9fd4ce5930f6d0d7e51d73fc578d6c859973a83ccaf0a7d93759a8746d8cb6499a26b2c4e9f08c93e247ad969bf80c9e7e62081da341fadc0842c5866628064b8cb8a6e6487a33ab97d2da43a913a4412d3d779471bfb26de3df6718f46", @typed={0xa, 0x7f, 0x0, 0x0, @str=':*}@,\x00'}]}, @nested={0x35, 0x3f, 0x0, 0x1, [@typed={0x8, 0x6c, 0x0, 0x0, @ipv4=@remote}, @generic="2167f4231ffe5bd056c1186da605610f911a93fc5b543d3541578a90fb998ce0d8788c0b816080843b"]}, @typed={0x58, 0x10, 0x0, 0x0, @binary="3bacb3078682076f2abf6624d8236e79efb1243f1f3d2532efa039f34f72d5068edd3a518c08d0cc3251967fe97560d0a710b3c91bbc6ecdc35089d882d6dd6fd38a9b0e5da713dab37b95ce2a360a51acfa344f"}, @generic="94e240eed70c045cdd86aeb28ac8eb70ea09053a39df4f36327d393b104f449567cbcf92b267fe11270c63c4794cef9fd8803df49e4a2c3801d3c1fc1ffd34026874c5427bfef4f7cd9676381e8dc0d81843003a0809a9516938fc3f5e7fb28ec35c60628b5df973ba9424cfed505c38c38376d62ad9511166b7dc1aed602fe21e236b4228bac57950468fdac623a831ca61f356d91f950d9e92df2379ff2276fdfa801fea4255fdd6b071c98c6e377c2d784a023aeede8c12a804ef75127f2bb19fc22ea346331e24c2919fb8ee96a5ede525281db6d41d937e", @typed={0x6, 0x3f, 0x0, 0x0, @str='#\x00'}, @nested={0x393, 0x3f, 0x0, 0x1, [@generic="4291fd774b21da02bbc1304203be1d262cd1f1008c8fd0baf59973acf86c812c1435566f4e0e8cd6c584f533b8709ecfcf5ab2f7f3a9da4d907bfada3da031b8d651ec84398dd3e42922a430487132c0c7bf47ab8c61b9a09f2eb613ce0bb9226ed03655f6010673e05af3771fe8c88ed5a9d09a7da3174a3dfd27e3039d44db2718f4265e13ff2434b10a9e72fd09174882f6fe58a3e6", @generic="84c8d39a0883d40f5947be5f2c51641a9d45d50d3898d00ef9d5ca9ee7683abd8e11f994b86a70c02e90589688253514bc842759c8d88f244c34c918967a744ed19e1dfef9074b8bcac8f2af4a082aa24839635e5f0d5fae8e18d9856c4aa86de47f317b41b3ae24af3b93f6fd666988c6f3d4d536334a4a17807fba4b9968e09953b07caecf4b6cf02f25bf7e70f3e8e8e682fefa5f6766c25f401a40dd6c456d6a", @typed={0x8, 0x19, 0x0, 0x0, @ipv4=@remote}, @generic="53e5ae949814404f79f74ddb3b991e2cf417fa15448b6e9334826fa4ebda1016fff57fe9e0bfec765eea5f2eb0ff38ffc152e30baacde8adb208ccba966a9c5502337bb9a0aa029efcb5effe3cbc2a41181c44f21e56d7e9f2c068c744d18fff516b8691654b200469a81ad84edfb68a02090b39344950762b971df09d568e2b2404e4fe7da9f3c0e8b88b92ae01abd93f470167222a48799897ba13c7d7c47358911ba58f15587bd38b959f1383f46dabf18db191d9a7e248a2ee04", @generic, @generic="9578c8012d7a93e2d3c92dc2b4c245f24e07f5913a764b08a2c8f7f7b0ccf30efe90e71356245dd80e100339d318f2e5b367f31235a3418cf6647028859fec20da11ac03e1c538880c7fca3e43b64d515cf9b57216fc10a939519958bf4afd", @generic="a51546632ca82e68116c06254b5664cdf86d95b2fa531d179e4fcf075a744ad6b5851a7928ace20a5ac72372a6efb8b446738f2cc1a1e537706e7df10160c8d053d7f67718a9d336d3fef3fecf87c07d936bbf005e5c1f3ac0176e8c33d2a389dd4b948e73537b208ee131b543192b42117dcd2872f256fd90b818f35c3546590a08b4941b1c", @generic="cf5b9983b2d9d904bb67bd9570d16bad4b1bc57ba5c658507941e29fd6b4e79822de41feb8efee0f5126638e4f66fa22f69b44e7922718208c0caec51ca6bfc6f1fffc58bdd7f140321c80c6a612726e634732c680fe8ced605ddd10260c28dfb1dc34c39b5b6e08a9694b4eff7ce15500718e0065d1dcb4010c7edca9fdeace47270bb7ee163d462386394c158eb1670bcb6e8b0eb5a4e7394a02f868beb19fb6fe52a0d0e3af9722aff2e226"]}, @nested={0x164, 0x41, 0x0, 0x1, [@typed={0x14, 0x5a, 0x0, 0x0, @ipv6=@private2}, @typed={0x8, 0x26, 0x0, 0x0, @ipv4=@initdev={0xac, 0x1e, 0x1, 0x0}}, @generic="c5f84696400d128b2a3734e8bed2cbed141bcadd61f193babafa310fa02864afe1f2a75483e4a45f3dceac0409443e2424c0d065af49204a63d51dce86dffaa2a1f06c7abdc6513e264e0346e3b76d9703110f1c1ae2", @typed={0x4, 0x7b}, @generic="64578e7463660798adf00b5c4625f562d0f323543290659442a580ff2a769cb0ef6693581424703623fd2d21c8aaa40ac3b7804e6cc76eee7857867e71f4e27e141b1ab57ffe519c48e4125b2692ea3a24bd533f75a9b71ddc8b8feecd2eda2555eb727be18fb278e8e87aefa547d7fa84d1c7b44e39c3de83d3b25d5f157990d9995821831b22a22597d3", @generic="2b17096049571c6a0dd233dc7109d5292009ff70a329ed94d3713e20f3784a67d9ae9cdd24a073193e7c40dc6bc398620237acfc91d7707b3ba6580a5128bab7a2523b9d34c486d7aae3251f2d85e90937b8f009f0720fbc46372f63bff5dd"]}]}, 0x890}], 0x8, &(0x7f0000003600)=[@cred={{0x1c, 0x1, 0x2, {r1, 0xee01, r5}}}, @rights={{0x18, 0x1, 0x1, [r0, r0]}}, @cred={{0x1c, 0x1, 0x2, {r6, 0xee01, r9}}}, @cred={{0x1c, 0x1, 0x2, {r10, 0xee01, r13}}}], 0x78, 0x40}, 0x20000000) 15:26:20 executing program 6: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x4000) 15:26:20 executing program 3: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000100)={0x0, 0x0}) capset(&(0x7f0000000180)={0x20080522, r0}, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/locks\x00', 0x0, 0x0) ioctl$FS_IOC_SETVERSION(r2, 0x40087602, &(0x7f0000000040)=0x20) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000)='wlan1\x00', 0x10) sendfile(r1, r2, 0x0, 0x6) r3 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r3, 0x0, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 28) 15:26:20 executing program 1: syz_emit_ethernet(0x56, &(0x7f0000000080)={@random="20f9bdba2470", @remote, @void, {@canfd={0xd, {{}, 0x0, 0x0, 0x0, 0x0, "7bc74f84dbc157914cd8c864a1bea9a4d30d9eedbf84c7959dd76445502e8debf42a1f820f5fe25e762e614b3d9ae47ca38e6862065da5e5550f0dfc6eba6e8f"}}}}, 0x0) syz_emit_ethernet(0xbe, &(0x7f0000000100)={@local, @local, @void, {@llc={0x4, {@snap={0xfc, 0xab, 'f', "03d16d", 0x886c, "147fed9165d8662c8b052ea6c9086a3d187c44848d079ff866e61b8ff332f82fcb71cbf28d899dc04354c926afcf1550311da343dab4d0c44535dee88aea19156991c3efe96104f480bb6212c8059fd4dc52cb8262c9f7754a17659f005f42a2ac9d03b1bfd0be6f4b251b943cf6a84f8cdf2eade7261e7a3f331f77381694abd17933165d3eb688099b42cac70689eef2324631c7d5ff77caeaf97c6617617a3a1cbe529f68848a"}}}}}, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x8401, 0x0) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x40, 0x41, 0x100, 0x70bd2b, 0x25dfdbfe, {0x8}, [@typed={0xc, 0x90, 0x0, 0x0, @u64=0x8}, @typed={0x10, 0x3b, 0x0, 0x0, @str='$$\"\\2&](#*+\x00'}, @nested={0x10, 0x84, 0x0, 0x1, [@typed={0x4, 0x5f}, @typed={0x8, 0x93, 0x0, 0x0, @u32=0x3}]}]}, 0x40}, 0x1, 0x0, 0x0, 0x8001}, 0x20008105) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f00000000c0)={'ipvlan1\x00'}) write$tun(r0, &(0x7f0000000240)=ANY=[@ANYBLOB="01040000020000000000603cdefa00102100fe880000000000000000000000000001fe8000000000000000000000000000aa000000000401907800265d9900960cee9b69a3b8cbdb191e474c8fd6df0d06ceb052d1aa7d574f6d92e22e758735fbea59b199d9b29d8566ea695a6df52207e4296cfedd7087af52b9290148f47a19529186946f79821b52560dcd3702e7854518d4ac436035f7cc56dc7ac70873910072d1d347773cae661bf230e88a864ff7322def0781842830081cbdc6dbf5747c645e70da6a134294bccc5a95101d2f054d8a14b814f0d7f53213fc519824ad5cb7fd7e8bb5fea60347ed492feb1acf88090027f89ce8417584b18e163c82c7591a8487e94a2ba9195c"], 0x42) 15:26:20 executing program 0: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) setsockopt$packet_rx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0) msgget(0x1, 0x0) ioctl$EXT4_IOC_PRECACHE_EXTENTS(0xffffffffffffffff, 0x6612) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 100) 15:26:20 executing program 2: syz_emit_ethernet(0x56, &(0x7f0000000080)={@random="20f9bdba2470", @remote, @void, {@canfd={0xd, {{}, 0x0, 0x0, 0x0, 0x0, "7bc74f84dbc157914cd8c864a1bea9a4d30d9eedbf84c7959dd76445502e8debf42a1f820f5fe25e762e614b3d9ae47ca38e6862065da5e5550f0dfc6eba6e8f"}}}}, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x8401, 0x0) [ 1605.904793] RIP: 0033:0x7f1c0ae11b19 [ 1605.905415] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1605.907538] RSP: 002b:00007f1c08387188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1605.908175] RAX: ffffffffffffffda RBX: 00007f1c0af24f60 RCX: 00007f1c0ae11b19 [ 1605.908832] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1605.909524] RBP: 00007f1c083871d0 R08: 0000000020000000 R09: 0000000000000000 [ 1605.910123] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1605.910763] R13: 00007ffd2ddfd2cf R14: 00007f1c08387300 R15: 0000000000022000 [ 1605.913500] FAULT_INJECTION: forcing a failure. [ 1605.913500] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1605.914630] CPU: 1 PID: 8686 Comm: syz-executor.0 Not tainted 5.10.224 #1 [ 1605.915202] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1605.915958] Call Trace: [ 1605.916183] dump_stack+0x107/0x167 [ 1605.916555] should_fail.cold+0x5/0xa [ 1605.916906] _copy_to_user+0x2e/0x180 [ 1605.917231] do_pages_stat+0x2b4/0x3b0 [ 1605.917649] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1605.918135] ? cpuset_mems_allowed+0x1af/0x440 [ 1605.918586] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1605.919011] ? trace_hardirqs_on+0x5b/0x180 [ 1605.919379] kernel_move_pages+0xb8f/0x11c0 [ 1605.919815] ? rcu_read_lock_any_held+0x75/0xa0 [ 1605.920210] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1605.920756] ? fput_many+0x2f/0x1a0 [ 1605.921091] ? ksys_write+0x1a9/0x260 [ 1605.921480] ? __ia32_sys_read+0xb0/0xb0 [ 1605.921850] __x64_sys_move_pages+0xdd/0x1b0 [ 1605.922221] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1605.922706] do_syscall_64+0x33/0x40 [ 1605.923029] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1605.923514] RIP: 0033:0x7f6fdcf13b19 [ 1605.923831] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1605.925488] RSP: 002b:00007f6fda489188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1605.926141] RAX: ffffffffffffffda RBX: 00007f6fdd026f60 RCX: 00007f6fdcf13b19 [ 1605.926784] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1605.927391] RBP: 00007f6fda4891d0 R08: 0000000020000000 R09: 0000000000000000 [ 1605.928040] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000003 [ 1605.928684] R13: 00007ffee9bd176f R14: 00007f6fda489300 R15: 0000000000022000 [ 1605.935520] FAULT_INJECTION: forcing a failure. [ 1605.935520] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1605.936619] CPU: 1 PID: 8688 Comm: syz-executor.7 Not tainted 5.10.224 #1 [ 1605.937209] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1605.937989] Call Trace: [ 1605.938214] dump_stack+0x107/0x167 [ 1605.938577] should_fail.cold+0x5/0xa [ 1605.938912] _copy_to_user+0x2e/0x180 [ 1605.939235] do_pages_stat+0x2b4/0x3b0 [ 1605.939630] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1605.940127] ? cpuset_mems_allowed+0x1af/0x440 ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f00000000c0)={'ipvlan1\x00'}) write$tun(r0, &(0x7f0000000100)={@void, @val={0x1}, @ipv6=@dccp_packet={0x0, 0x6, "3cdefa", 0x10, 0x21, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @local, {[], {{0x0, 0x0, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "265d99", 0x0, "960cee"}}}}}, 0x42) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl$sock_SIOCETHTOOL(r1, 0x8946, &(0x7f0000000240)={'syz_tun\x00', &(0x7f0000000200)=@ethtool_cmd={0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000}}) dup3(r0, r1, 0x0) [ 1605.940573] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1605.945320] ? trace_hardirqs_on+0x5b/0x180 [ 1605.946128] kernel_move_pages+0xb8f/0x11c0 [ 1605.946556] ? rcu_read_lock_any_held+0x75/0xa0 [ 1605.946949] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1605.948093] ? fput_many+0x2f/0x1a0 [ 1605.948950] ? ksys_write+0x1a9/0x260 [ 1605.949849] ? __ia32_sys_read+0xb0/0xb0 [ 1605.950710] __x64_sys_move_pages+0xdd/0x1b0 [ 1605.951613] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1605.952500] do_syscall_64+0x33/0x40 [ 1605.952825] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1605.953254] RIP: 0033:0x7f8be6d86b19 [ 1605.953642] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1605.955202] RSP: 002b:00007f8be42fc188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1605.955891] RAX: ffffffffffffffda RBX: 00007f8be6e99f60 RCX: 00007f8be6d86b19 [ 1605.956534] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1605.957178] RBP: 00007f8be42fc1d0 R08: 0000000020000000 R09: 0000000000000000 [ 1605.958410] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1605.959005] R13: 00007ffd26b6f95f R14: 00007f8be42fc300 R15: 0000000000022000 [ 1606.005816] FAULT_INJECTION: forcing a failure. [ 1606.005816] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1606.007078] CPU: 0 PID: 8687 Comm: syz-executor.3 Not tainted 5.10.224 #1 [ 1606.007761] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1606.008572] Call Trace: [ 1606.008887] dump_stack+0x107/0x167 [ 1606.009252] should_fail.cold+0x5/0xa [ 1606.009641] _copy_to_user+0x2e/0x180 [ 1606.010016] do_pages_stat+0x2b4/0x3b0 [ 1606.010981] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1606.012356] ? cpuset_mems_allowed+0x1af/0x440 [ 1606.013519] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1606.014827] ? trace_hardirqs_on+0x5b/0x180 [ 1606.015978] kernel_move_pages+0xb8f/0x11c0 [ 1606.017152] ? rcu_read_lock_any_held+0x75/0xa0 [ 1606.018265] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1606.019655] ? fput_many+0x2f/0x1a0 [ 1606.020528] ? ksys_write+0x1a9/0x260 [ 1606.021457] ? __ia32_sys_read+0xb0/0xb0 [ 1606.022427] __x64_sys_move_pages+0xdd/0x1b0 [ 1606.023480] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1606.024702] do_syscall_64+0x33/0x40 [ 1606.025603] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1606.026820] RIP: 0033:0x7f1e88ae8b19 [ 1606.027709] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1606.032110] RSP: 002b:00007f1e8605e188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1606.033928] RAX: ffffffffffffffda RBX: 00007f1e88bfbf60 RCX: 00007f1e88ae8b19 [ 1606.035617] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1606.037328] RBP: 00007f1e8605e1d0 R08: 0000000020000000 R09: 0000000000000000 [ 1606.039014] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1606.040712] R13: 00007ffda65e58df R14: 00007f1e8605e300 R15: 0000000000022000 15:26:20 executing program 5: perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = gettid() process_vm_readv(r0, &(0x7f0000001a40)=[{&(0x7f00000018c0)=""/31, 0x1f}, {&(0x7f0000001b40)=""/124, 0x7a}, {&(0x7f0000001980)=""/161, 0xa1}], 0x3, &(0x7f0000001ec0)=[{&(0x7f0000001a80)=""/101, 0x65}, {&(0x7f0000002240)=""/183, 0xffffffbc}, {&(0x7f0000001bc0)=""/122, 0x7a}, {&(0x7f0000001c40)=""/163, 0xa3}, {&(0x7f0000001d00)=""/231, 0xe7}, {&(0x7f0000001e00)}, {&(0x7f0000001e40)=""/9, 0x9}, {&(0x7f0000001b00)=""/46, 0x2e}], 0x8, 0x0) r1 = gettid() r2 = accept4$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0xa, 0x0, 0x0, @initdev}, &(0x7f0000000100)=0x1c, 0x80800) fcntl$dupfd(0xffffffffffffffff, 0x406, r2) process_vm_readv(r1, &(0x7f0000001a40)=[{&(0x7f00000018c0)=""/31, 0x1f}, {&(0x7f0000001b40)=""/124, 0x7a}, {&(0x7f0000001980)=""/161, 0xa1}], 0x3, &(0x7f0000001ec0)=[{&(0x7f0000001a80)=""/101, 0x65}, {&(0x7f0000002240)=""/183, 0xffffffbc}, {&(0x7f0000001bc0)=""/122, 0x7a}, {&(0x7f0000001c40)=""/163, 0xa3}, {&(0x7f0000001d00)=""/231, 0xe7}, {&(0x7f0000001e00)}, {&(0x7f0000001e40)=""/9, 0x9}, {&(0x7f0000001b00)=""/46, 0x2e}], 0x8, 0x0) ioctl$sock_SIOCSPGRP(0xffffffffffffffff, 0x8902, &(0x7f0000000000)=r1) 15:26:20 executing program 6: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x200000) 15:26:20 executing program 7: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000100)={0x0, 0x0}) capset(&(0x7f0000000180)={0x20080522, r0}, &(0x7f00000002c0)={0x40, 0x0, 0xfffffaf2, 0x6, 0xffffffff, 0x40}) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000)='wlan1\x00', 0x10) sendfile(r1, 0xffffffffffffffff, 0x0, 0x6) msgctl$IPC_RMID(0x0, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 47) 15:26:20 executing program 0: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) setsockopt$packet_rx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0) msgget(0x1, 0x0) ioctl$EXT4_IOC_PRECACHE_EXTENTS(0xffffffffffffffff, 0x6612) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) [ 1606.084900] FAULT_INJECTION: forcing a failure. [ 1606.084900] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1606.087828] CPU: 1 PID: 8702 Comm: syz-executor.7 Not tainted 5.10.224 #1 [ 1606.089471] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1606.091467] Call Trace: [ 1606.092109] dump_stack+0x107/0x167 [ 1606.092994] should_fail.cold+0x5/0xa [ 1606.093918] _copy_from_user+0x2e/0x1b0 [ 1606.094885] do_pages_stat+0xf1/0x3b0 [ 1606.095811] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1606.097204] ? cpuset_mems_allowed+0x1af/0x440 [ 1606.098310] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1606.099528] ? trace_hardirqs_on+0x5b/0x180 [ 1606.100562] kernel_move_pages+0xb8f/0x11c0 [ 1606.101616] ? rcu_read_lock_any_held+0x75/0xa0 [ 1606.102730] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1606.104114] ? fput_many+0x2f/0x1a0 [ 1606.105008] ? ksys_write+0x1a9/0x260 [ 1606.105931] ? __ia32_sys_read+0xb0/0xb0 [ 1606.106897] __x64_sys_move_pages+0xdd/0x1b0 [ 1606.107954] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1606.109199] do_syscall_64+0x33/0x40 [ 1606.110091] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1606.111310] RIP: 0033:0x7f8be6d86b19 [ 1606.112201] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1606.116601] RSP: 002b:00007f8be42fc188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1606.118423] RAX: ffffffffffffffda RBX: 00007f8be6e99f60 RCX: 00007f8be6d86b19 [ 1606.120116] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1606.121843] RBP: 00007f8be42fc1d0 R08: 0000000020000000 R09: 0000000000000000 [ 1606.123546] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1606.125267] R13: 00007ffd26b6f95f R14: 00007f8be42fc300 R15: 0000000000022000 15:26:20 executing program 1: syz_emit_ethernet(0x56, &(0x7f0000000080)={@random="20f9bdba2470", @remote, @void, {@canfd={0xd, {{}, 0x0, 0x0, 0x0, 0x0, "7bc74f84dbc157914cd8c864a1bea9a4d30d9eedbf84c7959dd76445502e8debf42a1f820f5fe25e762e614b3d9ae47ca38e6862065da5e5550f0dfc6eba6e8f"}}}}, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x8401, 0x0) ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f00000000c0)={'ipvlan1\x00'}) write$tun(r1, &(0x7f0000000100)={@void, @val={0x1, 0x4, 0x0, 0x2}, @ipv6=@dccp_packet={0x0, 0x6, "3cdefa", 0x10, 0x21, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @local, {[], {{0x0, 0x0, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "265d99", 0x0, "960cee"}}}}}, 0x42) syz_emit_ethernet(0x5a, &(0x7f0000000180)={@multicast, @multicast, @val={@void, {0x8100, 0x6, 0x1}}, {@canfd={0xd, {{0x2, 0x1, 0x1, 0x1}, 0x13, 0x0, 0x0, 0x0, "0812d89d5fec606d0404a05e82feffbaba751170598607f13118a0c03207e4748f96e63597c3425d01b0b546db241005eea8a724c5f72f532cb6ff511deb4c8e"}}}}, 0x0) r2 = dup3(r1, r0, 0x80000) ioctl$BTRFS_IOC_START_SYNC(r2, 0x80089418, &(0x7f0000000000)) 15:26:20 executing program 2: syz_emit_ethernet(0x56, &(0x7f0000000080)={@random="20f9bdba2470", @random="2621e0bb6a37", @void, {@canfd={0xd, {{}, 0x1, 0x0, 0x0, 0x0, "7bc74f84dbc157914cd8c864a1bea9a4d30d9eedbf84c7959dd76445502e8debf42a1f820f5fe25e762e614b3d9ae47ca38e6862065da5e5550f0dfc6eba6e8f"}}}}, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x8401, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f00000000c0)={'ipvlan1\x00'}) syz_emit_ethernet(0x131, &(0x7f0000000380)={@remote, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}, @val={@void, {0x8100, 0x6, 0x1, 0x3}}, {@generic={0x88b5, "b9172bc858b5d9c76bf67f36eca80a9ef4a0ac838b6d2874d84d7712c93745e22efb6c98750bbca28b80d06e2226b151904b45b6c38dde4faa6eaf611a18c60365d63ecc2791890988d3b1e0e3ca5149c1540f813fd80be28a7638d2afd3ca9a040c0a18c72214313da9bee9375f93c25e27a010d3e0aef488ce65549d8989b23eb588349a5346837598f9700562394925d4ef659fae09343ddeb6f5ccd8d2ca4f46e66fe29326ed05bea76138d5f7d3c56d267a7828e0cb02db0143d028bfb9c078ab286aee88f44c56de03a7d115e3393de2daa85cf745c334cbf241912cf7d2d889bc0faea6bf1de4705496f88704f91d7b4d97d76155f8691d6d97ca5c205ef4a6d880282a0a816561b7de9acd157d63224c1a695f44341e0df603c2e5"}}}, &(0x7f0000000000)={0x0, 0x1, [0x3f7, 0xbbb, 0x447, 0x849]}) write$tun(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="0100060000603cdefa00102100fe880000000000000100010000000000fe8800000000000000000000000000014e24000026c20bc8178a675d9900960cee000000"], 0x42) syz_emit_ethernet(0xde, &(0x7f0000000240)={@dev={'\xaa\xaa\xaa\xaa\xaa', 0x1a}, @random="9f55e314e58e", @val={@void, {0x8100, 0x7, 0x0, 0x4}}, {@llc={0x4, {@llc={0x7e, 0xfc, "7ccc", "5ce328fe6a41d6cce029af16824033c76c7a9a2705454daf4c764ca67c99e01f1e0b5976a7448c80d52d0d3a55bf44bb9645e72a3315a1b642121d5b726b31c55941adbd126b863646f332e9853b7e034ea82769d95bf496dfbbb80d31876f67fefa704ac96cb30c100c37140dec57f2513ed47d6d06d15560707c59569f1778b8e33fb96363e30acc81d5f66de52fe13796d4a5258b3cd63b3554617a7cc69a516e2b163c64c1ac7f8b51b6cd7bfb892daba8e84d8e47b6c7accdac8342cac01f0a9ae5c04b68b5"}}}}}, &(0x7f0000000180)={0x0, 0x1, [0x917, 0xa97, 0xbc, 0x487]}) 15:26:20 executing program 6: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x906be9) 15:26:20 executing program 3: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000100)={0x0, 0x0}) capset(&(0x7f0000000180)={0x20080522, r0}, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/locks\x00', 0x0, 0x0) ioctl$FS_IOC_SETVERSION(r2, 0x40087602, &(0x7f0000000040)=0x20) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000)='wlan1\x00', 0x10) sendfile(r1, r2, 0x0, 0x6) r3 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r3, 0x0, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 29) 15:26:20 executing program 4: perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) msgget(0x1, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 91) 15:26:20 executing program 5: perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = gettid() r1 = syz_open_dev$vcsu(&(0x7f0000000140), 0x401, 0x1a481) perf_event_open(&(0x7f00000000c0)={0xb, 0x80, 0x1, 0x9, 0x4, 0x3, 0x0, 0x3, 0x22682, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffff5b, 0x1, @perf_bp, 0x8, 0x4, 0x401, 0x2, 0x20, 0xffffffff, 0x3ff, 0x0, 0x9, 0x0, 0x2}, 0xffffffffffffffff, 0x5, r1, 0x9) process_vm_readv(r0, &(0x7f0000001a40), 0x0, &(0x7f0000001ec0)=[{&(0x7f0000001a80)=""/94, 0x5e}, {&(0x7f0000002240)=""/183, 0xb7}, {&(0x7f0000001bc0)=""/122, 0x7a}, {&(0x7f0000001c40)=""/163, 0xa3}, {&(0x7f0000001d00)=""/231, 0xe7}, {&(0x7f0000001e00)}, {&(0x7f0000001e40)=""/9, 0x9}, {&(0x7f0000001b00)=""/46, 0x2e}], 0x8, 0x0) 15:26:20 executing program 0: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) setsockopt$packet_rx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0) msgget(0x1, 0x0) ioctl$EXT4_IOC_PRECACHE_EXTENTS(0xffffffffffffffff, 0x6612) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x21) 15:26:20 executing program 6: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0xf0ff1f) [ 1606.254071] FAULT_INJECTION: forcing a failure. [ 1606.254071] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1606.256709] CPU: 0 PID: 8717 Comm: syz-executor.4 Not tainted 5.10.224 #1 [ 1606.258552] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1606.258651] FAULT_INJECTION: forcing a failure. [ 1606.258651] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1606.260213] Call Trace: [ 1606.260236] dump_stack+0x107/0x167 [ 1606.260267] should_fail.cold+0x5/0xa [ 1606.262419] _copy_from_user+0x2e/0x1b0 [ 1606.262822] do_pages_stat+0xf1/0x3b0 [ 1606.263156] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1606.263707] ? cpuset_mems_allowed+0x1af/0x440 [ 1606.264107] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1606.264582] ? trace_hardirqs_on+0x5b/0x180 [ 1606.265000] kernel_move_pages+0xb8f/0x11c0 [ 1606.265374] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1606.265926] ? nmi_handle+0x25d/0x360 [ 1606.266254] __x64_sys_move_pages+0xdd/0x1b0 [ 1606.266702] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1606.267141] do_syscall_64+0x33/0x40 [ 1606.267510] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1606.267950] RIP: 0033:0x7f1c0ae11b19 [ 1606.268267] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1606.269931] RSP: 002b:00007f1c08387188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1606.270641] RAX: ffffffffffffffda RBX: 00007f1c0af24f60 RCX: 00007f1c0ae11b19 [ 1606.271238] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1606.271891] RBP: 00007f1c083871d0 R08: 0000000020000000 R09: 0000000000000000 [ 1606.272533] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1606.273747] R13: 00007ffd2ddfd2cf R14: 00007f1c08387300 R15: 0000000000022000 [ 1606.275398] CPU: 1 PID: 8716 Comm: syz-executor.3 Not tainted 5.10.224 #1 [ 1606.276949] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1606.278160] Call Trace: [ 1606.278393] dump_stack+0x107/0x167 [ 1606.278706] should_fail.cold+0x5/0xa [ 1606.279036] _copy_from_user+0x2e/0x1b0 [ 1606.279379] do_pages_stat+0xf1/0x3b0 [ 1606.279711] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1606.280202] ? cpuset_mems_allowed+0x1af/0x440 [ 1606.280599] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1606.281034] ? trace_hardirqs_on+0x5b/0x180 [ 1606.281405] kernel_move_pages+0xb8f/0x11c0 [ 1606.281778] ? rcu_read_lock_any_held+0x75/0xa0 [ 1606.282171] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1606.282659] ? fput_many+0x2f/0x1a0 [ 1606.282970] ? ksys_write+0x1a9/0x260 [ 1606.283292] ? __ia32_sys_read+0xb0/0xb0 [ 1606.283641] __x64_sys_move_pages+0xdd/0x1b0 [ 1606.284015] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1606.284446] do_syscall_64+0x33/0x40 [ 1606.284763] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1606.285246] RIP: 0033:0x7f1e88ae8b19 [ 1606.285562] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1606.287081] RSP: 002b:00007f1e8605e188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1606.287718] RAX: ffffffffffffffda RBX: 00007f1e88bfbf60 RCX: 00007f1e88ae8b19 [ 1606.288311] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1606.289048] RBP: 00007f1e8605e1d0 R08: 0000000020000000 R09: 0000000000000000 [ 1606.290294] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1606.291536] R13: 00007ffda65e58df R14: 00007f1e8605e300 R15: 0000000000022000 15:26:34 executing program 7: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000100)={0x0, 0x0}) capset(&(0x7f0000000180)={0x20080522, r0}, &(0x7f00000002c0)={0x40, 0x0, 0xfffffaf2, 0x6, 0xffffffff, 0x40}) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000)='wlan1\x00', 0x10) sendfile(r1, 0xffffffffffffffff, 0x0, 0x6) msgctl$IPC_RMID(0x0, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 48) 15:26:34 executing program 3: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000100)={0x0, 0x0}) capset(&(0x7f0000000180)={0x20080522, r0}, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/locks\x00', 0x0, 0x0) ioctl$FS_IOC_SETVERSION(r2, 0x40087602, &(0x7f0000000040)=0x20) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000)='wlan1\x00', 0x10) sendfile(r1, r2, 0x0, 0x6) r3 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r3, 0x0, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 30) 15:26:34 executing program 5: perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = gettid() process_vm_readv(r0, &(0x7f0000001a40)=[{&(0x7f00000018c0)=""/31, 0x1f}, {&(0x7f0000001b40)=""/124, 0x7a}, {&(0x7f0000001980)=""/161, 0xa1}], 0x3, &(0x7f0000001ec0)=[{&(0x7f0000001a80)=""/101, 0x65}, {&(0x7f0000002240)=""/183, 0xffffffbc}, {&(0x7f0000001bc0)=""/122, 0x7a}, {&(0x7f0000001c40)=""/163, 0xa3}, {&(0x7f0000001d00)=""/231, 0xe7}, {&(0x7f0000001e00)}, {&(0x7f0000001e40)=""/9, 0x9}, {&(0x7f0000001b00)=""/46, 0x2e}], 0x8, 0x0) 15:26:34 executing program 1: syz_emit_ethernet(0x56, &(0x7f0000000080)={@random="20f9bdba2470", @remote, @void, {@canfd={0xd, {{}, 0x0, 0x0, 0x0, 0x0, "7bc74f84dbc157914cd8c864a1bea9a4d30d9eedbf84c7959dd76445502e8debf42a1f820f5fe25e762e614b3d9ae47ca38e6862065da5e5550f0dfc6eba6e8f"}}}}, 0x0) r0 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setown(r0, 0x8, 0xffffffffffffffff) close(r0) close_range(r0, 0xffffffffffffffff, 0x0) syz_extract_tcp_res(&(0x7f0000000000)={0x41424344}, 0xff, 0x54d2) write$tun(r0, &(0x7f0000000440)=ANY=[@ANYBLOB="018081000100ff03c974492402260065000080069078ac141437e0000001863e000000030011b14dfac25bda8c8403ec654d8b48a502020707b01b645c9a020cec7e2db9bda092d8197d0112bc57899db536069118cbd5b8d0dac2514424fc41e000000100000009ac141439000000057f000001000007ff0a0101020000000544449d01ac1e000100000009ac1e000100010000ac1414bb0000000100000000000000000a01010200000003ac1414bb000007aaac1414320000bb5600000000000000004434f3436401010000000006ac1e0101000000040a01010000000003ac1414bb000000057f000001fffff2fde0000001ffffff9b8603a4014424a3c36401010000000005e000000100000080ac14143d00000001ac14140b80000001890ba1ac1414aaac1414aa0000004e244e20", @ANYRES32=0x41424344, @ANYRES32=r1, @ANYBLOB="9110000990780800010506fffffffffe06e2d4a9b44a39ffc3d9000000a7cc2a5407d679a4049352d126427912c9fbd9065b07df3462b88929be96ac867e04ba167254b98ba4886f320f72cbe88e9743550f14cfd49eec333263110e6251393c66cb74122c1676577fd79607e00ace96e77999462302b3e175ea1508284410dcd4966171bf55d589fe27f99e6400c5cb4e3be3ed1ed91643347f4cb60dd84b09feb63775ab6d2de7f6ea3ef10da1085919445306e2ed8dfacf360424a3ea48a385b2018e9dba5c7f95302b8f2f651f0b46af4f45de07e656abed0ce852c4dc1d05633c1a9df4dfc8622914825640241c94473d00000000000000000000000000003a763b5b63cf7fee2663ae56311e703acf0f184b815674a29c5943c501c3b84a0fa4c250faee18e43693fa62d29d122fbd4d398ae50cc8b9efb9f1f9399dccb2dd706997b1f5d3c21b0abc1372764e29"], 0x230) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x8401, 0x0) ioctl$TUNSETQUEUE(r2, 0x400454ca, &(0x7f00000000c0)={'ipvlan1\x00'}) write$tun(r2, &(0x7f0000000100)=ANY=[@ANYBLOB="01040000020000020000003cdefa00102100fe880000000000000000000000000001fe8000000000000000000000000000aa000000000401907800265d9900960cee"], 0x42) 15:26:34 executing program 4: perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) msgget(0x1, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 92) 15:26:34 executing program 0: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) setsockopt$packet_rx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0) msgget(0x1, 0x0) ioctl$EXT4_IOC_PRECACHE_EXTENTS(0xffffffffffffffff, 0x6612) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x2000) 15:26:34 executing program 2: syz_emit_ethernet(0x56, &(0x7f0000000080)={@random="20f9bdba2470", @remote, @void, {@canfd={0xd, {{}, 0x0, 0x0, 0x0, 0x0, "7bc74f84dbc157914cd8c864a1bea9a4d30d9eedbf84c7959dd76445502e8debf42a1f820f5fe25e762e614b3d9ae47ca38e6862065da5e5550f0dfc6eba6e8f"}}}}, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x8401, 0x0) ioctl$TUNSETOWNER(r0, 0x400454cc, 0xee00) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mount$cgroup(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="8d2f219e3ee19f3e178b9b06f392eb8665a438c8649dccc42460363f667173331dbc2559a04c8c"]) openat$snapshot(0xffffffffffffff9c, 0x0, 0x40001, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL80211_CMD_RELOAD_REGDB(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x14, r2, 0x1}, 0x14}}, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f00000000c0)={'ipvlan1\x00'}) write$tun(r0, &(0x7f0000000100)={@void, @val={0x1}, @ipv6=@dccp_packet={0x0, 0x6, "3cdefa", 0x10, 0x21, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @local, {[], {{0x0, 0x0, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "265d99", 0x0, "960cee"}}}}}, 0x42) 15:26:34 executing program 6: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x1ffff000) [ 1620.422823] FAULT_INJECTION: forcing a failure. [ 1620.422823] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1620.423904] CPU: 1 PID: 8738 Comm: syz-executor.3 Not tainted 5.10.224 #1 [ 1620.424481] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1620.425211] Call Trace: [ 1620.425446] dump_stack+0x107/0x167 [ 1620.425770] should_fail.cold+0x5/0xa [ 1620.426115] _copy_to_user+0x2e/0x180 [ 1620.426455] do_pages_stat+0x2b4/0x3b0 [ 1620.426804] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1620.427299] ? cpuset_mems_allowed+0x1af/0x440 [ 1620.427697] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1620.428125] ? trace_hardirqs_on+0x5b/0x180 [ 1620.428498] kernel_move_pages+0xb8f/0x11c0 [ 1620.428875] ? rcu_read_lock_any_held+0x75/0xa0 [ 1620.429287] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1620.429778] ? fput_many+0x2f/0x1a0 [ 1620.430093] ? ksys_write+0x1a9/0x260 [ 1620.430418] ? __ia32_sys_read+0xb0/0xb0 [ 1620.430767] __x64_sys_move_pages+0xdd/0x1b0 [ 1620.431144] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1620.431579] do_syscall_64+0x33/0x40 [ 1620.431896] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1620.432327] RIP: 0033:0x7f1e88ae8b19 [ 1620.432645] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1620.434188] RSP: 002b:00007f1e8605e188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1620.434829] RAX: ffffffffffffffda RBX: 00007f1e88bfbf60 RCX: 00007f1e88ae8b19 [ 1620.435423] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1620.436019] RBP: 00007f1e8605e1d0 R08: 0000000020000000 R09: 0000000000000000 [ 1620.436615] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1620.437229] R13: 00007ffda65e58df R14: 00007f1e8605e300 R15: 0000000000022000 [ 1620.441148] FAULT_INJECTION: forcing a failure. [ 1620.441148] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1620.442137] CPU: 1 PID: 8745 Comm: syz-executor.4 Not tainted 5.10.224 #1 [ 1620.442716] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1620.443408] Call Trace: [ 1620.443635] dump_stack+0x107/0x167 [ 1620.443946] should_fail.cold+0x5/0xa [ 1620.444275] _copy_to_user+0x2e/0x180 [ 1620.444603] do_pages_stat+0x2b4/0x3b0 [ 1620.444943] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1620.445459] ? cpuset_mems_allowed+0x1af/0x440 [ 1620.445857] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1620.446285] ? trace_hardirqs_on+0x5b/0x180 [ 1620.446660] kernel_move_pages+0xb8f/0x11c0 [ 1620.447034] ? rcu_read_lock_any_held+0x75/0xa0 [ 1620.447432] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1620.447922] ? fput_many+0x2f/0x1a0 [ 1620.448235] ? ksys_write+0x1a9/0x260 [ 1620.448564] ? __ia32_sys_read+0xb0/0xb0 [ 1620.448915] __x64_sys_move_pages+0xdd/0x1b0 [ 1620.449304] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1620.449745] do_syscall_64+0x33/0x40 [ 1620.450063] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1620.450495] RIP: 0033:0x7f1c0ae11b19 [ 1620.450813] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1620.452348] RSP: 002b:00007f1c08387188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1620.452994] RAX: ffffffffffffffda RBX: 00007f1c0af24f60 RCX: 00007f1c0ae11b19 [ 1620.453603] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1620.454199] RBP: 00007f1c083871d0 R08: 0000000020000000 R09: 0000000000000000 [ 1620.454802] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1620.455399] R13: 00007ffd2ddfd2cf R14: 00007f1c08387300 R15: 0000000000022000 [ 1620.464171] FAULT_INJECTION: forcing a failure. [ 1620.464171] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1620.465312] CPU: 1 PID: 8733 Comm: syz-executor.7 Not tainted 5.10.224 #1 [ 1620.465889] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1620.466578] Call Trace: [ 1620.466804] dump_stack+0x107/0x167 [ 1620.467114] should_fail.cold+0x5/0xa [ 1620.467448] _copy_to_user+0x2e/0x180 [ 1620.467775] do_pages_stat+0x2b4/0x3b0 [ 1620.468113] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1620.468601] ? cpuset_mems_allowed+0x1af/0x440 [ 1620.469003] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1620.469438] ? trace_hardirqs_on+0x5b/0x180 [ 1620.469811] kernel_move_pages+0xb8f/0x11c0 [ 1620.470183] ? rcu_read_lock_any_held+0x75/0xa0 [ 1620.470577] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1620.471067] ? fput_many+0x2f/0x1a0 [ 1620.471379] ? ksys_write+0x1a9/0x260 [ 1620.471705] ? __ia32_sys_read+0xb0/0xb0 [ 1620.472054] __x64_sys_move_pages+0xdd/0x1b0 [ 1620.472428] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1620.472864] do_syscall_64+0x33/0x40 [ 1620.473195] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1620.473626] RIP: 0033:0x7f8be6d86b19 [ 1620.473942] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1620.475479] RSP: 002b:00007f8be42fc188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1620.476146] RAX: ffffffffffffffda RBX: 00007f8be6e99f60 RCX: 00007f8be6d86b19 [ 1620.476796] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1620.477417] RBP: 00007f8be42fc1d0 R08: 0000000020000000 R09: 0000000000000000 [ 1620.478011] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1620.478606] R13: 00007ffd26b6f95f R14: 00007f8be42fc300 R15: 0000000000022000 [ 1620.483325] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 15:26:35 executing program 0: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) setsockopt$packet_rx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0) msgget(0x1, 0x0) ioctl$EXT4_IOC_PRECACHE_EXTENTS(0xffffffffffffffff, 0x6612) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x4000) 15:26:35 executing program 6: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x20000000) 15:26:35 executing program 5: perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = gettid() process_vm_readv(r0, &(0x7f0000001a40)=[{&(0x7f00000018c0)=""/31, 0x1f}, {&(0x7f0000001b40)=""/124, 0x7a}, {&(0x7f0000001980)=""/161, 0xa1}], 0x3, &(0x7f0000001ec0)=[{&(0x7f0000001a80)=""/101, 0x65}, {&(0x7f0000002240)=""/183, 0xffffffbc}, {&(0x7f0000001bc0)=""/122, 0x7a}, {&(0x7f0000001c40)=""/163, 0xa3}, {&(0x7f0000001d00)=""/231, 0xe7}, {&(0x7f0000001e00)}, {&(0x7f0000001e40)=""/9, 0x9}, {&(0x7f0000001b00)=""/46, 0x2e}], 0x8, 0x0) openat$vcsu(0xffffffffffffff9c, &(0x7f0000000000), 0x28000, 0x0) 15:26:35 executing program 4: perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) msgget(0x1, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 93) 15:26:35 executing program 6: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x21000000) [ 1620.586383] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 15:26:35 executing program 3: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000100)={0x0, 0x0}) capset(&(0x7f0000000180)={0x20080522, r0}, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/locks\x00', 0x0, 0x0) ioctl$FS_IOC_SETVERSION(r2, 0x40087602, &(0x7f0000000040)=0x20) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000)='wlan1\x00', 0x10) sendfile(r1, r2, 0x0, 0x6) r3 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r3, 0x0, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 31) 15:26:35 executing program 7: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000100)={0x0, 0x0}) capset(&(0x7f0000000180)={0x20080522, r0}, &(0x7f00000002c0)={0x40, 0x0, 0xfffffaf2, 0x6, 0xffffffff, 0x40}) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000)='wlan1\x00', 0x10) sendfile(r1, 0xffffffffffffffff, 0x0, 0x6) msgctl$IPC_RMID(0x0, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0) (fail_nth: 49) [ 1620.692191] FAULT_INJECTION: forcing a failure. 15:26:35 executing program 6: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x40000000) 15:26:35 executing program 5: perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = gettid() getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f00000000c0)={0x0}, &(0x7f0000000100)=0xc) ptrace$peeksig(0x4209, r1, &(0x7f0000000140)={0x1, 0x1, 0x3}, &(0x7f0000000180)=[{}, {}, {}]) r2 = gettid() process_vm_readv(r2, &(0x7f0000001a40)=[{&(0x7f00000018c0)=""/31, 0x1f}, {&(0x7f0000001b40)=""/124, 0x7a}, {&(0x7f0000001980)=""/161, 0xa1}], 0x3, &(0x7f0000001ec0)=[{&(0x7f0000001a80)=""/101, 0x65}, {&(0x7f0000002240)=""/183, 0xffffffbc}, {&(0x7f0000001bc0)=""/122, 0x7a}, {&(0x7f0000001c40)=""/163, 0xa3}, {&(0x7f0000001d00)=""/231, 0xe7}, {&(0x7f0000001e00)}, {&(0x7f0000001e40)=""/9, 0x9}, {&(0x7f0000001b00)=""/46, 0x2e}], 0x8, 0x0) r3 = gettid() process_vm_readv(r3, &(0x7f0000001a40)=[{&(0x7f00000018c0)=""/31, 0x1f}, {&(0x7f0000001b40)=""/124, 0x7a}, {&(0x7f0000001980)=""/161, 0xa1}], 0x3, &(0x7f0000001ec0)=[{&(0x7f0000001a80)=""/101, 0x65}, {&(0x7f0000002240)=""/183, 0xffffffbc}, {&(0x7f0000001bc0)=""/122, 0x7a}, {&(0x7f0000001c40)=""/163, 0xa3}, {&(0x7f0000001d00)=""/231, 0xe7}, {&(0x7f0000001e00)}, {&(0x7f0000001e40)=""/9, 0x9}, {&(0x7f0000001b00)=""/46, 0x2e}], 0x8, 0x0) rt_tgsigqueueinfo(r2, r3, 0x12, &(0x7f0000000300)={0x35, 0x6, 0x50e}) open(&(0x7f0000000000)='./file0\x00', 0x4003, 0x1) process_vm_readv(r0, &(0x7f0000001a40)=[{&(0x7f00000018c0)=""/31, 0x1f}, {&(0x7f0000001b40)=""/124, 0x7a}, {&(0x7f0000001980)=""/161, 0xa1}], 0x3, &(0x7f0000001ec0)=[{&(0x7f0000001a80)=""/101, 0x65}, {&(0x7f0000002240)=""/183, 0xffffffbc}, {&(0x7f0000001bc0)=""/122, 0x7a}, {&(0x7f0000001c40)=""/163, 0xa3}, {&(0x7f0000001d00)=""/231, 0xe7}, {&(0x7f0000001e00)}, {&(0x7f0000001e40)=""/9, 0x9}, {&(0x7f0000001b00)=""/46, 0x2e}], 0x8, 0x0) 15:26:35 executing program 0: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) setsockopt$packet_rx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0) msgget(0x1, 0x0) ioctl$EXT4_IOC_PRECACHE_EXTENTS(0xffffffffffffffff, 0x6612) move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x200000) [ 1620.692191] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1620.693515] CPU: 1 PID: 8766 Comm: syz-executor.3 Not tainted 5.10.224 #1 [ 1620.694099] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1620.694793] Call Trace: [ 1620.695025] dump_stack+0x107/0x167 [ 1620.695337] should_fail.cold+0x5/0xa [ 1620.695671] _copy_from_user+0x2e/0x1b0 [ 1620.696014] do_pages_stat+0xf1/0x3b0 [ 1620.696346] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1620.696841] ? cpuset_mems_allowed+0x1af/0x440 [ 1620.697256] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1620.697681] ? trace_hardirqs_on+0x5b/0x180 [ 1620.698052] kernel_move_pages+0xb8f/0x11c0 [ 1620.698428] ? rcu_read_lock_any_held+0x75/0xa0 [ 1620.698823] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1620.699313] ? fput_many+0x2f/0x1a0 [ 1620.699627] ? ksys_write+0x1a9/0x260 [ 1620.699949] ? __ia32_sys_read+0xb0/0xb0 [ 1620.700296] __x64_sys_move_pages+0xdd/0x1b0 [ 1620.700673] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1620.701119] do_syscall_64+0x33/0x40 [ 1620.701436] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1620.701867] RIP: 0033:0x7f1e88ae8b19 [ 1620.702183] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1620.703710] RSP: 002b:00007f1e8605e188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1620.704349] RAX: ffffffffffffffda RBX: 00007f1e88bfbf60 RCX: 00007f1e88ae8b19 [ 1620.704945] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1620.705549] RBP: 00007f1e8605e1d0 R08: 0000000020000000 R09: 0000000000000000 [ 1620.706143] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1620.706737] R13: 00007ffda65e58df R14: 00007f1e8605e300 R15: 0000000000022000 [ 1620.726495] syz-executor.2 (8748) used greatest stack depth: 22488 bytes left [ 1620.731080] FAULT_INJECTION: forcing a failure. [ 1620.731080] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1620.732244] CPU: 0 PID: 8772 Comm: syz-executor.7 Not tainted 5.10.224 #1 [ 1620.732805] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1620.733535] Call Trace: [ 1620.733783] dump_stack+0x107/0x167 [ 1620.734120] should_fail.cold+0x5/0xa [ 1620.734450] _copy_from_user+0x2e/0x1b0 [ 1620.734786] do_pages_stat+0xf1/0x3b0 [ 1620.735111] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1620.735643] ? cpuset_mems_allowed+0x1af/0x440 [ 1620.736064] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1620.736499] ? trace_hardirqs_on+0x5b/0x180 [ 1620.736866] kernel_move_pages+0xb8f/0x11c0 [ 1620.737265] ? rcu_read_lock_any_held+0x75/0xa0 [ 1620.737691] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1620.738205] ? fput_many+0x2f/0x1a0 [ 1620.738533] ? ksys_write+0x1a9/0x260 [ 1620.738852] ? __ia32_sys_read+0xb0/0xb0 [ 1620.739193] __x64_sys_move_pages+0xdd/0x1b0 [ 1620.739590] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1620.739722] FAULT_INJECTION: forcing a failure. [ 1620.739722] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1620.740045] do_syscall_64+0x33/0x40 [ 1620.740066] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1620.741845] RIP: 0033:0x7f8be6d86b19 [ 1620.742179] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1620.743781] RSP: 002b:00007f8be42fc188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1620.744451] RAX: ffffffffffffffda RBX: 00007f8be6e99f60 RCX: 00007f8be6d86b19 [ 1620.745073] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1620.745660] RBP: 00007f8be42fc1d0 R08: 0000000020000000 R09: 0000000000000000 [ 1620.746248] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1620.746833] R13: 00007ffd26b6f95f R14: 00007f8be42fc300 R15: 0000000000022000 [ 1620.747441] CPU: 1 PID: 8775 Comm: syz-executor.4 Not tainted 5.10.224 #1 [ 1620.748028] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1620.748721] Call Trace: [ 1620.748955] dump_stack+0x107/0x167 [ 1620.749291] should_fail.cold+0x5/0xa [ 1620.749626] _copy_from_user+0x2e/0x1b0 [ 1620.749971] do_pages_stat+0xf1/0x3b0 [ 1620.750304] ? trace_raw_output_mm_migrate_pages+0x290/0x290 [ 1620.750798] ? cpuset_mems_allowed+0x1af/0x440 [ 1620.751195] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 1620.751622] ? trace_hardirqs_on+0x5b/0x180 [ 1620.751998] kernel_move_pages+0xb8f/0x11c0 [ 1620.752375] ? rcu_read_lock_any_held+0x75/0xa0 [ 1620.752771] ? move_pages_and_store_status.isra.0+0x230/0x230 [ 1620.753279] ? fput_many+0x2f/0x1a0 [ 1620.753594] ? ksys_write+0x1a9/0x260 [ 1620.753919] ? __ia32_sys_read+0xb0/0xb0 [ 1620.754267] __x64_sys_move_pages+0xdd/0x1b0 [ 1620.754643] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1620.755079] do_syscall_64+0x33/0x40 [ 1620.755396] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1620.755828] RIP: 0033:0x7f1c0ae11b19 [ 1620.756145] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1620.757694] RSP: 002b:00007f1c08366188 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 1620.758335] RAX: ffffffffffffffda RBX: 00007f1c0af25020 RCX: 00007f1c0ae11b19 [ 1620.758934] RDX: 0000000020000080 RSI: 0000000000002344 RDI: 0000000000000000 [ 1620.759531] RBP: 00007f1c083661d0 R08: 0000000020000000 R09: 0000000000000000 [ 1620.760128] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1620.760727] R13: 00007ffd2ddfd2cf R14: 00007f1c08366300 R15: 0000000000022000 [ 1625.517608] Bluetooth: hci4: command 0x0409 tx timeout [ 1627.566881] Bluetooth: hci4: command 0x041b tx timeout [ 1629.617285] Bluetooth: hci4: command 0x040f tx timeout [ 1630.325601] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1630.326352] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1630.327890] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 1630.356015] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1630.356838] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1630.358346] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 1634.993322] Bluetooth: hci4: command 0x0409 tx timeout [ 1637.038591] Bluetooth: hci4: command 0x041b tx timeout [ 1639.089293] Bluetooth: hci4: command 0x040f tx timeout [ 1639.742470] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1639.743406] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1639.749692] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 1639.773032] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1639.773875] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1639.775426] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 1644.589595] Bluetooth: hci4: command 0x0409 tx timeout [ 1646.638047] Bluetooth: hci4: command 0x041b tx timeout [ 1648.110006] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1648.110973] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1648.114063] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 1648.139987] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1648.141015] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1648.142292] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 1652.849474] Bluetooth: hci4: command 0x0409 tx timeout [ 1654.893637] Bluetooth: hci4: command 0x041b tx timeout [ 1656.942576] Bluetooth: hci4: command 0x040f tx timeout [ 1657.483487] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1657.484313] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1657.486212] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 1657.503430] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1657.504216] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1657.505263] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 1662.189666] Bluetooth: hci4: command 0x0409 tx timeout [ 1664.238971] Bluetooth: hci4: command 0x041b tx timeout [ 1666.288740] Bluetooth: hci4: command 0x040f tx timeout [ 1666.618907] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1666.619726] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1666.621179] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 1666.641018] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1666.641924] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1666.643228] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 1671.341588] Bluetooth: hci4: command 0x0409 tx timeout [ 1673.389582] Bluetooth: hci4: command 0x041b tx timeout [ 1675.200061] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1675.201173] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1675.203156] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 1675.243490] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1675.244372] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1675.246264] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 1679.985436] Bluetooth: hci4: command 0x0409 tx timeout [ 1682.030612] Bluetooth: hci4: command 0x041b tx timeout [ 1684.077582] Bluetooth: hci4: command 0x040f tx timeout [ 1684.216777] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1684.217730] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1684.220185] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 1684.260346] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1684.262274] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1684.266582] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 1688.877662] Bluetooth: hci4: command 0x0409 tx timeout [ 1690.926023] Bluetooth: hci4: command 0x041b tx timeout [ 1692.914314] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1692.915097] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1692.916596] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 1692.935213] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1692.937026] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1692.938583] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 1692.973679] Bluetooth: hci4: command 0x040f tx timeout [ 1697.582579] Bluetooth: hci4: command 0x0409 tx timeout [ 1699.629580] Bluetooth: hci4: command 0x041b tx timeout [ 1701.677589] Bluetooth: hci4: command 0x040f tx timeout [ 1701.696944] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1701.698014] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1701.699932] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 1701.735789] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1701.736832] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1701.738481] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 1706.413575] Bluetooth: hci4: command 0x0409 tx timeout [ 1708.461607] Bluetooth: hci4: command 0x041b tx timeout [ 1710.348515] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1710.350605] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1710.354774] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 1710.383714] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1710.384495] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1710.385899] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 1710.510183] Bluetooth: hci4: command 0x040f tx timeout [ 1715.117636] Bluetooth: hci4: command 0x0409 tx timeout [ 1717.166242] Bluetooth: hci4: command 0x041b tx timeout [ 1719.213585] Bluetooth: hci4: command 0x040f tx timeout [ 1720.093695] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1720.094499] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1720.096084] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 1720.127305] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1720.128732] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1720.130170] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready 2024/08/26 15:28:14 executor 1 failed 11 times: executor 1: exit status 67 SYZFAIL: tun read failed (errno 9: Bad file descriptor) SYZFAIL: child failed (errno 0: Success) loop exited with status 67 VM DIAGNOSIS: 15:28:15 Registers: info registers vcpu 0 RAX=0000000000000000 RBX=000000000003b13e RCX=ffffffff815fd670 RDX=0000000000000000 RSI=ffffffff815fd67e RDI=0000000000000005 RBP=1ffff11008a89ed9 RSP=ffff88804544f6b8 R8 =0000000000000000 R9 =ffff888016ef9a47 R10=0000000000000000 R11=0000000000000001 R12=ffff88800e24ea00 R13=00007f6fdc307000 R14=800000003b13e007 R15=0000000000000000 RIP=ffffffff8140a564 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f64cf7a3fb8 CR3=0000000045454000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001fa0 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=00000000000000000000000000000000 XMM02=682e29646e616d6d6f632a282e637069 XMM03=00000000000000000000000000000000 XMM04=732f6c61636f6c2f7273752f3d485441 XMM05=622f6c61636f6c2f7273752f3a6e6962 XMM06=73752f3a6e6962732f7273752f3a6e69 XMM07=6e69622f3a6e6962732f3a6e69622f72 XMM08=000000000000000a000000c000014016 XMM09=000000000000002a000000c000016000 XMM10=0000000000000009000000c000014040 XMM11=0000000000000007000000c000014049 XMM12=000000000000001c000000c000018000 XMM13=0000000000000041000000c00001a000 XMM14=000000000000000c000000c000014050 XMM15=000000000000000d000000c000014060 info registers vcpu 1 RAX=1ffff11001e9922a RBX=0000000000000020 RCX=ffffffff815fe800 RDX=ffff88801acdb480 RSI=ffffffff815fe809 RDI=ffff88800f4c9150 RBP=ffffea0000dc5e80 RSP=ffff88801a287760 R8 =0000000000000000 R9 =ffff88801acdb487 R10=0000000000000000 R11=0000000000000001 R12=ffffea0000dc5e88 R13=ffff88803720ad68 R14=dffffc0000000000 R15=00007f58949ae000 RIP=ffffffff815fe81e RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe6e00000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=000055aba8974db8 CR3=00000000448e4000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001fa0 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=636578650a3a73656d69742031312064 XMM02=6174732074697865203a3120726f7475 XMM03=203a4c4941465a59530a373620737574 XMM04=0a64656c6961662064616572206e7574 XMM05=6620646142203a39206f6e7272652820 XMM06=0a29726f747069726373656420656c69 XMM07=6620646c696863203a4c4941465a5953 XMM08=72206e7574203a4c4941465a59530a37 XMM09=72726528200a64656c69616620646165 XMM10=6420656c696620646142203a39206f6e XMM11=41465a59530a29726f74706972637365 XMM12=64656c69616620646c696863203a4c49 XMM13=63637553203a30206f6e72726528200a XMM14=64657469786520706f6f6c0a29737365 XMM15=0a373620737574617473206874697720