BUG: unable to handle kernel paging request in khugepaged_scan_mm

netlink: 'syz-executor2': attribute type 16 has an invalid length.
BUG: unable to handle kernel paging request at ffff8801251f8000
PGD ae45067 P4D ae45067 PUD 12f533063 PMD 1b873f063 PTE 0
Oops: 0000 [#1] SMP PTI
CPU: 1 PID: 717 Comm: khugepaged Not tainted 4.19.0-rc1+ #40
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
RIP: 0010:memcpy_erms+0x6/0x10 arch/x86/lib/memcpy_64.S:54
Code: eb c0 90 90 eb 1e 0f 1f 00 48 89 f8 48 89 d1 48 c1 e9 03 83 e2 07 f3 48 a5 89 d1 f3 a4 c3 66 0f 1f 44 00 00 48 89 f8 48 89 d1 <f3> a4 c3 0f 1f 80 00 00 00 00 48 89 f8 48 83 fa 20 72 7e 40 38 fe
netlink: 4 bytes leftover after parsing attributes in process `syz-executor4'.
RSP: 0018:ffff8801d4acfa08 EFLAGS: 00010086
RAX: ffff88011325c000 RBX: ffff8801d482d880 RCX: 0000000000001000
RDX: 0000000000001000 RSI: ffff8801251f8000 RDI: ffff88011325c000
RBP: ffff8801d4acfa50 R08: 000000ffffffffff R09: 0000000000000001
R10: 80000001bb0ae067 R11: fffffffffffffffd R12: 0000160000000000
R13: aaaaaaaaaaaab000 R14: ffffea000a624140 R15: ffffea0006b5a280
FS:  0000000000000000(0000) GS:ffff88021fd00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: ffff8801251f8000 CR3: 0000000141728000 CR4: 00000000001406e0
Call Trace:
 copy_user_highpage include/linux/highmem.h:237 [inline]
 __collapse_huge_page_copy mm/khugepaged.c:662 [inline]
 collapse_huge_page mm/khugepaged.c:1060 [inline]
 khugepaged_scan_pmd mm/khugepaged.c:1216 [inline]
 khugepaged_scan_mm_slot+0x85b8/0xeba0 mm/khugepaged.c:1737
 khugepaged_do_scan mm/khugepaged.c:1818 [inline]
 khugepaged+0x82c/0x1790 mm/khugepaged.c:1863
 kthread+0x465/0x4a0 kernel/kthread.c:247
 ret_from_fork+0x35/0x40 arch/x86/entry/entry_64.S:416
Modules linked in:
Dumping ftrace buffer:
   (ftrace buffer empty)
CR2: ffff8801251f8000
---[ end trace 2bb999f286c94c5b ]---
RIP: 0010:memcpy_erms+0x6/0x10 arch/x86/lib/memcpy_64.S:54
Code: eb c0 90 90 eb 1e 0f 1f 00 48 89 f8 48 89 d1 48 c1 e9 03 83 e2 07 f3 48 a5 89 d1 f3 a4 c3 66 0f 1f 44 00 00 48 89 f8 48 89 d1 <f3> a4 c3 0f 1f 80 00 00 00 00 48 89 f8 48 83 fa 20 72 7e 40 38 fe
netlink: 4 bytes leftover after parsing attributes in process `syz-executor4'.
RSP: 0018:ffff8801d4acfa08 EFLAGS: 00010086
RAX: ffff88011325c000 RBX: ffff8801d482d880 RCX: 0000000000001000
RDX: 0000000000001000 RSI: ffff8801251f8000 RDI: ffff88011325c000
RBP: ffff8801d4acfa50 R08: 000000ffffffffff R09: 0000000000000001
R10: 80000001bb0ae067 R11: fffffffffffffffd R12: 0000160000000000
R13: aaaaaaaaaaaab000 R14: ffffea000a624140 R15: ffffea0006b5a280
FS:  0000000000000000(0000) GS:ffff88021fd00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: ffff8801251f8000 CR3: 0000000141728000 CR4: 00000000001406e0