program:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
r1 = socket(0x2a, 0x2, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=@newqdisc={0x38, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}, {0x0, 0xfff1}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0x4}}]}, 0x38}}, 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000000c0)={0x0}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)=@newtfilter={0x24, 0x2c, 0xd27, 0x70bd2d, 0x0, {0x0, 0x0, 0x0, r2, {0xe, 0x1}, {0x0, 0xc}, {0x8, 0xffe0}}}, 0x24}}, 0x4000)
open(&(0x7f00009e1000)='./file0\x00', 0xc162, 0x0)
r3 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r3, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = creat(&(0x7f00000001c0)='./file0\x00', 0x0)
write(r5, &(0x7f0000000300)='(', 0x1)
write$uinput_user_dev(r5, &(0x7f0000000400)={'syz0\x00', {0x7, 0x4, 0x6, 0xfffa}, 0x1d, [0x6, 0xc95a, 0xfffffff3, 0x9, 0x80, 0x2, 0x1, 0x7f, 0x6, 0x4d, 0xfffffff2, 0x5f, 0xa, 0x3, 0xffff2d33, 0x1dd2, 0x6, 0x7, 0x0, 0x80000001, 0x4, 0x7, 0x3, 0x3c5b, 0x1, 0x24, 0xffffffff, 0x41, 0x1f461e2c, 0x2, 0xe661, 0x4, 0x7, 0x3, 0x7fff, 0x4c74, 0x8f00, 0x642, 0x3, 0xa, 0x0, 0x71, 0x7, 0x7, 0x103, 0x0, 0x5, 0x3c, 0x8f, 0x6, 0x6, 0x3, 0x5, 0x4, 0x8, 0x0, 0x80, 0x0, 0x5, 0x6, 0x8, 0x204, 0x1, 0x40], [0x10000007, 0xffff, 0x12f, 0x8000, 0x200010, 0xfffffff3, 0x129432e6, 0xcb, 0xf9, 0xd, 0x2bf, 0x6c9, 0x9, 0xfffffffc, 0x3, 0x0, 0x7, 0x5, 0x20002f, 0xe, 0x312, 0x78, 0xea4, 0xa, 0x4, 0x4, 0x8000, 0x9, 0x400, 0x1, 0x6, 0x1, 0xff, 0xffff8001, 0x7ff, 0x5f31, 0x4, 0x0, 0x6, 0x2, 0x9, 0x4, 0x9, 0x8, 0x9, 0x6, 0x5, 0x0, 0x1, 0x8000, 0xffff, 0x2, 0x7f, 0x9, 0x5, 0x3, 0x4, 0x1, 0x7, 0x6, 0x9, 0x48c93690, 0x2, 0xff], [0x7, 0x4, 0x0, 0x64e, 0xfffffdfe, 0x7fffffff, 0x8d2, 0x100009, 0x5, 0x7fff, 0x0, 0x5, 0xb, 0x4, 0x5, 0x5, 0x0, 0x1ef, 0x5, 0x8, 0x86, 0x3, 0x10000009, 0x3e7, 0x2, 0x5, 0x2, 0x2, 0xf, 0x8, 0x4, 0x6d01, 0x5, 0x3e, 0x3, 0x200, 0x80, 0x3, 0x4, 0x2950bfaf, 0x0, 0xa2, 0x7, 0x1, 0x5, 0x4, 0x54fe12d2, 0xbf, 0xb, 0x3, 0x400000, 0xfffffff9, 0x0, 0x1, 0x5, 0x0, 0x6, 0x0, 0x120000, 0x3, 0x6, 0x9, 0x4, 0x3], [0x9, 0xbb31, 0x3, 0xb, 0x5, 0x938, 0x6, 0x6, 0x0, 0x5, 0xce7, 0x100001ff, 0x6, 0x0, 0x5, 0x3, 0x101, 0x10000, 0x6, 0x7fff, 0xffff, 0xa620, 0x2, 0x5, 0x1, 0x2, 0x14c, 0x60a7, 0x6, 0x6, 0xffffffff, 0x80000000, 0x5, 0x8, 0x81, 0x3, 0x3, 0xffff, 0x3, 0x9, 0x100, 0x9602, 0xa, 0x2, 0x4, 0x6, 0x1, 0x10000, 0x5, 0x8, 0x2b91, 0xa1f, 0x4, 0x9, 0x1, 0x6c1b, 0x0, 0x4, 0x5, 0xb1c, 0x1, 0x200, 0xffff3441, 0xfff]}, 0x45c)
r6 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 32)
ptrace(0x10, r6)
ptrace$cont(0x9, r6, 0x0, 0x9)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000012c0)={r4, 0x0, 0x30, 0xe1515f8735398fb, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000002c0)=[0x45c], 0x0, 0x0, 0x1, 0x1}}, 0x3c)
syz_mount_image$hfs(&(0x7f0000000240), &(0x7f0000000280)='./file0\x00', 0x10852, &(0x7f0000000180)={[{}, {@session={'session', 0x3d, 0xffffffff}}]}, 0x1, 0x255, &(0x7f0000000400)="$eJzs3cFqE1EUxvHv3qbpaEsd24rgSqoFV9LWjbgRJA/hStQmQjFU0ArqSlyLD+DeV/AhXIkvoCtXPkB2I/fONZnU3MxYm0zS/n/QYZK5Z+aczkznnkCJAJxZ91rfP9366X6MtKAFSXckKymRGpIu6XLy8uBw/7DbaY/b0UI/yiiPNH+N2TvojApNFCKC1L1qaKX4HiYjy7LsR91JoHb+7h/BSkvh7vTbk6lnNhlv605g4kaezj7TU0+vtDq1dAAAMyk8/214cKyE+bu10lZ47J+q53+v7gRqVnj++y4rM+78XvCbBv2eb+HcdvunSzzOsZrKr6yhGYkp6yp9Lvbck/1u5+bes27b6p3uBoVhG37Zdgew/Td9tkuKZbs5ojcd4/i1L/saFl0Nu5H810/2iOXMF/PVPDCpPqrdn/81MuNOU1OL/uXQmcrz347v0VeZ5qMiVV70B7kSroWgpMokPoVthn0OfUCQluXpo9aOROXV7ZRErY+M2i2J2jgaNbia45GTZj6Y+2ZTv/RZrcL837rf9paq3JlujB8Zroyx9TT8yLRCYvafysD/ea/Huq3VF6/fPH3U7XaeR1Yaim46wyvSVc1AGvO0YmYjDVaqrtT9BwrTMDjpdWeCmrh5l8n7v0K/su1bJLdIx8zTs7KdF/a4E+kN1vzy/PAEsKQ3WI53cFV7rms3pOvVj5iGPE8J09I3PeTzfwAAAAAAAAAAAAAAAAAAgHkzjX8nqLtGAAAAAAAAAAAAAAAAAAAAAADm3Ul+/2/C9/8Cc+V3AAAA//+Skn5+")
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000740)=@ipv4_newnexthop={0x24, 0x68, 0x109, 0x0, 0x0, {}, [@NHA_OIF={0x8, 0x10}, @NHA_FDB={0x4}]}, 0x24}}, 0x0)
bpf$ENABLE_STATS(0x20, &(0x7f0000000000), 0x27)
r7 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r7, &(0x7f00000002c0), 0x40000000000009f, 0x0)
sendmmsg$inet(r0, &(0x7f0000002240)=[{{&(0x7f0000000140)={0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x44}}, 0x10, 0x0}}], 0x1, 0x4000000)

[   73.701245][ T5303] Bluetooth: hci0: command tx timeout
[   73.809140][ T5318] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   73.819378][ T5318] FAULT_INJECTION: forcing a failure.
[   73.819378][ T5318] name failslab, interval 1, probability 0, space 0, times 1
[   73.825663][ T5318] CPU: 0 UID: 0 PID: 5318 Comm: syz.0.0 Not tainted 6.13.0-rc1-syzkaller-00025-gfeffde684ac2 #0
[   73.829961][ T5318] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   73.834424][ T5318] Call Trace:
[   73.836021][ T5318]  <TASK>
[   73.837113][ T5318]  dump_stack_lvl+0x241/0x360
[   73.838957][ T5318]  ? __pfx_dump_stack_lvl+0x10/0x10
[   73.840903][ T5318]  ? __pfx__printk+0x10/0x10
[   73.842623][ T5318]  ? kmem_cache_alloc_noprof+0x48/0x380
[   73.844725][ T5318]  ? __pfx___might_resched+0x10/0x10
[   73.846687][ T5318]  should_fail_ex+0x3b0/0x4e0
[   73.848496][ T5318]  should_failslab+0xac/0x100
[   73.850232][ T5318]  ? vm_area_dup+0x27/0x290
[   73.852017][ T5318]  kmem_cache_alloc_noprof+0x70/0x380
[   73.854011][ T5318]  vm_area_dup+0x27/0x290
[   73.855771][ T5318]  copy_mm+0xc1d/0x1f90
[   73.857309][ T5318]  ? __pfx_copy_mm+0x10/0x10
[   73.859009][ T5318]  ? __init_rwsem+0x122/0x160
[   73.860753][ T5318]  ? copy_signal+0x51c/0x640
[   73.862497][ T5318]  copy_process+0x1845/0x3d50
[   73.864254][ T5318]  ? copy_process+0x9fa/0x3d50
[   73.866028][ T5318]  ? __pfx_copy_process+0x10/0x10
[   73.867885][ T5318]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[   73.870049][ T5318]  kernel_clone+0x226/0x8e0
[   73.871753][ T5318]  ? __pfx_kernel_clone+0x10/0x10
[   73.873630][ T5318]  __x64_sys_clone+0x258/0x2a0
[   73.875432][ T5318]  ? __pfx___x64_sys_clone+0x10/0x10
[   73.877348][ T5318]  ? do_syscall_64+0x100/0x230
[   73.879143][ T5318]  ? do_syscall_64+0xb6/0x230
[   73.880933][ T5318]  do_syscall_64+0xf3/0x230
[   73.882619][ T5318]  ? clear_bhb_loop+0x35/0x90
[   73.884443][ T5318]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   73.886705][ T5318] RIP: 0033:0x7f137e97ff19
[   73.888418][ T5318] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   73.895453][ T5318] RSP: 002b:00007f137f809008 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[   73.898510][ T5318] RAX: ffffffffffffffda RBX: 00007f137eb45fa0 RCX: 00007f137e97ff19
[   73.901659][ T5318] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   73.904537][ T5318] RBP: 00007f137f8090a0 R08: 0000000000000000 R09: 0000000000000000
[   73.907468][ T5318] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   73.910457][ T5318] R13: 0000000000000000 R14: 00007f137eb45fa0 R15: 00007fff36be56b8
[   73.913204][ T5318]  </TASK>
[   73.924021][ T5319] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000080: 0000 [#1] PREEMPT SMP KASAN NOPTI
[   73.928721][ T5319] KASAN: null-ptr-deref in range [0x0000000000000400-0x0000000000000407]
[   73.931716][ T5319] CPU: 0 UID: 0 PID: 5319 Comm: syz.0.0 Not tainted 6.13.0-rc1-syzkaller-00025-gfeffde684ac2 #0
[   73.935615][ T5319] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   73.939519][ T5319] RIP: 0010:find_mergeable_anon_vma+0x1e4/0x8f0
[   73.941772][ T5319] Code: 00 00 00 00 fc ff df 41 80 3c 06 00 74 08 4c 89 ff e8 10 39 10 00 4d 8b 37 4d 89 ec 49 c1 ec 03 48 b8 00 00 00 00 00 fc ff df <41> 80 3c 04 00 74 08 4c 89 ef e8 ed 38 10 00 49 8b 5d 00 4c 89 f7
[   73.948851][ T5319] RSP: 0018:ffffc9000d3df500 EFLAGS: 00010203
[   73.951157][ T5319] RAX: dffffc0000000000 RBX: ffffc9000d3df540 RCX: ffff88801cf80000
[   73.954351][ T5319] RDX: 0000000000000000 RSI: ffffffff900062a0 RDI: 0000000000000000
[   73.957340][ T5319] RBP: ffffc9000d3df610 R08: 0000000000000005 R09: ffffffff8bc6b642
[   73.960371][ T5319] R10: 0000000000000003 R11: ffff88801cf80000 R12: 0000000000000080
[   73.963351][ T5319] R13: 0000000000000406 R14: 0000000021000000 R15: ffff8880120d4ca0
[   73.966126][ T5319] FS:  00007f137f7e86c0(0000) GS:ffff88801fc00000(0000) knlGS:0000000000000000
[   73.969310][ T5319] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   73.971741][ T5319] CR2: 0000000020000140 CR3: 0000000040256000 CR4: 0000000000352ef0
[   73.974562][ T5319] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   73.977478][ T5319] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   73.980579][ T5319] Call Trace:
[   73.981815][ T5319]  <TASK>
[   73.982948][ T5319]  ? __die_body+0x5f/0xb0
[   73.984588][ T5319]  ? die_addr+0xb0/0xe0
[   73.986145][ T5319]  ? exc_general_protection+0x3dd/0x5d0
[   73.988281][ T5319]  ? asm_exc_general_protection+0x26/0x30
[   73.990355][ T5319]  ? mas_walk+0xa2/0x280
[   73.992009][ T5319]  ? find_mergeable_anon_vma+0x1e4/0x8f0
[   73.994207][ T5319]  ? __pfx_find_mergeable_anon_vma+0x10/0x10
[   73.996568][ T5319]  ? rcu_is_watching+0x15/0xb0
[   73.998362][ T5319]  ? kmem_cache_alloc_noprof+0x22d/0x380
[   74.000616][ T5319]  __anon_vma_prepare+0xd9/0x4a0
[   74.002523][ T5319]  uprobe_write_opcode+0x1a95/0x2d80
[   74.004609][ T5319]  ? insn_get_modrm+0x494/0x730
[   74.006446][ T5319]  ? insn_get_displacement+0x391/0x9a0
[   74.008523][ T5319]  ? __pfx_uprobe_write_opcode+0x10/0x10
[   74.010734][ T5319]  ? arch_uprobe_analyze_insn+0xa19/0x1a70
[   74.012888][ T5319]  ? up_write+0x1a9/0x590
[   74.014539][ T5319]  install_breakpoint+0x4fc/0x660
[   74.016468][ T5319]  register_for_each_vma+0xa08/0xc50
[   74.018531][ T5319]  uprobe_register+0x811/0x970
[   74.020335][ T5319]  bpf_uprobe_multi_link_attach+0xaca/0xdd0
[   74.022573][ T5319]  ? __pfx_bpf_uprobe_multi_link_attach+0x10/0x10
[   74.025029][ T5319]  ? __fget_files+0x395/0x410
[   74.026926][ T5319]  ? bpf_prog_attach_check_attach_type+0x42c/0x4f0
[   74.029354][ T5319]  link_create+0x6d7/0x870
[   74.031155][ T5319]  __sys_bpf+0x4bc/0x810
[   74.032756][ T5319]  ? __pfx___sys_bpf+0x10/0x10
[   74.034614][ T5319]  ? __rseq_handle_notify_resume+0x34d/0x14e0
[   74.036875][ T5319]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[   74.039085][ T5319]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   74.041400][ T5319]  ? do_syscall_64+0x100/0x230
[   74.043155][ T5319]  __x64_sys_bpf+0x7c/0x90
[   74.044795][ T5319]  do_syscall_64+0xf3/0x230
[   74.046443][ T5319]  ? clear_bhb_loop+0x35/0x90
[   74.048184][ T5319]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   74.050295][ T5319] RIP: 0033:0x7f137e97ff19
[   74.051963][ T5319] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   74.059612][ T5319] RSP: 002b:00007f137f7e8058 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   74.062883][ T5319] RAX: ffffffffffffffda RBX: 00007f137eb46080 RCX: 00007f137e97ff19
[   74.065807][ T5319] RDX: 000000000000003c RSI: 00000000200012c0 RDI: 000000000000001c
[   74.068703][ T5319] RBP: 00007f137e9f3986 R08: 0000000000000000 R09: 0000000000000000
[   74.071806][ T5319] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   74.074655][ T5319] R13: 0000000000000000 R14: 00007f137eb46080 R15: 00007fff36be56b8
[   74.077765][ T5319]  </TASK>
[   74.078924][ T5319] Modules linked in:
[   74.080843][ T5319] ---[ end trace 0000000000000000 ]---
[   74.086718][ T5318] loop0: detected capacity change from 0 to 64
[   74.089647][ T5318] =======================================================
[   74.089647][ T5318] WARNING: The mand mount option has been deprecated and
[   74.089647][ T5318]          and is ignored by this kernel. Remove the mand
[   74.089647][ T5318]          option from the mount to silence this warning.
[   74.089647][ T5318] =======================================================
[   74.113350][ T5319] RIP: 0010:find_mergeable_anon_vma+0x1e4/0x8f0
[   74.115670][ T5319] Code: 00 00 00 00 fc ff df 41 80 3c 06 00 74 08 4c 89 ff e8 10 39 10 00 4d 8b 37 4d 89 ec 49 c1 ec 03 48 b8 00 00 00 00 00 fc ff df <41> 80 3c 04 00 74 08 4c 89 ef e8 ed 38 10 00 49 8b 5d 00 4c 89 f7
[   74.124118][ T5319] RSP: 0018:ffffc9000d3df500 EFLAGS: 00010203
[   74.126639][ T5319] RAX: dffffc0000000000 RBX: ffffc9000d3df540 RCX: ffff88801cf80000
[   74.129543][ T5319] RDX: 0000000000000000 RSI: ffffffff900062a0 RDI: 0000000000000000
[   74.133109][ T5319] RBP: ffffc9000d3df610 R08: 0000000000000005 R09: ffffffff8bc6b642
[   74.136110][ T5319] R10: 0000000000000003 R11: ffff88801cf80000 R12: 0000000000000080
[   74.139055][ T5319] R13: 0000000000000406 R14: 0000000021000000 R15: ffff8880120d4ca0
[   74.142581][ T5319] FS:  00007f137f7e86c0(0000) GS:ffff88801fc00000(0000) knlGS:0000000000000000
[   74.145972][ T5319] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   74.148449][ T5319] CR2: 0000000020002240 CR3: 0000000040256000 CR4: 0000000000352ef0
[   74.151864][ T5319] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   74.154797][ T5319] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   74.157796][ T5319] Kernel panic - not syncing: Fatal exception
[   74.160312][ T5319] Kernel Offset: disabled
[   74.161924][ T5319] Rebooting in 86400 seconds..