program:
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={0x0}}, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
io_setup(0xa58, &(0x7f0000000200))
socket$nl_route(0x10, 0x3, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(0xffffffffffffffff, 0xc00c642d, &(0x7f0000000040)={0x0, 0x0, <r2=>0xffffffffffffffff})
ioctl$DRM_IOCTL_MODE_GETENCODER(0xffffffffffffffff, 0xc01464a6, &(0x7f0000000080)={0x0, 0x0, <r3=>0x0})
ioctl$DRM_IOCTL_MODE_GETPLANE(0xffffffffffffffff, 0xc02064b6, &(0x7f0000000180)={0x0, 0x0, <r4=>0x0, 0x0, 0x0, 0x1, &(0x7f0000000140)=[0x0]})
ioctl$DRM_IOCTL_MODE_PAGE_FLIP(r2, 0xc01864b0, &(0x7f00000001c0)={r3, r4, 0xe, 0x2e26e0c4, 0x200})
syz_open_dev$dri(&(0x7f0000000100), 0x2, 0x309b00)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$inet6(0xa, 0x1000080002, 0x100000000000088)
recvmsg(r6, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000002780)=[{&(0x7f0000000400)=""/185, 0xb9}], 0x1}, 0x0)
bind$inet6(r6, &(0x7f0000000140)={0xa, 0x4e23}, 0x1c)
r7 = socket$inet6(0xa, 0x802, 0x88)
setsockopt$inet6_udp_int(r7, 0x11, 0x100000000a, &(0x7f00000003c0)=0x800000001, 0x4)
prlimit64(0x0, 0x0, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
timer_create(0x3, &(0x7f0000533fa0)={0x0, 0x21}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x1, &(0x7f0000000280)={{}, {0x0, 0x3938700}}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r8=>0xffffffffffffffff})
r9 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000180)={'bond0\x00', <r10=>0x0})
sendmsg$nl_route(r9, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=@dellink={0x20, 0x11, 0x101, 0x0, 0x0, {0x0, 0x0, 0x0, r10}}, 0x20}}, 0x0)
syz_usb_connect_ath9k(0x3, 0x0, 0x0, 0x0)
sendto$inet6(r7, 0x0, 0x0, 0x6008800, &(0x7f0000000180)={0xa, 0x4e23, 0x0, @mcast1}, 0x1c)
sendto$inet6(r7, &(0x7f0000000000)="17", 0x1, 0x0, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000380)=ANY=[@ANYBLOB="4c0000001800010d00000000000000850a000000000000000500000014000500200100000000000000000100000000001c00090008000000", @ANYRES32=r1, @ANYRES32=r5], 0x4c}}, 0x0)
sendmmsg(r0, &(0x7f00000002c0), 0x40000000000009f, 0x0)

[   73.827920][ T5308] Bluetooth: hci0: command tx timeout
[   73.924039][ T5328] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   74.064869][ T5330] ------------[ cut here ]------------
[   74.067806][ T5330] WARNING: CPU: 0 PID: 5330 at drivers/net/netdevsim/fib.c:831 nsim_fib_event_nb+0xed8/0x1080
[   74.072741][ T5330] Modules linked in:
[   74.074631][ T5330] CPU: 0 UID: 0 PID: 5330 Comm: syz.0.0 Not tainted 6.16.0-rc1-syzkaller-00010-g2c4a1f3fe03e #0 PREEMPT(full) 
[   74.080066][ T5330] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   74.085206][ T5330] RIP: 0010:nsim_fib_event_nb+0xed8/0x1080
[   74.087966][ T5330] Code: fa be 02 00 00 00 eb 0a e8 f5 f8 b3 fa be 01 00 00 00 4c 89 f7 e8 b8 df b4 fd 4c 8b 64 24 08 e9 91 f4 ff ff e8 d9 f8 b3 fa 90 <0f> 0b 90 e9 70 fb ff ff 44 89 e9 80 e1 07 80 c1 03 38 c1 0f 8c 35
[   74.097110][ T5330] RSP: 0018:ffffc9000e65ef68 EFLAGS: 00010283
[   74.100070][ T5330] RAX: ffffffff870c6617 RBX: 0000000000000001 RCX: 0000000000100000
[   74.103459][ T5330] RDX: ffffc90020001000 RSI: 0000000000000456 RDI: 0000000000000457
[   74.107645][ T5330] RBP: dffffc0000000000 R08: ffff888011b0902f R09: 1ffff11002361205
[   74.111659][ T5330] R10: dffffc0000000000 R11: ffffed1002361206 R12: ffff88805292e000
[   74.115706][ T5330] R13: ffffc9000e65f0e0 R14: 0000000000000000 R15: ffffc9000e65f0f8
[   74.119491][ T5330] FS:  00007f2805fa46c0(0000) GS:ffff88808d252000(0000) knlGS:0000000000000000
[   74.123324][ T5330] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   74.126463][ T5330] CR2: 00007f2805fa1f70 CR3: 000000004407e000 CR4: 0000000000352ef0
[   74.130577][ T5330] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   74.134215][ T5330] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   74.138185][ T5330] Call Trace:
[   74.139683][ T5330]  <TASK>
[   74.141112][ T5330]  notifier_call_chain+0x1b3/0x3e0
[   74.143797][ T5330]  ? atomic_notifier_call_chain+0x26/0x180
[   74.147059][ T5330]  atomic_notifier_call_chain+0xda/0x180
[   74.149927][ T5330]  call_fib_notifiers+0x31/0x60
[   74.152380][ T5330]  call_fib6_multipath_entry_notifiers+0xe6/0x150
[   74.155801][ T5330]  ? __pfx_call_fib6_multipath_entry_notifiers+0x10/0x10
[   74.159510][ T5330]  ? inet6_rtm_newroute+0xec4/0x18a0
[   74.161843][ T5330]  inet6_rtm_newroute+0x1328/0x18a0
[   74.163837][ T5330]  ? nlmon_xmit+0xb0/0x100
[   74.165997][ T5330]  ? kmem_cache_free+0x18f/0x400
[   74.168725][ T5330]  ? __pfx_inet6_rtm_newroute+0x10/0x10
[   74.171404][ T5330]  ? __local_bh_enable_ip+0x12d/0x1c0
[   74.173739][ T5330]  ? __pfx_inet6_rtm_newroute+0x10/0x10
[   74.176141][ T5330]  rtnetlink_rcv_msg+0x7cc/0xb70
[   74.178498][ T5330]  ? rtnetlink_rcv_msg+0x1ab/0xb70
[   74.180950][ T5330]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   74.183670][ T5330]  ? ref_tracker_free+0x63a/0x7d0
[   74.186125][ T5330]  ? __copy_skb_header+0xa7/0x550
[   74.188478][ T5330]  ? __pfx_ref_tracker_free+0x10/0x10
[   74.190766][ T5330]  ? __skb_clone+0x63/0x7a0
[   74.192813][ T5330]  netlink_rcv_skb+0x208/0x470
[   74.195007][ T5330]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   74.197723][ T5330]  ? __pfx_netlink_rcv_skb+0x10/0x10
[   74.200410][ T5330]  ? netlink_deliver_tap+0x2e/0x1b0
[   74.202802][ T5330]  ? netlink_deliver_tap+0x2e/0x1b0
[   74.205119][ T5330]  netlink_unicast+0x75b/0x8d0
[   74.207500][ T5330]  netlink_sendmsg+0x805/0xb30
[   74.210047][ T5330]  ? __pfx_netlink_sendmsg+0x10/0x10
[   74.212650][ T5330]  ? aa_sock_msg_perm+0x94/0x160
[   74.214835][ T5330]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[   74.217299][ T5330]  ? __pfx_netlink_sendmsg+0x10/0x10
[   74.219748][ T5330]  __sock_sendmsg+0x219/0x270
[   74.222444][ T5330]  ____sys_sendmsg+0x52d/0x830
[   74.225119][ T5330]  ? __pfx_____sys_sendmsg+0x10/0x10
[   74.228435][ T5330]  ? import_iovec+0x74/0xa0
[   74.230502][ T5330]  ___sys_sendmsg+0x21f/0x2a0
[   74.232530][ T5330]  ? __pfx____sys_sendmsg+0x10/0x10
[   74.234930][ T5330]  ? __fget_files+0x2a/0x420
[   74.237844][ T5330]  ? __fget_files+0x3a0/0x420
[   74.240480][ T5330]  __sys_sendmmsg+0x227/0x430
[   74.242917][ T5330]  ? __pfx___sys_sendmmsg+0x10/0x10
[   74.245239][ T5330]  ? rcu_is_watching+0x15/0xb0
[   74.247703][ T5330]  ? rcu_is_watching+0x15/0xb0
[   74.250168][ T5330]  __x64_sys_sendmmsg+0xa0/0xc0
[   74.252844][ T5330]  do_syscall_64+0xfa/0x3b0
[   74.254996][ T5330]  ? lockdep_hardirqs_on+0x9c/0x150
[   74.257767][ T5330]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   74.260692][ T5330]  ? clear_bhb_loop+0x60/0xb0
[   74.263005][ T5330]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   74.265936][ T5330] RIP: 0033:0x7f280518e929
[   74.268173][ T5330] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   74.277223][ T5330] RSP: 002b:00007f2805fa4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[   74.280975][ T5330] RAX: ffffffffffffffda RBX: 00007f28053b6160 RCX: 00007f280518e929
[   74.284592][ T5330] RDX: 040000000000009f RSI: 00002000000002c0 RDI: 0000000000000003
[   74.288404][ T5330] RBP: 00007f2805210b39 R08: 0000000000000000 R09: 0000000000000000
[   74.291960][ T5330] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   74.295803][ T5330] R13: 0000000000000000 R14: 00007f28053b6160 R15: 00007ffc9fbaa828
[   74.299998][ T5330]  </TASK>
[   74.301610][ T5330] Kernel panic - not syncing: kernel: panic_on_warn set ...
[   74.305219][ T5330] CPU: 0 UID: 0 PID: 5330 Comm: syz.0.0 Not tainted 6.16.0-rc1-syzkaller-00010-g2c4a1f3fe03e #0 PREEMPT(full) 
[   74.311009][ T5330] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   74.315507][ T5330] Call Trace:
[   74.317297][ T5330]  <TASK>
[   74.318793][ T5330]  dump_stack_lvl+0x99/0x250
[   74.321105][ T5330]  ? __asan_memcpy+0x40/0x70
[   74.323295][ T5330]  ? __pfx_dump_stack_lvl+0x10/0x10
[   74.325644][ T5330]  ? __pfx__printk+0x10/0x10
[   74.327708][ T5330]  panic+0x2db/0x790
[   74.329696][ T5330]  ? __pfx_panic+0x10/0x10
[   74.332070][ T5330]  ? show_trace_log_lvl+0x4fb/0x550
[   74.334675][ T5330]  __warn+0x31b/0x4b0
[   74.336440][ T5330]  ? nsim_fib_event_nb+0xed8/0x1080
[   74.338804][ T5330]  ? nsim_fib_event_nb+0xed8/0x1080
[   74.341079][ T5330]  report_bug+0x2be/0x4f0
[   74.343185][ T5330]  ? nsim_fib_event_nb+0xed8/0x1080
[   74.345829][ T5330]  ? nsim_fib_event_nb+0xed8/0x1080
[   74.347903][ T5330]  ? nsim_fib_event_nb+0xeda/0x1080
[   74.350131][ T5330]  handle_bug+0x84/0x160
[   74.352111][ T5330]  exc_invalid_op+0x1a/0x50
[   74.354190][ T5330]  asm_exc_invalid_op+0x1a/0x20
[   74.356412][ T5330] RIP: 0010:nsim_fib_event_nb+0xed8/0x1080
[   74.359464][ T5330] Code: fa be 02 00 00 00 eb 0a e8 f5 f8 b3 fa be 01 00 00 00 4c 89 f7 e8 b8 df b4 fd 4c 8b 64 24 08 e9 91 f4 ff ff e8 d9 f8 b3 fa 90 <0f> 0b 90 e9 70 fb ff ff 44 89 e9 80 e1 07 80 c1 03 38 c1 0f 8c 35
[   74.367693][ T5330] RSP: 0018:ffffc9000e65ef68 EFLAGS: 00010283
[   74.370887][ T5330] RAX: ffffffff870c6617 RBX: 0000000000000001 RCX: 0000000000100000
[   74.374828][ T5330] RDX: ffffc90020001000 RSI: 0000000000000456 RDI: 0000000000000457
[   74.378423][ T5330] RBP: dffffc0000000000 R08: ffff888011b0902f R09: 1ffff11002361205
[   74.382104][ T5330] R10: dffffc0000000000 R11: ffffed1002361206 R12: ffff88805292e000
[   74.385849][ T5330] R13: ffffc9000e65f0e0 R14: 0000000000000000 R15: ffffc9000e65f0f8
[   74.389525][ T5330]  ? nsim_fib_event_nb+0xed7/0x1080
[   74.392276][ T5330]  ? nsim_fib_event_nb+0xed7/0x1080
[   74.394855][ T5330]  notifier_call_chain+0x1b3/0x3e0
[   74.397136][ T5330]  ? atomic_notifier_call_chain+0x26/0x180
[   74.399754][ T5330]  atomic_notifier_call_chain+0xda/0x180
[   74.402266][ T5330]  call_fib_notifiers+0x31/0x60
[   74.404487][ T5330]  call_fib6_multipath_entry_notifiers+0xe6/0x150
[   74.407628][ T5330]  ? __pfx_call_fib6_multipath_entry_notifiers+0x10/0x10
[   74.410978][ T5330]  ? inet6_rtm_newroute+0xec4/0x18a0
[   74.413434][ T5330]  inet6_rtm_newroute+0x1328/0x18a0
[   74.415690][ T5330]  ? nlmon_xmit+0xb0/0x100
[   74.417883][ T5330]  ? kmem_cache_free+0x18f/0x400
[   74.420319][ T5330]  ? __pfx_inet6_rtm_newroute+0x10/0x10
[   74.422984][ T5330]  ? __local_bh_enable_ip+0x12d/0x1c0
[   74.425717][ T5330]  ? __pfx_inet6_rtm_newroute+0x10/0x10
[   74.428164][ T5330]  rtnetlink_rcv_msg+0x7cc/0xb70
[   74.430462][ T5330]  ? rtnetlink_rcv_msg+0x1ab/0xb70
[   74.433313][ T5330]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   74.436244][ T5330]  ? ref_tracker_free+0x63a/0x7d0
[   74.438518][ T5330]  ? __copy_skb_header+0xa7/0x550
[   74.441202][ T5330]  ? __pfx_ref_tracker_free+0x10/0x10
[   74.444087][ T5330]  ? __skb_clone+0x63/0x7a0
[   74.446302][ T5330]  netlink_rcv_skb+0x208/0x470
[   74.448477][ T5330]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   74.450951][ T5330]  ? __pfx_netlink_rcv_skb+0x10/0x10
[   74.453284][ T5330]  ? netlink_deliver_tap+0x2e/0x1b0
[   74.455523][ T5330]  ? netlink_deliver_tap+0x2e/0x1b0
[   74.458027][ T5330]  netlink_unicast+0x75b/0x8d0
[   74.460568][ T5330]  netlink_sendmsg+0x805/0xb30
[   74.462931][ T5330]  ? __pfx_netlink_sendmsg+0x10/0x10
[   74.465781][ T5330]  ? aa_sock_msg_perm+0x94/0x160
[   74.467885][ T5330]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[   74.470690][ T5330]  ? __pfx_netlink_sendmsg+0x10/0x10
[   74.473140][ T5330]  __sock_sendmsg+0x219/0x270
[   74.475127][ T5330]  ____sys_sendmsg+0x52d/0x830
[   74.477217][ T5330]  ? __pfx_____sys_sendmsg+0x10/0x10
[   74.479605][ T5330]  ? import_iovec+0x74/0xa0
[   74.481594][ T5330]  ___sys_sendmsg+0x21f/0x2a0
[   74.483729][ T5330]  ? __pfx____sys_sendmsg+0x10/0x10
[   74.486134][ T5330]  ? __fget_files+0x2a/0x420
[   74.488230][ T5330]  ? __fget_files+0x3a0/0x420
[   74.490457][ T5330]  __sys_sendmmsg+0x227/0x430
[   74.492610][ T5330]  ? __pfx___sys_sendmmsg+0x10/0x10
[   74.494985][ T5330]  ? rcu_is_watching+0x15/0xb0
[   74.497349][ T5330]  ? rcu_is_watching+0x15/0xb0
[   74.499873][ T5330]  __x64_sys_sendmmsg+0xa0/0xc0
[   74.502145][ T5330]  do_syscall_64+0xfa/0x3b0
[   74.504088][ T5330]  ? lockdep_hardirqs_on+0x9c/0x150
[   74.506444][ T5330]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   74.509345][ T5330]  ? clear_bhb_loop+0x60/0xb0
[   74.511684][ T5330]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   74.514482][ T5330] RIP: 0033:0x7f280518e929
[   74.516541][ T5330] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   74.525090][ T5330] RSP: 002b:00007f2805fa4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[   74.530324][ T5330] RAX: ffffffffffffffda RBX: 00007f28053b6160 RCX: 00007f280518e929
[   74.534147][ T5330] RDX: 040000000000009f RSI: 00002000000002c0 RDI: 0000000000000003
[   74.537737][ T5330] RBP: 00007f2805210b39 R08: 0000000000000000 R09: 0000000000000000
[   74.542165][ T5330] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   74.546051][ T5330] R13: 0000000000000000 R14: 00007f28053b6160 R15: 00007ffc9fbaa828
[   74.549887][ T5330]  </TASK>
[   74.551689][ T5330] Kernel Offset: disabled
[   74.553842][ T5330] Rebooting in 86400 seconds..