program: socket$nl_route(0x10, 0x3, 0x0) (async) r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff7000/0x2000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff7000/0x1000)=nil, &(0x7f0000ff1000/0x3000)=nil, &(0x7f0000ff0000/0x2000)=nil, &(0x7f0000ff9000/0x3000)=nil, &(0x7f0000ff8000/0x2000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0) io_uring_setup(0x54c1, &(0x7f0000000540)={0x0, 0x203, 0x40, 0x2, 0x71, 0x0, r2}) (async) io_uring_setup(0x54c1, &(0x7f0000000540)={0x0, 0x203, 0x40, 0x2, 0x71, 0x0, r2}) io_uring_setup(0x1195, &(0x7f0000000040)={0x0, 0xc8a6, 0xc000, 0x8, 0xc4}) (async) r3 = io_uring_setup(0x1195, &(0x7f0000000040)={0x0, 0xc8a6, 0xc000, 0x8, 0xc4}) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={0xffffffffffffffff, 0x2000000, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x2}, 0x50) r4 = socket$inet_sctp(0x2, 0x5, 0x84) getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r4, 0x84, 0x1d, &(0x7f0000000000), &(0x7f0000000040)=0x4) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB=')'], 0x50) (async) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB=')'], 0x50) io_uring_enter(r3, 0x2219, 0xcf74, 0x16, 0x0, 0x0) write$uinput_user_dev(r2, &(0x7f0000000080)={'syz1\x00', {}, 0x0, [], [], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000]}, 0x45c) (async) write$uinput_user_dev(r2, &(0x7f0000000080)={'syz1\x00', {}, 0x0, [], [], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000]}, 0x45c) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@struct]}}, 0x0, 0x26}, 0x20) (async) r5 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@struct]}}, 0x0, 0x26}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0x3, &(0x7f0000000040)=@framed, &(0x7f0000000080)='GPL\x00', 0x5, 0x1f6, &(0x7f00000002c0)=""/168, 0x0, 0x0, '\x00', 0x0, @sock_ops, r5, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000200), 0x1}, 0x6d) (async) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0x3, &(0x7f0000000040)=@framed, &(0x7f0000000080)='GPL\x00', 0x5, 0x1f6, &(0x7f00000002c0)=""/168, 0x0, 0x0, '\x00', 0x0, @sock_ops, r5, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000200), 0x1}, 0x6d) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000004c0)={r6, 0xc0, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0}}, 0x10) ioctl$UI_SET_PROPBIT(r2, 0x5501, 0x0) ioctl$UI_SET_RELBIT(r2, 0x8000552c, 0x0) sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@ipv6_newnexthop={0x1c, 0x68, 0x5fb9a818fb7378e9, 0x0, 0x0, {}, [@NHA_BLACKHOLE={0x4}]}, 0x1c}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000004380)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)=@ipv6_newrule={0x2c, 0x18, 0x409, 0x0, 0x0, {}, [@FIB_RULE_POLICY=@FRA_GOTO={0x8, 0x1e, 0x1}, @FIB_RULE_POLICY=@FRA_SPORT_RANGE={0x8, 0x17, {0x4e21, 0x4e24}}]}, 0x2c}}, 0x0) (async) sendmsg$nl_route(r0, &(0x7f0000004380)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)=@ipv6_newrule={0x2c, 0x18, 0x409, 0x0, 0x0, {}, [@FIB_RULE_POLICY=@FRA_GOTO={0x8, 0x1e, 0x1}, @FIB_RULE_POLICY=@FRA_SPORT_RANGE={0x8, 0x17, {0x4e21, 0x4e24}}]}, 0x2c}}, 0x0) r7 = socket$nl_route(0x10, 0x3, 0x0) r8 = socket(0x200000000000011, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000000)={'bridge0\x00', 0x0}) sendmsg$nl_route(r7, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x20, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x74, r9, 0x0, 0x11203}}, 0x20}, 0x1, 0x0, 0x0, 0x800}, 0x0) syz_mount_image$hfs(&(0x7f0000000240), &(0x7f0000000280)='mnt\x00', 0x0, &(0x7f00000001c0)={[{@part={'part', 0x3d, 0x687}}, {@codepage={'codepage', 0x3d, 'cp1255'}}]}, 0x1, 0x270, &(0x7f00000002c0)="$eJzs3U1PE0Ecx/HfTAsWIbhWjIlHlMSTAbwYLyamL8KTUWlNiA0miol6Mp6NL8C7b8EX4cEY34CePPkCelsys1O6tNMnyLZ0+X6SLls6D//pdNn5L5QKwIX1qPHn271/7makiiqSHvyUlVSTqpKu60bt7cHh/mG71Yw1sBy+VnwNdzPKapqBsnsHrVgTrp6vESTuXlVr+e+hGGmapn+nq2KYlvLxR3+ElS6Fo9M/Xpt5ZMX4OO8AChedzmOms9LRO63PLBwAwLkUzv82nDjWwvrdWmkrnPZLdf7vzDuAWVs6edd01D3/++V8atz8XvEP9fI9n8K5x203SzxN1z5FtH0rEjMyq1SIxa682G+37u69ajetPulhkCu24bfN7KXbNSbazWxgqxPGf/qx+x7skhvD7mD8w4+lszzb45gf5pd5YhJ9VfN4/VdNjZsmP1NJ30xl8W8Pb9GPMslKDZmlq76Tm73LBRo/ylrfEjZ3PWE5tHkiE03Gxelr1ftqZaPbGVUr6zhSa3dMXxv9tXqv5uE1i2a+mMdmU//1XY3c+t+6Z3tLkxyZrowvGV4ZI8dT9SWTCQKzUw0DZ/NZz3Vf62/ef3j5rN1uvWZnQXeMzkUY7JRsZ94/oDALvUnPLvTiwnHrLpPlf7l8Zduvet0mGbFOT6Mt5nLNXIs7Q3KDut9eniqDW438dnGwx0jO5V1zm1t3pNuT95ioXqYVqmnot55y/R8AAAAAAAAAAAAAAAAAAGDRFPwuApv9ZXlcWd5LDAAAAAAAAAAAAAAAAAAAAABA0WKf/6tpPv+3q5J2/xc4n/8LLIijAAAA//9aYYOg") [ 87.784856][ T5297] Bluetooth: hci0: command tx timeout [ 88.158778][ T5318] input: syz1 as /devices/virtual/input/input5 [ 88.184770][ T5318] ================================================================== [ 88.188095][ T5318] BUG: KASAN: slab-out-of-bounds in fib6_add_rt2node+0x349c/0x3500 [ 88.191704][ T5318] Read of size 1 at addr ffff8880448622de by task syz.0.0/5318 [ 88.194941][ T5318] [ 88.196061][ T5318] CPU: 0 UID: 0 PID: 5318 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) [ 88.196095][ T5318] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 88.196103][ T5318] Call Trace: [ 88.196127][ T5318] [ 88.196150][ T5318] dump_stack_lvl+0xe8/0x150 [ 88.196211][ T5318] print_report+0xba/0x230 [ 88.196224][ T5318] ? fib6_add_rt2node+0x349c/0x3500 [ 88.196235][ T5318] kasan_report+0x117/0x150 [ 88.196253][ T5318] ? fib6_add_rt2node+0x349c/0x3500 [ 88.196266][ T5318] fib6_add_rt2node+0x349c/0x3500 [ 88.196280][ T5318] ? __lock_acquire+0x6b5/0x2cf0 [ 88.196295][ T5318] ? __pfx_fib6_add_rt2node+0x10/0x10 [ 88.196309][ T5318] ? do_raw_spin_lock+0x12b/0x2f0 [ 88.196319][ T5318] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 88.196329][ T5318] fib6_add+0x910/0x18c0 [ 88.196344][ T5318] ? do_raw_spin_lock+0x12b/0x2f0 [ 88.196353][ T5318] ? __pfx_fib6_add+0x10/0x10 [ 88.196368][ T5318] ? ip6_route_add+0xc9/0x1b0 [ 88.196379][ T5318] ip6_route_add+0xde/0x1b0 [ 88.196392][ T5318] inet6_rtm_newroute+0x268/0x19e0 [ 88.196409][ T5318] ? kasan_quarantine_put+0xbb/0x1f0 [ 88.196424][ T5318] ? lockdep_hardirqs_on+0x7a/0x110 [ 88.196527][ T5318] ? __pfx_inet6_rtm_newroute+0x10/0x10 [ 88.196540][ T5318] ? kmem_cache_free+0x187/0x630 [ 88.196554][ T5318] ? nlmon_xmit+0xb0/0x100 [ 88.196606][ T5318] ? __lock_acquire+0x6b5/0x2cf0 [ 88.196628][ T5318] ? __local_bh_enable_ip+0xd0/0x130 [ 88.196640][ T5318] ? lockdep_hardirqs_on+0x7a/0x110 [ 88.196657][ T5318] ? __pfx_inet6_rtm_newroute+0x10/0x10 [ 88.196671][ T5318] rtnetlink_rcv_msg+0x7d5/0xbe0 [ 88.196728][ T5318] ? rtnetlink_rcv_msg+0x1b9/0xbe0 [ 88.196741][ T5318] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 88.196755][ T5318] ? ref_tracker_free+0x693/0x840 [ 88.196770][ T5318] ? __copy_skb_header+0xa3/0x4a0 [ 88.196781][ T5318] ? __pfx_ref_tracker_free+0x10/0x10 [ 88.196794][ T5318] ? __skb_clone+0x63/0x7a0 [ 88.196807][ T5318] netlink_rcv_skb+0x232/0x4b0 [ 88.196824][ T5318] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 88.196838][ T5318] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 88.196856][ T5318] ? netlink_deliver_tap+0x2e/0x1b0 [ 88.196871][ T5318] netlink_unicast+0x80f/0x9b0 [ 88.196886][ T5318] ? __pfx_netlink_unicast+0x10/0x10 [ 88.196900][ T5318] ? netlink_sendmsg+0x650/0xb40 [ 88.196914][ T5318] ? skb_put+0x11b/0x210 [ 88.196932][ T5318] netlink_sendmsg+0x813/0xb40 [ 88.196948][ T5318] ? __pfx_netlink_sendmsg+0x10/0x10 [ 88.196963][ T5318] ? trace_sched_set_need_resched_tp+0x3e/0x160 [ 88.196979][ T5318] ? aa_sock_msg_perm+0xf1/0x1b0 [ 88.196996][ T5318] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 88.197012][ T5318] ? __pfx_netlink_sendmsg+0x10/0x10 [ 88.197025][ T5318] ____sys_sendmsg+0xa68/0xad0 [ 88.197038][ T5318] ? __pfx_____sys_sendmsg+0x10/0x10 [ 88.197050][ T5318] ? import_iovec+0x73/0xa0 [ 88.197063][ T5318] ___sys_sendmsg+0x2a5/0x360 [ 88.197075][ T5318] ? __pfx____sys_sendmsg+0x10/0x10 [ 88.197088][ T5318] ? futex_wake+0x4ac/0x580 [ 88.197111][ T5318] ? __fget_files+0x2a/0x420 [ 88.197123][ T5318] ? __fget_files+0x3a0/0x420 [ 88.197138][ T5318] __x64_sys_sendmsg+0x1bd/0x2a0 [ 88.197149][ T5318] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 88.197162][ T5318] ? rcu_is_watching+0x15/0xb0 [ 88.197180][ T5318] do_syscall_64+0x14d/0xf80 [ 88.197193][ T5318] ? trace_irq_disable+0x3b/0x150 [ 88.197208][ T5318] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 88.197220][ T5318] ? clear_bhb_loop+0x40/0x90 [ 88.197233][ T5318] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 88.197245][ T5318] RIP: 0033:0x7feaeef9bf79 [ 88.197259][ T5318] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 88.197269][ T5318] RSP: 002b:00007feaeb3f5028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 88.197303][ T5318] RAX: ffffffffffffffda RBX: 00007feaef215fa0 RCX: 00007feaeef9bf79 [ 88.197311][ T5318] RDX: 0000000000000000 RSI: 0000200000004380 RDI: 0000000000000004 [ 88.197319][ T5318] RBP: 00007feaef0327e0 R08: 0000000000000000 R09: 0000000000000000 [ 88.197326][ T5318] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 88.197333][ T5318] R13: 00007feaef216038 R14: 00007feaef215fa0 R15: 00007ffc0b4ee248 [ 88.197347][ T5318] [ 88.197351][ T5318] [ 88.374185][ T5318] Allocated by task 5319: [ 88.376119][ T5318] kasan_save_track+0x3e/0x80 [ 88.378257][ T5318] __kasan_kmalloc+0x93/0xb0 [ 88.380408][ T5318] __kmalloc_noprof+0x35c/0x760 [ 88.382663][ T5318] fib6_info_alloc+0x30/0xf0 [ 88.384754][ T5318] ip6_route_info_create+0x142/0x860 [ 88.387045][ T5318] ip6_route_add+0x49/0x1b0 [ 88.389128][ T5318] inet6_rtm_newroute+0x268/0x19e0 [ 88.391389][ T5318] rtnetlink_rcv_msg+0x7d5/0xbe0 [ 88.393447][ T5318] netlink_rcv_skb+0x232/0x4b0 [ 88.395578][ T5318] netlink_unicast+0x80f/0x9b0 [ 88.397698][ T5318] netlink_sendmsg+0x813/0xb40 [ 88.400104][ T5318] ____sys_sendmsg+0xa68/0xad0 [ 88.402034][ T5318] ___sys_sendmsg+0x2a5/0x360 [ 88.404028][ T5318] __x64_sys_sendmsg+0x1bd/0x2a0 [ 88.406077][ T5318] do_syscall_64+0x14d/0xf80 [ 88.407978][ T5318] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 88.410728][ T5318] [ 88.411883][ T5318] The buggy address belongs to the object at ffff888044862200 [ 88.411883][ T5318] which belongs to the cache kmalloc-256 of size 256 [ 88.417469][ T5318] The buggy address is located 22 bytes to the right of [ 88.417469][ T5318] allocated 200-byte region [ffff888044862200, ffff8880448622c8) [ 88.422917][ T5318] [ 88.423848][ T5318] The buggy address belongs to the physical page: [ 88.426308][ T5318] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x44862 [ 88.429616][ T5318] flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff) [ 88.432364][ T5318] page_type: f5(slab) [ 88.434292][ T5318] raw: 04fff00000000000 ffff88801a841b40 dead000000000100 dead000000000122 [ 88.438086][ T5318] raw: 0000000000000000 0000000000080008 00000000f5000000 0000000000000000 [ 88.441848][ T5318] page dumped because: kasan: bad access detected [ 88.444597][ T5318] page_owner tracks the page as allocated [ 88.447100][ T5318] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x52820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 10, tgid 10 (kworker/0:1), ts 82953500894, free_ts 82943398354 [ 88.454604][ T5318] post_alloc_hook+0x231/0x280 [ 88.456739][ T5318] get_page_from_freelist+0x24dc/0x2580 [ 88.459096][ T5318] __alloc_frozen_pages_noprof+0x18d/0x380 [ 88.461647][ T5318] alloc_pages_mpol+0x232/0x4a0 [ 88.463857][ T5318] allocate_slab+0x83/0x660 [ 88.465848][ T5318] ___slab_alloc+0x150/0x6b0 [ 88.467893][ T5318] __kmalloc_cache_noprof+0x12e/0x660 [ 88.470184][ T5318] br_multicast_new_group+0x159/0x13f0 [ 88.472521][ T5318] __br_multicast_add_group+0x285/0xa30 [ 88.475006][ T5318] br_multicast_rcv+0x3b8f/0x7650 [ 88.477286][ T5318] br_handle_frame_finish+0x775/0x1b40 [ 88.479728][ T5318] br_nf_hook_thresh+0x3dd/0x4c0 [ 88.481910][ T5318] br_nf_pre_routing_finish_ipv6+0xa3a/0xd70 [ 88.484503][ T5318] br_nf_pre_routing_ipv6+0x374/0x6f0 [ 88.486871][ T5318] br_handle_frame+0x1277/0x1510 [ 88.489226][ T5318] __netif_receive_skb_core+0x98f/0x31a0 [ 88.491693][ T5318] page last free pid 5296 tgid 5296 stack trace: [ 88.494471][ T5318] __free_frozen_pages+0xc00/0xd90 [ 88.496777][ T5318] __slab_free+0x263/0x2b0 [ 88.498768][ T5318] qlist_free_all+0x97/0x100 [ 88.500759][ T5318] kasan_quarantine_reduce+0x148/0x160 [ 88.502953][ T5318] __kasan_slab_alloc+0x22/0x80 [ 88.505195][ T5318] kmem_cache_alloc_node_noprof+0x384/0x690 [ 88.507900][ T5318] __alloc_skb+0x1d0/0x7d0 [ 88.509950][ T5318] netlink_sendmsg+0x5d4/0xb40 [ 88.512125][ T5318] __sys_sendto+0x709/0x7a0 [ 88.514192][ T5318] __x64_sys_sendto+0xde/0x100 [ 88.516287][ T5318] do_syscall_64+0x14d/0xf80 [ 88.518130][ T5318] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 88.520396][ T5318] [ 88.521350][ T5318] Memory state around the buggy address: [ 88.523773][ T5318] ffff888044862180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 88.527321][ T5318] ffff888044862200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 88.530766][ T5318] >ffff888044862280: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 88.534404][ T5318] ^ [ 88.537376][ T5318] ffff888044862300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 88.540883][ T5318] ffff888044862380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 88.544334][ T5318] ================================================================== [ 88.547543][ T5318] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 88.550308][ T5318] CPU: 0 UID: 0 PID: 5318 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) [ 88.553757][ T5318] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 88.557661][ T5318] Call Trace: [ 88.559112][ T5318] [ 88.560451][ T5318] vpanic+0x56c/0xa60 [ 88.562235][ T5318] ? __pfx_vpanic+0x10/0x10 [ 88.564502][ T5318] panic+0xc5/0xd0 [ 88.566084][ T5318] ? __pfx_panic+0x10/0x10 [ 88.568111][ T5318] ? fib6_add_rt2node+0x349c/0x3500 [ 88.570616][ T5318] ? fib6_add_rt2node+0x349c/0x3500 [ 88.572856][ T5318] check_panic_on_warn+0x89/0xb0 [ 88.575054][ T5318] ? fib6_add_rt2node+0x349c/0x3500 [ 88.577335][ T5318] end_report+0x73/0x180 [ 88.579277][ T5318] ? fib6_add_rt2node+0x349c/0x3500 [ 88.581598][ T5318] kasan_report+0x128/0x150 [ 88.583634][ T5318] ? fib6_add_rt2node+0x349c/0x3500 [ 88.585933][ T5318] fib6_add_rt2node+0x349c/0x3500 [ 88.587966][ T5318] ? __lock_acquire+0x6b5/0x2cf0 [ 88.590030][ T5318] ? __pfx_fib6_add_rt2node+0x10/0x10 [ 88.592296][ T5318] ? do_raw_spin_lock+0x12b/0x2f0 [ 88.594395][ T5318] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 88.596673][ T5318] fib6_add+0x910/0x18c0 [ 88.598492][ T5318] ? do_raw_spin_lock+0x12b/0x2f0 [ 88.600593][ T5318] ? __pfx_fib6_add+0x10/0x10 [ 88.602493][ T5318] ? ip6_route_add+0xc9/0x1b0 [ 88.604396][ T5318] ip6_route_add+0xde/0x1b0 [ 88.606343][ T5318] inet6_rtm_newroute+0x268/0x19e0 [ 88.608629][ T5318] ? kasan_quarantine_put+0xbb/0x1f0 [ 88.610876][ T5318] ? lockdep_hardirqs_on+0x7a/0x110 [ 88.613070][ T5318] ? __pfx_inet6_rtm_newroute+0x10/0x10 [ 88.615590][ T5318] ? kmem_cache_free+0x187/0x630 [ 88.617806][ T5318] ? nlmon_xmit+0xb0/0x100 [ 88.619739][ T5318] ? __lock_acquire+0x6b5/0x2cf0 [ 88.622022][ T5318] ? __local_bh_enable_ip+0xd0/0x130 [ 88.624412][ T5318] ? lockdep_hardirqs_on+0x7a/0x110 [ 88.626605][ T5318] ? __pfx_inet6_rtm_newroute+0x10/0x10 [ 88.629152][ T5318] rtnetlink_rcv_msg+0x7d5/0xbe0 [ 88.631518][ T5318] ? rtnetlink_rcv_msg+0x1b9/0xbe0 [ 88.633902][ T5318] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 88.636405][ T5318] ? ref_tracker_free+0x693/0x840 [ 88.638577][ T5318] ? __copy_skb_header+0xa3/0x4a0 [ 88.640775][ T5318] ? __pfx_ref_tracker_free+0x10/0x10 [ 88.643070][ T5318] ? __skb_clone+0x63/0x7a0 [ 88.645096][ T5318] netlink_rcv_skb+0x232/0x4b0 [ 88.647190][ T5318] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 88.649524][ T5318] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 88.651719][ T5318] ? netlink_deliver_tap+0x2e/0x1b0 [ 88.653842][ T5318] netlink_unicast+0x80f/0x9b0 [ 88.655823][ T5318] ? __pfx_netlink_unicast+0x10/0x10 [ 88.658151][ T5318] ? netlink_sendmsg+0x650/0xb40 [ 88.660325][ T5318] ? skb_put+0x11b/0x210 [ 88.662209][ T5318] netlink_sendmsg+0x813/0xb40 [ 88.664315][ T5318] ? __pfx_netlink_sendmsg+0x10/0x10 [ 88.666686][ T5318] ? trace_sched_set_need_resched_tp+0x3e/0x160 [ 88.669366][ T5318] ? aa_sock_msg_perm+0xf1/0x1b0 [ 88.671525][ T5318] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 88.674183][ T5318] ? __pfx_netlink_sendmsg+0x10/0x10 [ 88.677132][ T5318] ____sys_sendmsg+0xa68/0xad0 [ 88.679768][ T5318] ? __pfx_____sys_sendmsg+0x10/0x10 [ 88.682332][ T5318] ? import_iovec+0x73/0xa0 [ 88.684225][ T5318] ___sys_sendmsg+0x2a5/0x360 [ 88.686286][ T5318] ? __pfx____sys_sendmsg+0x10/0x10 [ 88.688568][ T5318] ? futex_wake+0x4ac/0x580 [ 88.690528][ T5318] ? __fget_files+0x2a/0x420 [ 88.692518][ T5318] ? __fget_files+0x3a0/0x420 [ 88.694457][ T5318] __x64_sys_sendmsg+0x1bd/0x2a0 [ 88.696417][ T5318] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 88.698744][ T5318] ? rcu_is_watching+0x15/0xb0 [ 88.704336][ T5318] do_syscall_64+0x14d/0xf80 [ 88.707364][ T5318] ? trace_irq_disable+0x3b/0x150 [ 88.709621][ T5318] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 88.711999][ T5318] ? clear_bhb_loop+0x40/0x90 [ 88.714009][ T5318] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 88.716531][ T5318] RIP: 0033:0x7feaeef9bf79 [ 88.718521][ T5318] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 88.726790][ T5318] RSP: 002b:00007feaeb3f5028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 88.730490][ T5318] RAX: ffffffffffffffda RBX: 00007feaef215fa0 RCX: 00007feaeef9bf79 [ 88.733817][ T5318] RDX: 0000000000000000 RSI: 0000200000004380 RDI: 0000000000000004 [ 88.737225][ T5318] RBP: 00007feaef0327e0 R08: 0000000000000000 R09: 0000000000000000 [ 88.740667][ T5318] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 88.744120][ T5318] R13: 00007feaef216038 R14: 00007feaef215fa0 R15: 00007ffc0b4ee248 [ 88.747236][ T5318] [ 88.748566][ T5318] Kernel Offset: disabled [ 88.750445][ T5318] Rebooting in 86400 seconds..