program:
socket$inet6(0xa, 0x6, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f0000000040)=0x1, 0xfff0)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000000c0)=0x1, 0x4)
connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f0000000280)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000100)={&(0x7f0000001080)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a24010000000a05000000000000000000020000020900010073797a31000000000900010073797a3100000000f8000600bb8f767be05d417d96f306803d28eaee3a0363685943fcb0d990197dacd3ad51d87192d1f40bb1843520dfff3a9d8ad33ef42cf4675885f199d95601c3b0a8686d225975c608d86981c92f1c327575d237ea0d04ed0a40d88fc9ec105b9668f29dd843db882d6f0c531c49c976032c7863a03c766b76596d3a2d9210eb0f52495d60845c8a4e189a7afb12cd289a5b43e9a37c97f6761de09a45ffa5f55212a7ea38d57e730eedd458936695c9142115d490b1c0e1254ac1e3133a3b972b6aa4fc0bcc616ad7dda0a83b9ad37f15a58b31725eee8c49ea5b018fa19f224f2af6d0568db25c285e9301f155359f3cd162d59fab9bb0020000160a0108000000000000000007000008000103802c0003801400010069703665727370616e30000000000000140001006d6163766c616e30000000000000000090000380140001006e69637666300000000000000000000014000100776c616e310000000000000000000000140001007465616d5f736c6176655f31000000001400010076657468305f746f5f627269646765001400010070696d726567300000000000000000001400010067726574617030000000000000000000140001006261746164765f736c6176655f30000040000380140001006d6163766c616e310000000000000000140001006970366772653000000000000000000014000100697036677265746170300000000000000900010073797a30000000000900020073797a32000000000900020073797a300000000078010380a40003801400010065727370616e30000000000000000000140001006e69637666300000000000000000000014000100776731000000000000000000000000001400010073797a6b616c6c65723000000000000014000100766574683101000000745f7769666900140001006772657461703000000000000000000014000100766972745f77696669300000000000001400010073797a5f74756e00000000000000000090000380140001006e6963766630000000000000000000001400010076657468315f746f5f62617461647600140001006772657461703000000000000000000014000100697036746e6c30000000000000000000140001006d6163767461703000000000000000001400010076657468315f746f5f6261746164760014000100766c616e3000000000000000000000004000038014000100776c616e3000000000000000000000001400010070696d3672656700000000000000000014000100766972745f77696669300000000000001c0000000e0a0103000000000000000002000009080004400000000020000000000a010100000000000000000000000a0900010073797a3000000000140000001100010000000000000000000500000a"], 0x438}, 0x1, 0x0, 0x0, 0x10}, 0x814)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0)=0xffffffffffffffff, 0x4)
write$binfmt_elf32(r0, &(0x7f00000014c0)=ANY=[], 0x46b)
sendmmsg$inet(r0, &(0x7f0000000f40)=[{{0x0, 0x0, &(0x7f0000000500)=[{&(0x7f00000006c0)="ed", 0xffffff60}, {&(0x7f0000000200)="b5", 0x1}, {&(0x7f0000000340)='.', 0x1}, {&(0x7f0000000140)='U', 0x1}, {&(0x7f0000000180)="f3", 0x1}], 0x5}}, {{0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000400)="cdddf9c22c77885ae9", 0x1}, {&(0x7f0000000c80)='a', 0x1}, {&(0x7f0000000b40)='M', 0x1}, {&(0x7f0000000d80)='o', 0x1}, {&(0x7f0000000e80)='\b', 0x1}], 0x5}, 0x70040000}, {{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000380)="bb", 0x1}, {&(0x7f00000007c0)="a1", 0x1}, {&(0x7f0000000800)='s', 0x1}, {&(0x7f00000009c0)='\\', 0x1}], 0x4}}, {{0x0, 0x0, &(0x7f0000000dc0)=[{&(0x7f0000000440)="88", 0x1}, {&(0x7f0000000840)="e5", 0x1}, {&(0x7f0000001040)="96", 0x1}], 0x3}}], 0x4, 0x4048841)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r2, 0x6, 0x13, &(0x7f0000000080)=0x100000001, 0x4)
connect$inet6(r2, &(0x7f0000000200)={0xa, 0x0, 0x0, @empty}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r2, 0x6, 0x1f, &(0x7f0000000540), 0x4)
setsockopt$inet6_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000380)=0xffffffffffffffff, 0x4)
setsockopt$inet6_tcp_TLS_TX(r2, 0x11a, 0x1, &(0x7f00000000c0)=@gcm_128={{0x304, 0x37}, "475566172f45f011", "bd14060000000000000092f94413582b", "00001000", "4e67cb72f328ac2f"}, 0x28)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000004580)='./bus\x00', &(0x7f00000003c0)='omfs\x00', 0x40, 0x0)
chdir(&(0x7f0000000280)='./file0\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f0000000140)='./bus\x00')
r3 = open(&(0x7f00000004c0)='.\x00', 0x0, 0x0)
r4 = open(&(0x7f0000000600)='.\x00', 0x6ca442, 0x140)
mkdirat(r4, &(0x7f0000000200)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0)
renameat2(r3, &(0x7f0000000300)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', r3, &(0x7f00000002c0)='./file0\x00', 0x2)
syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f0000000480)=ANY=[@ANYBLOB="12010000020000402505a1a44000010203010902"], 0x0)

[   77.816486][ T5305] Bluetooth: hci0: command tx timeout
[   77.820313][ T1308] ieee802154 phy0 wpan0: encryption failed: -22
[   77.822622][ T1308] ieee802154 phy1 wpan1: encryption failed: -22
[   78.255619][    T8] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[   78.409921][    T8] usb 5-1: config 0 has no interfaces?
[   78.414285][    T8] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[   78.418322][    T8] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   78.421340][    T8] usb 5-1: Product: syz
[   78.422993][    T8] usb 5-1: Manufacturer: syz
[   78.424857][    T8] usb 5-1: SerialNumber: syz
[   78.435666][    T8] usb 5-1: config 0 descriptor??
[   78.644665][   T52] usb 5-1: USB disconnect, device number 2
[   78.651353][ T5318] TCP: out of memory -- consider tuning tcp_mem
[   78.655179][ T5318] ------------[ cut here ]------------
[   78.657635][ T5318] WARNING: CPU: 0 PID: 5318 at net/ipv4/af_inet.c:156 inet_sock_destruct+0x6fc/0x810
[   78.661519][ T5318] Modules linked in:
[   78.663207][ T5318] CPU: 0 UID: 0 PID: 5318 Comm: syz.0.0 Not tainted 6.13.0-rc2-syzkaller-00018-g7cb1b4663150 #0
[   78.667728][ T5318] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   78.671627][ T5318] RIP: 0010:inet_sock_destruct+0x6fc/0x810
[   78.673341][ T5318] Code: 62 f7 90 0f 0b 90 e9 17 fe ff ff e8 fe f3 62 f7 90 0f 0b 90 41 80 3c 2c 00 0f 85 40 fe ff ff e9 43 fe ff ff e8 e5 f3 62 f7 90 <0f> 0b 90 e9 b3 fe ff ff 89 f9 80 e1 07 80 c1 03 38 c1 0f 8c 00 fc
[   78.680791][ T5318] RSP: 0018:ffffc9000d4ffc58 EFLAGS: 00010293
[   78.683162][ T5318] RAX: ffffffff8a3c6a5b RBX: 0000000080000000 RCX: ffff88801cf28000
[   78.686228][ T5318] RDX: 0000000000000000 RSI: 0000000080000000 RDI: 0000000000000000
[   78.689107][ T5318] RBP: ffff888042c2d940 R08: ffffffff8a3c690a R09: 1ffff11008585b7b
[   78.692035][ T5318] R10: dffffc0000000000 R11: ffffed1008585b7c R12: 1ffff11008585b2d
[   78.694970][ T5318] R13: ffff888042c2de28 R14: ffff888042c2d968 R15: ffff888042c2d952
[   78.698344][ T5318] FS:  000055556ca76500(0000) GS:ffff88801fc00000(0000) knlGS:0000000000000000
[   78.701561][ T5318] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   78.703884][ T5318] CR2: 000056014ea14f08 CR3: 00000000444d4000 CR4: 0000000000352ef0
[   78.706905][ T5318] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   78.709946][ T5318] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   78.712719][ T5318] Call Trace:
[   78.713864][ T5318]  <TASK>
[   78.714922][ T5318]  ? __warn+0x165/0x4d0
[   78.716563][ T5318]  ? inet_sock_destruct+0x6fc/0x810
[   78.718517][ T5318]  ? report_bug+0x2b3/0x500
[   78.720193][ T5318]  ? inet_sock_destruct+0x6fc/0x810
[   78.722126][ T5318]  ? handle_bug+0x60/0x90
[   78.723731][ T5318]  ? exc_invalid_op+0x1a/0x50
[   78.725590][ T5318]  ? asm_exc_invalid_op+0x1a/0x20
[   78.727509][ T5318]  ? inet_sock_destruct+0x5aa/0x810
[   78.729471][ T5318]  ? inet_sock_destruct+0x6fb/0x810
[   78.731577][ T5318]  ? inet_sock_destruct+0x6fc/0x810
[   78.733583][ T5318]  ? inet_sock_destruct+0x6fb/0x810
[   78.735640][ T5318]  ? __pfx_inet_sock_destruct+0x10/0x10
[   78.737773][ T5318]  __sk_destruct+0x58/0x5f0
[   78.739538][ T5318]  ? __sk_free+0x333/0x460
[   78.741351][ T5318]  inet_release+0x17d/0x200
[   78.743133][ T5318]  sock_close+0xbc/0x240
[   78.744324][ T5318]  ? __pfx_sock_close+0x10/0x10
[   78.746066][ T5318]  __fput+0x23c/0xa50
[   78.747437][ T5318]  task_work_run+0x24f/0x310
[   78.748961][ T5318]  ? _raw_spin_unlock+0x28/0x50
[   78.750541][ T5318]  ? __pfx_task_work_run+0x10/0x10
[   78.752192][ T5318]  ? syscall_exit_to_user_mode+0xa3/0x340
[   78.754012][ T5318]  syscall_exit_to_user_mode+0x13f/0x340
[   78.755947][ T5318]  do_syscall_64+0x100/0x230
[   78.757442][ T5318]  ? clear_bhb_loop+0x35/0x90
[   78.759340][ T5318]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   78.761541][ T5318] RIP: 0033:0x7ff53297ff19
[   78.763099][ T5318] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   78.769799][ T5318] RSP: 002b:00007fffa1ee4708 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[   78.772602][ T5318] RAX: 0000000000000000 RBX: 0000000000012fd2 RCX: 00007ff53297ff19
[   78.775561][ T5318] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[   78.778457][ T5318] RBP: 00007ff532b47ba0 R08: 0000000000000001 R09: 00007fffa1ee49ef
[   78.781473][ T5318] R10: 00007ff5327ff030 R11: 0000000000000246 R12: 0000000000013c25
[   78.784793][ T5318] R13: 00007ff532b46080 R14: 0000000000000bea R15: ffffffffffffffff
[   78.787937][ T5318]  </TASK>
[   78.789131][ T5318] Kernel panic - not syncing: kernel: panic_on_warn set ...
[   78.791610][ T5318] CPU: 0 UID: 0 PID: 5318 Comm: syz.0.0 Not tainted 6.13.0-rc2-syzkaller-00018-g7cb1b4663150 #0
[   78.795202][ T5318] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   78.799202][ T5318] Call Trace:
[   78.800454][ T5318]  <TASK>
[   78.801494][ T5318]  dump_stack_lvl+0x241/0x360
[   78.803276][ T5318]  ? __pfx_dump_stack_lvl+0x10/0x10
[   78.805273][ T5318]  ? __pfx__printk+0x10/0x10
[   78.807050][ T5318]  ? vscnprintf+0x5d/0x90
[   78.808662][ T5318]  panic+0x349/0x880
[   78.810145][ T5318]  ? __warn+0x174/0x4d0
[   78.811658][ T5318]  ? __pfx_panic+0x10/0x10
[   78.813358][ T5318]  __warn+0x344/0x4d0
[   78.814785][ T5318]  ? inet_sock_destruct+0x6fc/0x810
[   78.816728][ T5318]  report_bug+0x2b3/0x500
[   78.818239][ T5318]  ? inet_sock_destruct+0x6fc/0x810
[   78.820037][ T5318]  handle_bug+0x60/0x90
[   78.821417][ T5318]  exc_invalid_op+0x1a/0x50
[   78.822985][ T5318]  asm_exc_invalid_op+0x1a/0x20
[   78.824739][ T5318] RIP: 0010:inet_sock_destruct+0x6fc/0x810
[   78.826776][ T5318] Code: 62 f7 90 0f 0b 90 e9 17 fe ff ff e8 fe f3 62 f7 90 0f 0b 90 41 80 3c 2c 00 0f 85 40 fe ff ff e9 43 fe ff ff e8 e5 f3 62 f7 90 <0f> 0b 90 e9 b3 fe ff ff 89 f9 80 e1 07 80 c1 03 38 c1 0f 8c 00 fc
[   78.833118][ T5318] RSP: 0018:ffffc9000d4ffc58 EFLAGS: 00010293
[   78.835384][ T5318] RAX: ffffffff8a3c6a5b RBX: 0000000080000000 RCX: ffff88801cf28000
[   78.838255][ T5318] RDX: 0000000000000000 RSI: 0000000080000000 RDI: 0000000000000000
[   78.841300][ T5318] RBP: ffff888042c2d940 R08: ffffffff8a3c690a R09: 1ffff11008585b7b
[   78.844451][ T5318] R10: dffffc0000000000 R11: ffffed1008585b7c R12: 1ffff11008585b2d
[   78.847223][ T5318] R13: ffff888042c2de28 R14: ffff888042c2d968 R15: ffff888042c2d952
[   78.850183][ T5318]  ? inet_sock_destruct+0x5aa/0x810
[   78.851975][ T5318]  ? inet_sock_destruct+0x6fb/0x810
[   78.853896][ T5318]  ? inet_sock_destruct+0x6fb/0x810
[   78.855721][ T5318]  ? __pfx_inet_sock_destruct+0x10/0x10
[   78.857682][ T5318]  __sk_destruct+0x58/0x5f0
[   78.859303][ T5318]  ? __sk_free+0x333/0x460
[   78.861106][ T5318]  inet_release+0x17d/0x200
[   78.862958][ T5318]  sock_close+0xbc/0x240
[   78.865044][ T5318]  ? __pfx_sock_close+0x10/0x10
[   78.866987][ T5318]  __fput+0x23c/0xa50
[   78.868468][ T5318]  task_work_run+0x24f/0x310
[   78.870152][ T5318]  ? _raw_spin_unlock+0x28/0x50
[   78.871938][ T5318]  ? __pfx_task_work_run+0x10/0x10
[   78.873773][ T5318]  ? syscall_exit_to_user_mode+0xa3/0x340
[   78.875841][ T5318]  syscall_exit_to_user_mode+0x13f/0x340
[   78.877958][ T5318]  do_syscall_64+0x100/0x230
[   78.879774][ T5318]  ? clear_bhb_loop+0x35/0x90
[   78.881488][ T5318]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   78.883584][ T5318] RIP: 0033:0x7ff53297ff19
[   78.885150][ T5318] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   78.891879][ T5318] RSP: 002b:00007fffa1ee4708 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[   78.894808][ T5318] RAX: 0000000000000000 RBX: 0000000000012fd2 RCX: 00007ff53297ff19
[   78.897655][ T5318] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[   78.900485][ T5318] RBP: 00007ff532b47ba0 R08: 0000000000000001 R09: 00007fffa1ee49ef
[   78.903340][ T5318] R10: 00007ff5327ff030 R11: 0000000000000246 R12: 0000000000013c25
[   78.906258][ T5318] R13: 00007ff532b46080 R14: 0000000000000bea R15: ffffffffffffffff
[   78.909011][ T5318]  </TASK>
[   78.910367][ T5318] Kernel Offset: disabled
[   78.912021][ T5318] Rebooting in 86400 seconds..