program:
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$IP_VS_SO_SET_ADD(r0, 0x0, 0x482, &(0x7f0000000100)={0x84, @dev={0xac, 0x14, 0x14, 0x10}, 0x15, 0x3, 'fo\x00', 0x9, 0x4, 0xb}, 0x2c)
socket$kcm(0xa, 0x2, 0x0) (async)
r1 = socket$kcm(0xa, 0x2, 0x0)
fsopen(&(0x7f0000000140)='bpf\x00', 0x1)
socket$nl_generic(0x10, 0x3, 0x10) (async)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ipvs(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$IPVS_CMD_NEW_SERVICE(r2, &(0x7f0000000300)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f00000002c0)={&(0x7f0000000600)=ANY=[@ANYBLOB="b4000000", @ANYRES16=r3, @ANYBLOB="020025bd7000ffdbdf25010000000800060008000000580002800800060073170000060002004e23008008000800020000000800070005000000080006001c07000014000100ff01000000000000000000000000000105000d0000000000080007001d000000080007000f002f0cd071f4781e3703071be1afaa00000800060002000000080004000c00000030000364080005007f0000010800010000000000050008000500000014000600fc02d563bab26ccdad67982025b1bf4cc196b5bef4f8aa799533e3c527dcf9a69487814301e87bfb83e92b3c7b37ed27d05b7bac1ae40acb41da95e1b04498195d089504155eeed092847e5d4fdc63b36449b6ef7106b2b1dda1c349ad4eb58740cb13ba0e23241415ee7cee7c153afad4bc3722d34a8f324dcdfe25fd4b5997491c0da06ed760543057e70dd193d108938da88a0d040c7e1f62ebe34260e9f63086bda9c5f793f37b75"], 0xb4}, 0x1, 0x0, 0x0, 0x20004852}, 0x85) (async)
sendmsg$IPVS_CMD_NEW_SERVICE(r2, &(0x7f0000000300)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f00000002c0)={&(0x7f0000000600)=ANY=[@ANYBLOB="b4000000", @ANYRES16=r3, @ANYBLOB="020025bd7000ffdbdf25010000000800060008000000580002800800060073170000060002004e23008008000800020000000800070005000000080006001c07000014000100ff01000000000000000000000000000105000d0000000000080007001d000000080007000f002f0cd071f4781e3703071be1afaa00000800060002000000080004000c00000030000364080005007f0000010800010000000000050008000500000014000600fc02d563bab26ccdad67982025b1bf4cc196b5bef4f8aa799533e3c527dcf9a69487814301e87bfb83e92b3c7b37ed27d05b7bac1ae40acb41da95e1b04498195d089504155eeed092847e5d4fdc63b36449b6ef7106b2b1dda1c349ad4eb58740cb13ba0e23241415ee7cee7c153afad4bc3722d34a8f324dcdfe25fd4b5997491c0da06ed760543057e70dd193d108938da88a0d040c7e1f62ebe34260e9f63086bda9c5f793f37b75"], 0xb4}, 0x1, 0x0, 0x0, 0x20004852}, 0x85)
r4 = socket$inet_sctp(0x2, 0x1, 0x84)
socket$nl_route(0x10, 0x3, 0x0) (async)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000400)=@newlink={0x3c, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x8047}, [@IFLA_ALT_IFNAME={0x14, 0x35, 'bridge0\x00'}, @IFLA_GSO_MAX_SIZE={0x8, 0x29, 0x105a4}]}, 0x3c}}, 0x0) (async)
sendmsg$nl_route(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000400)=@newlink={0x3c, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x8047}, [@IFLA_ALT_IFNAME={0x14, 0x35, 'bridge0\x00'}, @IFLA_GSO_MAX_SIZE={0x8, 0x29, 0x105a4}]}, 0x3c}}, 0x0)
r6 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r6, &(0x7f00000002c0), 0x40000000000009f, 0x0)
setsockopt$IP_VS_SO_SET_ADDDEST(r4, 0x0, 0x487, &(0x7f0000000000)={{0x84, @rand_addr=0x64010100, 0x4e24, 0x3, 'lc\x00', 0x8, 0x323b, 0x55}, {@remote, 0x4e23, 0x10000, 0x0, 0x12d5c, 0x12d5c}}, 0x44)
r7 = openat$comedi(0xffffff9c, &(0x7f0000000040)='/dev/comedi3\x00', 0x2000, 0x0)
ioctl$COMEDI_DEVCONFIG(r7, 0x40946400, &(0x7f0000000080)={'c6xdigio\x00', [0x6, 0x10, 0x2, 0xa, 0x14000000, 0xfffffffd, 0xfffffffc, 0x2, 0xffd, 0x7ffe, 0x3, 0x723, 0x4, 0x2, 0x13, 0x100, 0xffffffa7, 0x9, 0x34d, 0x1, 0x3ff, 0x9, 0x200, 0xe2df, 0xaa14, 0x1, 0x4, 0x0, 0x7, 0xf58, 0x6]})
ioctl$COMEDI_INSN(r7, 0x8028640c, &(0x7f0000000000)={0x4000000, 0x0, 0x0, 0x0, 0x80000000})
sendmsg$sock(r1, &(0x7f0000000400)={&(0x7f0000000580)=@in6={0x2, 0x4e22, 0x0, @dev}, 0x80, 0x0, 0x0, &(0x7f0000000000)=[@mark={{0x14, 0x1, 0x24, 0x3}}], 0x18}, 0x0)
bpf$ITER_CREATE(0x21, &(0x7f0000000080), 0x8) (async)
r8 = bpf$ITER_CREATE(0x21, &(0x7f0000000080), 0x8)
setsockopt$bt_hci_HCI_DATA_DIR(r8, 0x0, 0x1, &(0x7f00000000c0)=0x3, 0x4)

[   75.342789][ T5317] Bluetooth: hci0: command tx timeout
[   75.437918][ T4822] IPVS: starting estimator thread 0...
[   75.449776][ T5338] Zero length message leads to an empty skb
[   75.463828][ T5337] comedi comedi3: c6xdigio: I/O port conflict (0x6,3)
[   75.466623][ T5337] ------------[ cut here ]------------
[   75.469004][ T5337] Unexpected driver unregister!
[   75.471178][ T5337] WARNING: drivers/base/driver.c:273 at 0x0, CPU#0: syz.0.0/5337
[   75.474402][ T5337] Modules linked in:
[   75.476036][ T5337] CPU: 0 UID: 0 PID: 5337 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) 
[   75.479451][ T5337] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   75.484191][ T5337] RIP: 0010:driver_unregister+0x8d/0xa0
[   75.486851][ T5337] Code: 73 68 4c 89 f7 e8 93 3e 9b fc 48 89 df 5b 41 5e 41 5f e9 e6 55 ff ff e8 31 34 f7 fb eb 05 e8 2a 34 f7 fb 48 8d 3d 63 0a c2 09 <67> 48 0f b9 3a 5b 41 5e 41 5f e9 44 70 81 05 cc cc cc cc 90 90 90
[   75.494990][ T5337] RSP: 0018:ffffc9000d5c7a20 EFLAGS: 00010293
[   75.497634][ T5337] RAX: ffffffff85c9da06 RBX: ffffffff8f1c9380 RCX: ffff8880004bc980
[   75.501056][ T5337] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffffff8f8be470
[   75.504664][ T5337] RBP: 0000000000000001 R08: ffff88803e18992f R09: 1ffff11007c31325
[   75.508026][ T5337] R10: dffffc0000000000 R11: ffffffff88b96490 R12: ffff88803e189838
[   75.511527][ T5337] R13: ffffffff8f1c92d0 R14: 0000000000000000 R15: dffffc0000000000
[   75.515248][ T5337] FS:  00007ff5bc8a16c0(0000) GS:ffff88808d6b7000(0000) knlGS:0000000000000000
[   75.519173][ T5337] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   75.522146][ T5337] CR2: 00007ff5bc87ffc8 CR3: 0000000040fc2000 CR4: 0000000000352ef0
[   75.525527][ T5337] Call Trace:
[   75.527008][ T5337]  <TASK>
[   75.528272][ T5337]  comedi_device_detach_locked+0x178/0x750
[   75.530644][ T5337]  comedi_device_attach+0x5d4/0x720
[   75.532888][ T5337]  comedi_unlocked_ioctl+0x5ff/0x1020
[   75.535400][ T5337]  ? kasan_quarantine_put+0xdd/0x220
[   75.537543][ T5337]  ? __pfx_comedi_unlocked_ioctl+0x10/0x10
[   75.539689][ T5337]  ? do_futex+0x333/0x420
[   75.541392][ T5337]  ? __fget_files+0x2a/0x420
[   75.543590][ T5337]  ? __fget_files+0x3a0/0x420
[   75.545601][ T5337]  ? __fget_files+0x2a/0x420
[   75.547563][ T5337]  ? bpf_lsm_file_ioctl+0x9/0x20
[   75.549818][ T5337]  ? __pfx_comedi_unlocked_ioctl+0x10/0x10
[   75.552676][ T5337]  __se_sys_ioctl+0xfc/0x170
[   75.554544][ T5337]  do_syscall_64+0xfa/0xf80
[   75.556623][ T5337]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   75.559216][ T5337]  ? clear_bhb_loop+0x60/0xb0
[   75.561239][ T5337]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   75.563639][ T5337] RIP: 0033:0x7ff5bb98f7c9
[   75.565507][ T5337] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   75.573181][ T5337] RSP: 002b:00007ff5bc8a1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   75.576743][ T5337] RAX: ffffffffffffffda RBX: 00007ff5bbbe5fa0 RCX: 00007ff5bb98f7c9
[   75.580020][ T5337] RDX: 0000200000000080 RSI: 0000000040946400 RDI: 000000000000000d
[   75.583412][ T5337] RBP: 00007ff5bba13f91 R08: 0000000000000000 R09: 0000000000000000
[   75.586506][ T5337] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   75.589736][ T5337] R13: 00007ff5bbbe6038 R14: 00007ff5bbbe5fa0 R15: 00007fff039dce68
[   75.593207][ T5337]  </TASK>
[   75.594616][ T5337] Kernel panic - not syncing: kernel: panic_on_warn set ...
[   75.597734][ T5337] CPU: 0 UID: 0 PID: 5337 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) 
[   75.601467][ T5337] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   75.606168][ T5337] Call Trace:
[   75.607504][ T5337]  <TASK>
[   75.608683][ T5337]  dump_stack_lvl+0x99/0x250
[   75.610683][ T5337]  ? __asan_memcpy+0x40/0x70
[   75.613213][ T5337]  ? __pfx_dump_stack_lvl+0x10/0x10
[   75.615636][ T5337]  ? __pfx__printk+0x10/0x10
[   75.617756][ T5337]  vpanic+0x237/0x6d0
[   75.619715][ T5337]  ? __pfx_vpanic+0x10/0x10
[   75.622176][ T5337]  ? is_bpf_text_address+0x292/0x2b0
[   75.625058][ T5337]  ? is_bpf_text_address+0x26/0x2b0
[   75.627569][ T5337]  panic+0xb9/0xc0
[   75.629254][ T5337]  ? __pfx_panic+0x10/0x10
[   75.631262][ T5337]  __warn+0x317/0x4b0
[   75.632888][ T5337]  __report_bug+0x288/0x500
[   75.634736][ T5337]  ? check_path+0x21/0x40
[   75.636567][ T5337]  ? __pfx___report_bug+0x10/0x10
[   75.638702][ T5337]  ? lockdep_unlock+0x89/0x120
[   75.640708][ T5337]  ? __pfx_dev_printk_emit+0x10/0x10
[   75.643018][ T5337]  report_bug_entry+0x16a/0x220
[   75.644890][ T5337]  ? driver_unregister+0x8d/0xa0
[   75.646906][ T5337]  ? driver_unregister+0x92/0xa0
[   75.649075][ T5337]  handle_bug+0xca/0x200
[   75.650891][ T5337]  exc_invalid_op+0x1a/0x50
[   75.652744][ T5337]  asm_exc_invalid_op+0x1a/0x20
[   75.654872][ T5337] RIP: 0010:driver_unregister+0x8d/0xa0
[   75.657218][ T5337] Code: 73 68 4c 89 f7 e8 93 3e 9b fc 48 89 df 5b 41 5e 41 5f e9 e6 55 ff ff e8 31 34 f7 fb eb 05 e8 2a 34 f7 fb 48 8d 3d 63 0a c2 09 <67> 48 0f b9 3a 5b 41 5e 41 5f e9 44 70 81 05 cc cc cc cc 90 90 90
[   75.665325][ T5337] RSP: 0018:ffffc9000d5c7a20 EFLAGS: 00010293
[   75.667730][ T5337] RAX: ffffffff85c9da06 RBX: ffffffff8f1c9380 RCX: ffff8880004bc980
[   75.670811][ T5337] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffffff8f8be470
[   75.673809][ T5337] RBP: 0000000000000001 R08: ffff88803e18992f R09: 1ffff11007c31325
[   75.677041][ T5337] R10: dffffc0000000000 R11: ffffffff88b96490 R12: ffff88803e189838
[   75.680364][ T5337] R13: ffffffff8f1c92d0 R14: 0000000000000000 R15: dffffc0000000000
[   75.684268][ T5337]  ? __pfx_c6xdigio_detach+0x10/0x10
[   75.687126][ T5337]  ? driver_unregister+0x86/0xa0
[   75.689624][ T5337]  comedi_device_detach_locked+0x178/0x750
[   75.692671][ T5337]  comedi_device_attach+0x5d4/0x720
[   75.695405][ T5337]  comedi_unlocked_ioctl+0x5ff/0x1020
[   75.698096][ T5337]  ? kasan_quarantine_put+0xdd/0x220
[   75.700354][ T5337]  ? __pfx_comedi_unlocked_ioctl+0x10/0x10
[   75.702685][ T5337]  ? do_futex+0x333/0x420
[   75.704378][ T5337]  ? __fget_files+0x2a/0x420
[   75.706435][ T5337]  ? __fget_files+0x3a0/0x420
[   75.708450][ T5337]  ? __fget_files+0x2a/0x420
[   75.710522][ T5337]  ? bpf_lsm_file_ioctl+0x9/0x20
[   75.712533][ T5337]  ? __pfx_comedi_unlocked_ioctl+0x10/0x10
[   75.715111][ T5337]  __se_sys_ioctl+0xfc/0x170
[   75.717120][ T5337]  do_syscall_64+0xfa/0xf80
[   75.719101][ T5337]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   75.721673][ T5337]  ? clear_bhb_loop+0x60/0xb0
[   75.723798][ T5337]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   75.726391][ T5337] RIP: 0033:0x7ff5bb98f7c9
[   75.728313][ T5337] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   75.735743][ T5337] RSP: 002b:00007ff5bc8a1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   75.739332][ T5337] RAX: ffffffffffffffda RBX: 00007ff5bbbe5fa0 RCX: 00007ff5bb98f7c9
[   75.742684][ T5337] RDX: 0000200000000080 RSI: 0000000040946400 RDI: 000000000000000d
[   75.746025][ T5337] RBP: 00007ff5bba13f91 R08: 0000000000000000 R09: 0000000000000000
[   75.749327][ T5337] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   75.752738][ T5337] R13: 00007ff5bbbe6038 R14: 00007ff5bbbe5fa0 R15: 00007fff039dce68
[   75.756259][ T5337]  </TASK>
[   75.757959][ T5337] Kernel Offset: disabled
[   75.759811][ T5337] Rebooting in 86400 seconds..