------------[ cut here ]------------
kernel BUG at net/netfilter/nf_conntrack_core.c:570!
Internal error: Oops - BUG: 00000000f2000800 [#1] PREEMPT SMP
Modules linked in:
CPU: 1 PID: 6070 Comm: syz.2.434 Not tainted 5.15.173-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
pstate: 40400005 (nZcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : nf_ct_del_from_dying_or_unconfirmed_list net/netfilter/nf_conntrack_core.c:570 [inline]
pc : __nf_conntrack_confirm+0xd2c/0xd98 net/netfilter/nf_conntrack_core.c:1207
lr : nf_ct_del_from_dying_or_unconfirmed_list net/netfilter/nf_conntrack_core.c:570 [inline]
lr : __nf_conntrack_confirm+0xd2c/0xd98 net/netfilter/nf_conntrack_core.c:1207
sp : ffff800020656480
x29: ffff8000206564f0 x28: dfff800000000000 x27: fffffbffeff7c0f0
x26: ffff0000d0a144d0 x25: 0000000000000000 x24: ffff0000d0a14490
x23: ffff0000d0a14458 x22: 000000000001a360 x21: 0000000000000000
x20: ffff800014ac0ff8 x19: ffff0000d0a144c0 x18: 0000000000000101
x17: 0000000000000000 x16: ffff8000083052d8 x15: 0000000000000003
x14: 1ffff0000295806a x13: dfff800000000000 x12: ffff7000040cac74
x11: 0000000000000304 x10: 0000000000000000 x9 : ffff0000d1641b40
x8 : ffff8000102d07cc x7 : ffff8000102cfd58 x6 : 0000000000000000
x5 : 0000000000000000 x4 : 0000000000000001 x3 : ffff800008305408
x2 : 0000000000000001 x1 : 0000000000000000 x0 : 0000000000000000
Call trace:
 nf_ct_del_from_dying_or_unconfirmed_list net/netfilter/nf_conntrack_core.c:570 [inline]
 __nf_conntrack_confirm+0xd2c/0xd98 net/netfilter/nf_conntrack_core.c:1207
 nf_conntrack_confirm include/net/netfilter/nf_conntrack_core.h:62 [inline]
 nf_confirm+0x37c/0x50c net/netfilter/nf_conntrack_proto.c:154
 ipv4_confirm+0xec/0x1d4 net/netfilter/nf_conntrack_proto.c:169
 nf_hook_entry_hookfn include/linux/netfilter.h:142 [inline]
 nf_hook_slow+0xc8/0x1f4 net/netfilter/core.c:584
 nf_hook include/linux/netfilter.h:257 [inline]
 NF_HOOK+0x228/0x3d0 include/linux/netfilter.h:300
 ip_local_deliver+0x11c/0x190 net/ipv4/ip_input.c:252
 dst_input include/net/dst.h:453 [inline]
 ip_rcv_finish+0x22c/0x264 net/ipv4/ip_input.c:447
 NF_HOOK+0x324/0x3d0 include/linux/netfilter.h:302
 ip_rcv+0x78/0x98 net/ipv4/ip_input.c:566
 __netif_receive_skb_one_core net/core/dev.c:5493 [inline]
 __netif_receive_skb+0x18c/0x400 net/core/dev.c:5607
 process_backlog+0x3ec/0x7e0 net/core/dev.c:6484
 __napi_poll+0xb4/0x624 net/core/dev.c:7043
 napi_poll net/core/dev.c:7110 [inline]
 net_rx_action+0x500/0xc10 net/core/dev.c:7200
 handle_softirqs+0x384/0xdbc kernel/softirq.c:558
 __do_softirq kernel/softirq.c:592 [inline]
 do_softirq_own_stack include/asm-generic/softirq_stack.h:10 [inline]
 do_softirq+0xfc/0x1b0 kernel/softirq.c:459
 __local_bh_enable_ip+0x298/0x470 kernel/softirq.c:383
 local_bh_enable+0x28/0x1d0 include/linux/bottom_half.h:32
 rcu_read_unlock_bh include/linux/rcupdate.h:809 [inline]
 ip_finish_output2+0xe78/0x131c net/ipv4/ip_output.c:229
 __ip_finish_output+0x1b0/0x458
 ip_finish_output+0x40/0x218 net/ipv4/ip_output.c:316
 NF_HOOK_COND include/linux/netfilter.h:291 [inline]
 ip_output+0x330/0x49c net/ipv4/ip_output.c:430
 dst_output include/net/dst.h:443 [inline]
 ip_local_out net/ipv4/ip_output.c:126 [inline]
 __ip_queue_xmit+0xe90/0x1a04 net/ipv4/ip_output.c:532
 ip_queue_xmit+0x5c/0x78 net/ipv4/ip_output.c:546
 __tcp_transmit_skb+0x1944/0x31e8 net/ipv4/tcp_output.c:1402
 __tcp_send_ack+0x25c/0x544 net/ipv4/tcp_output.c:4009
 tcp_send_ack+0x4c/0x64 net/ipv4/tcp_output.c:4015
 tcp_fin+0x130/0x4e0 net/ipv4/tcp_input.c:4468
 tcp_data_queue+0x90c/0x5288 net/ipv4/tcp_input.c:5131
 tcp_rcv_state_process+0x2094/0x3e2c net/ipv4/tcp_input.c:6715
 tcp_v4_do_rcv+0x51c/0xc70 net/ipv4/tcp_ipv4.c:1753
 sk_backlog_rcv include/net/sock.h:1061 [inline]
 __release_sock+0x1a8/0x408 net/core/sock.c:2724
 __tcp_close+0x548/0x10dc net/ipv4/tcp.c:2845
 tcp_close+0x38/0x158 net/ipv4/tcp.c:2922
 inet_release+0x160/0x1d0 net/ipv4/af_inet.c:434
 __sock_release net/socket.c:649 [inline]
 sock_close+0xb8/0x1fc net/socket.c:1336
 __fput+0x1c4/0x800 fs/file_table.c:280
 ____fput+0x20/0x30 fs/file_table.c:308
 task_work_run+0x130/0x1e4 kernel/task_work.c:188
 tracehook_notify_resume include/linux/tracehook.h:189 [inline]
 do_notify_resume+0x262c/0x32b8 arch/arm64/kernel/signal.c:946
 prepare_exit_to_user_mode arch/arm64/kernel/entry-common.c:133 [inline]
 exit_to_user_mode arch/arm64/kernel/entry-common.c:138 [inline]
 el0_svc+0xfc/0x1f0 arch/arm64/kernel/entry-common.c:609
 el0t_64_sync_handler+0x84/0xe4 arch/arm64/kernel/entry-common.c:626
 el0t_64_sync+0x1a0/0x1a4 arch/arm64/kernel/entry.S:584
Code: aa1903e2 96a0edec 17fffd3e 9607cecd (d4210000) 
---[ end trace a1571b3d30d00c28 ]---