last executing test programs:

0s ago: executing program 0 (id=1):
syz_mount_image$minix(&(0x7f00000000c0), &(0x7f0000000080)='./file0\x00', 0x1810002, &(0x7f00000005c0)=ANY=[], 0x1, 0x1d3, &(0x7f00000003c0)="$eJzs291u0mAcx/FfC7Rsvr+deGTigZ5IlZHoztwFeAOeLVtdFjs14gnERDnxPrwMz7wTbwASvYKalhIo0lJaaWF8P8nW/5701+dZsn/3lIAA7Kyb4XdDhhph5fv+lweSXr+SVE+NWqUsEMDa+Ma46ZNYi4eb6SkA26H2e/G4ndjgPyaFyV0A2Gajo1q4D/hpSL/+fD4ZRl+NjPuH0ZEp1aIfZvKW1MyUHxjh8X5dGs7kbcUvYHxN2L98H+cfKZ7fy7r+aP79ufz+smDwyBQYmOHh8cN4/oqkq5KuSbou6Ub0rHVL0u0F85/OzX8v4/qBIoK/vlZsJFPbxvOtlBPs9HzQPW/OPffpSrNONaL8s5x5K8q3C+YPcubtKN86ee+dJp71MufVgXTmP/2/mqX9n2j68mGR/q8X7H9gl3V7/bfHnud+XL0wc6WSCzX/8wUpKi0mG8lgJLhNL099q3zN5RV7m7GM5KLiGxOAtXM+XXxwur3+k/OL4zP3zH3X7hy+6By0O88PnXBf7hTZnQPYZNN/+tnOT39LEAAAAAAAAAAAAAAAqMIdSXerXgQAAACAUpTxcaKqf0cAAAAAAAAAAAAAAAAAAADgsvgbAAD//ym8O0Q=")
mkdir(&(0x7f0000000080)='./bus\x00', 0x0)
rename(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000f40)='./bus\x00')
rename(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./bus/file0\x00')
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x88e, &(0x7f0000000180)={[{}, {@mblk_io_submit}, {@data_err_ignore}, {@test_dummy_encryption_v1}, {@barrier}, {@mblk_io_submit}, {@barrier}]}, 0x3, 0x445, &(0x7f0000000800)="$eJzs3M9rHFUcAPDv7CZt06YmlvqjadVoFYM/kiattQcvioIHBUEP9RiTtMRuG2ki2BI0itSjFLyLR8G/wJNeRD0JXvUuhSK5tIqHldmdSXY3u2k2blzNfj4wyXszb3nvuzNv9715mQTQs0bTH0nEYET8EhFD1Wx9gdHqr9uryzN/rC7PJFEuv/57Uil3a3V5Ji+av+5AnumLKHycxNEm9S5euXphulSau5zlJ5YuvjOxeOXq0/MXp8/PnZ+7NHXmzKmTk8+ennqmI3Gmcd0aeX/h2JGX37z+6szZ62/98FWSx98QR4eMbnbwsXK5w9V118GadNLXxYbQlmK1m0Z/pf8PRTHWT95QvPRRVxsH7KhyuVy+t/XhlTKwiyXR7RYA3ZF/0afz33zbfMDQ0eFH1918vjoBSuO+nW3VI31RyMr0N8xvO2k0Is6u/Pl5usXO3IcAAKjzTTr+earZ+K8QtfeF7srWUIYj4u6IOBQRpyPicETcE1Epe19E3N9m/Y2LJBvHP4Ub2wpsi9Lx33PZ2lb9+C8f/cVwMcsdrMTfn5ybL82dyN6Tsejfm+YnN6nj2xd//rTVsdrxX7ql9edjwawdN/r21r9mdnpp+p/EXOvmhxEjfc3iT9ZWApKIOBIRI9usY/6JL4+1Onbn+JurvCUdWGcqfxHxePX8r0RD/Llk8/XJiX1RmjsxkV8VG/3407XXWtW/3fg7JT3/+5te/2vxDye167WL7ddx7ddPWs5ptnv970neqNv33vTS0uXJiD3JK9VG1+6faig3tV4+jX/sePP+fyjW34mjEZFexA9ExIMR8VDW9ocj4pGIOL5J/N+/8OjbdTvGBtuIf2el8c+2df7XE3uicU/zRPHCd1/XVTocbcSfnv9TldRYtmcrn39badf2rmYAAAD4/ylExGAkhfG1dKEwPl79G/7Dsb9QWlhcevLcwruXZqvPCAxHfyG/0zVUcz90MpvW5/mphvzJ7L7xZ8WBSn58ZqE02+3goccdaNH/U78Vu906YMd5Xgt6l/4PvUv/h96l/0PvatL/Bzbu+qvhkUFgN2j2/f9BF9oB/Psa+r9lP+gh5v/Qu/R/6F36P/SkxYG480PyEhIbElH4TzRj5xP7tvhvLnZZotufTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ3xdwAAAP//FX7vJg==")
syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000280)='./bus\x00', 0x2081413, 0x0, 0x1, 0x0, &(0x7f0000000080))
mount$overlay(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000200), 0x0, &(0x7f0000001100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@workdir={'workdir', 0x3d, './bus'}}], [], 0x2c})

kernel console output (not intermixed with test programs):

Warning: Permanently added '10.128.1.76' (ED25519) to the list of known hosts.
[   83.025136][ T5804] cgroup: Unknown subsys name 'net'
[   83.144229][ T5804] cgroup: Unknown subsys name 'cpuset'
[   83.154018][ T5804] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   84.759640][ T5804] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   88.087251][ T5819] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   88.107698][ T5821] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   88.116127][ T5821] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   88.135623][ T5826] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   88.143531][ T5826] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   88.160468][ T5826] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   88.179970][ T5826] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   88.190260][ T5826] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   88.202818][ T5835] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[   88.210482][ T5826] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   88.221000][ T5835] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   88.229699][ T5826] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   88.239701][ T5826] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   88.240286][ T5837] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[   88.247283][ T5832] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   88.275997][ T5832] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   88.285304][ T5834] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   88.293795][   T55] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   88.295029][ T5834] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   88.301104][   T55] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   88.312033][ T5834] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[   88.322841][   T55] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   88.324297][ T5834] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[   88.330929][   T55] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   88.340682][ T5834] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[   89.001001][ T5816] chnl_net:caif_netlink_parms(): no params data found
[   89.058285][ T5823] chnl_net:caif_netlink_parms(): no params data found
[   89.227705][ T5830] chnl_net:caif_netlink_parms(): no params data found
[   89.276924][ T5815] chnl_net:caif_netlink_parms(): no params data found
[   89.367310][ T5827] chnl_net:caif_netlink_parms(): no params data found
[   89.394568][ T5816] bridge0: port 1(bridge_slave_0) entered blocking state
[   89.404630][ T5816] bridge0: port 1(bridge_slave_0) entered disabled state
[   89.412626][ T5816] bridge_slave_0: entered allmulticast mode
[   89.420286][ T5816] bridge_slave_0: entered promiscuous mode
[   89.465867][ T5816] bridge0: port 2(bridge_slave_1) entered blocking state
[   89.473145][ T5816] bridge0: port 2(bridge_slave_1) entered disabled state
[   89.483685][ T5816] bridge_slave_1: entered allmulticast mode
[   89.491258][ T5816] bridge_slave_1: entered promiscuous mode
[   89.620164][ T5816] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   89.635926][ T5823] bridge0: port 1(bridge_slave_0) entered blocking state
[   89.643771][ T5823] bridge0: port 1(bridge_slave_0) entered disabled state
[   89.651419][ T5823] bridge_slave_0: entered allmulticast mode
[   89.658619][ T5823] bridge_slave_0: entered promiscuous mode
[   89.689140][ T5816] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   89.725984][ T5823] bridge0: port 2(bridge_slave_1) entered blocking state
[   89.733282][ T5823] bridge0: port 2(bridge_slave_1) entered disabled state
[   89.740797][ T5823] bridge_slave_1: entered allmulticast mode
[   89.748013][ T5823] bridge_slave_1: entered promiscuous mode
[   89.806236][ T5815] bridge0: port 1(bridge_slave_0) entered blocking state
[   89.814088][ T5815] bridge0: port 1(bridge_slave_0) entered disabled state
[   89.822215][ T5815] bridge_slave_0: entered allmulticast mode
[   89.829510][ T5815] bridge_slave_0: entered promiscuous mode
[   89.878107][ T5830] bridge0: port 1(bridge_slave_0) entered blocking state
[   89.885454][ T5830] bridge0: port 1(bridge_slave_0) entered disabled state
[   89.893014][ T5830] bridge_slave_0: entered allmulticast mode
[   89.901039][ T5830] bridge_slave_0: entered promiscuous mode
[   89.911560][ T5816] team0: Port device team_slave_0 added
[   89.917720][ T5815] bridge0: port 2(bridge_slave_1) entered blocking state
[   89.926209][ T5815] bridge0: port 2(bridge_slave_1) entered disabled state
[   89.933533][ T5815] bridge_slave_1: entered allmulticast mode
[   89.941512][ T5815] bridge_slave_1: entered promiscuous mode
[   89.950942][ T5823] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   89.960339][ T5827] bridge0: port 1(bridge_slave_0) entered blocking state
[   89.967654][ T5827] bridge0: port 1(bridge_slave_0) entered disabled state
[   89.975237][ T5827] bridge_slave_0: entered allmulticast mode
[   89.982582][ T5827] bridge_slave_0: entered promiscuous mode
[   89.995562][ T5830] bridge0: port 2(bridge_slave_1) entered blocking state
[   90.002749][ T5830] bridge0: port 2(bridge_slave_1) entered disabled state
[   90.010315][ T5830] bridge_slave_1: entered allmulticast mode
[   90.017651][ T5830] bridge_slave_1: entered promiscuous mode
[   90.026478][ T5816] team0: Port device team_slave_1 added
[   90.048614][ T5823] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   90.071836][ T5827] bridge0: port 2(bridge_slave_1) entered blocking state
[   90.079073][ T5827] bridge0: port 2(bridge_slave_1) entered disabled state
[   90.087092][ T5827] bridge_slave_1: entered allmulticast mode
[   90.095239][ T5827] bridge_slave_1: entered promiscuous mode
[   90.213211][ T5816] batman_adv: batadv0: Adding interface: batadv_slave_0
[   90.220526][ T5816] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   90.246923][ T5816] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   90.262164][ T5816] batman_adv: batadv0: Adding interface: batadv_slave_1
[   90.269160][ T5816] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   90.295577][ T5816] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   90.307760][ T5834] Bluetooth: hci1: command tx timeout
[   90.315302][ T5815] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   90.328152][ T5815] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   90.341066][ T5823] team0: Port device team_slave_0 added
[   90.350397][ T5823] team0: Port device team_slave_1 added
[   90.359003][ T5827] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   90.368682][ T5834] Bluetooth: hci3: command tx timeout
[   90.372896][ T5827] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   90.387055][ T5830] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   90.440519][ T5828] Bluetooth: hci2: command tx timeout
[   90.446312][ T5828] Bluetooth: hci0: command tx timeout
[   90.451042][ T5834] Bluetooth: hci4: command tx timeout
[   90.474868][ T5830] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   90.489284][ T5815] team0: Port device team_slave_0 added
[   90.551896][ T5815] team0: Port device team_slave_1 added
[   90.558469][ T5823] batman_adv: batadv0: Adding interface: batadv_slave_0
[   90.566078][ T5823] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   90.592080][ T5823] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   90.605390][ T5823] batman_adv: batadv0: Adding interface: batadv_slave_1
[   90.612542][ T5823] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   90.638580][ T5823] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   90.652592][ T5827] team0: Port device team_slave_0 added
[   90.675201][ T5830] team0: Port device team_slave_0 added
[   90.715596][ T5827] team0: Port device team_slave_1 added
[   90.738904][ T5830] team0: Port device team_slave_1 added
[   90.766981][ T5816] hsr_slave_0: entered promiscuous mode
[   90.773907][ T5816] hsr_slave_1: entered promiscuous mode
[   90.813240][ T5815] batman_adv: batadv0: Adding interface: batadv_slave_0
[   90.820427][ T5815] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   90.846932][ T5815] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   90.888576][ T5830] batman_adv: batadv0: Adding interface: batadv_slave_0
[   90.896058][ T5830] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   90.922650][ T5830] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   90.944626][ T5815] batman_adv: batadv0: Adding interface: batadv_slave_1
[   90.951738][ T5815] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   90.978089][ T5815] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   90.997067][ T5827] batman_adv: batadv0: Adding interface: batadv_slave_0
[   91.004377][ T5827] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   91.030596][ T5827] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   91.043506][ T5827] batman_adv: batadv0: Adding interface: batadv_slave_1
[   91.050577][ T5827] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   91.076746][ T5827] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   91.088706][ T5830] batman_adv: batadv0: Adding interface: batadv_slave_1
[   91.095726][ T5830] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   91.122459][ T5830] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   91.214632][ T5823] hsr_slave_0: entered promiscuous mode
[   91.221864][ T5823] hsr_slave_1: entered promiscuous mode
[   91.228071][ T5823] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   91.236012][ T5823] Cannot create hsr debugfs directory
[   91.303478][ T5830] hsr_slave_0: entered promiscuous mode
[   91.310227][ T5830] hsr_slave_1: entered promiscuous mode
[   91.316345][ T5830] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   91.324615][ T5830] Cannot create hsr debugfs directory
[   91.440862][ T5827] hsr_slave_0: entered promiscuous mode
[   91.447253][ T5827] hsr_slave_1: entered promiscuous mode
[   91.454443][ T5827] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   91.462094][ T5827] Cannot create hsr debugfs directory
[   91.474436][ T5815] hsr_slave_0: entered promiscuous mode
[   91.481127][ T5815] hsr_slave_1: entered promiscuous mode
[   91.487282][ T5815] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   91.495174][ T5815] Cannot create hsr debugfs directory
[   91.885459][   T59] cfg80211: failed to load regulatory.db
[   92.093639][ T5816] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   92.116875][ T5816] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   92.137725][ T5816] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   92.151011][ T5816] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   92.208250][ T5823] netdevsim netdevsim4 netdevsim0: renamed from eth0
[   92.224027][ T5823] netdevsim netdevsim4 netdevsim1: renamed from eth1
[   92.238860][ T5823] netdevsim netdevsim4 netdevsim2: renamed from eth2
[   92.254105][ T5823] netdevsim netdevsim4 netdevsim3: renamed from eth3
[   92.341234][ T5830] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   92.355381][ T5830] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   92.367229][ T5834] Bluetooth: hci1: command tx timeout
[   92.377820][ T5830] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   92.401887][ T5830] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   92.439890][ T5834] Bluetooth: hci3: command tx timeout
[   92.485364][ T5815] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   92.503956][ T5815] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   92.515686][ T5815] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   92.523490][ T5834] Bluetooth: hci4: command tx timeout
[   92.528956][   T55] Bluetooth: hci2: command tx timeout
[   92.534967][ T5828] Bluetooth: hci0: command tx timeout
[   92.549950][ T5815] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   92.646766][ T5816] 8021q: adding VLAN 0 to HW filter on device bond0
[   92.713053][ T5827] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   92.745685][ T5816] 8021q: adding VLAN 0 to HW filter on device team0
[   92.753950][ T5827] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   92.782243][ T5827] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   92.793900][ T5827] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   92.825597][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[   92.832855][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[   92.875998][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[   92.883219][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[   92.981684][ T5830] 8021q: adding VLAN 0 to HW filter on device bond0
[   93.016949][ T5823] 8021q: adding VLAN 0 to HW filter on device bond0
[   93.039294][ T5830] 8021q: adding VLAN 0 to HW filter on device team0
[   93.075839][ T2911] bridge0: port 1(bridge_slave_0) entered blocking state
[   93.083149][ T2911] bridge0: port 1(bridge_slave_0) entered forwarding state
[   93.128924][ T5815] 8021q: adding VLAN 0 to HW filter on device bond0
[   93.138729][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[   93.145996][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[   93.194336][ T5823] 8021q: adding VLAN 0 to HW filter on device team0
[   93.232043][ T5827] 8021q: adding VLAN 0 to HW filter on device bond0
[   93.262615][ T5815] 8021q: adding VLAN 0 to HW filter on device team0
[   93.284090][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[   93.291341][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[   93.333042][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[   93.340335][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[   93.356627][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[   93.363879][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[   93.415534][ T5827] 8021q: adding VLAN 0 to HW filter on device team0
[   93.457653][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[   93.464899][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[   93.484355][ T2911] bridge0: port 1(bridge_slave_0) entered blocking state
[   93.491610][ T2911] bridge0: port 1(bridge_slave_0) entered forwarding state
[   93.524855][ T2911] bridge0: port 2(bridge_slave_1) entered blocking state
[   93.532082][ T2911] bridge0: port 2(bridge_slave_1) entered forwarding state
[   93.646297][ T5816] 8021q: adding VLAN 0 to HW filter on device batadv0
[   93.886789][ T5816] veth0_vlan: entered promiscuous mode
[   93.968045][ T5830] 8021q: adding VLAN 0 to HW filter on device batadv0
[   94.015412][ T5816] veth1_vlan: entered promiscuous mode
[   94.261911][ T5816] veth0_macvtap: entered promiscuous mode
[   94.276227][ T5816] veth1_macvtap: entered promiscuous mode
[   94.303915][ T5830] veth0_vlan: entered promiscuous mode
[   94.328191][ T5816] batman_adv: batadv0: Interface activated: batadv_slave_0
[   94.357473][ T5823] 8021q: adding VLAN 0 to HW filter on device batadv0
[   94.372476][ T5830] veth1_vlan: entered promiscuous mode
[   94.387515][ T5816] batman_adv: batadv0: Interface activated: batadv_slave_1
[   94.400235][ T5827] 8021q: adding VLAN 0 to HW filter on device batadv0
[   94.424762][ T5816] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   94.436366][ T5816] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   94.459077][ T5828] Bluetooth: hci1: command tx timeout
[   94.469093][ T5816] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   94.479319][ T5816] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   94.505469][ T5815] 8021q: adding VLAN 0 to HW filter on device batadv0
[   94.520762][ T5828] Bluetooth: hci3: command tx timeout
[   94.605416][ T5828] Bluetooth: hci0: command tx timeout
[   94.611237][ T5828] Bluetooth: hci4: command tx timeout
[   94.618065][ T5830] veth0_macvtap: entered promiscuous mode
[   94.618147][ T5828] Bluetooth: hci2: command tx timeout
[   94.678093][ T5830] veth1_macvtap: entered promiscuous mode
[   94.707957][ T5830] batman_adv: batadv0: Interface activated: batadv_slave_0
[   94.764936][ T5827] veth0_vlan: entered promiscuous mode
[   94.820602][ T5830] batman_adv: batadv0: Interface activated: batadv_slave_1
[   94.839030][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   94.857692][ T5815] veth0_vlan: entered promiscuous mode
[   94.868723][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   94.885169][ T5830] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   94.894532][ T5830] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   94.903960][ T5830] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   94.912734][ T5830] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   94.943865][ T5815] veth1_vlan: entered promiscuous mode
[   94.951647][ T5827] veth1_vlan: entered promiscuous mode
[   94.992431][   T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   95.011223][   T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   95.118353][ T5816] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   95.131603][ T5827] veth0_macvtap: entered promiscuous mode
[   95.142131][ T5823] veth0_vlan: entered promiscuous mode
[   95.191875][ T5815] veth0_macvtap: entered promiscuous mode
[   95.205082][ T5827] veth1_macvtap: entered promiscuous mode
[   95.235994][ T5815] veth1_macvtap: entered promiscuous mode
[   95.250423][ T2911] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   95.258310][ T2911] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   95.284110][ T5823] veth1_vlan: entered promiscuous mode
[   95.317799][ T5913] loop0: detected capacity change from 0 to 64
[   95.386364][ T5827] batman_adv: batadv0: Interface activated: batadv_slave_0
[   95.395712][ T5913] syz.0.1: attempt to access beyond end of device
[   95.395712][ T5913] loop0: rw=2049, sector=268435468, nr_sectors = 2 limit=64
[   95.404245][ T5815] batman_adv: batadv0: Interface activated: batadv_slave_0
[   95.436064][ T5913] ------------[ cut here ]------------
[   95.442321][ T5913] WARNING: CPU: 0 PID: 5913 at fs/inode.c:474 inc_nlink+0x122/0x150
[   95.450769][ T5913] Modules linked in:
[   95.454869][ T5913] CPU: 0 UID: 0 PID: 5913 Comm: syz.0.1 Not tainted 6.15.0-rc6-syzkaller-00208-g3c21441eeffc #0 PREEMPT(full) 
[   95.466794][ T5913] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   95.468379][ T5823] veth0_macvtap: entered promiscuous mode
[   95.476919][ T5913] RIP: 0010:inc_nlink+0x122/0x150
[   95.488004][ T5913] Code: e8 ff e9 3a ff ff ff 89 d9 80 e1 07 80 c1 03 38 c1 0f 8c 4c ff ff ff 48 89 df e8 59 7a e8 ff e9 3f ff ff ff e8 cf a6 88 ff 90 <0f> 0b 90 eb 80 44 89 f9 80 e1 07 80 c1 03 38 c1 0f 8c 50 ff ff ff
[   95.503293][ T5823] veth1_macvtap: entered promiscuous mode
[   95.507856][ T5913] RSP: 0018:ffffc9000a7ef5e0 EFLAGS: 00010283
[   95.520515][ T5913] RAX: ffffffff82374a31 RBX: ffff8880596a85d0 RCX: 0000000000080000
[   95.528173][ T2911] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   95.528513][ T5913] RDX: ffffc9000b9db000 RSI: 000000000000161b RDI: 000000000000161c
[   95.544563][ T5913] RBP: 0000000000000000 R08: ffffffff8f7dd377 R09: 1ffffffff1efba6e
[   95.552618][ T5913] R10: dffffc0000000000 R11: fffffbfff1efba6f R12: dffffc0000000000
[   95.552675][ T2911] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   95.560647][ T5913] R13: 1ffff1100b2d50ba R14: ffff8880596a8588 R15: ffff8880596a8658
[   95.560677][ T5913] FS:  00007fa1ad0966c0(0000) GS:ffff8881260f9000(0000) knlGS:0000000000000000
[   95.560698][ T5913] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   95.560716][ T5913] CR2: 0000200000002000 CR3: 00000000321a2000 CR4: 00000000003526f0
[   95.560737][ T5913] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   95.560752][ T5913] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   95.560767][ T5913] Call Trace:
[   95.560789][ T5913]  <TASK>
[   95.560810][ T5913]  minix_mkdir+0x44/0x120
[   95.560851][ T5913]  vfs_mkdir+0x303/0x510
[   95.560893][ T5913]  ovl_workdir_create+0x445/0x810
[   95.560927][ T5913]  ? mnt_get_write_access+0x68/0x2a0
[   95.560965][ T5913]  ? __pfx_ovl_workdir_create+0x10/0x10
[   95.649057][ T5913]  ? mnt_get_write_access+0x223/0x2a0
[   95.654615][ T5913]  ovl_get_workdir+0x324/0x1700
[   95.659524][ T5913]  ? __pfx_ovl_get_workdir+0x10/0x10
[   95.664928][ T5913]  ? __lock_acquire+0xaac/0xd20
[   95.669976][ T5913]  ? do_raw_spin_lock+0x121/0x290
[   95.675151][ T5913]  ? do_raw_spin_unlock+0x122/0x240
[   95.680457][ T5913]  ? _raw_spin_unlock+0x28/0x50
[   95.685356][ T5913]  ? ovl_inuse_trylock+0xae/0xf0
[   95.690449][ T5913]  ovl_fill_super+0x1386/0x35d0
[   95.695370][ T5913]  ? rcu_is_watching+0x15/0xb0
[   95.700257][ T5913]  ? shrinker_register+0x124/0x230
[   95.705786][ T5913]  ? __pfx_ovl_fill_super+0x10/0x10
[   95.711135][ T5913]  ? __pfx___mutex_lock+0x10/0x10
[   95.716208][ T5913]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[   95.722711][ T5913]  ? __raw_spin_lock_init+0x45/0x100
[   95.728196][ T5913]  ? sget_fc+0x962/0xa40
[   95.732824][ T5913]  ? __pfx_set_anon_super_fc+0x10/0x10
[   95.738343][ T5913]  ? __pfx_ovl_fill_super+0x10/0x10
[   95.743701][ T5913]  get_tree_nodev+0xbb/0x150
[   95.748338][ T5913]  vfs_get_tree+0x92/0x2b0
[   95.752875][ T5913]  do_new_mount+0x24a/0xa40
[   95.757467][ T5913]  __se_sys_mount+0x317/0x410
[   95.762227][ T5913]  ? __pfx___se_sys_mount+0x10/0x10
[   95.767475][ T5913]  ? do_syscall_64+0xba/0x210
[   95.772624][ T5913]  ? __x64_sys_mount+0x20/0xc0
[   95.777425][ T5913]  do_syscall_64+0xf6/0x210
[   95.782021][ T5913]  ? clear_bhb_loop+0x60/0xb0
[   95.786733][ T5913]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   95.792717][ T5913] RIP: 0033:0x7fa1ac18e969
[   95.797181][ T5913] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   95.816937][ T5913] RSP: 002b:00007fa1ad096038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   95.825698][ T5913] RAX: ffffffffffffffda RBX: 00007fa1ac3b5fa0 RCX: 00007fa1ac18e969
[   95.833984][ T5913] RDX: 0000200000000200 RSI: 00002000000003c0 RDI: 0000000000000000
[   95.842048][ T5913] RBP: 00007fa1ac210ab1 R08: 0000200000001100 R09: 0000000000000000
[   95.850133][ T5913] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   95.858136][ T5913] R13: 0000000000000000 R14: 00007fa1ac3b5fa0 R15: 00007ffebc3f8388
[   95.866295][ T5913]  </TASK>
[   95.869340][ T5913] Kernel panic - not syncing: kernel: panic_on_warn set ...
[   95.876631][ T5913] CPU: 0 UID: 0 PID: 5913 Comm: syz.0.1 Not tainted 6.15.0-rc6-syzkaller-00208-g3c21441eeffc #0 PREEMPT(full) 
[   95.888450][ T5913] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   95.898534][ T5913] Call Trace:
[   95.901834][ T5913]  <TASK>
[   95.904785][ T5913]  dump_stack_lvl+0x99/0x250
[   95.909403][ T5913]  ? __asan_memcpy+0x40/0x70
[   95.914016][ T5913]  ? __pfx_dump_stack_lvl+0x10/0x10
[   95.919232][ T5913]  ? __pfx__printk+0x10/0x10
[   95.923876][ T5913]  panic+0x2db/0x790
[   95.927810][ T5913]  ? __pfx_panic+0x10/0x10
[   95.932254][ T5913]  ? show_trace_log_lvl+0x4fb/0x550
[   95.937511][ T5913]  __warn+0x31b/0x4b0
[   95.941518][ T5913]  ? inc_nlink+0x122/0x150
[   95.945976][ T5913]  ? inc_nlink+0x122/0x150
[   95.950420][ T5913]  report_bug+0x2be/0x4f0
[   95.954789][ T5913]  ? inc_nlink+0x122/0x150
[   95.959238][ T5913]  ? inc_nlink+0x122/0x150
[   95.963718][ T5913]  ? inc_nlink+0x124/0x150
[   95.968266][ T5913]  handle_bug+0x84/0x160
[   95.972550][ T5913]  exc_invalid_op+0x1a/0x50
[   95.977093][ T5913]  asm_exc_invalid_op+0x1a/0x20
[   95.981964][ T5913] RIP: 0010:inc_nlink+0x122/0x150
[   95.987039][ T5913] Code: e8 ff e9 3a ff ff ff 89 d9 80 e1 07 80 c1 03 38 c1 0f 8c 4c ff ff ff 48 89 df e8 59 7a e8 ff e9 3f ff ff ff e8 cf a6 88 ff 90 <0f> 0b 90 eb 80 44 89 f9 80 e1 07 80 c1 03 38 c1 0f 8c 50 ff ff ff
[   96.006681][ T5913] RSP: 0018:ffffc9000a7ef5e0 EFLAGS: 00010283
[   96.012827][ T5913] RAX: ffffffff82374a31 RBX: ffff8880596a85d0 RCX: 0000000000080000
[   96.020817][ T5913] RDX: ffffc9000b9db000 RSI: 000000000000161b RDI: 000000000000161c
[   96.028807][ T5913] RBP: 0000000000000000 R08: ffffffff8f7dd377 R09: 1ffffffff1efba6e
[   96.036807][ T5913] R10: dffffc0000000000 R11: fffffbfff1efba6f R12: dffffc0000000000
[   96.044803][ T5913] R13: 1ffff1100b2d50ba R14: ffff8880596a8588 R15: ffff8880596a8658
[   96.052797][ T5913]  ? inc_nlink+0x121/0x150
[   96.057254][ T5913]  minix_mkdir+0x44/0x120
[   96.061608][ T5913]  vfs_mkdir+0x303/0x510
[   96.065890][ T5913]  ovl_workdir_create+0x445/0x810
[   96.070930][ T5913]  ? mnt_get_write_access+0x68/0x2a0
[   96.076250][ T5913]  ? __pfx_ovl_workdir_create+0x10/0x10
[   96.081842][ T5913]  ? mnt_get_write_access+0x223/0x2a0
[   96.087322][ T5913]  ovl_get_workdir+0x324/0x1700
[   96.092201][ T5913]  ? __pfx_ovl_get_workdir+0x10/0x10
[   96.097510][ T5913]  ? __lock_acquire+0xaac/0xd20
[   96.102393][ T5913]  ? do_raw_spin_lock+0x121/0x290
[   96.107460][ T5913]  ? do_raw_spin_unlock+0x122/0x240
[   96.112705][ T5913]  ? _raw_spin_unlock+0x28/0x50
[   96.117584][ T5913]  ? ovl_inuse_trylock+0xae/0xf0
[   96.122562][ T5913]  ovl_fill_super+0x1386/0x35d0
[   96.127464][ T5913]  ? rcu_is_watching+0x15/0xb0
[   96.132281][ T5913]  ? shrinker_register+0x124/0x230
[   96.137450][ T5913]  ? __pfx_ovl_fill_super+0x10/0x10
[   96.142683][ T5913]  ? __pfx___mutex_lock+0x10/0x10
[   96.147736][ T5913]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[   96.153746][ T5913]  ? __raw_spin_lock_init+0x45/0x100
[   96.159088][ T5913]  ? sget_fc+0x962/0xa40
[   96.163377][ T5913]  ? __pfx_set_anon_super_fc+0x10/0x10
[   96.168976][ T5913]  ? __pfx_ovl_fill_super+0x10/0x10
[   96.174231][ T5913]  get_tree_nodev+0xbb/0x150
[   96.178855][ T5913]  vfs_get_tree+0x92/0x2b0
[   96.183310][ T5913]  do_new_mount+0x24a/0xa40
[   96.187860][ T5913]  __se_sys_mount+0x317/0x410
[   96.192582][ T5913]  ? __pfx___se_sys_mount+0x10/0x10
[   96.197809][ T5913]  ? do_syscall_64+0xba/0x210
[   96.202514][ T5913]  ? __x64_sys_mount+0x20/0xc0
[   96.207295][ T5913]  do_syscall_64+0xf6/0x210
[   96.212078][ T5913]  ? clear_bhb_loop+0x60/0xb0
[   96.216859][ T5913]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   96.222766][ T5913] RIP: 0033:0x7fa1ac18e969
[   96.227194][ T5913] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   96.246910][ T5913] RSP: 002b:00007fa1ad096038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   96.255366][ T5913] RAX: ffffffffffffffda RBX: 00007fa1ac3b5fa0 RCX: 00007fa1ac18e969
[   96.263353][ T5913] RDX: 0000200000000200 RSI: 00002000000003c0 RDI: 0000000000000000
[   96.271362][ T5913] RBP: 00007fa1ac210ab1 R08: 0000200000001100 R09: 0000000000000000
[   96.279338][ T5913] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   96.287323][ T5913] R13: 0000000000000000 R14: 00007fa1ac3b5fa0 R15: 00007ffebc3f8388
[   96.295345][ T5913]  </TASK>
[   96.298711][ T5913] Kernel Offset: disabled
[   96.303074][ T5913] Rebooting in 86400 seconds..