./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor1942403524

<...>
DUID 00:04:76:8b:f6:84:a4:3b:36:39:6c:68:e7:10:38:dd:b7:2c
forked to background, child pid 4696
[   45.287097][ T4697] 8021q: adding VLAN 0 to HW filter on device bond0
[   45.301978][ T4697] eql: remember to turn off Van-Jacobson compression on your slave devices
Starting sshd: OK

syzkaller
Warning: Permanently added '10.128.0.133' (ED25519) to the list of known hosts.
execve("./syz-executor1942403524", ["./syz-executor1942403524"], 0x7ffe7e5a07e0 /* 10 vars */) = 0
brk(NULL)                               = 0x555556705000
brk(0x555556705d00)                     = 0x555556705d00
arch_prctl(ARCH_SET_FS, 0x555556705380) = 0
set_tid_address(0x555556705650)         = 5028
set_robust_list(0x555556705660, 24)     = 0
rseq(0x555556705ca0, 0x20, 0, 0x53053053) = 0
prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0
readlink("/proc/self/exe", "/root/syz-executor1942403524", 4096) = 28
getrandom("\x8e\x72\xd6\x8a\x5a\x3d\xd9\x0c", 8, GRND_NONBLOCK) = 8
brk(NULL)                               = 0x555556705d00
brk(0x555556726d00)                     = 0x555556726d00
brk(0x555556727000)                     = 0x555556727000
mprotect(0x7f37d6457000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
mkdir("./file1", 000)                   = 0
mkdir("./bus", 000)                     = 0
mkdir("./file0", 000)                   = 0
mknod("./file0/file0", 000)             = 0
mount(NULL, "./bus", "overlay", 0, "workdir=./file1,lowerdir=./file0,upperdir=./bus,index=on") = 0
openat(AT_FDCWD, ".", O_RDONLY)         = 3
syzkaller login: [   72.377262][ T5028] general protection fault, probably for non-canonical address 0xdffffc000000001c: 0000 [#1] PREEMPT SMP KASAN
[   72.389002][ T5028] KASAN: null-ptr-deref in range [0x00000000000000e0-0x00000000000000e7]
[   72.397409][ T5028] CPU: 1 PID: 5028 Comm: syz-executor194 Not tainted 6.6.0-rc4-syzkaller #0
[   72.406089][ T5028] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023
[   72.416147][ T5028] RIP: 0010:ovl_encode_real_fh+0x87/0x400
[   72.421877][ T5028] Code: 20 49 c1 ee 03 48 b8 f1 f1 f1 f1 04 f3 f3 f3 49 89 04 1e e8 1b e5 8b fe 48 89 d9 49 8d 9c 24 e0 00 00 00 48 89 d8 48 c1 e8 03 <80> 3c 08 00 74 12 48 89 df e8 0b 61 e6 fe 48 b9 00 00 00 00 00 fc
[   72.441481][ T5028] RSP: 0018:ffffc900039efc80 EFLAGS: 00010202
[   72.447555][ T5028] RAX: 000000000000001c RBX: 00000000000000e0 RCX: dffffc0000000000
[   72.455521][ T5028] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff8880132ab500
[   72.463490][ T5028] RBP: ffffc900039efd30 R08: ffffffff8302916f R09: 1ffff1100ed51471
[   72.471489][ T5028] R10: dffffc0000000000 R11: ffffed100ed51472 R12: 0000000000000000
[   72.479458][ T5028] R13: ffff8880132ab500 R14: 1ffff9200073df94 R15: ffff888078f34758
[   72.487428][ T5028] FS:  0000555556705380(0000) GS:ffff8880b9900000(0000) knlGS:0000000000000000
[   72.496363][ T5028] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   72.502944][ T5028] CR2: 0000000020001000 CR3: 000000001bfb2000 CR4: 00000000003506e0
[   72.510941][ T5028] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   72.518913][ T5028] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   72.526904][ T5028] Call Trace:
[   72.530199][ T5028]  <TASK>
[   72.533130][ T5028]  ? __die_body+0x8b/0xe0
[   72.537502][ T5028]  ? die_addr+0xc9/0x100
[   72.541754][ T5028]  ? exc_general_protection+0x3c2/0x5b0
[   72.547403][ T5028]  ? asm_exc_general_protection+0x26/0x30
[   72.553142][ T5028]  ? ovl_encode_fh+0x15f/0xc70
[   72.557923][ T5028]  ? ovl_encode_real_fh+0x87/0x400
[   72.563040][ T5028]  ? ovl_set_attr+0x560/0x560
[   72.567724][ T5028]  ovl_encode_fh+0x2ac/0xc70
[   72.572320][ T5028]  ? ovl_do_rename+0x360/0x360
[   72.577089][ T5028]  exportfs_encode_fh+0x195/0x490
[   72.582124][ T5028]  __se_sys_name_to_handle_at+0x3ad/0x730
[   72.587889][ T5028]  ? __x64_sys_name_to_handle_at+0xc0/0xc0
[   72.593704][ T5028]  ? print_irqtrace_events+0x220/0x220
[   72.599171][ T5028]  ? syscall_enter_from_user_mode+0x32/0x230
[   72.605161][ T5028]  ? __x64_sys_name_to_handle_at+0x20/0xc0
[   72.610980][ T5028]  do_syscall_64+0x41/0xc0
[   72.615401][ T5028]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   72.621301][ T5028] RIP: 0033:0x7f37d63e4429
[   72.625724][ T5028] Code: 48 83 c4 28 c3 e8 37 17 00 00 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[   72.645341][ T5028] RSP: 002b:00007ffd5eea5b98 EFLAGS: 00000246 ORIG_RAX: 000000000000012f
[   72.653757][ T5028] RAX: ffffffffffffffda RBX: 00007ffd5eea5d68 RCX: 00007f37d63e4429
[   72.661730][ T5028] RDX: 0000000020000300 RSI: 0000000020000240 RDI: 0000000000000003
[   72.669702][ T5028] RBP: 00007f37d6457610 R08: 0000000000001600 R09: 00007ffd5eea5d68
[   72.677685][ T5028] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   72.685656][ T5028] R13: 00007ffd5eea5d58 R14: 0000000000000001 R15: 0000000000000001
[   72.693636][ T5028]  </TASK>
[   72.696655][ T5028] Modules linked in:
[   72.700789][ T5028] ---[ end trace 0000000000000000 ]---
[   72.706304][ T5028] RIP: 0010:ovl_encode_real_fh+0x87/0x400
[   72.712059][ T5028] Code: 20 49 c1 ee 03 48 b8 f1 f1 f1 f1 04 f3 f3 f3 49 89 04 1e e8 1b e5 8b fe 48 89 d9 49 8d 9c 24 e0 00 00 00 48 89 d8 48 c1 e8 03 <80> 3c 08 00 74 12 48 89 df e8 0b 61 e6 fe 48 b9 00 00 00 00 00 fc
[   72.731945][ T5028] RSP: 0018:ffffc900039efc80 EFLAGS: 00010202
[   72.738201][ T5028] RAX: 000000000000001c RBX: 00000000000000e0 RCX: dffffc0000000000
[   72.746225][ T5028] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff8880132ab500
[   72.754410][ T5028] RBP: ffffc900039efd30 R08: ffffffff8302916f R09: 1ffff1100ed51471
[   72.762397][ T5028] R10: dffffc0000000000 R11: ffffed100ed51472 R12: 0000000000000000
[   72.770396][ T5028] R13: ffff8880132ab500 R14: 1ffff9200073df94 R15: ffff888078f34758
[   72.778401][ T5028] FS:  0000555556705380(0000) GS:ffff8880b9900000(0000) knlGS:0000000000000000
[   72.787378][ T5028] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   72.793992][ T5028] CR2: 0000000020001000 CR3: 000000001bfb2000 CR4: 00000000003506e0
[   72.801985][ T5028] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   72.809995][ T5028] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   72.818127][ T5028] Kernel panic - not syncing: Fatal exception
[   72.824595][ T5028] Kernel Offset: disabled
[   72.828917][ T5028] Rebooting in 86400 seconds..