program:
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$afs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)={[{@dyn}]})
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f0000000140)='./bus\x00')
llistxattr(&(0x7f00000001c0)='./file0\x00', 0x0, 0x0)
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
lseek(r0, 0x7fff, 0x0)
getdents(r0, 0x0, 0x58)

[   79.566740][ T5324] syz.0.0 (5324) used gre[   78.801074][ T1312] ieee802154 phy0 wpan0: encryption failed: -22
[   78.804146][ T5307] Bluetooth: hci0: command tx timeout
[   78.811772][ T1312] ieee802154 phy1 wpan1: encryption failed: -22
[   78.935652][ T5324] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[   78.945764][ T5324] BUG: sleeping function called from invalid context at ./include/linux/sched/mm.h:321
[   78.949260][ T5324] in_atomic(): 0, irqs_disabled(): 0, non_block: 0, pid: 5324, name: syz.0.0
[   78.954943][ T5324] preempt_count: 0, expected: 0
[   78.957026][ T5324] RCU nest depth: 1, expected: 0
[   78.959089][ T5324] 4 locks held by syz.0.0/5324:
[   78.961014][ T5324]  #0: ffff888034284ef8 (&f->f_pos_lock){+.+.}-{4:4}, at: fdget_pos+0x247/0x310
[   78.966198][ T5324]  #1: ffff888044989888 (&ovl_i_mutex_dir_key[depth]){++++}-{4:4}, at: wrap_directory_iterator+0x5a/0xd0
[   78.970665][ T5324]  #2: ffff888043e18148 (&type->i_mutex_dir_key#8){.+.+}-{4:4}, at: iterate_dir+0x4a6/0x760
[   78.976088][ T5324]  #3: ffffffff8ed3dfe0 (rcu_read_lock){....}-{1:3}, at: afs_dynroot_readdir+0x466/0xbe0
[   78.980138][ T5324] CPU: 0 UID: 0 PID: 5324 Comm: syz.0.0 Not tainted 6.15.0-rc1-syzkaller-00025-gbec7dcbc242c #0 PREEMPT(full) 
[   78.980155][ T5324] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   78.980163][ T5324] Call Trace:
[   78.980171][ T5324]  <TASK>
[   78.980176][ T5324]  dump_stack_lvl+0x241/0x360
[   78.980200][ T5324]  ? __pfx_dump_stack_lvl+0x10/0x10
[   78.980227][ T5324]  __might_resched+0x558/0x6c0
[   78.980242][ T5324]  ? down_read_killable+0xd9/0xcb0
[   78.980303][ T5324]  ? __pfx___might_resched+0x10/0x10
[   78.980324][ T5324]  ? __kmalloc_noprof+0xb7/0x4d0
[   78.980344][ T5324]  __kmalloc_noprof+0xd0/0x4d0
[   78.980358][ T5324]  ? ovl_cache_entry_new+0x39/0x7b0
[   78.980374][ T5324]  ovl_cache_entry_new+0x39/0x7b0
[   78.980388][ T5324]  ? __pfx_idr_get_next+0x10/0x10
[   78.980403][ T5324]  ovl_fill_merge+0x2b8/0x830
[   78.980420][ T5324]  afs_dynroot_readdir+0x814/0xbe0
[   78.980435][ T5324]  ? afs_dynroot_readdir+0x466/0xbe0
[   78.980450][ T5324]  ? __pfx_afs_dynroot_readdir+0x10/0x10
[   78.980464][ T5324]  ? common_file_perm+0x1a6/0x210
[   78.980484][ T5324]  iterate_dir+0x5a9/0x760
[   78.980502][ T5324]  ovl_dir_read+0xfe/0x570
[   78.980515][ T5324]  ? ovl_path_next+0x23e/0x470
[   78.980533][ T5324]  ovl_dir_read_merged+0x4ae/0x5e0
[   78.980559][ T5324]  ? __pfx_ovl_dir_read_merged+0x10/0x10
[   78.980575][ T5324]  ? __pfx_ovl_fill_merge+0x10/0x10
[   78.980596][ T5324]  ? __kmalloc_cache_noprof+0x236/0x370
[   78.980611][ T5324]  ? ovl_iterate+0x10d6/0x21c0
[   78.980628][ T5324]  ovl_iterate+0x1196/0x21c0
[   78.980652][ T5324]  ? __pfx_ovl_iterate+0x10/0x10
[   78.980666][ T5324]  ? __lock_acquire+0xad5/0xd80
[   78.980686][ T5324]  ? __lock_acquire+0xad5/0xd80
[   78.980713][ T5324]  ? down_write+0x18d/0x220
[   78.980727][ T5324]  ? __pfx_down_write+0x10/0x10
[   78.980743][ T5324]  ? wrap_directory_iterator+0x52/0xd0
[   78.980758][ T5324]  ? __pfx_ovl_iterate+0x10/0x10
[   78.980770][ T5324]  wrap_directory_iterator+0x91/0xd0
[   78.980786][ T5324]  iterate_dir+0x5a9/0x760
[   78.980802][ T5324]  __se_sys_getdents+0x1ff/0x4e0
[   78.980821][ T5324]  ? __pfx___se_sys_getdents+0x10/0x10
[   78.980833][ T5324]  ? __pfx_filldir+0x10/0x10
[   78.980853][ T5324]  ? do_syscall_64+0xb6/0x230
[   78.980867][ T5324]  do_syscall_64+0xf3/0x230
[   78.980879][ T5324]  ? clear_bhb_loop+0x45/0xa0
[   78.980893][ T5324]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   78.980905][ T5324] RIP: 0033:0x7f3b3e38d169
[   78.980917][ T5324] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   78.980925][ T5324] RSP: 002b:00007f3b3f22a038 EFLAGS: 00000246 ORIG_RAX: 000000000000004e
[   78.980938][ T5324] RAX: ffffffffffffffda RBX: 00007f3b3e5a5fa0 RCX: 00007f3b3e38d169
[   78.980946][ T5324] RDX: 0000000000000058 RSI: 0000000000000000 RDI: 0000000000000003
[   78.980952][ T5324] RBP: 00007f3b3e40e2a0 R08: 0000000000000000 R09: 0000000000000000
[   78.980959][ T5324] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   78.980964][ T5324] R13: 0000000000000000 R14: 00007f3b3e5a5fa0 R15: 00007ffca81f39d8
[   78.980983][ T5324]  </TASK>