overlayfs: fs on 'file0' does not support file handles, falling back to index=off.
================================
WARNING: inconsistent lock state
overlayfs: fs on './file0' does not support file handles, falling back to index=off.
4.14.262-syzkaller #0 Not tainted
--------------------------------
inconsistent {IN-SOFTIRQ-W} -> {SOFTIRQ-ON-W} usage.
syz-executor.2/12542 [HC0[0]:SC0[0]:HE1:SE1] takes:
 (slock-AF_BLUETOOTH-BTPROTO_SCO){+.?.}, at: [<ffffffff866dee9b>] spin_lock include/linux/spinlock.h:317 [inline]
 (slock-AF_BLUETOOTH-BTPROTO_SCO){+.?.}, at: [<ffffffff866dee9b>] sco_conn_del+0xbb/0x1f0 net/bluetooth/sco.c:174
{IN-SOFTIRQ-W} state was registered at:
  lock_acquire+0x170/0x3f0 kernel/locking/lockdep.c:3998
  __raw_spin_lock include/linux/spinlock_api_smp.h:142 [inline]
  _raw_spin_lock+0x2a/0x40 kernel/locking/spinlock.c:152
  spin_lock include/linux/spinlock.h:317 [inline]
  sco_sock_timeout+0x29/0x120 net/bluetooth/sco.c:82
  call_timer_fn+0x14a/0x650 kernel/time/timer.c:1280
  expire_timers+0x232/0x4d0 kernel/time/timer.c:1319
  __run_timers kernel/time/timer.c:1637 [inline]
  run_timer_softirq+0x1d5/0x5a0 kernel/time/timer.c:1650
  __do_softirq+0x24d/0x9ff kernel/softirq.c:288
  run_ksoftirqd+0x50/0x1a0 kernel/softirq.c:670
  smpboot_thread_fn+0x5c1/0x920 kernel/smpboot.c:164
  kthread+0x30d/0x420 kernel/kthread.c:232
  ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:404
irq event stamp: 10161
hardirqs last  enabled at (10161): [<ffffffff87400976>] restore_regs_and_return_to_kernel+0x0/0x2a
hardirqs last disabled at (10160): [<ffffffff874018ae>] apic_timer_interrupt+0x8e/0xa0 arch/x86/entry/entry_64.S:793
softirqs last  enabled at (9844): [<ffffffff8760068b>] __do_softirq+0x68b/0x9ff kernel/softirq.c:314
softirqs last disabled at (9825): [<ffffffff81321d13>] invoke_softirq kernel/softirq.c:368 [inline]
softirqs last disabled at (9825): [<ffffffff81321d13>] irq_exit+0x193/0x240 kernel/softirq.c:409

other info that might help us debug this:
 Possible unsafe locking scenario:

       CPU0
       ----
  lock(slock-AF_BLUETOOTH-BTPROTO_SCO);
  <Interrupt>
    lock(slock-AF_BLUETOOTH-BTPROTO_SCO);

 *** DEADLOCK ***

4 locks held by syz-executor.2/12542:
 #0:  (rfkill_global_mutex){+.+.}, at: [<ffffffff86d618ff>] rfkill_fop_write+0xbf/0x3c0 net/rfkill/core.c:1225
 #1:  (&hdev->req_lock){+.+.}, at: [<ffffffff86612748>] hci_dev_do_close+0xa8/0xd80 net/bluetooth/hci_core.c:1589
 #2:  (&hdev->lock){+.+.}, at: [<ffffffff86612904>] hci_dev_do_close+0x264/0xd80 net/bluetooth/hci_core.c:1628
 #3:  (hci_cb_list_lock){+.+.}, at: [<ffffffff8662811a>] hci_disconn_cfm include/net/bluetooth/hci_core.h:1225 [inline]
 #3:  (hci_cb_list_lock){+.+.}, at: [<ffffffff8662811a>] hci_conn_hash_flush+0xda/0x260 net/bluetooth/hci_conn.c:1393

stack backtrace:
CPU: 0 PID: 12542 Comm: syz-executor.2 Not tainted 4.14.262-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
 __dump_stack lib/dump_stack.c:17 [inline]
 dump_stack+0x1b2/0x281 lib/dump_stack.c:58
 print_usage_bug.cold+0x42e/0x570 kernel/locking/lockdep.c:2589
 valid_state kernel/locking/lockdep.c:2602 [inline]
 mark_lock_irq kernel/locking/lockdep.c:2796 [inline]
 mark_lock+0xb4d/0x1050 kernel/locking/lockdep.c:3194
 mark_irqflags kernel/locking/lockdep.c:3090 [inline]
 __lock_acquire+0xd5c/0x3f20 kernel/locking/lockdep.c:3448
 lock_acquire+0x170/0x3f0 kernel/locking/lockdep.c:3998
 __raw_spin_lock include/linux/spinlock_api_smp.h:142 [inline]
 _raw_spin_lock+0x2a/0x40 kernel/locking/spinlock.c:152
 spin_lock include/linux/spinlock.h:317 [inline]
 sco_conn_del+0xbb/0x1f0 net/bluetooth/sco.c:174
 sco_disconn_cfm+0x65/0xa0 net/bluetooth/sco.c:1136
 hci_disconn_cfm include/net/bluetooth/hci_core.h:1228 [inline]
 hci_conn_hash_flush+0x127/0x260 net/bluetooth/hci_conn.c:1393
 hci_dev_do_close+0x57d/0xd80 net/bluetooth/hci_core.c:1641
 hci_rfkill_set_block+0xaf/0x120 net/bluetooth/hci_core.c:2071
 rfkill_set_block+0x1b2/0x4a0 net/rfkill/core.c:337
 rfkill_fop_write+0x1b6/0x3c0 net/rfkill/core.c:1233
 __vfs_write+0xe4/0x630 fs/read_write.c:480
 vfs_write+0x17f/0x4d0 fs/read_write.c:544
 SYSC_write fs/read_write.c:590 [inline]
 SyS_write+0xf2/0x210 fs/read_write.c:582
 do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292
 entry_SYSCALL_64_after_hwframe+0x46/0xbb
RIP: 0033:0x7f851be44e99
RSP: 002b:00007f851a7ba168 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
RAX: ffffffffffffffda RBX: 00007f851bf57f60 RCX: 00007f851be44e99
RDX: 0000000000000008 RSI: 0000000020000040 RDI: 0000000000000003
RBP: 00007f851be9eff1 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 00007ffc4a09a93f R14: 00007f851a7ba300 R15: 0000000000022000
audit: type=1804 audit(1641927727.010:443): pid=12584 uid=0 auid=4294967295 ses=4294967295 op="invalid_pcr" cause="open_writers" comm="syz-executor.5" name="/root/syzkaller-testdir426621553/syzkaller.81Ip36/90/bus" dev="sda1" ino=14408 res=1
audit: type=1804 audit(1641927727.010:444): pid=12584 uid=0 auid=4294967295 ses=4294967295 op="invalid_pcr" cause="ToMToU" comm="syz-executor.5" name="/root/syzkaller-testdir426621553/syzkaller.81Ip36/90/bus" dev="sda1" ino=14408 res=1
EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
overlayfs: fs on 'file0' does not support file handles, falling back to index=off.
overlayfs: fs on './file0' does not support file handles, falling back to index=off.
EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
overlayfs: fs on '.' does not support file handles, falling back to index=off.
overlayfs: fs on './file0' does not support file handles, falling back to index=off.
EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
overlayfs: fs on 'file0' does not support file handles, falling back to index=off.
overlayfs: fs on './file0' does not support file handles, falling back to index=off.
print_req_error: I/O error, dev loop0, sector 0
print_req_error: I/O error, dev loop0, sector 0
print_req_error: I/O error, dev loop3, sector 0
print_req_error: I/O error, dev loop0, sector 0
print_req_error: I/O error, dev loop4, sector 0
print_req_error: I/O error, dev loop3, sector 0
kauditd_printk_skb: 1 callbacks suppressed
audit: type=1800 audit(1641927729.540:446): pid=12846 uid=0 auid=4294967295 ses=4294967295 op="collect_data" cause="failed(directio)" comm="syz-executor.1" name="bus" dev="sda1" ino=13924 res=0
audit: type=1800 audit(1641927729.760:447): pid=12847 uid=0 auid=4294967295 ses=4294967295 op="collect_data" cause="failed(directio)" comm="syz-executor.5" name="bus" dev="sda1" ino=13937 res=0
cannot load conntrack support for proto=2
audit: type=1800 audit(1641927730.430:448): pid=12889 uid=0 auid=4294967295 ses=4294967295 op="collect_data" cause="failed(directio)" comm="syz-executor.1" name="bus" dev="sda1" ino=14436 res=0
cannot load conntrack support for proto=2
audit: type=1800 audit(1641927730.640:449): pid=12890 uid=0 auid=4294967295 ses=4294967295 op="collect_data" cause="failed(directio)" comm="syz-executor.5" name="bus" dev="sda1" ino=14439 res=0
cannot load conntrack support for proto=2
cannot load conntrack support for proto=2
audit: type=1800 audit(1641927731.330:450): pid=12933 uid=0 auid=4294967295 ses=4294967295 op="collect_data" cause="failed(directio)" comm="syz-executor.5" name="bus" dev="sda1" ino=14423 res=0
audit: type=1800 audit(1641927731.550:451): pid=12934 uid=0 auid=4294967295 ses=4294967295 op="collect_data" cause="failed(directio)" comm="syz-executor.1" name="bus" dev="sda1" ino=14451 res=0
device tunl0 entered promiscuous mode
device vlan2 entered promiscuous mode
audit: type=1800 audit(1641927731.810:452): pid=12926 uid=0 auid=4294967295 ses=4294967295 op="collect_data" cause="failed" comm="syz-executor.3" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0
audit: type=1800 audit(1641927731.950:453): pid=12945 uid=0 auid=4294967295 ses=4294967295 op="collect_data" cause="failed" comm="syz-executor.3" name="SYSV00000000" dev="hugetlbfs" ino=32768 res=0
audit: type=1800 audit(1641927732.080:454): pid=12962 uid=0 auid=4294967295 ses=4294967295 op="collect_data" cause="failed" comm="syz-executor.3" name="SYSV00000000" dev="hugetlbfs" ino=65537 res=0
audit: type=1800 audit(1641927732.121:455): pid=12963 uid=0 auid=4294967295 ses=4294967295 op="collect_data" cause="failed(directio)" comm="syz-executor.1" name="bus" dev="sda1" ino=14471 res=0
device tunl0 entered promiscuous mode
device vlan2 entered promiscuous mode
new mount options do not match the existing superblock, will be ignored
new mount options do not match the existing superblock, will be ignored
new mount options do not match the existing superblock, will be ignored
new mount options do not match the existing superblock, will be ignored
cannot load conntrack support for proto=10
kauditd_printk_skb: 12 callbacks suppressed
audit: type=1800 audit(1641927735.151:468): pid=13223 uid=0 auid=4294967295 ses=4294967295 op="collect_data" cause="failed(directio)" comm="syz-executor.2" name="bus" dev="loop2" ino=20 res=0
audit: type=1800 audit(1641927736.491:469): pid=13253 uid=0 auid=4294967295 ses=4294967295 op="collect_data" cause="failed(directio)" comm="syz-executor.0" name="bus" dev="loop0" ino=21 res=0