================================
WARNING: inconsistent lock state
6.9.0-syzkaller-12162-gf85af9d955ac #0 Not tainted
--------------------------------
inconsistent {HARDIRQ-ON-W} -> {IN-HARDIRQ-W} usage.
syz-executor.3/5123 [HC1[1]:SC0[0]:HE0:SE1] takes:
ffff8880b9438828 (lock#10){?.+.}-{2:2}, at: local_lock_acquire include/linux/local_lock_internal.h:29 [inline]
ffff8880b9438828 (lock#10){?.+.}-{2:2}, at: __mmap_lock_do_trace_released+0x83/0x620 mm/mmap_lock.c:243
{HARDIRQ-ON-W} state was registered at:
  lock_acquire+0x1ed/0x550 kernel/locking/lockdep.c:5754
  local_lock_acquire include/linux/local_lock_internal.h:29 [inline]
  __mmap_lock_do_trace_released+0x9c/0x620 mm/mmap_lock.c:243
  __mmap_lock_trace_released include/linux/mmap_lock.h:42 [inline]
  mmap_write_unlock include/linux/mmap_lock.h:129 [inline]
  dup_mmap kernel/fork.c:776 [inline]
  dup_mm kernel/fork.c:1688 [inline]
  copy_mm+0x1fe2/0x2020 kernel/fork.c:1737
  copy_process+0x187a/0x3dc0 kernel/fork.c:2390
  kernel_clone+0x226/0x8f0 kernel/fork.c:2797
  __do_sys_clone kernel/fork.c:2940 [inline]
  __se_sys_clone kernel/fork.c:2924 [inline]
  __x64_sys_clone+0x258/0x2a0 kernel/fork.c:2924
  do_syscall_x64 arch/x86/entry/common.c:52 [inline]
  do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83
  entry_SYSCALL_64_after_hwframe+0x77/0x7f
irq event stamp: 355166
hardirqs last  enabled at (355165): [<ffffffff8183bb57>] native_save_fl arch/x86/include/asm/irqflags.h:19 [inline]
hardirqs last  enabled at (355165): [<ffffffff8183bb57>] arch_local_save_flags arch/x86/include/asm/irqflags.h:67 [inline]
hardirqs last  enabled at (355165): [<ffffffff8183bb57>] arch_irqs_disabled arch/x86/include/asm/irqflags.h:127 [inline]
hardirqs last  enabled at (355165): [<ffffffff8183bb57>] seqcount_lockdep_reader_access+0x157/0x220 include/linux/seqlock.h:74
hardirqs last disabled at (355166): [<ffffffff8b85c1ee>] sysvec_irq_work+0xe/0xc0 arch/x86/kernel/irq_work.c:17
softirqs last  enabled at (352144): [<ffffffff8159fb84>] __do_softirq kernel/softirq.c:588 [inline]
softirqs last  enabled at (352144): [<ffffffff8159fb84>] invoke_softirq kernel/softirq.c:428 [inline]
softirqs last  enabled at (352144): [<ffffffff8159fb84>] __irq_exit_rcu+0xf4/0x1c0 kernel/softirq.c:637
softirqs last disabled at (352065): [<ffffffff8159fb84>] __do_softirq kernel/softirq.c:588 [inline]
softirqs last disabled at (352065): [<ffffffff8159fb84>] invoke_softirq kernel/softirq.c:428 [inline]
softirqs last disabled at (352065): [<ffffffff8159fb84>] __irq_exit_rcu+0xf4/0x1c0 kernel/softirq.c:637

other info that might help us debug this:
 Possible unsafe locking scenario:

       CPU0
       ----
  lock(lock#10);
  <Interrupt>
    lock(lock#10);

 *** DEADLOCK ***

4 locks held by syz-executor.3/5123:
 #0: ffff88801dd64420 (sb_writers#4){.+.+}-{0:0}, at: mnt_want_write+0x3f/0x90 fs/namespace.c:409
 #1: ffff88805b060e00 (&type->i_mutex_dir_key#3/1){+.+.}-{3:3}, at: inode_lock_nested include/linux/fs.h:826 [inline]
 #1: ffff88805b060e00 (&type->i_mutex_dir_key#3/1){+.+.}-{3:3}, at: do_unlinkat+0x26a/0x830 fs/namei.c:4394
 #2: ffff88805b016800 (&sb->s_type->i_mutex_key#8){++++}-{3:3}, at: inode_lock include/linux/fs.h:791 [inline]
 #2: ffff88805b016800 (&sb->s_type->i_mutex_key#8){++++}-{3:3}, at: vfs_unlink+0xe4/0x650 fs/namei.c:4332
 #3: ffff88801dd68950 (jbd2_handle){++++}-{0:0}, at: start_this_handle+0x203f/0x22a0 fs/jbd2/transaction.c:463

stack backtrace:
CPU: 0 PID: 5123 Comm: syz-executor.3 Not tainted 6.9.0-syzkaller-12162-gf85af9d955ac #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
Call Trace:
 <IRQ>
 __dump_stack lib/dump_stack.c:88 [inline]
 dump_stack_lvl+0x241/0x360 lib/dump_stack.c:114
 valid_state+0x13a/0x1c0 kernel/locking/lockdep.c:4013
 mark_lock_irq+0xbb/0xc20 kernel/locking/lockdep.c:4216
 mark_lock+0x223/0x350 kernel/locking/lockdep.c:4678
 mark_usage kernel/locking/lockdep.c:4564 [inline]
 __lock_acquire+0xb8e/0x1fd0 kernel/locking/lockdep.c:5091
 lock_acquire+0x1ed/0x550 kernel/locking/lockdep.c:5754
 local_lock_acquire include/linux/local_lock_internal.h:29 [inline]
 __mmap_lock_do_trace_released+0x9c/0x620 mm/mmap_lock.c:243
 __mmap_lock_trace_released include/linux/mmap_lock.h:42 [inline]
 mmap_read_unlock_non_owner include/linux/mmap_lock.h:176 [inline]
 do_mmap_read_unlock+0x5d/0x60 kernel/bpf/task_iter.c:1049
 irq_work_single+0xe2/0x240 kernel/irq_work.c:221
 irq_work_run_list kernel/irq_work.c:252 [inline]
 irq_work_run+0x18b/0x350 kernel/irq_work.c:261
 __sysvec_irq_work+0xb8/0x430 arch/x86/kernel/irq_work.c:22
 instr_sysvec_irq_work arch/x86/kernel/irq_work.c:17 [inline]
 sysvec_irq_work+0x9e/0xc0 arch/x86/kernel/irq_work.c:17
 </IRQ>
 <TASK>
 asm_sysvec_irq_work+0x1a/0x20 arch/x86/include/asm/idtentry.h:738
RIP: 0010:seqcount_lockdep_reader_access+0x1e0/0x220 include/linux/seqlock.h:75
Code: 00 4d 85 ed 75 16 e8 bf 58 12 00 eb 15 e8 b8 58 12 00 e8 63 3b 02 0a 4d 85 ed 74 ea e8 a9 58 12 00 fb 48 c7 04 24 0e 36 e0 45 <4b> c7 04 3c 00 00 00 00 66 43 c7 44 3c 09 00 00 43 c6 44 3c 0b 00
RSP: 0018:ffffc900039bf980 EFLAGS: 00000293
RAX: ffffffff8183bbd7 RBX: 0000000000000000 RCX: ffff888078f0bc00
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
RBP: ffffc900039bfa28 R08: ffffffff8183bbad R09: 1ffffffff25f50c4
R10: dffffc0000000000 R11: fffffbfff25f50c5 R12: dffffc0000000000
R13: 0000000000000200 R14: 0000000000000046 R15: 1ffff92000737f30
 ktime_get_coarse_real_ts64+0x3a/0x120 kernel/time/timekeeping.c:2264
 current_time+0x8f/0x2b0 fs/inode.c:2499
 inode_set_ctime_current+0x25/0x80 fs/inode.c:2513
 __ext4_unlink+0x6ab/0xb30 fs/ext4/namei.c:3291
 ext4_unlink+0x1bf/0x5a0 fs/ext4/namei.c:3321
 vfs_unlink+0x365/0x650 fs/namei.c:4343
 do_unlinkat+0x4ae/0x830 fs/namei.c:4407
 __do_sys_unlink fs/namei.c:4455 [inline]
 __se_sys_unlink fs/namei.c:4453 [inline]
 __x64_sys_unlink+0x49/0x60 fs/namei.c:4453
 do_syscall_x64 arch/x86/entry/common.c:52 [inline]
 do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7ffb94e7c717
Code: 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 57 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007ffe12b0d828 EFLAGS: 00000206 ORIG_RAX: 0000000000000057
RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007ffb94e7c717
RDX: 00007ffe12b0d850 RSI: 00007ffe12b0d8e0 RDI: 00007ffe12b0d8e0
RBP: 00007ffe12b0d8e0 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000100 R11: 0000000000000206 R12: 00007ffe12b0e990
R13: 00007ffb94ed9636 R14: 0000000000013b5e R15: 0000000000000016
 </TASK>
----------------
Code disassembly (best guess):
   0:	00 4d 85             	add    %cl,-0x7b(%rbp)
   3:	ed                   	in     (%dx),%eax
   4:	75 16                	jne    0x1c
   6:	e8 bf 58 12 00       	call   0x1258ca
   b:	eb 15                	jmp    0x22
   d:	e8 b8 58 12 00       	call   0x1258ca
  12:	e8 63 3b 02 0a       	call   0xa023b7a
  17:	4d 85 ed             	test   %r13,%r13
  1a:	74 ea                	je     0x6
  1c:	e8 a9 58 12 00       	call   0x1258ca
  21:	fb                   	sti
  22:	48 c7 04 24 0e 36 e0 	movq   $0x45e0360e,(%rsp)
  29:	45
* 2a:	4b c7 04 3c 00 00 00 	movq   $0x0,(%r12,%r15,1) <-- trapping instruction
  31:	00
  32:	66 43 c7 44 3c 09 00 	movw   $0x0,0x9(%r12,%r15,1)
  39:	00
  3a:	43 c6 44 3c 0b 00    	movb   $0x0,0xb(%r12,%r15,1)