================================
WARNING: inconsistent lock state
6.8.0-syzkaller #0 Not tainted
--------------------------------
inconsistent {IN-SOFTIRQ-W} -> {SOFTIRQ-ON-W} usage.
syz-executor/3937 [HC0[0]:SC0[0]:HE0:SE1] takes:
ffff8881124350b8 (&xa->xa_lock#8){+.?.}-{2:2}, at: spin_lock_irq include/linux/spinlock.h:376 [inline]
ffff8881124350b8 (&xa->xa_lock#8){+.?.}-{2:2}, at: __filemap_add_folio+0x262/0x740 mm/filemap.c:877
{IN-SOFTIRQ-W} state was registered at:
  lock_acquire+0xeb/0x270 kernel/locking/lockdep.c:5754
  __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:110 [inline]
  _raw_spin_lock_irqsave+0x61/0xa0 kernel/locking/spinlock.c:162
  __folio_end_writeback+0x92/0x420 mm/page-writeback.c:2955
  folio_end_writeback+0x79/0x200 mm/filemap.c:1599
  end_bio_bh_io_sync+0x23/0x40 fs/buffer.c:2756
  req_bio_endio block/blk-mq.c:791 [inline]
  blk_update_request+0x105/0x310 block/blk-mq.c:936
  scsi_end_request+0x21/0x360 drivers/scsi/scsi_lib.c:539
  scsi_io_completion+0x6a/0x120 drivers/scsi/scsi_lib.c:977
  blk_complete_reqs block/blk-mq.c:1134 [inline]
  blk_done_softirq+0x4a/0x70 block/blk-mq.c:1139
  __do_softirq+0x158/0x3ea kernel/softirq.c:554
  invoke_softirq kernel/softirq.c:428 [inline]
  __irq_exit_rcu+0x7a/0x110 kernel/softirq.c:633
  irq_exit_rcu+0x9/0x30 kernel/softirq.c:645
  common_interrupt+0xaa/0xd0 arch/x86/kernel/irq.c:247
  asm_common_interrupt+0x26/0x40 arch/x86/include/asm/idtentry.h:693
  native_safe_halt arch/x86/include/asm/irqflags.h:48 [inline]
  arch_safe_halt arch/x86/include/asm/irqflags.h:86 [inline]
  acpi_safe_halt+0x21/0x30 drivers/acpi/processor_idle.c:112
  acpi_idle_enter+0xc1/0xe0 drivers/acpi/processor_idle.c:707
  cpuidle_enter_state+0xff/0x260 drivers/cpuidle/cpuidle.c:267
  cpuidle_enter+0x28/0x40 drivers/cpuidle/cpuidle.c:388
  call_cpuidle kernel/sched/idle.c:155 [inline]
  cpuidle_idle_call kernel/sched/idle.c:236 [inline]
  do_idle+0x1c9/0x270 kernel/sched/idle.c:332
  cpu_startup_entry+0x25/0x30 kernel/sched/idle.c:430
  start_secondary+0x99/0xa0 arch/x86/kernel/smpboot.c:313
  common_startup_64+0x13e/0x147
irq event stamp: 2028
hardirqs last  enabled at (2025): [<ffffffff8149376d>] mem_cgroup_commit_charge+0xcd/0x160 mm/memcontrol.c:2976
hardirqs last disabled at (2026): [<ffffffff82d64306>] __raw_spin_lock_irq include/linux/spinlock_api_smp.h:117 [inline]
hardirqs last disabled at (2026): [<ffffffff82d64306>] _raw_spin_lock_irq+0x36/0x90 kernel/locking/spinlock.c:170
softirqs last  enabled at (2028): [<ffffffff828c5f7a>] spin_unlock_bh include/linux/spinlock.h:396 [inline]
softirqs last  enabled at (2028): [<ffffffff828c5f7a>] __sock_map_delete net/core/sock_map.c:424 [inline]
softirqs last  enabled at (2028): [<ffffffff828c5f7a>] sock_map_delete_elem+0x4a/0x70 net/core/sock_map.c:446
softirqs last disabled at (2027): [<ffffffff828c5f5b>] spin_lock_bh include/linux/spinlock.h:356 [inline]
softirqs last disabled at (2027): [<ffffffff828c5f5b>] __sock_map_delete net/core/sock_map.c:414 [inline]
softirqs last disabled at (2027): [<ffffffff828c5f5b>] sock_map_delete_elem+0x2b/0x70 net/core/sock_map.c:446

other info that might help us debug this:
 Possible unsafe locking scenario:

       CPU0
       ----
  lock(&xa->xa_lock#8);
  <Interrupt>
    lock(&xa->xa_lock#8);

 *** DEADLOCK ***

5 locks held by syz-executor/3937:
 #0: ffff88810c25ccc8 (&f->f_pos_lock){+.+.}-{3:3}, at: __fdget_pos+0x7a/0xb0 fs/file.c:1191
 #1: ffff88810aed7408 (sb_writers#4){.+.+}-{0:0}, at: file_start_write include/linux/fs.h:2853 [inline]
 #1: ffff88810aed7408 (sb_writers#4){.+.+}-{0:0}, at: vfs_write+0xdc/0x390 fs/read_write.c:586
 #2: ffff888112434fc0 (&sb->s_type->i_mutex_key#8){++++}-{3:3}, at: inode_lock include/linux/fs.h:793 [inline]
 #2: ffff888112434fc0 (&sb->s_type->i_mutex_key#8){++++}-{3:3}, at: ext4_buffered_write_iter+0x38/0x150 fs/ext4/file.c:294
 #3: ffff8881124350b8 (&xa->xa_lock#8){+.?.}-{2:2}, at: spin_lock_irq include/linux/spinlock.h:376 [inline]
 #3: ffff8881124350b8 (&xa->xa_lock#8){+.?.}-{2:2}, at: __filemap_add_folio+0x262/0x740 mm/filemap.c:877
 #4: ffffffff83f8a8d0 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire include/linux/rcupdate.h:298 [inline]
 #4: ffffffff83f8a8d0 (rcu_read_lock){....}-{1:2}, at: rcu_read_lock include/linux/rcupdate.h:750 [inline]
 #4: ffffffff83f8a8d0 (rcu_read_lock){....}-{1:2}, at: __bpf_trace_run kernel/trace/bpf_trace.c:2389 [inline]
 #4: ffffffff83f8a8d0 (rcu_read_lock){....}-{1:2}, at: bpf_trace_run2+0x8f/0x200 kernel/trace/bpf_trace.c:2431

stack backtrace:
CPU: 0 PID: 3937 Comm: syz-executor Not tainted 6.8.0-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
Call Trace:
 <TASK>
 __dump_stack lib/dump_stack.c:88 [inline]
 dump_stack_lvl+0x8d/0xe0 lib/dump_stack.c:106
 mark_lock_irq+0x49a/0x500
 mark_lock+0xe9/0x150 kernel/locking/lockdep.c:4678
 mark_held_locks kernel/locking/lockdep.c:4274 [inline]
 __trace_hardirqs_on_caller kernel/locking/lockdep.c:4300 [inline]
 lockdep_hardirqs_on_prepare+0x177/0x200 kernel/locking/lockdep.c:4359
 trace_hardirqs_on+0x3d/0x90 kernel/trace/trace_preemptirq.c:61
 __local_bh_enable_ip+0xbb/0x100 kernel/softirq.c:387
 spin_unlock_bh include/linux/spinlock.h:396 [inline]
 __sock_map_delete net/core/sock_map.c:424 [inline]
 sock_map_delete_elem+0x4a/0x70 net/core/sock_map.c:446
 ___bpf_prog_run+0x5f6/0x2280 kernel/bpf/core.c:2011
 __bpf_prog_run32+0xbb/0xe0 kernel/bpf/core.c:2250
 bpf_dispatcher_nop_func include/linux/bpf.h:1233 [inline]
 __bpf_prog_run include/linux/filter.h:657 [inline]
 bpf_prog_run include/linux/filter.h:664 [inline]
 __bpf_trace_run kernel/trace/bpf_trace.c:2390 [inline]
 bpf_trace_run2+0x108/0x200 kernel/trace/bpf_trace.c:2431
 trace_kfree include/trace/events/kmem.h:94 [inline]
 kfree+0x23d/0x320 mm/slub.c:4396
 memcg_list_lru_alloc+0x37c/0x400 mm/list_lru.c:546
 __memcg_slab_pre_alloc_hook+0x254/0x2b0 mm/slub.c:1922
 memcg_slab_pre_alloc_hook mm/slub.c:1950 [inline]
 slab_pre_alloc_hook mm/slub.c:3766 [inline]
 slab_alloc_node mm/slub.c:3842 [inline]
 kmem_cache_alloc_lru+0x1d0/0x370 mm/slub.c:3879
 xas_alloc lib/xarray.c:375 [inline]
 xas_expand lib/xarray.c:582 [inline]
 xas_create+0x242/0x560 lib/xarray.c:653
 xas_store+0x53/0x6b0 lib/xarray.c:787
 __filemap_add_folio+0x308/0x740 mm/filemap.c:899
 filemap_add_folio+0x4a/0x1a0 mm/filemap.c:938
 __filemap_get_folio+0x1c3/0x3a0 mm/filemap.c:1927
 ext4_da_write_begin+0x17f/0x2f0 fs/ext4/inode.c:2885
 generic_perform_write+0xa9/0x250 mm/filemap.c:3921
 ext4_buffered_write_iter+0xc5/0x150 fs/ext4/file.c:299
 ext4_file_write_iter+0x321/0x750
 call_write_iter include/linux/fs.h:2108 [inline]
 new_sync_write fs/read_write.c:497 [inline]
 vfs_write+0x31a/0x390 fs/read_write.c:590
 ksys_write+0x70/0xe0 fs/read_write.c:643
 do_syscall_64+0xa8/0x1c0
 entry_SYSCALL_64_after_hwframe+0x6d/0x75
RIP: 0033:0x7f4f1107cee9
Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007f4f11e470c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
RAX: ffffffffffffffda RBX: 00007f4f111abf80 RCX: 00007f4f1107cee9
RDX: 0000000000002000 RSI: 0000000020000180 RDI: 000000000000000c
RBP: 00007f4f110c949e R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 000000000000000b R14: 00007f4f111abf80 R15: 00007ffd4f2a7d28
 </TASK>