program: syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000280)='mnt\x00', 0x4, &(0x7f0000000000), 0x0, 0x236, &(0x7f0000000300)="$eJzs3TFoM2UcBvDnLomf/b4gVRdBUEFEtFDqJrjURaEgpYgIKlREXJRWqC1urZOLg84qnVyKuFkdpUtxUQSnqh3qImhxsDjoELlcK9VGFFNz8t3vB5fcJe97//e4e95kOS5Aa00nmU/SSTKTpJekON/grnqZPt3cntpfTgaDx38shu3q7dpZv2tJtpI8mGSvLPJiN9nYffro54NH731jvXfPe7tPTU30IE8dHx0+dvLu4usfLjyw8fmX3y8WmU//D8d1+YoRn3WL5Jb/otj/RNFtegT8E0uvfvBVlftbk9w9zH8vZeqT9+baDXu93P/OX/V964cvbp/kWIHLNxj0qt/ArQHQOmWSfopyNkm9Xpazs/V/+K87V8uXVtdemXlhdX3l+aZnKuCy9JPDRz6+8tG1P+X/u06df+D6VeX/iaWdb6r1k07TowEmqcr/zLOb90X+oXXkH9pL/qG95B/aS/6hveQf2kv+ob3kH9pL/qG95B/a63z+AYB2GVxp+g5koClNzz8AAAAAAAAAAAAAAAAAAMBF21P7y2fLpGp++nZy/HCS7qj6neHziJMbh69XfyqqZr8r6m5jeebOMXcwpvcbvvv6pm+brf/ZHc3W31xJtl5LMtftXrz+itPr79+7+W++7z03ZoExPfRks/V/3Wm2/sJB8kk1/8yNmn/K3DZ8Hz3/9KvzN2b9l38ZcwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABMzG8BAAD//8n0bSk=") r0 = openat(0xffffffffffffff9c, &(0x7f0000000540)='mnt\x00', 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r0, 0xc0506617, &(0x7f0000000580)={@id={0x2, 0x0, @a}, 0x40, 0x0, '\x00', @a}) mkdirat(0xffffffffffffff9c, &(0x7f0000000640)='mnt/encrypted_dir\x00', 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000680)='mnt/encrypted_dir\x00', 0x800, 0x2) ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r1, 0x800c6613, &(0x7f00000006c0)=@v2={0x2, @aes256, 0x0, '\x00', @a}) chdir(&(0x7f00000002c0)='mnt/encrypted_dir\x00') openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x8042, 0x10c) link(&(0x7f0000000200)='./file1\x00', &(0x7f0000000300)='./bus\x00') ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY_ALL_USERS(r1, 0xc0406619, &(0x7f0000000080)={@id={0x2, 0x0, @a}}) [ 85.841306][ T5319] Bluetooth: hci0: command tx timeout [ 85.909815][ T5342] loop0: detected capacity change from 0 to 128 [ 86.005848][ T5342] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 86.061197][ T5342] ext4 filesystem being mounted at /0/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 86.115871][ T5342] fscrypt: AES-256-CBC-CTS using implementation "cts-cbc-aes-aesni" [ 86.119765][ T5342] fscrypt: AES-256-XTS using implementation "xts-aes-aesni-avx" [ 86.152889][ T5342] fscrypt: loop0: 2 inode(s) still busy after removing key with identifier 69b2f6edeee720cce0577937eb8a6751, including ino 13 [ 86.251205][ T76] [ 86.252325][ T76] ====================================================== [ 86.255360][ T76] WARNING: possible circular locking dependency detected [ 86.258343][ T76] syzkaller #0 Not tainted [ 86.260308][ T76] ------------------------------------------------------ [ 86.263264][ T76] kswapd0/76 is trying to acquire lock: [ 86.265547][ T76] ffff88801f858098 (&type->lock_class){+.+.}-{4:4}, at: keyring_clear+0xaf/0x240 [ 86.269430][ T76] [ 86.269430][ T76] but task is already holding lock: [ 86.272569][ T76] ffffffff8e251780 (fs_reclaim){+.+.}-{0:0}, at: kswapd+0x92a/0x2820 [ 86.275989][ T76] [ 86.275989][ T76] which lock already depends on the new lock. [ 86.275989][ T76] [ 86.280384][ T76] [ 86.280384][ T76] the existing dependency chain (in reverse order) is: [ 86.284191][ T76] [ 86.284191][ T76] -> #1 (fs_reclaim){+.+.}-{0:0}: [ 86.287281][ T76] fs_reclaim_acquire+0x72/0x100 [ 86.289567][ T76] __kmalloc_cache_noprof+0x40/0x700 [ 86.292029][ T76] assoc_array_insert+0x92/0x2f90 [ 86.294400][ T76] __key_link_begin+0xd6/0x1f0 [ 86.296525][ T76] __key_create_or_update+0x41a/0xa30 [ 86.299074][ T76] key_create_or_update+0x42/0x60 [ 86.301487][ T76] x509_load_certificate_list+0x145/0x280 [ 86.304244][ T76] do_one_initcall+0x1fb/0x820 [ 86.306460][ T76] do_initcall_level+0x104/0x190 [ 86.308918][ T76] do_initcalls+0x59/0xa0 [ 86.311249][ T76] kernel_init_freeable+0x334/0x4b0 [ 86.313714][ T76] kernel_init+0x1d/0x1d0 [ 86.315923][ T76] ret_from_fork+0x599/0xb30 [ 86.318150][ T76] ret_from_fork_asm+0x1a/0x30 [ 86.320484][ T76] [ 86.320484][ T76] -> #0 (&type->lock_class){+.+.}-{4:4}: [ 86.323900][ T76] __lock_acquire+0x15a6/0x2cf0 [ 86.326160][ T76] lock_acquire+0x117/0x340 [ 86.328230][ T76] down_write+0x96/0x1f0 [ 86.330101][ T76] keyring_clear+0xaf/0x240 [ 86.332306][ T76] fscrypt_put_master_key+0xca/0x190 [ 86.334864][ T76] put_crypt_info+0x26d/0x310 [ 86.337052][ T76] fscrypt_put_encryption_info+0xf6/0x140 [ 86.339647][ T76] ext4_clear_inode+0x170/0x2f0 [ 86.341789][ T76] ext4_evict_inode+0x9f6/0xe60 [ 86.343908][ T76] evict+0x5f4/0xae0 [ 86.345619][ T76] __dentry_kill+0x209/0x660 [ 86.347760][ T76] shrink_kill+0xa9/0x2c0 [ 86.349933][ T76] shrink_dentry_list+0x2e0/0x5e0 [ 86.352399][ T76] prune_dcache_sb+0x10e/0x180 [ 86.354369][ T76] super_cache_scan+0x369/0x4b0 [ 86.356771][ T76] do_shrink_slab+0x6df/0x10d0 [ 86.359038][ T76] shrink_slab+0x7ef/0x10d0 [ 86.361181][ T76] shrink_one+0x2d9/0x720 [ 86.363161][ T76] shrink_node+0x2f7d/0x35b0 [ 86.365283][ T76] kswapd+0x145a/0x2820 [ 86.367120][ T76] kthread+0x711/0x8a0 [ 86.369061][ T76] ret_from_fork+0x599/0xb30 [ 86.370930][ T76] ret_from_fork_asm+0x1a/0x30 [ 86.372783][ T76] [ 86.372783][ T76] other info that might help us debug this: [ 86.372783][ T76] [ 86.376699][ T76] Possible unsafe locking scenario: [ 86.376699][ T76] [ 86.379881][ T76] CPU0 CPU1 [ 86.382131][ T76] ---- ---- [ 86.384420][ T76] lock(fs_reclaim); [ 86.386142][ T76] lock(&type->lock_class); [ 86.389269][ T76] lock(fs_reclaim); [ 86.392159][ T76] lock(&type->lock_class); [ 86.394286][ T76] [ 86.394286][ T76] *** DEADLOCK *** [ 86.394286][ T76] [ 86.397844][ T76] 2 locks held by kswapd0/76: [ 86.399968][ T76] #0: ffffffff8e251780 (fs_reclaim){+.+.}-{0:0}, at: kswapd+0x92a/0x2820 [ 86.403588][ T76] #1: ffff888037a0e0e0 (&type->s_umount_key#32){++++}-{4:4}, at: super_cache_scan+0x91/0x4b0 [ 86.407916][ T76] [ 86.407916][ T76] stack backtrace: [ 86.410682][ T76] CPU: 0 UID: 0 PID: 76 Comm: kswapd0 Not tainted syzkaller #0 PREEMPT(full) [ 86.410697][ T76] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 86.410704][ T76] Call Trace: [ 86.410711][ T76] [ 86.410717][ T76] dump_stack_lvl+0x189/0x250 [ 86.410741][ T76] ? __pfx_dump_stack_lvl+0x10/0x10 [ 86.410753][ T76] ? __pfx__printk+0x10/0x10 [ 86.410767][ T76] ? print_lock_name+0xde/0x100 [ 86.410781][ T76] print_circular_bug+0x2e2/0x300 [ 86.410795][ T76] check_noncircular+0x12e/0x150 [ 86.410809][ T76] __lock_acquire+0x15a6/0x2cf0 [ 86.410824][ T76] ? keyring_clear+0xaf/0x240 [ 86.410834][ T76] lock_acquire+0x117/0x340 [ 86.410869][ T76] ? keyring_clear+0xaf/0x240 [ 86.410881][ T76] down_write+0x96/0x1f0 [ 86.410892][ T76] ? keyring_clear+0xaf/0x240 [ 86.410901][ T76] ? __pfx_down_write+0x10/0x10 [ 86.410912][ T76] keyring_clear+0xaf/0x240 [ 86.410922][ T76] ? __pfx_keyring_clear+0x10/0x10 [ 86.410935][ T76] fscrypt_put_master_key+0xca/0x190 [ 86.410950][ T76] put_crypt_info+0x26d/0x310 [ 86.410960][ T76] fscrypt_put_encryption_info+0xf6/0x140 [ 86.410971][ T76] ext4_clear_inode+0x170/0x2f0 [ 86.410981][ T76] ext4_evict_inode+0x9f6/0xe60 [ 86.410993][ T76] ? inode_wait_for_writeback+0x14d/0x370 [ 86.411007][ T76] ? __pfx_inode_wait_for_writeback+0x10/0x10 [ 86.411020][ T76] ? __pfx_ext4_evict_inode+0x10/0x10 [ 86.411030][ T76] ? do_raw_spin_unlock+0x4d/0x240 [ 86.411044][ T76] ? __pfx_ext4_evict_inode+0x10/0x10 [ 86.411054][ T76] evict+0x5f4/0xae0 [ 86.411070][ T76] ? __pfx_evict+0x10/0x10 [ 86.411082][ T76] ? _raw_spin_unlock+0x28/0x50 [ 86.411090][ T76] ? iput+0xcc6/0x1030 [ 86.411097][ T76] __dentry_kill+0x209/0x660 [ 86.411107][ T76] ? shrink_kill+0x8d/0x2c0 [ 86.411114][ T76] shrink_kill+0xa9/0x2c0 [ 86.411122][ T76] shrink_dentry_list+0x2e0/0x5e0 [ 86.411134][ T76] prune_dcache_sb+0x10e/0x180 [ 86.411143][ T76] ? __pfx_prune_dcache_sb+0x10/0x10 [ 86.411153][ T76] ? list_lru_count_one+0x27/0x2c0 [ 86.411169][ T76] ? list_lru_count_one+0x264/0x2c0 [ 86.411183][ T76] super_cache_scan+0x369/0x4b0 [ 86.411194][ T76] do_shrink_slab+0x6df/0x10d0 [ 86.411207][ T76] shrink_slab+0x7ef/0x10d0 [ 86.411218][ T76] ? shrink_slab+0x1e8/0x10d0 [ 86.411228][ T76] ? __pfx_shrink_slab+0x10/0x10 [ 86.411241][ T76] shrink_one+0x2d9/0x720 [ 86.411257][ T76] ? shrink_node+0x2d3f/0x35b0 [ 86.411270][ T76] shrink_node+0x2f7d/0x35b0 [ 86.411285][ T76] ? shrink_node+0x2d3f/0x35b0 [ 86.411300][ T76] ? __lock_acquire+0x6b6/0x2cf0 [ 86.411312][ T76] ? percpu_ref_put+0x19/0x180 [ 86.411324][ T76] ? __pfx_shrink_node+0x10/0x10 [ 86.411337][ T76] ? percpu_ref_put+0x19/0x180 [ 86.411347][ T76] ? mem_cgroup_iter+0x420/0x460 [ 86.411358][ T76] ? mem_cgroup_iter+0x3b/0x460 [ 86.411369][ T76] kswapd+0x145a/0x2820 [ 86.411384][ T76] ? kswapd+0x92a/0x2820 [ 86.411395][ T76] ? __pfx_kswapd+0x10/0x10 [ 86.411406][ T76] ? do_raw_spin_lock+0x121/0x290 [ 86.411418][ T76] ? raw_spin_rq_lock_nested+0x2a/0x140 [ 86.411429][ T76] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 86.411447][ T76] ? _raw_spin_unlock_irqrestore+0xad/0x110 [ 86.411460][ T76] ? _raw_spin_unlock+0x30/0x50 [ 86.411471][ T76] ? __pfx_autoremove_wake_function+0x10/0x10 [ 86.411484][ T76] ? __pfx_set_cpus_allowed_ptr+0x10/0x10 [ 86.411496][ T76] ? __kthread_parkme+0x7b/0x200 [ 86.411507][ T76] ? __kthread_parkme+0x1a1/0x200 [ 86.411518][ T76] kthread+0x711/0x8a0 [ 86.411530][ T76] ? __pfx_kswapd+0x10/0x10 [ 86.411541][ T76] ? __pfx_kthread+0x10/0x10 [ 86.411553][ T76] ? _raw_spin_unlock_irq+0x23/0x50 [ 86.411565][ T76] ? lockdep_hardirqs_on+0x98/0x140 [ 86.411578][ T76] ? __pfx_kthread+0x10/0x10 [ 86.411589][ T76] ret_from_fork+0x599/0xb30 [ 86.411596][ T76] ? __pfx_ret_from_fork+0x10/0x10 [ 86.411603][ T76] ? __pfx_kthread+0x10/0x10 [ 86.411611][ T76] ret_from_fork_asm+0x1a/0x30 [ 86.411622][ T76]