program: syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000280)='mnt\x00', 0x4, &(0x7f0000000040), 0x0, 0x258, &(0x7f0000000780)="$eJzs3UFoHFUYB/BvZneNSRaJehEEFUREAyHeBD3Ei0JAYpAgqBAR8aIkQkzwlnjqpYf23Jacegmlt6Y9llxCLy2FntI2h/RSaEMPDT20hy2TSUrabLqlu90pmd8Php3ZmTffG2b/b/YyvABKayAiRiKiEhGDEVGLiGTvAR/ly8DO5mLv6mREo/HjvWT7uHw7t9uuPyIWIuLLiFhJk/irGjG3/MvGg7XvPj06W/vk9PLPvV29yB2bG+vfb50aO3Ju9Iu5K9fujCUxEvWnrqvzkibfVZOId15FsddEUi26B7yI8f/OXs9y/25EfLyd/1qkkd+8YzNvrNTi85MHtT1+9+r73ewr0HmNRi17Bi40gNJJI6IeSToUEfl6mg4N5f/hb1T60r+nZ/4d/HN6duqPokcqoFPqEevfXug53/9M/m9X8vwDh1eW/4nxpZvZ+lal6N4A3ZTlf/C3+c/igPy/WUCfgE5Jn7u3Vf6Bw0v+obzkH8qrM/nv72ifgO7w/Ifykn845L4+eJf8Q3nJP5SX/EN57c0/AFAujZ6i30AGilL0+AMAAAAAAAAAAAAAAAAAAOy32Ls6ubt0q+alExGb30REtVn9ys4MZvlMhH33k+ywJ5K8WVt+/bDNE7TpTMFvX791q9j6lz/owEkmfnjppvNTEQv/R8Rwtbr/95e0mEGvtbdb7K/93maBNn31U7H1Hy0VW390LeJiNv4MNxt/0nhv+7P5+FPP7l+b9f952OYJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6JrHAQAA//+wa24f") r0 = openat(0xffffffffffffff9c, &(0x7f0000000540)='mnt\x00', 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r0, 0xc0506617, &(0x7f0000000580)={@id={0x2, 0x0, @a}, 0x40, 0x0, '\x00', @a}) mkdirat(0xffffffffffffff9c, &(0x7f0000000640)='mnt/encrypted_dir\x00', 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000680)='mnt/encrypted_dir\x00', 0x800, 0x0) ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r1, 0x800c6613, &(0x7f00000006c0)=@v2={0x2, @aes256, 0x0, '\x00', @a}) chdir(&(0x7f00000002c0)='mnt/encrypted_dir\x00') symlink(&(0x7f00000000c0)='mnt/encrypted_dir\x00', &(0x7f0000000100)='./file0\x00') ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY_ALL_USERS(r1, 0xc0406619, &(0x7f0000000080)={@id={0x2, 0x0, @a}}) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r2, &(0x7f0000002d00)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x820}}, {{&(0x7f0000001580)=@file={0x1, './file0\x00'}, 0x6e, 0x0, 0x0, 0x0, 0x0, 0x40042}}], 0x2, 0x20000000) syz_open_dev$loop(&(0x7f0000000000), 0x6, 0x40000) [ 93.711452][ T5305] Bluetooth: hci0: command tx timeout [ 93.913805][ T5326] loop0: detected capacity change from 0 to 128 [ 93.948359][ T5326] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 93.971727][ T5326] ext4 filesystem being mounted at /0/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 93.997081][ T5326] fscrypt: AES-256-CBC-CTS using implementation "cts-cbc-aes-aesni" [ 94.039014][ T5326] fscrypt: loop0: 1 inode(s) still busy after removing key with identifier 69b2f6edeee720cce0577937eb8a6751, including ino 12 [ 94.119637][ T75] [ 94.120593][ T75] ====================================================== [ 94.123386][ T75] WARNING: possible circular locking dependency detected [ 94.126189][ T75] syzkaller #0 Not tainted [ 94.128051][ T75] ------------------------------------------------------ [ 94.131022][ T75] kswapd0/75 is trying to acquire lock: [ 94.133614][ T75] ffff888011d55098 (&type->lock_class){+.+.}-{4:4}, at: keyring_clear+0xaf/0x250 [ 94.137538][ T75] [ 94.137538][ T75] but task is already holding lock: [ 94.140765][ T75] ffffffff8e67e4a0 (fs_reclaim){+.+.}-{0:0}, at: kswapd+0x90d/0x2800 [ 94.144234][ T75] [ 94.144234][ T75] which lock already depends on the new lock. [ 94.144234][ T75] [ 94.148623][ T75] [ 94.148623][ T75] the existing dependency chain (in reverse order) is: [ 94.152494][ T75] [ 94.152494][ T75] -> #1 (fs_reclaim){+.+.}-{0:0}: [ 94.155562][ T75] fs_reclaim_acquire+0x71/0x100 [ 94.157839][ T75] __kmalloc_cache_noprof+0x40/0x6e0 [ 94.160622][ T75] assoc_array_insert+0x92/0x2f60 [ 94.162828][ T75] __key_link_begin+0xd6/0x1f0 [ 94.164946][ T75] __key_create_or_update+0x449/0xa80 [ 94.167322][ T75] key_create_or_update+0x42/0x60 [ 94.169579][ T75] x509_load_certificate_list+0x145/0x280 [ 94.172116][ T75] do_one_initcall+0x250/0x840 [ 94.174308][ T75] do_initcall_level+0x104/0x190 [ 94.176689][ T75] do_initcalls+0x59/0xa0 [ 94.178869][ T75] kernel_init_freeable+0x2a6/0x3d0 [ 94.181307][ T75] kernel_init+0x1d/0x1d0 [ 94.183457][ T75] ret_from_fork+0x51b/0xa40 [ 94.185751][ T75] ret_from_fork_asm+0x1a/0x30 [ 94.188192][ T75] [ 94.188192][ T75] -> #0 (&type->lock_class){+.+.}-{4:4}: [ 94.191630][ T75] __lock_acquire+0x15a5/0x2cf0 [ 94.193888][ T75] lock_acquire+0x106/0x330 [ 94.196097][ T75] down_write+0x96/0x200 [ 94.198144][ T75] keyring_clear+0xaf/0x250 [ 94.200419][ T75] fscrypt_put_master_key+0xca/0x190 [ 94.203059][ T75] put_crypt_info+0x26d/0x310 [ 94.205394][ T75] fscrypt_put_encryption_info+0xf6/0x140 [ 94.208115][ T75] ext4_clear_inode+0x170/0x2f0 [ 94.210482][ T75] ext4_evict_inode+0x9fb/0xe60 [ 94.212827][ T75] evict+0x61e/0xb10 [ 94.214776][ T75] __dentry_kill+0x1a2/0x5e0 [ 94.217034][ T75] shrink_kill+0xa9/0x2c0 [ 94.219226][ T75] shrink_dentry_list+0x2e0/0x5e0 [ 94.221720][ T75] prune_dcache_sb+0x119/0x180 [ 94.224154][ T75] super_cache_scan+0x369/0x4b0 [ 94.226602][ T75] do_shrink_slab+0x6df/0x10d0 [ 94.229091][ T75] shrink_slab+0x830/0x1150 [ 94.231332][ T75] shrink_one+0x2d9/0x710 [ 94.233481][ T75] shrink_node+0x2f8b/0x35f0 [ 94.235735][ T75] kswapd+0x144c/0x2800 [ 94.237845][ T75] kthread+0x726/0x8b0 [ 94.239902][ T75] ret_from_fork+0x51b/0xa40 [ 94.242122][ T75] ret_from_fork_asm+0x1a/0x30 [ 94.244458][ T75] [ 94.244458][ T75] other info that might help us debug this: [ 94.244458][ T75] [ 94.248874][ T75] Possible unsafe locking scenario: [ 94.248874][ T75] [ 94.252097][ T75] CPU0 CPU1 [ 94.254363][ T75] ---- ---- [ 94.256637][ T75] lock(fs_reclaim); [ 94.258357][ T75] lock(&type->lock_class); [ 94.261497][ T75] lock(fs_reclaim); [ 94.264351][ T75] lock(&type->lock_class); [ 94.266409][ T75] [ 94.266409][ T75] *** DEADLOCK *** [ 94.266409][ T75] [ 94.270047][ T75] 2 locks held by kswapd0/75: [ 94.272211][ T75] #0: ffffffff8e67e4a0 (fs_reclaim){+.+.}-{0:0}, at: kswapd+0x90d/0x2800 [ 94.275987][ T75] #1: ffff888011db00e0 (&type->s_umount_key#32){++++}-{4:4}, at: super_cache_scan+0x91/0x4b0 [ 94.280593][ T75] [ 94.280593][ T75] stack backtrace: [ 94.283284][ T75] CPU: 0 UID: 0 PID: 75 Comm: kswapd0 Not tainted syzkaller #0 PREEMPT(full) [ 94.283299][ T75] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 94.283307][ T75] Call Trace: [ 94.283314][ T75] [ 94.283319][ T75] dump_stack_lvl+0xe8/0x150 [ 94.283339][ T75] print_circular_bug+0x2e1/0x300 [ 94.283353][ T75] check_noncircular+0x12e/0x150 [ 94.283366][ T75] __lock_acquire+0x15a5/0x2cf0 [ 94.283384][ T75] ? stack_trace_save+0xa9/0x100 [ 94.283402][ T75] ? keyring_clear+0xaf/0x250 [ 94.283417][ T75] lock_acquire+0x106/0x330 [ 94.283431][ T75] ? keyring_clear+0xaf/0x250 [ 94.283448][ T75] down_write+0x96/0x200 [ 94.283461][ T75] ? keyring_clear+0xaf/0x250 [ 94.283474][ T75] ? __pfx_down_write+0x10/0x10 [ 94.283488][ T75] keyring_clear+0xaf/0x250 [ 94.283503][ T75] ? __pfx_keyring_clear+0x10/0x10 [ 94.283518][ T75] fscrypt_put_master_key+0xca/0x190 [ 94.283534][ T75] put_crypt_info+0x26d/0x310 [ 94.283550][ T75] fscrypt_put_encryption_info+0xf6/0x140 [ 94.283566][ T75] ext4_clear_inode+0x170/0x2f0 [ 94.283581][ T75] ext4_evict_inode+0x9fb/0xe60 [ 94.283597][ T75] ? inode_wait_for_writeback+0x16d/0x3b0 [ 94.283612][ T75] ? __pfx_inode_wait_for_writeback+0x10/0x10 [ 94.283624][ T75] ? do_raw_spin_lock+0x12b/0x2f0 [ 94.283638][ T75] ? __pfx_ext4_evict_inode+0x10/0x10 [ 94.283658][ T75] ? do_raw_spin_unlock+0x4d/0x210 [ 94.283671][ T75] ? __pfx_ext4_evict_inode+0x10/0x10 [ 94.283684][ T75] evict+0x61e/0xb10 [ 94.283701][ T75] ? __pfx_evict+0x10/0x10 [ 94.283713][ T75] ? _raw_spin_unlock+0x28/0x50 [ 94.283727][ T75] ? iput+0xcc2/0x1020 [ 94.283740][ T75] __dentry_kill+0x1a2/0x5e0 [ 94.283755][ T75] ? shrink_kill+0x8d/0x2c0 [ 94.283765][ T75] shrink_kill+0xa9/0x2c0 [ 94.283776][ T75] shrink_dentry_list+0x2e0/0x5e0 [ 94.283795][ T75] prune_dcache_sb+0x119/0x180 [ 94.283805][ T75] ? __pfx_prune_dcache_sb+0x10/0x10 [ 94.283821][ T75] ? list_lru_count_one+0x27/0x2c0 [ 94.283832][ T75] ? list_lru_count_one+0x264/0x2c0 [ 94.283847][ T75] super_cache_scan+0x369/0x4b0 [ 94.283865][ T75] do_shrink_slab+0x6df/0x10d0 [ 94.283883][ T75] shrink_slab+0x830/0x1150 [ 94.283897][ T75] ? shrink_slab+0x1ef/0x1150 [ 94.283908][ T75] ? __pfx_shrink_slab+0x10/0x10 [ 94.283923][ T75] shrink_one+0x2d9/0x710 [ 94.283935][ T75] ? shrink_node+0x2d4d/0x35f0 [ 94.283945][ T75] shrink_node+0x2f8b/0x35f0 [ 94.283957][ T75] ? shrink_node+0x2d4d/0x35f0 [ 94.283968][ T75] ? __lock_acquire+0x6b5/0x2cf0 [ 94.283988][ T75] ? percpu_ref_put+0x19/0x180 [ 94.284006][ T75] ? percpu_ref_put+0x19/0x180 [ 94.284021][ T75] ? __pfx_shrink_node+0x10/0x10 [ 94.284030][ T75] ? percpu_ref_put+0x19/0x180 [ 94.284045][ T75] ? mem_cgroup_iter+0x420/0x450 [ 94.284056][ T75] ? mem_cgroup_iter+0x3b/0x450 [ 94.284068][ T75] kswapd+0x144c/0x2800 [ 94.284086][ T75] ? kswapd+0x90d/0x2800 [ 94.284101][ T75] ? __pfx_kswapd+0x10/0x10 [ 94.284113][ T75] ? __lock_acquire+0x6b5/0x2cf0 [ 94.284134][ T75] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 94.284146][ T75] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 94.284165][ T75] ? __pfx_autoremove_wake_function+0x10/0x10 [ 94.284179][ T75] ? __kthread_parkme+0x7a/0x1f0 [ 94.284189][ T75] ? __kthread_parkme+0x19c/0x1f0 [ 94.284200][ T75] kthread+0x726/0x8b0 [ 94.284213][ T75] ? __pfx_kswapd+0x10/0x10 [ 94.284225][ T75] ? __pfx_kthread+0x10/0x10 [ 94.284238][ T75] ? _raw_spin_unlock_irq+0x23/0x50 [ 94.284253][ T75] ? __pfx_kthread+0x10/0x10 [ 94.284265][ T75] ret_from_fork+0x51b/0xa40 [ 94.284276][ T75] ? __pfx_ret_from_fork+0x10/0x10 [ 94.284290][ T75] ? __switch_to+0xc82/0x1410 [ 94.284306][ T75] ? __pfx_kthread+0x10/0x10 [ 94.284317][ T75] ret_from_fork_asm+0x1a/0x30 [ 94.284336][ T75]