program: r0 = syz_init_net_socket$netrom(0x6, 0x5, 0x0) connect$netrom(r0, &(0x7f0000000000)={{0x6, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}}, [@bcast, @default, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @default, @bcast, @default]}, 0x48) syz_mount_image$squashfs(&(0x7f0000000080), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000780)=ANY=[@ANYRES16=0x0, @ANYRESHEX, @ANYRESHEX, @ANYRES32=0x0, @ANYRESDEC=0x0, @ANYRES64, @ANYBLOB="01ce6671a3b30f673148672100038bbb4413ea284b892438cdddda3da4c78d940655fbd68a286059c5766f98f85fb413503eaf8c90a24dda1e09f68cd741168d69dae50652ca7b67c5b0a27ab80ff9afa5000443de8c748e1d5beabee7c1346b215f641ae190d56ea4ab81bacd909929deb5757040e8d5b2752ea779c30f600bd516a68d881e7fc7289826d49e35134a94e27f115c8195a0f152cbd840ffdb008356c72319cceb43ccb1280556efdf0fdf582fd3cfc830dff1787f000000b7400f5aef57b6dcbfde7af6012383adb085c40e4c295c2a3be750a42400e58523d24b8eecd75caabcee22347bdb78b72b400d080a044ebde5d39ad91ff0ef75aa244381cf00cd6fe9b9a92a9968104bf02481022af426853287e521a4e3cfe480f984efcea1359ff932ebd3bc75aefea41074799f3502a7472a6686b4011a41d7f0cfb25b3dc3077b4e8ded17cfff2b1d59bc12f637c36690f5ca91ee999ec138f6ce66522e652939a37435edb78f9ae18489f9d2b73c81609399f0d123f1721171bd72c012623f04d8965d3e5785d057c15798ab36af821c9b308731422ba3858b9895ace14068ea58f8cb6060c205caf209a73628eff5b9270a4a55c2d7fc59a4fe6e023bd424d8b010e2232d1b2e6ca603b466b2c82afff4a8cc469e8664d54769fc97df122b3ff8c34354dad46f900eaf6e72e538c0595caa056984ab8974dadad47a42af7cdae5bde6a12f412fe2a876aa191e78e91fbf780e2f4a20f57d41376b29f990ce63aa6edf622d2203fee37df269abf869d13b175852b775fff70491d1e5d1311b7eef954a101ddb98c5ba2b312528485ece7aff23cc6fee599daea0fca71a5970cf0fc82b49640cc3fabbc401dead4f83aa0c4072a9e98ab5afb790be17961fc073e2f8ec00000000000000005089d6db5ad893ee9b22b9250d01980952d0a3e0076c877556fa43f90cb574fd6ad67398ac4d9f8ff4e3ef09f99220928602523adc2289b5130c5f8e48384eff563a10787b0199642385e811504e7168804114842d51f42dd6937515fa64b2fd14ef427072c6556b99171bd00165a9aada7173f001679ac791ee67188c670f583f7b1f8d", @ANYRES8=0x0, @ANYRES32], 0x1, 0x1d2, &(0x7f0000000580)="$eJzslU9rE0EYxn+zO2kazaFnrxbbi7bZgvgN7AfwAxjStRYT/3QDmlAweunFg/glCn4KD4LePYgIXupBQQ8VTxWJzM474ywNRMVQAvPA8j7vM++fmVlm5mZxr6gDP4/2OixRQtHkvVJoYEVZ7XjB2m9ix4JP2vot0Z+L/Si2GAzfPLF0eKvd7ea7xWAKUQqmxVTISUn/cbMJ5PXjqqL4tzqzJ/3U7uzJoacVpT4pRnI59VXMgnxvQqh8/t8tasx6FeCVH83pv+ndM/s7J8akkt6gui3zR5K/yiqQ66u4+ijha+m8PdrrGHJdbjGjbdnPHYkyxjgvg5hzGkagUsa+ji5vS1gB1vq9u2vFYHhxp9fezrfz21m2cXn91Vk5ouOHsNPN11UwjcQQjYc5p41gvAZ8+D0+IoAKpmZwBpTLdSnucl49HyQ2IAlywxq27gvfvy5aSo9rXGARuD8ywxl2t5Yx1TQ3zNI2UaTitHQwTzgmYbEcuNS5093aR6Fc2gHa12gdUvNOJo5plG9c8cvfF7ssdlPsgdhDse7tcm+SLit8EW91BAs8aPf7u+XjZZnXMq9lS75zIl3da6jcTOpERERERERERMwJfgUAAP//B6hPCg==") r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x2c06c2, 0x0) r2 = inotify_init() inotify_add_watch(r2, &(0x7f0000000240)='./file0\x00', 0x4000842) umount2(&(0x7f00000000c0)='./file0/file0\x00', 0x9) getdents64(r1, &(0x7f0000000f80)=""/4096, 0x1000) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000100)={'wlan1\x00'}) [ 79.768567][ T5090] Bluetooth: hci0: command tx timeout [ 80.967162][ T5106] loop0: detected capacity change from 0 to 8 [ 81.006936][ T75] [ 81.007929][ T75] ====================================================== [ 81.010517][ T75] WARNING: possible circular locking dependency detected [ 81.013123][ T75] 6.11.0-syzkaller-11558-g075dbe9f6e3c #0 Not tainted [ 81.015660][ T75] ------------------------------------------------------ [ 81.018124][ T75] kswapd0/75 is trying to acquire lock: [ 81.020186][ T75] ffff88803c0f9130 (&group->mark_mutex){+.+.}-{3:3}, at: fsnotify_destroy_mark+0x38/0x3c0 [ 81.024156][ T75] [ 81.024156][ T75] but task is already holding lock: [ 81.026931][ T75] ffffffff8ea37100 (fs_reclaim){+.+.}-{0:0}, at: kswapd+0xbf1/0x3700 [ 81.029941][ T75] [ 81.029941][ T75] which lock already depends on the new lock. [ 81.029941][ T75] [ 81.033837][ T75] [ 81.033837][ T75] the existing dependency chain (in reverse order) is: [ 81.037249][ T75] [ 81.037249][ T75] -> #1 (fs_reclaim){+.+.}-{0:0}: [ 81.039911][ T75] lock_acquire+0x1ed/0x550 [ 81.041854][ T75] fs_reclaim_acquire+0x88/0x140 [ 81.043893][ T75] kmem_cache_alloc_noprof+0x3d/0x2a0 [ 81.046103][ T75] __se_sys_inotify_add_watch+0x728/0x1060 [ 81.048415][ T75] do_syscall_64+0xf3/0x230 [ 81.050358][ T75] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 81.052542][ T75] [ 81.052542][ T75] -> #0 (&group->mark_mutex){+.+.}-{3:3}: [ 81.055294][ T75] validate_chain+0x18ef/0x5920 [ 81.057224][ T75] __lock_acquire+0x1384/0x2050 [ 81.059219][ T75] lock_acquire+0x1ed/0x550 [ 81.061046][ T75] __mutex_lock+0x136/0xd70 [ 81.062841][ T75] fsnotify_destroy_mark+0x38/0x3c0 [ 81.064864][ T75] fsnotify_destroy_marks+0x14a/0x660 [ 81.067104][ T75] dentry_unlink_inode+0x2e0/0x430 [ 81.069242][ T75] __dentry_kill+0x20d/0x630 [ 81.071193][ T75] shrink_kill+0xa9/0x2c0 [ 81.073083][ T75] shrink_dentry_list+0x2c0/0x5b0 [ 81.075222][ T75] prune_dcache_sb+0x10f/0x180 [ 81.077236][ T75] super_cache_scan+0x34f/0x4b0 [ 81.079281][ T75] do_shrink_slab+0x701/0x1160 [ 81.081183][ T75] shrink_slab+0x1093/0x14d0 [ 81.083072][ T75] shrink_one+0x43b/0x850 [ 81.084837][ T75] shrink_node+0x3799/0x3de0 [ 81.086793][ T75] kswapd+0x1ca3/0x3700 [ 81.088451][ T75] kthread+0x2f0/0x390 [ 81.090179][ T75] ret_from_fork+0x4b/0x80 [ 81.092042][ T75] ret_from_fork_asm+0x1a/0x30 [ 81.094189][ T75] [ 81.094189][ T75] other info that might help us debug this: [ 81.094189][ T75] [ 81.097980][ T75] Possible unsafe locking scenario: [ 81.097980][ T75] [ 81.100486][ T75] CPU0 CPU1 [ 81.102343][ T75] ---- ---- [ 81.104274][ T75] lock(fs_reclaim); [ 81.105886][ T75] lock(&group->mark_mutex); [ 81.108802][ T75] lock(fs_reclaim); [ 81.111034][ T75] lock(&group->mark_mutex); [ 81.112844][ T75] [ 81.112844][ T75] *** DEADLOCK *** [ 81.112844][ T75] [ 81.115770][ T75] 2 locks held by kswapd0/75: [ 81.117484][ T75] #0: ffffffff8ea37100 (fs_reclaim){+.+.}-{0:0}, at: kswapd+0xbf1/0x3700 [ 81.120605][ T75] #1: ffff888032b5c0e0 (&type->s_umount_key#47){.+.+}-{3:3}, at: super_cache_scan+0x94/0x4b0 [ 81.124363][ T75] [ 81.124363][ T75] stack backtrace: [ 81.126588][ T75] CPU: 0 UID: 0 PID: 75 Comm: kswapd0 Not tainted 6.11.0-syzkaller-11558-g075dbe9f6e3c #0 [ 81.130153][ T75] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 81.134364][ T75] Call Trace: [ 81.135651][ T75] [ 81.136834][ T75] dump_stack_lvl+0x241/0x360 [ 81.138972][ T75] ? __pfx_dump_stack_lvl+0x10/0x10 [ 81.141161][ T75] ? __pfx__printk+0x10/0x10 [ 81.143170][ T75] print_circular_bug+0x13a/0x1b0 [ 81.145482][ T75] check_noncircular+0x36a/0x4a0 [ 81.147550][ T75] ? __pfx_check_noncircular+0x10/0x10 [ 81.149650][ T75] validate_chain+0x18ef/0x5920 [ 81.151555][ T75] ? __pfx_validate_chain+0x10/0x10 [ 81.153353][ T75] ? __pfx_validate_chain+0x10/0x10 [ 81.155369][ T75] ? __pfx_validate_chain+0x10/0x10 [ 81.157296][ T75] ? mark_lock+0x9a/0x360 [ 81.158847][ T75] __lock_acquire+0x1384/0x2050 [ 81.160741][ T75] lock_acquire+0x1ed/0x550 [ 81.162437][ T75] ? fsnotify_destroy_mark+0x38/0x3c0 [ 81.164463][ T75] ? __pfx_lock_acquire+0x10/0x10 [ 81.166414][ T75] ? __pfx___might_resched+0x10/0x10 [ 81.168471][ T75] __mutex_lock+0x136/0xd70 [ 81.170202][ T75] ? fsnotify_destroy_mark+0x38/0x3c0 [ 81.172282][ T75] ? fsnotify_destroy_mark+0x38/0x3c0 [ 81.174380][ T75] ? __pfx___mutex_lock+0x10/0x10 [ 81.176337][ T75] ? __pfx_lock_release+0x10/0x10 [ 81.178361][ T75] fsnotify_destroy_mark+0x38/0x3c0 [ 81.180288][ T75] ? fsnotify_grab_connector+0x3e/0x240 [ 81.182350][ T75] fsnotify_destroy_marks+0x14a/0x660 [ 81.184421][ T75] dentry_unlink_inode+0x2e0/0x430 [ 81.186260][ T75] __dentry_kill+0x20d/0x630 [ 81.187850][ T75] ? shrink_kill+0x8d/0x2c0 [ 81.189594][ T75] shrink_kill+0xa9/0x2c0 [ 81.191122][ T75] shrink_dentry_list+0x2c0/0x5b0 [ 81.193216][ T75] prune_dcache_sb+0x10f/0x180 [ 81.194817][ T75] ? __pfx_prune_dcache_sb+0x10/0x10 [ 81.196832][ T75] ? list_lru_count_one+0x29/0x2e0 [ 81.198602][ T75] ? list_lru_count_one+0x283/0x2e0 [ 81.200623][ T75] ? list_lru_count_one+0x29/0x2e0 [ 81.202609][ T75] super_cache_scan+0x34f/0x4b0 [ 81.204559][ T75] do_shrink_slab+0x701/0x1160 [ 81.206372][ T75] ? shrink_slab+0x12b/0x14d0 [ 81.208057][ T75] shrink_slab+0x1093/0x14d0 [ 81.209788][ T75] ? shrink_slab+0x12b/0x14d0 [ 81.211598][ T75] ? __pfx_shrink_slab+0x10/0x10 [ 81.213467][ T75] ? shrink_node+0x3547/0x3de0 [ 81.215268][ T75] ? __pfx_lock_release+0x10/0x10 [ 81.217204][ T75] shrink_one+0x43b/0x850 [ 81.218888][ T75] ? shrink_node+0x3547/0x3de0 [ 81.220756][ T75] shrink_node+0x3799/0x3de0 [ 81.222550][ T75] ? shrink_node+0x3547/0x3de0 [ 81.224121][ T75] ? __pfx_lock_acquire+0x10/0x10 [ 81.225709][ T75] ? mem_cgroup_iter+0x3d/0x420 [ 81.227560][ T75] ? __pfx_lock_release+0x10/0x10 [ 81.229522][ T75] ? __pfx_shrink_node+0x10/0x10 [ 81.231459][ T75] ? mem_cgroup_iter+0x3d/0x420 [ 81.233396][ T75] kswapd+0x1ca3/0x3700 [ 81.235038][ T75] ? kswapd+0xbf1/0x3700 [ 81.236596][ T75] ? __pfx_kswapd+0x10/0x10 [ 81.238061][ T75] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 81.239808][ T75] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 81.241569][ T75] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 81.243417][ T75] ? __pfx_autoremove_wake_function+0x10/0x10 [ 81.245308][ T75] ? __kthread_parkme+0x169/0x1d0 [ 81.246954][ T75] ? __pfx_kswapd+0x10/0x10 [ 81.248595][ T75] kthread+0x2f0/0x390 [ 81.250039][ T75] ? __pfx_kswapd+0x10/0x10 [ 81.251669][ T75] ? __pfx_kthread+0x10/0x10 [ 81.253402][ T75] ret_from_fork+0x4b/0x80 [ 81.255066][ T75] ? __pfx_kthread+0x10/0x10 [ 81.256655][ T75] ret_from_fork_asm+0x1a/0x30 [ 81.258423][ T75]