program: r0 = syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000280)='mnt\x00', 0x4, &(0x7f0000000040), 0x0, 0x258, &(0x7f0000000780)="$eJzs3UFoHFUYB/BvZneNSRaJehEEFUREAyHeBD3Ei0JAYpAgqBAR8aIkQkzwlnjqpYf23Jacegmlt6Y9llxCLy2FntI2h/RSaEMPDT20hy2TSUrabLqlu90pmd8Php3ZmTffG2b/b/YyvABKayAiRiKiEhGDEVGLiGTvAR/ly8DO5mLv6mREo/HjvWT7uHw7t9uuPyIWIuLLiFhJk/irGjG3/MvGg7XvPj06W/vk9PLPvV29yB2bG+vfb50aO3Ju9Iu5K9fujCUxEvWnrqvzkibfVZOId15FsddEUi26B7yI8f/OXs9y/25EfLyd/1qkkd+8YzNvrNTi85MHtT1+9+r73ewr0HmNRi17Bi40gNJJI6IeSToUEfl6mg4N5f/hb1T60r+nZ/4d/HN6duqPokcqoFPqEevfXug53/9M/m9X8vwDh1eW/4nxpZvZ+lal6N4A3ZTlf/C3+c/igPy/WUCfgE5Jn7u3Vf6Bw0v+obzkH8qrM/nv72ifgO7w/Ifykn845L4+eJf8Q3nJP5SX/EN57c0/AFAujZ6i30AGilL0+AMAAAAAAAAAAAAAAAAAAOy32Ls6ubt0q+alExGb30REtVn9ys4MZvlMhH33k+ywJ5K8WVt+/bDNE7TpTMFvX791q9j6lz/owEkmfnjppvNTEQv/R8Rwtbr/95e0mEGvtbdb7K/93maBNn31U7H1Hy0VW390LeJiNv4MNxt/0nhv+7P5+FPP7l+b9f952OYJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6JrHAQAA//+wa24f") ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r0, 0xc0506617, &(0x7f0000000300)={@id={0x2, 0x0, @a}, 0x40, 0x0, '\x00', @a}) mkdirat(0xffffffffffffff9c, &(0x7f0000000640)='mnt/encrypted_dir\x00', 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000680)='mnt/encrypted_dir\x00', 0x800, 0x0) ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r1, 0x800c6613, &(0x7f00000006c0)=@v2={0x2, @aes256, 0x0, '\x00', @a}) chdir(&(0x7f00000002c0)='mnt/encrypted_dir\x00') symlink(&(0x7f00000000c0)='mnt\x00', &(0x7f0000000100)='./file0\x00') ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY_ALL_USERS(r1, 0xc0406619, &(0x7f0000000080)={@id={0x2, 0x0, @a}}) lstat(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)) [ 85.882988][ T5299] Bluetooth: hci0: command tx timeout [ 86.057590][ T5321] loop0: detected capacity change from 0 to 128 [ 86.100087][ T5321] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 86.114056][ T5321] ext4 filesystem being mounted at /0/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 86.140621][ T5321] fscrypt: AES-256-CBC-CTS using implementation "cts-cbc-aes-aesni" [ 86.159281][ T5321] fscrypt: loop0: 1 inode(s) still busy after removing key with identifier 69b2f6edeee720cce0577937eb8a6751, including ino 12 [ 86.216140][ T78] [ 86.217302][ T78] ====================================================== [ 86.220118][ T78] WARNING: possible circular locking dependency detected [ 86.222999][ T78] syzkaller #0 Not tainted [ 86.224935][ T78] ------------------------------------------------------ [ 86.227908][ T78] kswapd0/78 is trying to acquire lock: [ 86.230249][ T78] ffff88801fd03098 (&type->lock_class){+.+.}-{4:4}, at: keyring_clear+0xaf/0x240 [ 86.234046][ T78] [ 86.234046][ T78] but task is already holding lock: [ 86.237087][ T78] ffffffff8e047f80 (fs_reclaim){+.+.}-{0:0}, at: kswapd+0x951/0x2800 [ 86.240453][ T78] [ 86.240453][ T78] which lock already depends on the new lock. [ 86.240453][ T78] [ 86.245300][ T78] [ 86.245300][ T78] the existing dependency chain (in reverse order) is: [ 86.249714][ T78] [ 86.249714][ T78] -> #1 (fs_reclaim){+.+.}-{0:0}: [ 86.253837][ T78] lock_acquire+0x120/0x360 [ 86.256498][ T78] fs_reclaim_acquire+0x72/0x100 [ 86.259011][ T78] __kmalloc_cache_noprof+0x40/0x6f0 [ 86.261911][ T78] assoc_array_insert+0x92/0x2f90 [ 86.264271][ T78] __key_link_begin+0xd6/0x1f0 [ 86.266535][ T78] __key_create_or_update+0x41a/0xa30 [ 86.269088][ T78] key_create_or_update+0x42/0x60 [ 86.271153][ T78] x509_load_certificate_list+0x145/0x280 [ 86.274193][ T78] do_one_initcall+0x236/0x820 [ 86.276670][ T78] do_initcall_level+0x104/0x190 [ 86.279243][ T78] do_initcalls+0x59/0xa0 [ 86.281482][ T78] kernel_init_freeable+0x334/0x4b0 [ 86.284339][ T78] kernel_init+0x1d/0x1d0 [ 86.286591][ T78] ret_from_fork+0x4bc/0x870 [ 86.288877][ T78] ret_from_fork_asm+0x1a/0x30 [ 86.291886][ T78] [ 86.291886][ T78] -> #0 (&type->lock_class){+.+.}-{4:4}: [ 86.296109][ T78] validate_chain+0xb9b/0x2140 [ 86.298654][ T78] __lock_acquire+0xab9/0xd20 [ 86.300905][ T78] lock_acquire+0x120/0x360 [ 86.302940][ T78] down_write+0x96/0x1f0 [ 86.305072][ T78] keyring_clear+0xaf/0x240 [ 86.307462][ T78] fscrypt_put_master_key+0xca/0x190 [ 86.310014][ T78] put_crypt_info+0x26d/0x310 [ 86.312673][ T78] fscrypt_put_encryption_info+0xf6/0x140 [ 86.315589][ T78] ext4_clear_inode+0x170/0x2f0 [ 86.317800][ T78] ext4_evict_inode+0xa67/0xee0 [ 86.319999][ T78] evict+0x504/0x9c0 [ 86.321877][ T78] __dentry_kill+0x209/0x660 [ 86.324133][ T78] shrink_kill+0xa9/0x2c0 [ 86.326286][ T78] shrink_dentry_list+0x2e0/0x5e0 [ 86.328775][ T78] prune_dcache_sb+0x10e/0x180 [ 86.331002][ T78] super_cache_scan+0x369/0x4b0 [ 86.333060][ T78] do_shrink_slab+0x6ef/0x1110 [ 86.335146][ T78] shrink_slab+0x7ef/0x10d0 [ 86.337240][ T78] shrink_one+0x28a/0x7c0 [ 86.339291][ T78] shrink_node+0x315d/0x3780 [ 86.341404][ T78] kswapd+0x147c/0x2800 [ 86.343099][ T78] kthread+0x711/0x8a0 [ 86.345059][ T78] ret_from_fork+0x4bc/0x870 [ 86.347217][ T78] ret_from_fork_asm+0x1a/0x30 [ 86.349584][ T78] [ 86.349584][ T78] other info that might help us debug this: [ 86.349584][ T78] [ 86.354116][ T78] Possible unsafe locking scenario: [ 86.354116][ T78] [ 86.357473][ T78] CPU0 CPU1 [ 86.359343][ T78] ---- ---- [ 86.361643][ T78] lock(fs_reclaim); [ 86.363361][ T78] lock(&type->lock_class); [ 86.367312][ T78] lock(fs_reclaim); [ 86.370309][ T78] lock(&type->lock_class); [ 86.372383][ T78] [ 86.372383][ T78] *** DEADLOCK *** [ 86.372383][ T78] [ 86.375857][ T78] 2 locks held by kswapd0/78: [ 86.378102][ T78] #0: ffffffff8e047f80 (fs_reclaim){+.+.}-{0:0}, at: kswapd+0x951/0x2800 [ 86.381938][ T78] #1: ffff88803ade80e0 (&type->s_umount_key#31){++++}-{4:4}, at: super_cache_scan+0x91/0x4b0 [ 86.386919][ T78] [ 86.386919][ T78] stack backtrace: [ 86.389739][ T78] CPU: 0 UID: 0 PID: 78 Comm: kswapd0 Not tainted syzkaller #0 PREEMPT(full) [ 86.389781][ T78] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 86.389794][ T78] Call Trace: [ 86.389875][ T78] [ 86.389882][ T78] dump_stack_lvl+0x189/0x250 [ 86.389904][ T78] ? __pfx_dump_stack_lvl+0x10/0x10 [ 86.389918][ T78] ? __pfx__printk+0x10/0x10 [ 86.389929][ T78] ? print_lock_name+0xde/0x100 [ 86.389940][ T78] print_circular_bug+0x2ee/0x310 [ 86.389955][ T78] check_noncircular+0x134/0x160 [ 86.389969][ T78] validate_chain+0xb9b/0x2140 [ 86.389985][ T78] __lock_acquire+0xab9/0xd20 [ 86.389996][ T78] ? keyring_clear+0xaf/0x240 [ 86.390019][ T78] lock_acquire+0x120/0x360 [ 86.390029][ T78] ? keyring_clear+0xaf/0x240 [ 86.390046][ T78] down_write+0x96/0x1f0 [ 86.390087][ T78] ? keyring_clear+0xaf/0x240 [ 86.390100][ T78] ? __pfx_down_write+0x10/0x10 [ 86.390117][ T78] keyring_clear+0xaf/0x240 [ 86.390143][ T78] ? __pfx_keyring_clear+0x10/0x10 [ 86.390159][ T78] fscrypt_put_master_key+0xca/0x190 [ 86.390172][ T78] put_crypt_info+0x26d/0x310 [ 86.390184][ T78] fscrypt_put_encryption_info+0xf6/0x140 [ 86.390198][ T78] ext4_clear_inode+0x170/0x2f0 [ 86.390210][ T78] ext4_evict_inode+0xa67/0xee0 [ 86.390223][ T78] ? inode_wait_for_writeback+0xf9/0x290 [ 86.390234][ T78] ? __pfx_inode_wait_for_writeback+0x10/0x10 [ 86.390244][ T78] ? __pfx_ext4_evict_inode+0x10/0x10 [ 86.390257][ T78] ? do_raw_spin_unlock+0x4d/0x240 [ 86.390272][ T78] ? __pfx_ext4_evict_inode+0x10/0x10 [ 86.390283][ T78] evict+0x504/0x9c0 [ 86.390296][ T78] ? __pfx_evict+0x10/0x10 [ 86.390306][ T78] ? _raw_spin_unlock+0x28/0x50 [ 86.390318][ T78] ? iput+0x946/0xc50 [ 86.390334][ T78] __dentry_kill+0x209/0x660 [ 86.390349][ T78] ? shrink_kill+0x8d/0x2c0 [ 86.390363][ T78] shrink_kill+0xa9/0x2c0 [ 86.390378][ T78] shrink_dentry_list+0x2e0/0x5e0 [ 86.390394][ T78] prune_dcache_sb+0x10e/0x180 [ 86.390408][ T78] ? __pfx_prune_dcache_sb+0x10/0x10 [ 86.390424][ T78] ? list_lru_count_one+0x27/0x2c0 [ 86.390440][ T78] ? list_lru_count_one+0x264/0x2c0 [ 86.390454][ T78] super_cache_scan+0x369/0x4b0 [ 86.390469][ T78] do_shrink_slab+0x6ef/0x1110 [ 86.390482][ T78] shrink_slab+0x7ef/0x10d0 [ 86.390492][ T78] ? shrink_slab+0x1e8/0x10d0 [ 86.390503][ T78] ? __pfx_shrink_slab+0x10/0x10 [ 86.390516][ T78] shrink_one+0x28a/0x7c0 [ 86.390534][ T78] ? shrink_node+0x2f1f/0x3780 [ 86.390549][ T78] shrink_node+0x315d/0x3780 [ 86.390566][ T78] ? shrink_node+0x2f1f/0x3780 [ 86.390582][ T78] ? __lock_acquire+0xab9/0xd20 [ 86.390593][ T78] ? percpu_ref_put+0x19/0x180 [ 86.390611][ T78] ? __pfx_shrink_node+0x10/0x10 [ 86.390625][ T78] ? percpu_ref_put+0x19/0x180 [ 86.390640][ T78] ? mem_cgroup_iter+0x420/0x460 [ 86.390651][ T78] ? mem_cgroup_iter+0x3b/0x460 [ 86.390661][ T78] kswapd+0x147c/0x2800 [ 86.390676][ T78] ? kswapd+0x951/0x2800 [ 86.390690][ T78] ? __pfx_kswapd+0x10/0x10 [ 86.390701][ T78] ? __lock_acquire+0xab9/0xd20 [ 86.390723][ T78] ? _raw_spin_unlock_irqrestore+0xad/0x110 [ 86.390735][ T78] ? _raw_spin_lock_bh+0x20/0x50 [ 86.390746][ T78] ? __pfx_autoremove_wake_function+0x10/0x10 [ 86.390761][ T78] ? __pfx_set_cpus_allowed_ptr+0x10/0x10 [ 86.390774][ T78] ? __kthread_parkme+0x7b/0x200 [ 86.390788][ T78] ? __kthread_parkme+0x1a1/0x200 [ 86.390801][ T78] kthread+0x711/0x8a0 [ 86.390815][ T78] ? __pfx_kswapd+0x10/0x10 [ 86.390825][ T78] ? __pfx_kthread+0x10/0x10 [ 86.390838][ T78] ? _raw_spin_unlock_irq+0x23/0x50 [ 86.390849][ T78] ? lockdep_hardirqs_on+0x9c/0x150 [ 86.390862][ T78] ? __pfx_kthread+0x10/0x10 [ 86.390876][ T78] ret_from_fork+0x4bc/0x870 [ 86.390887][ T78] ? __pfx_ret_from_fork+0x10/0x10 [ 86.390899][ T78] ? __pfx_kthread+0x10/0x10 [ 86.390912][ T78] ret_from_fork_asm+0x1a/0x30 [ 86.390924][ T78]