program: r0 = syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000280)='mnt\x00', 0x4, &(0x7f0000000040), 0x0, 0x258, &(0x7f0000000780)="$eJzs3UFoHFUYB/BvZneNSRaJehEEFUREAyHeBD3Ei0JAYpAgqBAR8aIkQkzwlnjqpYf23Jacegmlt6Y9llxCLy2FntI2h/RSaEMPDT20hy2TSUrabLqlu90pmd8Php3ZmTffG2b/b/YyvABKayAiRiKiEhGDEVGLiGTvAR/ly8DO5mLv6mREo/HjvWT7uHw7t9uuPyIWIuLLiFhJk/irGjG3/MvGg7XvPj06W/vk9PLPvV29yB2bG+vfb50aO3Ju9Iu5K9fujCUxEvWnrqvzkibfVZOId15FsddEUi26B7yI8f/OXs9y/25EfLyd/1qkkd+8YzNvrNTi85MHtT1+9+r73ewr0HmNRi17Bi40gNJJI6IeSToUEfl6mg4N5f/hb1T60r+nZ/4d/HN6duqPokcqoFPqEevfXug53/9M/m9X8vwDh1eW/4nxpZvZ+lal6N4A3ZTlf/C3+c/igPy/WUCfgE5Jn7u3Vf6Bw0v+obzkH8qrM/nv72ifgO7w/Ifykn845L4+eJf8Q3nJP5SX/EN57c0/AFAujZ6i30AGilL0+AMAAAAAAAAAAAAAAAAAAOy32Ls6ubt0q+alExGb30REtVn9ys4MZvlMhH33k+ywJ5K8WVt+/bDNE7TpTMFvX791q9j6lz/owEkmfnjppvNTEQv/R8Rwtbr/95e0mEGvtbdb7K/93maBNn31U7H1Hy0VW390LeJiNv4MNxt/0nhv+7P5+FPP7l+b9f952OYJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6JrHAQAA//+wa24f") ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r0, 0xc0506617, &(0x7f0000000300)={@id={0x2, 0x0, @a}, 0x40, 0x0, '\x00', @a}) mkdirat(0xffffffffffffff9c, &(0x7f0000000640)='mnt/encrypted_dir\x00', 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000680)='mnt/encrypted_dir\x00', 0x800, 0x0) ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r1, 0x800c6613, &(0x7f00000006c0)=@v2={0x2, @aes256, 0x0, '\x00', @a}) chdir(&(0x7f00000002c0)='mnt/encrypted_dir\x00') symlink(&(0x7f00000000c0)='mnt\x00', &(0x7f0000000100)='./file0\x00') ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY_ALL_USERS(r1, 0xc0406619, &(0x7f0000000080)={@id={0x2, 0x0, @a}}) lstat(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)) [ 76.274978][ T4690] Bluetooth: hci0: command tx timeout [ 76.313453][ T5343] loop0: detected capacity change from 0 to 128 [ 76.392267][ T5343] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 76.409790][ T5343] ext4 filesystem being mounted at /0/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 76.472389][ T5343] fscrypt: AES-256-CBC-CTS using implementation "cts-cbc-aes-aesni" [ 76.497807][ T5343] fscrypt: loop0: 1 inode(s) still busy after removing key with identifier 69b2f6edeee720cce0577937eb8a6751, including ino 12 [ 76.556977][ T79] [ 76.557851][ T79] ====================================================== [ 76.560626][ T79] WARNING: possible circular locking dependency detected [ 76.563310][ T79] syzkaller #0 Not tainted [ 76.565384][ T79] ------------------------------------------------------ [ 76.568864][ T79] kswapd0/79 is trying to acquire lock: [ 76.571405][ T79] ffff888035e69098 (&type->lock_class){+.+.}-{4:4}, at: keyring_clear+0xaf/0x240 [ 76.575422][ T79] [ 76.575422][ T79] but task is already holding lock: [ 76.578704][ T79] ffffffff8e251780 (fs_reclaim){+.+.}-{0:0}, at: kswapd+0x92a/0x2820 [ 76.582466][ T79] [ 76.582466][ T79] which lock already depends on the new lock. [ 76.582466][ T79] [ 76.587113][ T79] [ 76.587113][ T79] the existing dependency chain (in reverse order) is: [ 76.591497][ T79] [ 76.591497][ T79] -> #1 (fs_reclaim){+.+.}-{0:0}: [ 76.594316][ T79] fs_reclaim_acquire+0x72/0x100 [ 76.596503][ T79] __kmalloc_cache_noprof+0x40/0x700 [ 76.598897][ T79] assoc_array_insert+0x92/0x2f90 [ 76.601182][ T79] __key_link_begin+0xd6/0x1f0 [ 76.604023][ T79] __key_create_or_update+0x41a/0xa30 [ 76.607113][ T79] key_create_or_update+0x42/0x60 [ 76.610054][ T79] x509_load_certificate_list+0x145/0x280 [ 76.612682][ T79] do_one_initcall+0x1fb/0x820 [ 76.615152][ T79] do_initcall_level+0x104/0x190 [ 76.617733][ T79] do_initcalls+0x59/0xa0 [ 76.620005][ T79] kernel_init_freeable+0x334/0x4b0 [ 76.623660][ T79] kernel_init+0x1d/0x1d0 [ 76.626162][ T79] ret_from_fork+0x599/0xb30 [ 76.628457][ T79] ret_from_fork_asm+0x1a/0x30 [ 76.630760][ T79] [ 76.630760][ T79] -> #0 (&type->lock_class){+.+.}-{4:4}: [ 76.634217][ T79] __lock_acquire+0x15a6/0x2cf0 [ 76.636678][ T79] lock_acquire+0x117/0x340 [ 76.639528][ T79] down_write+0x96/0x1f0 [ 76.642215][ T79] keyring_clear+0xaf/0x240 [ 76.644760][ T79] fscrypt_put_master_key+0xca/0x190 [ 76.647483][ T79] put_crypt_info+0x26d/0x310 [ 76.649649][ T79] fscrypt_put_encryption_info+0xf6/0x140 [ 76.652479][ T79] ext4_clear_inode+0x170/0x2f0 [ 76.655420][ T79] ext4_evict_inode+0x9f6/0xe60 [ 76.658260][ T79] evict+0x5f4/0xae0 [ 76.661012][ T79] __dentry_kill+0x209/0x660 [ 76.663885][ T79] shrink_kill+0xa9/0x2c0 [ 76.666672][ T79] shrink_dentry_list+0x2e0/0x5e0 [ 76.669445][ T79] prune_dcache_sb+0x10e/0x180 [ 76.671993][ T79] super_cache_scan+0x369/0x4b0 [ 76.674592][ T79] do_shrink_slab+0x6df/0x10d0 [ 76.677446][ T79] shrink_slab+0x7ef/0x10d0 [ 76.680009][ T79] shrink_one+0x2d9/0x720 [ 76.682827][ T79] shrink_node+0x2f7d/0x35b0 [ 76.685559][ T79] kswapd+0x145a/0x2820 [ 76.687741][ T79] kthread+0x711/0x8a0 [ 76.689726][ T79] ret_from_fork+0x599/0xb30 [ 76.692255][ T79] ret_from_fork_asm+0x1a/0x30 [ 76.694489][ T79] [ 76.694489][ T79] other info that might help us debug this: [ 76.694489][ T79] [ 76.700061][ T79] Possible unsafe locking scenario: [ 76.700061][ T79] [ 76.703678][ T79] CPU0 CPU1 [ 76.706065][ T79] ---- ---- [ 76.708507][ T79] lock(fs_reclaim); [ 76.710291][ T79] lock(&type->lock_class); [ 76.713691][ T79] lock(fs_reclaim); [ 76.717360][ T79] lock(&type->lock_class); [ 76.719728][ T79] [ 76.719728][ T79] *** DEADLOCK *** [ 76.719728][ T79] [ 76.723389][ T79] 2 locks held by kswapd0/79: [ 76.725500][ T79] #0: ffffffff8e251780 (fs_reclaim){+.+.}-{0:0}, at: kswapd+0x92a/0x2820 [ 76.729342][ T79] #1: ffff8880411b40e0 (&type->s_umount_key#32){++++}-{4:4}, at: super_cache_scan+0x91/0x4b0 [ 76.734131][ T79] [ 76.734131][ T79] stack backtrace: [ 76.737108][ T79] CPU: 0 UID: 0 PID: 79 Comm: kswapd0 Not tainted syzkaller #0 PREEMPT(full) [ 76.737127][ T79] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 76.737135][ T79] Call Trace: [ 76.737143][ T79] [ 76.737150][ T79] dump_stack_lvl+0x189/0x250 [ 76.737178][ T79] ? __pfx_dump_stack_lvl+0x10/0x10 [ 76.737192][ T79] ? __pfx__printk+0x10/0x10 [ 76.737208][ T79] ? print_lock_name+0xde/0x100 [ 76.737224][ T79] print_circular_bug+0x2e2/0x300 [ 76.737241][ T79] check_noncircular+0x12e/0x150 [ 76.737257][ T79] __lock_acquire+0x15a6/0x2cf0 [ 76.737274][ T79] ? keyring_clear+0xaf/0x240 [ 76.737284][ T79] lock_acquire+0x117/0x340 [ 76.737295][ T79] ? keyring_clear+0xaf/0x240 [ 76.737308][ T79] down_write+0x96/0x1f0 [ 76.737323][ T79] ? keyring_clear+0xaf/0x240 [ 76.737332][ T79] ? __pfx_down_write+0x10/0x10 [ 76.737346][ T79] keyring_clear+0xaf/0x240 [ 76.737357][ T79] ? __pfx_keyring_clear+0x10/0x10 [ 76.737369][ T79] fscrypt_put_master_key+0xca/0x190 [ 76.737387][ T79] put_crypt_info+0x26d/0x310 [ 76.737399][ T79] fscrypt_put_encryption_info+0xf6/0x140 [ 76.737410][ T79] ext4_clear_inode+0x170/0x2f0 [ 76.737421][ T79] ext4_evict_inode+0x9f6/0xe60 [ 76.737433][ T79] ? inode_wait_for_writeback+0x14d/0x370 [ 76.737450][ T79] ? __pfx_inode_wait_for_writeback+0x10/0x10 [ 76.737465][ T79] ? __pfx_ext4_evict_inode+0x10/0x10 [ 76.737476][ T79] ? do_raw_spin_unlock+0x4d/0x240 [ 76.737490][ T79] ? __pfx_ext4_evict_inode+0x10/0x10 [ 76.737501][ T79] evict+0x5f4/0xae0 [ 76.737518][ T79] ? __pfx_evict+0x10/0x10 [ 76.737532][ T79] ? _raw_spin_unlock+0x28/0x50 [ 76.737543][ T79] ? iput+0xcc6/0x1030 [ 76.737556][ T79] __dentry_kill+0x209/0x660 [ 76.737571][ T79] ? shrink_kill+0x8d/0x2c0 [ 76.737583][ T79] shrink_kill+0xa9/0x2c0 [ 76.737595][ T79] shrink_dentry_list+0x2e0/0x5e0 [ 76.737607][ T79] prune_dcache_sb+0x10e/0x180 [ 76.737620][ T79] ? __pfx_prune_dcache_sb+0x10/0x10 [ 76.737631][ T79] ? list_lru_count_one+0x27/0x2c0 [ 76.737647][ T79] ? list_lru_count_one+0x264/0x2c0 [ 76.737662][ T79] super_cache_scan+0x369/0x4b0 [ 76.737679][ T79] do_shrink_slab+0x6df/0x10d0 [ 76.737694][ T79] shrink_slab+0x7ef/0x10d0 [ 76.737705][ T79] ? shrink_slab+0x1e8/0x10d0 [ 76.737716][ T79] ? __pfx_shrink_slab+0x10/0x10 [ 76.737732][ T79] shrink_one+0x2d9/0x720 [ 76.737748][ T79] ? shrink_node+0x2d3f/0x35b0 [ 76.737763][ T79] shrink_node+0x2f7d/0x35b0 [ 76.737781][ T79] ? shrink_node+0x2d3f/0x35b0 [ 76.737796][ T79] ? __lock_acquire+0x6b6/0x2cf0 [ 76.737809][ T79] ? percpu_ref_put+0x19/0x180 [ 76.737822][ T79] ? __pfx_shrink_node+0x10/0x10 [ 76.737837][ T79] ? percpu_ref_put+0x19/0x180 [ 76.737848][ T79] ? mem_cgroup_iter+0x420/0x460 [ 76.737867][ T79] ? mem_cgroup_iter+0x3b/0x460 [ 76.737879][ T79] kswapd+0x145a/0x2820 [ 76.737895][ T79] ? kswapd+0x92a/0x2820 [ 76.737910][ T79] ? __pfx_kswapd+0x10/0x10 [ 76.737921][ T79] ? do_raw_spin_lock+0x121/0x290 [ 76.737935][ T79] ? raw_spin_rq_lock_nested+0x2a/0x140 [ 76.737947][ T79] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 76.737966][ T79] ? _raw_spin_unlock_irqrestore+0xad/0x110 [ 76.737976][ T79] ? _raw_spin_unlock+0x30/0x50 [ 76.737985][ T79] ? __pfx_autoremove_wake_function+0x10/0x10 [ 76.738000][ T79] ? __pfx_set_cpus_allowed_ptr+0x10/0x10 [ 76.738013][ T79] ? __kthread_parkme+0x7b/0x200 [ 76.738025][ T79] ? __kthread_parkme+0x1a1/0x200 [ 76.738038][ T79] kthread+0x711/0x8a0 [ 76.738052][ T79] ? __pfx_kswapd+0x10/0x10 [ 76.738063][ T79] ? __pfx_kthread+0x10/0x10 [ 76.738074][ T79] ? _raw_spin_unlock_irq+0x23/0x50 [ 76.738083][ T79] ? lockdep_hardirqs_on+0x98/0x140 [ 76.738093][ T79] ? __pfx_kthread+0x10/0x10 [ 76.738105][ T79] ret_from_fork+0x599/0xb30 [ 76.738115][ T79] ? __pfx_ret_from_fork+0x10/0x10 [ 76.738126][ T79] ? __pfx_kthread+0x10/0x10 [ 76.738138][ T79] ret_from_fork_asm+0x1a/0x30 [ 76.738164][ T79]