program:
syz_mount_image$bfs(&(0x7f00000000c0), &(0x7f0000000100)='./file0\x00', 0x0, &(0x7f0000002500)=ANY=[@ANYBLOB="9fcef773371e4e035a4ff190bea4efd68642046c23be8a9aae70a0043860f98931e9a9d2a4cb9b6cbfab8d88542eafc9851179a8bc28dad0fbfc05804b2b"], 0x1, 0x8a, &(0x7f0000000180)="$eJzszqENAkEUBNDhDKhrAEEH1wOlECQ4FISEimiFEugAgcUcYsGsxCy5vJf8n0zGzO11XaZPxksyVg7H026zLz9MUpdknmSRZNWX/FiXbvbp78/z9nut9wIAAL/rMtR5aDYGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4A+9AwAA///rYCNS")
r0 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_SYS_GET(r0, &(0x7f0000000280)={&(0x7f0000000000), 0xc, &(0x7f0000000140)={&(0x7f0000000080)={0x28, 0x1406, 0x8, 0x70bd29, 0x25dfdbfc, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}]}, 0x28}, 0x1, 0x0, 0x0, 0x840}, 0x2404c901)
mknod$loop(&(0x7f0000000040)='./file0\x00', 0x0, 0x0)
r1 = openat$binfmt_register(0xffffff9c, &(0x7f0000001240), 0x1, 0x0)
open(&(0x7f0000000040)='./bus\x00', 0x145142, 0x0)
rename(&(0x7f00000001c0)='./bus\x00', &(0x7f0000000240)='./file0\x00')
syz_mount_image$msdos(&(0x7f0000000180), &(0x7f0000000100)='.\x00', 0x1a4243c, &(0x7f0000000a00)=ANY=[@ANYRES16, @ANYRESOCT, @ANYRESOCT, @ANYRES8, @ANYRESOCT=0x0, @ANYBLOB="defdd6f24cb9acb7fe0b0dc92a093135912ebef426731ffe88138f2b03791edb32e2ba3924188f2c07da77a1d75290af3db49e3aeedbaabdfc897ff5feb67e05cb1f923278506034c99285994c8d2a07e7732f9e4666bedc57efbc75eda531e10945eab9810dce4df5cb4468fee9df15bad908ce6d2cf900c4541ebe94681428ac2202f0132ddfd00bb4d24ace8c513914431814c2", @ANYRES32, @ANYRESOCT, @ANYRES16, @ANYRESOCT], 0x0, 0x0, &(0x7f0000000000))
write$binfmt_register(r1, &(0x7f0000000200)={0x3a, 'syz0', 0x3a, 'E', 0x3a, 0xf0, 0x3a, 'Jat\xd6\xd0\xa7\xea\xf9\xd8j\xf1\xd7cow', 0x3a, '\\-%#!\\\\\'', 0x3a, './file0', 0x3a, [0x46]}, 0x3f)
syz_mount_image$msdos(&(0x7f0000000f40), &(0x7f0000000cc0)='.\x00', 0x821, &(0x7f00000008c0)=ANY=[], 0xb, 0x0, &(0x7f0000000cc0))

[   98.462461][    T8] cfg80211: failed to load regulatory.db
[   98.471553][ T4531] Bluetooth: hci0: command tx timeout
[   99.873205][ T5114] loop0: detected capacity change from 0 to 64
[   99.934487][ T5114] 
[   99.935453][ T5114] ======================================================
[   99.937997][ T5114] WARNING: possible circular locking dependency detected
[   99.940792][ T5114] 6.12.0-rc3-syzkaller-00087-gc964ced77262 #0 Not tainted
[   99.944435][ T5114] ------------------------------------------------------
[   99.949039][ T5114] syz.0.0/5114 is trying to acquire lock:
[   99.951622][ T5114] ffffffff8ea37160 (fs_reclaim){+.+.}-{0:0}, at: kmem_cache_alloc_lru_noprof+0x42/0x2b0
[   99.955768][ T5114] 
[   99.955768][ T5114] but task is already holding lock:
[   99.958320][ T5114] ffff8880409598d8 (&info->bfs_lock){+.+.}-{3:3}, at: bfs_lookup+0x139/0x270
[   99.961686][ T5114] 
[   99.961686][ T5114] which lock already depends on the new lock.
[   99.961686][ T5114] 
[   99.966046][ T5114] 
[   99.966046][ T5114] the existing dependency chain (in reverse order) is:
[   99.970876][ T5114] 
[   99.970876][ T5114] -> #1 (&info->bfs_lock){+.+.}-{3:3}:
[   99.974201][ T5114]        lock_acquire+0x1ed/0x550
[   99.976080][ T5114]        __mutex_lock+0x136/0xd70
[   99.977977][ T5114]        bfs_evict_inode+0x272/0x510
[   99.980038][ T5114]        evict+0x4e8/0x9b0
[   99.981722][ T5114]        __dentry_kill+0x20d/0x630
[   99.983638][ T5114]        shrink_kill+0xa9/0x2c0
[   99.985456][ T5114]        shrink_dentry_list+0x2c0/0x5b0
[   99.988784][ T5114]        prune_dcache_sb+0x10f/0x180
[   99.992322][ T5114]        super_cache_scan+0x34f/0x4b0
[   99.994393][ T5114]        do_shrink_slab+0x701/0x1160
[   99.996407][ T5114]        shrink_slab+0x1093/0x14d0
[   99.998285][ T5114]        shrink_one+0x43b/0x850
[   99.999985][ T5114]        shrink_node+0x3799/0x3de0
[  100.001831][ T5114]        kswapd+0x1ca3/0x3700
[  100.003477][ T5114]        kthread+0x2f0/0x390
[  100.005476][ T5114]        ret_from_fork+0x4b/0x80
[  100.008678][ T5114]        ret_from_fork_asm+0x1a/0x30
[  100.012021][ T5114] 
[  100.012021][ T5114] -> #0 (fs_reclaim){+.+.}-{0:0}:
[  100.014890][ T5114]        validate_chain+0x18ef/0x5920
[  100.016964][ T5114]        __lock_acquire+0x1384/0x2050
[  100.019027][ T5114]        lock_acquire+0x1ed/0x550
[  100.020985][ T5114]        fs_reclaim_acquire+0x88/0x130
[  100.022941][ T5114]        kmem_cache_alloc_lru_noprof+0x42/0x2b0
[  100.025241][ T5114]        bfs_alloc_inode+0x28/0x40
[  100.027174][ T5114]        alloc_inode+0x65/0x1a0
[  100.030033][ T5114]        iget_locked+0xf1/0x5a0
[  100.033172][ T5114]        bfs_iget+0x28/0xac0
[  100.035125][ T5114]        bfs_lookup+0x1ca/0x270
[  100.037217][ T5114]        path_openat+0x11a7/0x3590
[  100.039262][ T5114]        do_filp_open+0x235/0x490
[  100.041426][ T5114]        open_exec+0xc0/0x2b0
[  100.043363][ T5114]        bm_register_write+0xc1c/0x15e0
[  100.045551][ T5114]        vfs_write+0x29c/0xc90
[  100.047268][ T5114]        ksys_write+0x183/0x2b0
[  100.049184][ T5114]        do_syscall_64+0xf3/0x230
[  100.051321][ T5114]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  100.053862][ T5114] 
[  100.053862][ T5114] other info that might help us debug this:
[  100.053862][ T5114] 
[  100.057687][ T5114]  Possible unsafe locking scenario:
[  100.057687][ T5114] 
[  100.060389][ T5114]        CPU0                    CPU1
[  100.062588][ T5114]        ----                    ----
[  100.064918][ T5114]   lock(&info->bfs_lock);
[  100.066908][ T5114]                                lock(fs_reclaim);
[  100.069844][ T5114]                                lock(&info->bfs_lock);
[  100.072808][ T5114]   lock(fs_reclaim);
[  100.074443][ T5114] 
[  100.074443][ T5114]  *** DEADLOCK ***
[  100.074443][ T5114] 
[  100.077668][ T5114] 4 locks held by syz.0.0/5114:
[  100.079480][ T5114]  #0: ffff88801e34ad38 (&f->f_pos_lock){+.+.}-{3:3}, at: fdget_pos+0x24e/0x320
[  100.082872][ T5114]  #1: ffff88801a84e420 (sb_writers#10){.+.+}-{0:0}, at: vfs_write+0x224/0xc90
[  100.086343][ T5114]  #2: ffff8880007d8160 (&type->i_mutex_dir_key#7){++++}-{3:3}, at: path_openat+0x88b/0x3590
[  100.091806][ T5114]  #3: ffff8880409598d8 (&info->bfs_lock){+.+.}-{3:3}, at: bfs_lookup+0x139/0x270
[  100.095806][ T5114] 
[  100.095806][ T5114] stack backtrace:
[  100.098062][ T5114] CPU: 0 UID: 0 PID: 5114 Comm: syz.0.0 Not tainted 6.12.0-rc3-syzkaller-00087-gc964ced77262 #0
[  100.101892][ T5114] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  100.106692][ T5114] Call Trace:
[  100.108128][ T5114]  <TASK>
[  100.109402][ T5114]  dump_stack_lvl+0x241/0x360
[  100.111085][ T5114]  ? __pfx_dump_stack_lvl+0x10/0x10
[  100.113138][ T5114]  ? __pfx__printk+0x10/0x10
[  100.114999][ T5114]  print_circular_bug+0x13a/0x1b0
[  100.117007][ T5114]  check_noncircular+0x36a/0x4a0
[  100.118944][ T5114]  ? check_path+0x21/0x40
[  100.122056][ T5114]  ? __pfx_check_noncircular+0x10/0x10
[  100.125213][ T5114]  ? lockdep_lock+0x123/0x2b0
[  100.127220][ T5114]  ? lockdep_unlock+0x16a/0x300
[  100.128970][ T5114]  ? __pfx_lockdep_unlock+0x10/0x10
[  100.130976][ T5114]  ? validate_chain+0x15c0/0x5920
[  100.132944][ T5114]  validate_chain+0x18ef/0x5920
[  100.134712][ T5114]  ? __pfx_validate_chain+0x10/0x10
[  100.136689][ T5114]  ? __pfx_validate_chain+0x10/0x10
[  100.138620][ T5114]  ? __pfx_validate_chain+0x10/0x10
[  100.140741][ T5114]  ? __pfx_validate_chain+0x10/0x10
[  100.144643][ T5114]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  100.147825][ T5114]  ? mark_lock+0x9a/0x360
[  100.149414][ T5114]  __lock_acquire+0x1384/0x2050
[  100.151167][ T5114]  lock_acquire+0x1ed/0x550
[  100.152923][ T5114]  ? kmem_cache_alloc_lru_noprof+0x42/0x2b0
[  100.155034][ T5114]  ? __pfx_lock_acquire+0x10/0x10
[  100.156861][ T5114]  ? fs_reclaim_acquire+0x93/0x130
[  100.159136][ T5114]  ? find_inode_fast+0xce/0x480
[  100.161296][ T5114]  ? __pfx_lock_release+0x10/0x10
[  100.164149][ T5114]  ? bfs_alloc_inode+0x28/0x40
[  100.166452][ T5114]  fs_reclaim_acquire+0x88/0x130
[  100.168736][ T5114]  ? kmem_cache_alloc_lru_noprof+0x42/0x2b0
[  100.171078][ T5114]  kmem_cache_alloc_lru_noprof+0x42/0x2b0
[  100.173468][ T5114]  bfs_alloc_inode+0x28/0x40
[  100.175423][ T5114]  ? __pfx_bfs_alloc_inode+0x10/0x10
[  100.177398][ T5114]  alloc_inode+0x65/0x1a0
[  100.179004][ T5114]  iget_locked+0xf1/0x5a0
[  100.180549][ T5114]  ? bfs_find_entry+0x297/0x3f0
[  100.182146][ T5114]  bfs_iget+0x28/0xac0
[  100.183513][ T5114]  bfs_lookup+0x1ca/0x270
[  100.185150][ T5114]  ? __d_lookup+0x706/0x7b0
[  100.187049][ T5114]  ? __pfx_bfs_lookup+0x10/0x10
[  100.189026][ T5114]  ? __pfx_bfs_lookup+0x10/0x10
[  100.191199][ T5114]  path_openat+0x11a7/0x3590
[  100.193357][ T5114]  ? _raw_spin_unlock_irqrestore+0x8f/0x140
[  100.195763][ T5114]  ? __pfx_path_openat+0x10/0x10
[  100.197828][ T5114]  ? getname_kernel+0x59/0x2f0
[  100.199835][ T5114]  do_filp_open+0x235/0x490
[  100.201705][ T5114]  ? __pfx_do_filp_open+0x10/0x10
[  100.203749][ T5114]  ? getname_kernel+0x59/0x2f0
[  100.205489][ T5114]  ? rcu_is_watching+0x15/0xb0
[  100.207276][ T5114]  ? getname_kernel+0x59/0x2f0
[  100.209491][ T5114]  ? getname_kernel+0x140/0x2f0
[  100.212499][ T5114]  ? open_exec+0xb0/0x2b0
[  100.214841][ T5114]  open_exec+0xc0/0x2b0
[  100.216365][ T5114]  ? __pfx_open_exec+0x10/0x10
[  100.218077][ T5114]  ? __might_fault+0xc6/0x120
[  100.219746][ T5114]  bm_register_write+0xc1c/0x15e0
[  100.221624][ T5114]  ? __pfx_bm_register_write+0x10/0x10
[  100.223607][ T5114]  vfs_write+0x29c/0xc90
[  100.225122][ T5114]  ? kmem_cache_free+0x1a2/0x420
[  100.226906][ T5114]  ? __pfx_vfs_write+0x10/0x10
[  100.229127][ T5114]  ? __fget_files+0x3f3/0x470
[  100.231441][ T5114]  ? fdget_pos+0x24e/0x320
[  100.233400][ T5114]  ksys_write+0x183/0x2b0
[  100.235234][ T5114]  ? __pfx_ksys_write+0x10/0x10
[  100.237189][ T5114]  ? do_syscall_64+0x100/0x230
[  100.239018][ T5114]  ? do_syscall_64+0xb6/0x230
[  100.240888][ T5114]  do_syscall_64+0xf3/0x230
[  100.242707][ T5114]  ? clear_bhb_loop+0x35/0x90
[  100.245148][ T5114]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  100.248434][ T5114] RIP: 0033:0x7f2a78d7dff9
[  100.250514][ T5114] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  100.256887][ T5114] RSP: 002b:00007f2a79bf4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  100.259873][ T5114] RAX: ffffffffffffffda RBX: 00007f2a78f35f80 RCX: 00007f2a78d7dff9
[  100.263676][ T5114] RDX: 000000000000003f RSI: 0000000020000200 RDI: 0000000000000005
[  100.267549][ T5114] RBP: 00007f2a78df0296 R08: 0000000000000000 R09: 0000000000000000
[  100.270681][ T5114] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  100.273744][ T5114] R13: 0000000000000000 R14: 00007f2a78f35f80 R15: 00007ffe29710148
[  100.277277][ T5114]  </TASK>
[  100.531884][ T4531] Bluetooth: hci0: command tx timeout
[  100.651116][ T5114] binfmt_misc: register: failed to install interpreter file ./file0