program: syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000280)='mnt\x00', 0x4, &(0x7f0000000000), 0x0, 0x236, &(0x7f0000000300)="$eJzs3TFoM2UcBvDnLomf/b4gVRdBUEFEtFDqJrjURaEgpYgIKlREXJRWqC1urZOLg84qnVyKuFkdpUtxUQSnqh3qImhxsDjoELlcK9VGFFNz8t3vB5fcJe97//e4e95kOS5Aa00nmU/SSTKTpJekON/grnqZPt3cntpfTgaDx38shu3q7dpZv2tJtpI8mGSvLPJiN9nYffro54NH731jvXfPe7tPTU30IE8dHx0+dvLu4usfLjyw8fmX3y8WmU//D8d1+YoRn3WL5Jb/otj/RNFtegT8E0uvfvBVlftbk9w9zH8vZeqT9+baDXu93P/OX/V964cvbp/kWIHLNxj0qt/ArQHQOmWSfopyNkm9Xpazs/V/+K87V8uXVtdemXlhdX3l+aZnKuCy9JPDRz6+8tG1P+X/u06df+D6VeX/iaWdb6r1k07TowEmqcr/zLOb90X+oXXkH9pL/qG95B/aS/6hveQf2kv+ob3kH9pL/qG95B/a63z+AYB2GVxp+g5koClNzz8AAAAAAAAAAAAAAAAAAMBF21P7y2fLpGp++nZy/HCS7qj6neHziJMbh69XfyqqZr8r6m5jeebOMXcwpvcbvvv6pm+brf/ZHc3W31xJtl5LMtftXrz+itPr79+7+W++7z03ZoExPfRks/V/3Wm2/sJB8kk1/8yNmn/K3DZ8Hz3/9KvzN2b9l38ZcwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABMzG8BAAD//8n0bSk=") r0 = openat(0xffffffffffffff9c, &(0x7f0000000540)='mnt\x00', 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r0, 0xc0506617, &(0x7f0000000580)={@id={0x2, 0x0, @a}, 0x40, 0x0, '\x00', @a}) mkdirat(0xffffffffffffff9c, &(0x7f0000000640)='mnt/encrypted_dir\x00', 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000680)='mnt/encrypted_dir\x00', 0x800, 0x0) ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r1, 0x800c6613, &(0x7f00000006c0)=@v2={0x2, @aes256, 0x0, '\x00', @a}) chdir(&(0x7f00000002c0)='mnt/encrypted_dir\x00') openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x8042, 0x10c) link(&(0x7f0000000200)='./file1\x00', &(0x7f0000000300)='./bus\x00') ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY_ALL_USERS(r1, 0xc0406619, &(0x7f0000000080)={@id={0x2, 0x0, @a}}) (fail_nth: 13) [ 76.198671][ T48] Bluetooth: hci0: command tx timeout [ 76.285679][ T1313] ieee802154 phy0 wpan0: encryption failed: -22 [ 76.288280][ T1313] ieee802154 phy1 wpan1: encryption failed: -22 [ 76.322396][ T5322] loop0: detected capacity change from 0 to 128 [ 76.359319][ T5322] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 76.367236][ T5322] ext4 filesystem being mounted at /0/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 76.387126][ T5322] fscrypt: AES-256-CBC-CTS using implementation "cts-cbc-aes-aesni" [ 76.393019][ T5322] fscrypt: AES-256-XTS using implementation "xts-aes-aesni-avx" [ 76.402829][ T5322] fscrypt: loop0: 2 inode(s) still busy after removing key with identifier 69b2f6edeee720cce0577937eb8a6751, including ino 13 [ 76.439281][ T78] [ 76.440393][ T78] ====================================================== [ 76.443008][ T78] WARNING: possible circular locking dependency detected [ 76.445556][ T78] syzkaller #0 Not tainted [ 76.447352][ T78] ------------------------------------------------------ [ 76.450377][ T78] kswapd0/78 is trying to acquire lock: [ 76.452758][ T78] ffff88801fd17098 (&type->lock_class){+.+.}-{4:4}, at: keyring_clear+0xaf/0x240 [ 76.456807][ T78] [ 76.456807][ T78] but task is already holding lock: [ 76.459928][ T78] ffffffff8e247c40 (fs_reclaim){+.+.}-{0:0}, at: kswapd+0x951/0x2800 [ 76.463334][ T78] [ 76.463334][ T78] which lock already depends on the new lock. [ 76.463334][ T78] [ 76.467776][ T78] [ 76.467776][ T78] the existing dependency chain (in reverse order) is: [ 76.471594][ T78] [ 76.471594][ T78] -> #1 (fs_reclaim){+.+.}-{0:0}: [ 76.474621][ T78] lock_acquire+0x120/0x360 [ 76.476725][ T78] fs_reclaim_acquire+0x72/0x100 [ 76.478616][ T78] __kmalloc_cache_noprof+0x40/0x6f0 [ 76.480672][ T78] assoc_array_insert+0x92/0x2f90 [ 76.483033][ T78] __key_link_begin+0xd6/0x1f0 [ 76.485214][ T78] __key_create_or_update+0x41a/0xa30 [ 76.487452][ T78] key_create_or_update+0x42/0x60 [ 76.489681][ T78] x509_load_certificate_list+0x145/0x280 [ 76.492199][ T78] do_one_initcall+0x236/0x820 [ 76.494118][ T78] do_initcall_level+0x104/0x190 [ 76.496317][ T78] do_initcalls+0x59/0xa0 [ 76.498314][ T78] kernel_init_freeable+0x334/0x4b0 [ 76.501832][ T78] kernel_init+0x1d/0x1d0 [ 76.503952][ T78] ret_from_fork+0x4bc/0x870 [ 76.506107][ T78] ret_from_fork_asm+0x1a/0x30 [ 76.508203][ T78] [ 76.508203][ T78] -> #0 (&type->lock_class){+.+.}-{4:4}: [ 76.511365][ T78] validate_chain+0xb9b/0x2140 [ 76.513562][ T78] __lock_acquire+0xab9/0xd20 [ 76.515725][ T78] lock_acquire+0x120/0x360 [ 76.517927][ T78] down_write+0x96/0x1f0 [ 76.519958][ T78] keyring_clear+0xaf/0x240 [ 76.522082][ T78] fscrypt_put_master_key+0xca/0x190 [ 76.524535][ T78] put_crypt_info+0x26d/0x310 [ 76.526748][ T78] fscrypt_put_encryption_info+0xf6/0x140 [ 76.529354][ T78] ext4_clear_inode+0x170/0x2f0 [ 76.531529][ T78] ext4_evict_inode+0xa67/0xee0 [ 76.533796][ T78] evict+0x504/0x9c0 [ 76.535567][ T78] __dentry_kill+0x209/0x660 [ 76.537547][ T78] shrink_kill+0xa9/0x2c0 [ 76.539482][ T78] shrink_dentry_list+0x2e0/0x5e0 [ 76.541657][ T78] prune_dcache_sb+0x10e/0x180 [ 76.543704][ T78] super_cache_scan+0x369/0x4b0 [ 76.545860][ T78] do_shrink_slab+0x6ef/0x1110 [ 76.548080][ T78] shrink_slab+0x7ef/0x10d0 [ 76.550387][ T78] shrink_one+0x28a/0x7c0 [ 76.552406][ T78] shrink_node+0x315d/0x3780 [ 76.554644][ T78] kswapd+0x147c/0x2800 [ 76.556602][ T78] kthread+0x711/0x8a0 [ 76.558465][ T78] ret_from_fork+0x4bc/0x870 [ 76.560698][ T78] ret_from_fork_asm+0x1a/0x30 [ 76.563018][ T78] [ 76.563018][ T78] other info that might help us debug this: [ 76.563018][ T78] [ 76.567359][ T78] Possible unsafe locking scenario: [ 76.567359][ T78] [ 76.570867][ T78] CPU0 CPU1 [ 76.572954][ T78] ---- ---- [ 76.575059][ T78] lock(fs_reclaim); [ 76.576646][ T78] lock(&type->lock_class); [ 76.579318][ T78] lock(fs_reclaim); [ 76.581552][ T78] lock(&type->lock_class); [ 76.583182][ T78] [ 76.583182][ T78] *** DEADLOCK *** [ 76.583182][ T78] [ 76.586610][ T78] 2 locks held by kswapd0/78: [ 76.588638][ T78] #0: ffffffff8e247c40 (fs_reclaim){+.+.}-{0:0}, at: kswapd+0x951/0x2800 [ 76.592283][ T78] #1: ffff8880129040e0 (&type->s_umount_key#31){++++}-{4:4}, at: super_cache_scan+0x91/0x4b0 [ 76.596541][ T78] [ 76.596541][ T78] stack backtrace: [ 76.599733][ T78] CPU: 0 UID: 0 PID: 78 Comm: kswapd0 Not tainted syzkaller #0 PREEMPT(full) [ 76.599749][ T78] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 76.599756][ T78] Call Trace: [ 76.599764][ T78] [ 76.599770][ T78] dump_stack_lvl+0x189/0x250 [ 76.599787][ T78] ? __pfx_dump_stack_lvl+0x10/0x10 [ 76.599800][ T78] ? __pfx__printk+0x10/0x10 [ 76.599812][ T78] ? print_lock_name+0xde/0x100 [ 76.599823][ T78] print_circular_bug+0x2ee/0x310 [ 76.599844][ T78] check_noncircular+0x134/0x160 [ 76.599864][ T78] validate_chain+0xb9b/0x2140 [ 76.599886][ T78] __lock_acquire+0xab9/0xd20 [ 76.599902][ T78] ? keyring_clear+0xaf/0x240 [ 76.599914][ T78] lock_acquire+0x120/0x360 [ 76.599928][ T78] ? keyring_clear+0xaf/0x240 [ 76.599943][ T78] down_write+0x96/0x1f0 [ 76.599957][ T78] ? keyring_clear+0xaf/0x240 [ 76.599970][ T78] ? __pfx_down_write+0x10/0x10 [ 76.599984][ T78] keyring_clear+0xaf/0x240 [ 76.599997][ T78] ? __pfx_keyring_clear+0x10/0x10 [ 76.600011][ T78] fscrypt_put_master_key+0xca/0x190 [ 76.600029][ T78] put_crypt_info+0x26d/0x310 [ 76.600047][ T78] fscrypt_put_encryption_info+0xf6/0x140 [ 76.600067][ T78] ext4_clear_inode+0x170/0x2f0 [ 76.600085][ T78] ext4_evict_inode+0xa67/0xee0 [ 76.600104][ T78] ? inode_wait_for_writeback+0xf9/0x290 [ 76.600122][ T78] ? __pfx_inode_wait_for_writeback+0x10/0x10 [ 76.600138][ T78] ? __pfx_ext4_evict_inode+0x10/0x10 [ 76.600156][ T78] ? do_raw_spin_unlock+0x4d/0x240 [ 76.600169][ T78] ? __pfx_ext4_evict_inode+0x10/0x10 [ 76.600186][ T78] evict+0x504/0x9c0 [ 76.600204][ T78] ? __pfx_evict+0x10/0x10 [ 76.600220][ T78] ? _raw_spin_unlock+0x28/0x50 [ 76.600236][ T78] ? iput+0x946/0xc50 [ 76.600250][ T78] __dentry_kill+0x209/0x660 [ 76.600264][ T78] ? shrink_kill+0x8d/0x2c0 [ 76.600278][ T78] shrink_kill+0xa9/0x2c0 [ 76.600291][ T78] shrink_dentry_list+0x2e0/0x5e0 [ 76.600305][ T78] prune_dcache_sb+0x10e/0x180 [ 76.600318][ T78] ? __pfx_prune_dcache_sb+0x10/0x10 [ 76.600330][ T78] ? list_lru_count_one+0x27/0x2c0 [ 76.600342][ T78] ? list_lru_count_one+0x264/0x2c0 [ 76.600354][ T78] super_cache_scan+0x369/0x4b0 [ 76.600368][ T78] do_shrink_slab+0x6ef/0x1110 [ 76.600387][ T78] shrink_slab+0x7ef/0x10d0 [ 76.600401][ T78] ? shrink_slab+0x1e8/0x10d0 [ 76.600415][ T78] ? __pfx_shrink_slab+0x10/0x10 [ 76.600433][ T78] shrink_one+0x28a/0x7c0 [ 76.600448][ T78] ? shrink_node+0x2f1f/0x3780 [ 76.600461][ T78] shrink_node+0x315d/0x3780 [ 76.600476][ T78] ? shrink_node+0x2f1f/0x3780 [ 76.600490][ T78] ? __lock_acquire+0xab9/0xd20 [ 76.600516][ T78] ? percpu_ref_put+0x19/0x180 [ 76.600530][ T78] ? __pfx_shrink_node+0x10/0x10 [ 76.600543][ T78] ? percpu_ref_put+0x19/0x180 [ 76.600556][ T78] ? mem_cgroup_iter+0x420/0x460 [ 76.600572][ T78] ? mem_cgroup_iter+0x3b/0x460 [ 76.600588][ T78] kswapd+0x147c/0x2800 [ 76.600610][ T78] ? kswapd+0x951/0x2800 [ 76.600629][ T78] ? __pfx_kswapd+0x10/0x10 [ 76.600647][ T78] ? __lock_acquire+0xab9/0xd20 [ 76.600667][ T78] ? _raw_spin_unlock_irqrestore+0xad/0x110 [ 76.600685][ T78] ? _raw_spin_lock_bh+0x20/0x50 [ 76.600702][ T78] ? __pfx_autoremove_wake_function+0x10/0x10 [ 76.600716][ T78] ? __pfx_set_cpus_allowed_ptr+0x10/0x10 [ 76.600727][ T78] ? __kthread_parkme+0x7b/0x200 [ 76.600744][ T78] ? __kthread_parkme+0x1a1/0x200 [ 76.600760][ T78] kthread+0x711/0x8a0 [ 76.600771][ T78] ? __pfx_kswapd+0x10/0x10 [ 76.600784][ T78] ? __pfx_kthread+0x10/0x10 [ 76.600794][ T78] ? _raw_spin_unlock_irq+0x23/0x50 [ 76.600808][ T78] ? lockdep_hardirqs_on+0x9c/0x150 [ 76.600818][ T78] ? __pfx_kthread+0x10/0x10 [ 76.600828][ T78] ret_from_fork+0x4bc/0x870 [ 76.600843][ T78] ? __pfx_ret_from_fork+0x10/0x10 [ 76.600858][ T78] ? __pfx_kthread+0x10/0x10 [ 76.600869][ T78] ret_from_fork_asm+0x1a/0x30 [ 76.600885][ T78]