program: socket$nl_route(0x10, 0x3, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="0500000004000000ff0f0000b87e"], 0x50) prctl$PR_SET_IO_FLUSHER(0x39, 0x1) connect$inet6(0xffffffffffffffff, 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'bridge0\x00', 0x0}) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000380)=ANY=[@ANYBLOB="440000001000030400"/20, @ANYRES32=0x0, @ANYBLOB="15020000000000001c0012800e000100697036677265746170dd000000080002800400120008000a", @ANYRES32=r2, @ANYBLOB], 0x44}, 0x1, 0xba01}, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$NL80211_CMD_NEW_KEY(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000000}, 0x4000094) ioctl$sock_SIOCBRDELBR(r3, 0x89a2, &(0x7f0000000000)='bridge0\x00') ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, &(0x7f00000005c0)=ANY=[@ANYBLOB="010040c6c400000000000040000000000000000000000000e365852b8478a70751844b9d44d2973744447dd81105f29c35d5318a9457431b910e97c0eabba7931ab400a8cc07b5ae89ea78b01f7ff765eefe9bb4911be603e8a960fd80f35dba613de72de0a778292243c373f78a252357b18abe55ab0817de18a606aee3016097afdb5fb8522d4d293dbb8225bdfbf6"]) openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000004c0)='blkio.bfq.io_wait_time\x00', 0x0, 0x0) r4 = socket$pppl2tp(0x18, 0x1, 0x1) ioctl$SIOCSIFMTU(r4, 0x8922, &(0x7f0000000200)={'vcan0\x00', 0x6}) syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$IPVS_CMD_NEW_SERVICE(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'batadv_slave_1\x00'}) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) syz_clone(0x0, &(0x7f0000000400)="9b0e004cedbdd473cc38385883bcb0f8ad517e38eca26dda1e1fce7a47e919638732b714f61395b1abd8763e660f2cfefda8fb8e9ba29020a1b84759129340592af3dca03d2ea5d264ab820dce2aad83dbba41912bceacab4f11065e6b7550c5b83929cf17a5ab3ad8e956f92db44e188ebd933e8ba7471f7a5780a354ce829db216f3f254e4fa010f3d9161928c4efa7fa7759d", 0x94, &(0x7f0000000100), &(0x7f0000000140), &(0x7f0000000500)="646d419840d06725bd936f13192bd9c570592f81ca5d187f7f086bcb36f738f4b5ca2807b40135fceec7bed7d75f3c5decb72d18b2aeb802c6b3a6e24282c1bf641a90df9660cb6645aa8b39ff945b23ba5d0526310f24014966b958034a8bcf7c63450c9b92adb80cb793c3cf9894b5b1858d5ab8fdc940885cbb31f0a2dd56a82c3c25183c63840f407405") r5 = socket$inet_dccp(0x2, 0x6, 0x0) connect$inet(r5, &(0x7f0000772000)={0x2, 0x4e23, @multicast1}, 0x10) syz_usb_connect$cdc_ncm(0x0, 0x72, &(0x7f0000000980)=ANY=[@ANYBLOB="1201000002000040257d15a44000010a00010902"], 0x0) r6 = syz_open_dev$usbfs(&(0x7f0000000180), 0x10000001d, 0x8041) ioctl$USBDEVFS_DISCSIGNAL(r6, 0x8010550e, &(0x7f0000000000)={0x7, 0x0}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000200)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0xff}]}) socketpair$unix(0x1, 0x2, 0x0, 0x0) syz_open_dev$usbfs(&(0x7f0000000080), 0xf, 0x8041) [ 69.079623][ T4666] Bluetooth: hci0: command tx timeout [ 69.514821][ T1364] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 69.678184][ T1364] usb 5-1: config 0 has no interfaces? [ 69.682151][ T1364] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 69.692124][ T1364] usb 5-1: New USB device strings: Mfr=1, Product=10, SerialNumber=0 [ 69.695780][ T1364] usb 5-1: Product: syz [ 69.697186][ T1364] usb 5-1: Manufacturer: syz [ 69.707443][ T1364] usb 5-1: config 0 descriptor?? [ 69.927386][ T24] audit: type=1326 audit(1737109857.347:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5318 comm="syz.0.0" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7890b85d29 code=0x0 [ 71.145420][ T4666] Bluetooth: hci0: command tx timeout [ 71.920140][ T81] [ 71.921045][ T81] ====================================================== [ 71.923440][ T81] WARNING: possible circular locking dependency detected [ 71.925948][ T81] 6.13.0-rc7-syzkaller-00149-g9bffa1ad25b8 #0 Not tainted [ 71.928388][ T81] ------------------------------------------------------ [ 71.930879][ T81] kswapd1/81 is trying to acquire lock: [ 71.932858][ T81] ffffe8ffffc37f50 (&per_cpu_ptr(pool->acomp_ctx, cpu)->mutex){+.+.}-{4:4}, at: zswap_store+0xa3b/0x1c30 [ 71.936881][ T81] [ 71.936881][ T81] but task is already holding lock: [ 71.939467][ T81] ffffffff8ea36f00 (fs_reclaim){+.+.}-{0:0}, at: kswapd+0xbf1/0x36f0 [ 71.942403][ T81] [ 71.942403][ T81] which lock already depends on the new lock. [ 71.942403][ T81] [ 71.945887][ T81] [ 71.945887][ T81] the existing dependency chain (in reverse order) is: [ 71.948707][ T81] [ 71.948707][ T81] -> #1 (fs_reclaim){+.+.}-{0:0}: [ 71.951252][ T81] lock_acquire+0x1ed/0x550 [ 71.952985][ T81] fs_reclaim_acquire+0x88/0x130 [ 71.954875][ T81] __kmalloc_cache_node_noprof+0x40/0x3a0 [ 71.956842][ T81] zswap_cpu_comp_prepare+0xdc/0x400 [ 71.958767][ T81] cpuhp_invoke_callback+0x415/0x830 [ 71.961096][ T81] cpuhp_issue_call+0x46f/0x7e0 [ 71.963194][ T81] __cpuhp_state_add_instance_cpuslocked+0x1ed/0x500 [ 71.965748][ T81] __cpuhp_state_add_instance+0x27/0x40 [ 71.967682][ T81] zswap_pool_create+0x38c/0x680 [ 71.969406][ T81] zswap_setup+0x32a/0x4b0 [ 71.971244][ T81] do_one_initcall+0x248/0x870 [ 71.973193][ T81] do_initcall_level+0x157/0x210 [ 71.975215][ T81] do_initcalls+0x3f/0x80 [ 71.977090][ T81] kernel_init_freeable+0x435/0x5d0 [ 71.979144][ T81] kernel_init+0x1d/0x2b0 [ 71.980890][ T81] ret_from_fork+0x4b/0x80 [ 71.984711][ T81] ret_from_fork_asm+0x1a/0x30 [ 71.986579][ T81] [ 71.986579][ T81] -> #0 (&per_cpu_ptr(pool->acomp_ctx, cpu)->mutex){+.+.}-{4:4}: [ 71.990166][ T81] validate_chain+0x18ef/0x5920 [ 71.992193][ T81] __lock_acquire+0x1397/0x2100 [ 71.994150][ T81] lock_acquire+0x1ed/0x550 [ 71.995833][ T81] __mutex_lock+0x1ac/0xee0 [ 71.997604][ T81] zswap_store+0xa3b/0x1c30 [ 71.999221][ T81] swap_writepage+0x647/0xce0 [ 72.001081][ T81] shmem_writepage+0x1248/0x1610 [ 72.003116][ T81] shrink_folio_list+0x3b68/0x5ca0 [ 72.005200][ T81] evict_folios+0x3c92/0x58c0 [ 72.007204][ T81] try_to_shrink_lruvec+0x9a6/0xc70 [ 72.009264][ T81] shrink_one+0x3b9/0x850 [ 72.011045][ T81] shrink_node+0x37c5/0x3e50 [ 72.012961][ T81] kswapd+0x1ca9/0x36f0 [ 72.014778][ T81] kthread+0x2f0/0x390 [ 72.016424][ T81] ret_from_fork+0x4b/0x80 [ 72.018295][ T81] ret_from_fork_asm+0x1a/0x30 [ 72.020319][ T81] [ 72.020319][ T81] other info that might help us debug this: [ 72.020319][ T81] [ 72.024040][ T81] Possible unsafe locking scenario: [ 72.024040][ T81] [ 72.026777][ T81] CPU0 CPU1 [ 72.028772][ T81] ---- ---- [ 72.030705][ T81] lock(fs_reclaim); [ 72.032226][ T81] lock(&per_cpu_ptr(pool->acomp_ctx, cpu)->mutex); [ 72.035569][ T81] lock(fs_reclaim); [ 72.037863][ T81] lock(&per_cpu_ptr(pool->acomp_ctx, cpu)->mutex); [ 72.040371][ T81] [ 72.040371][ T81] *** DEADLOCK *** [ 72.040371][ T81] [ 72.043301][ T81] 1 lock held by kswapd1/81: [ 72.045029][ T81] #0: ffffffff8ea36f00 (fs_reclaim){+.+.}-{0:0}, at: kswapd+0xbf1/0x36f0 [ 72.048045][ T81] [ 72.048045][ T81] stack backtrace: [ 72.050226][ T81] CPU: 0 UID: 0 PID: 81 Comm: kswapd1 Not tainted 6.13.0-rc7-syzkaller-00149-g9bffa1ad25b8 #0 [ 72.053984][ T81] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 72.057795][ T81] Call Trace: [ 72.059070][ T81] [ 72.060159][ T81] dump_stack_lvl+0x241/0x360 [ 72.061938][ T81] ? __pfx_dump_stack_lvl+0x10/0x10 [ 72.063893][ T81] ? __pfx__printk+0x10/0x10 [ 72.065663][ T81] print_circular_bug+0x13a/0x1b0 [ 72.067582][ T81] check_noncircular+0x36a/0x4a0 [ 72.069482][ T81] ? __pfx_validate_chain+0x10/0x10 [ 72.071430][ T81] ? __pfx_check_noncircular+0x10/0x10 [ 72.073455][ T81] ? lockdep_lock+0x123/0x2b0 [ 72.075255][ T81] ? page_ext_get+0x20/0x2a0 [ 72.077019][ T81] validate_chain+0x18ef/0x5920 [ 72.078727][ T81] ? __lock_acquire+0x1397/0x2100 [ 72.080423][ T81] ? __pfx_validate_chain+0x10/0x10 [ 72.082186][ T81] ? mark_lock+0x9a/0x360 [ 72.083695][ T81] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 72.085981][ T81] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 72.088360][ T81] ? mark_lock+0x9a/0x360 [ 72.090024][ T81] __lock_acquire+0x1397/0x2100 [ 72.091745][ T81] lock_acquire+0x1ed/0x550 [ 72.093476][ T81] ? zswap_store+0xa3b/0x1c30 [ 72.095249][ T81] ? __pfx_lock_acquire+0x10/0x10 [ 72.097296][ T81] ? shmem_writepage+0x1248/0x1610 [ 72.099349][ T81] ? shrink_folio_list+0x3b68/0x5ca0 [ 72.101422][ T81] ? __pfx___might_resched+0x10/0x10 [ 72.103540][ T81] ? kswapd+0x1ca9/0x36f0 [ 72.105073][ T81] ? kthread+0x2f0/0x390 [ 72.106623][ T81] ? ret_from_fork+0x4b/0x80 [ 72.108231][ T81] ? ret_from_fork_asm+0x1a/0x30 [ 72.109910][ T81] __mutex_lock+0x1ac/0xee0 [ 72.111518][ T81] ? zswap_store+0xa3b/0x1c30 [ 72.112976][ T81] ? zswap_store+0xa3b/0x1c30 [ 72.114513][ T81] ? __pfx___mutex_lock+0x10/0x10 [ 72.116335][ T81] ? rcu_is_watching+0x15/0xb0 [ 72.118126][ T81] ? trace_kmem_cache_alloc+0x1f/0xc0 [ 72.120118][ T81] zswap_store+0xa3b/0x1c30 [ 72.121914][ T81] ? zswap_store+0x577/0x1c30 [ 72.123703][ T81] ? __pfx_zswap_store+0x10/0x10 [ 72.125642][ T81] ? do_raw_spin_lock+0x14f/0x370 [ 72.127708][ T81] ? do_raw_spin_unlock+0x58/0x8b0 [ 72.129702][ T81] ? _raw_spin_unlock+0x28/0x50 [ 72.131512][ T81] ? folio_free_swap+0x2e1/0x480 [ 72.133357][ T81] swap_writepage+0x647/0xce0 [ 72.135207][ T81] shmem_writepage+0x1248/0x1610 [ 72.137055][ T81] ? __pfx_shmem_writepage+0x10/0x10 [ 72.139025][ T81] shrink_folio_list+0x3b68/0x5ca0 [ 72.141200][ T81] ? __pfx_shrink_folio_list+0x10/0x10 [ 72.143304][ T81] ? do_raw_spin_unlock+0x58/0x8b0 [ 72.145223][ T81] ? __pfx_validate_chain+0x10/0x10 [ 72.147254][ T81] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 72.149517][ T81] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 72.151882][ T81] ? rcu_is_watching+0x15/0xb0 [ 72.153657][ T81] ? __mod_memcg_lruvec_state+0x2f7/0x4d0 [ 72.155677][ T81] ? mark_lock+0x9a/0x360 [ 72.157301][ T81] ? _raw_spin_unlock_irq+0x23/0x50 [ 72.159167][ T81] ? lockdep_hardirqs_on+0x99/0x150 [ 72.161190][ T81] evict_folios+0x3c92/0x58c0 [ 72.163239][ T81] ? __pfx_validate_chain+0x10/0x10 [ 72.165096][ T81] ? __pfx_evict_folios+0x10/0x10 [ 72.167040][ T81] ? mem_cgroup_get_nr_swap_pages+0x28/0x110 [ 72.169264][ T81] ? get_swappiness+0x380/0x3e0 [ 72.171084][ T81] try_to_shrink_lruvec+0x9a6/0xc70 [ 72.173243][ T81] ? __pfx_try_to_shrink_lruvec+0x10/0x10 [ 72.175207][ T81] ? shrink_node+0x3573/0x3e50 [ 72.176984][ T81] ? __pfx_lock_release+0x10/0x10 [ 72.178846][ T81] shrink_one+0x3b9/0x850 [ 72.180388][ T81] ? shrink_node+0x3573/0x3e50 [ 72.182255][ T81] shrink_node+0x37c5/0x3e50 [ 72.184012][ T81] ? shrink_node+0x3573/0x3e50 [ 72.185801][ T81] ? __pfx_lock_acquire+0x10/0x10 [ 72.187712][ T81] ? percpu_ref_put+0x19/0x180 [ 72.189522][ T81] ? __pfx_lock_release+0x10/0x10 [ 72.191489][ T81] ? __pfx_shrink_node+0x10/0x10 [ 72.193401][ T81] ? mem_cgroup_iter+0x3d/0x420 [ 72.195197][ T81] kswapd+0x1ca9/0x36f0 [ 72.196788][ T81] ? kswapd+0xbf1/0x36f0 [ 72.198381][ T81] ? __pfx_kswapd+0x10/0x10 [ 72.200074][ T81] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 72.202329][ T81] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 72.204726][ T81] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 72.207142][ T81] ? __pfx_autoremove_wake_function+0x10/0x10 [ 72.209265][ T81] ? __kthread_parkme+0x169/0x1d0 [ 72.210909][ T81] ? __pfx_kswapd+0x10/0x10 [ 72.212315][ T81] kthread+0x2f0/0x390 [ 72.213704][ T81] ? __pfx_kswapd+0x10/0x10 [ 72.215394][ T81] ? __pfx_kthread+0x10/0x10 [ 72.216965][ T81] ret_from_fork+0x4b/0x80 [ 72.218466][ T81] ? __pfx_kthread+0x10/0x10 [ 72.220163][ T81] ret_from_fork_asm+0x1a/0x30 [ 72.221889][ T81]