program: r0 = syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000280)='mnt\x00', 0x4, &(0x7f0000000000), 0x0, 0x236, &(0x7f0000000300)="$eJzs3TFoM2UcBvDnLomf/b4gVRdBUEFEtFDqJrjURaEgpYgIKlREXJRWqC1urZOLg84qnVyKuFkdpUtxUQSnqh3qImhxsDjoELlcK9VGFFNz8t3vB5fcJe97//e4e95kOS5Aa00nmU/SSTKTpJekON/grnqZPt3cntpfTgaDx38shu3q7dpZv2tJtpI8mGSvLPJiN9nYffro54NH731jvXfPe7tPTU30IE8dHx0+dvLu4usfLjyw8fmX3y8WmU//D8d1+YoRn3WL5Jb/otj/RNFtegT8E0uvfvBVlftbk9w9zH8vZeqT9+baDXu93P/OX/V964cvbp/kWIHLNxj0qt/ArQHQOmWSfopyNkm9Xpazs/V/+K87V8uXVtdemXlhdX3l+aZnKuCy9JPDRz6+8tG1P+X/u06df+D6VeX/iaWdb6r1k07TowEmqcr/zLOb90X+oXXkH9pL/qG95B/aS/6hveQf2kv+ob3kH9pL/qG95B/a63z+AYB2GVxp+g5koClNzz8AAAAAAAAAAAAAAAAAAMBF21P7y2fLpGp++nZy/HCS7qj6neHziJMbh69XfyqqZr8r6m5jeebOMXcwpvcbvvv6pm+brf/ZHc3W31xJtl5LMtftXrz+itPr79+7+W++7z03ZoExPfRks/V/3Wm2/sJB8kk1/8yNmn/K3DZ8Hz3/9KvzN2b9l38ZcwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABMzG8BAAD//8n0bSk=") r1 = openat(0xffffffffffffff9c, &(0x7f0000000540)='mnt\x00', 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r1, 0xc0506617, &(0x7f0000000580)={@id={0x2, 0x0, @a}, 0x40, 0x0, '\x00', @a}) mkdirat(0xffffffffffffff9c, &(0x7f0000000640)='mnt/encrypted_dir\x00', 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000680)='mnt/encrypted_dir\x00', 0x800, 0x0) ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r2, 0x800c6613, &(0x7f00000006c0)=@v2={0x2, @aes128, 0x0, '\x00', @a}) chdir(&(0x7f00000002c0)='mnt/encrypted_dir\x00') sendmsg$IPCTNL_MSG_CT_DELETE(r1, 0x0, 0x20040000) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY_ALL_USERS(r2, 0xc0406619, &(0x7f0000000080)={@id={0x2, 0x0, @a}}) open_tree(0xffffffffffffff9c, 0x0, 0x89901) ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY_ALL_USERS(r0, 0xc0406619, &(0x7f0000000040)={@id={0x2, 0x0, @a}}) [ 76.023882][ T47] Bluetooth: hci0: command tx timeout [ 76.122149][ T5318] loop0: detected capacity change from 0 to 128 [ 76.227220][ T5318] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 76.273673][ T5318] ext4 filesystem being mounted at /0/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 76.326960][ T5318] fscrypt: AES-128-CBC-CTS using implementation "cts-cbc-aes-aesni" [ 76.462734][ T5318] fscrypt: AES-128-CBC-ESSIV using implementation "essiv(cbc-aes-aesni,sha256-lib)" [ 76.472204][ T1313] ieee802154 phy0 wpan0: encryption failed: -22 [ 76.475753][ T1313] ieee802154 phy1 wpan1: encryption failed: -22 [ 76.490494][ T5328] fscrypt: loop0: 2 inode(s) still busy after removing key with identifier 69b2f6edeee720cce0577937eb8a6751, including ino 13 [ 76.498552][ T5319] fscrypt: loop0: 2 inode(s) still busy after removing key with identifier 69b2f6edeee720cce0577937eb8a6751, including ino 13 [ 76.530942][ T77] [ 76.532010][ T77] ====================================================== [ 76.534865][ T77] WARNING: possible circular locking dependency detected [ 76.537720][ T77] syzkaller #0 Not tainted [ 76.539595][ T77] ------------------------------------------------------ [ 76.542507][ T77] kswapd0/77 is trying to acquire lock: [ 76.544808][ T77] ffff888011974098 (&type->lock_class){+.+.}-{4:4}, at: keyring_clear+0xaf/0x240 [ 76.549094][ T77] [ 76.549094][ T77] but task is already holding lock: [ 76.552332][ T77] ffffffff8e048040 (fs_reclaim){+.+.}-{0:0}, at: kswapd+0x951/0x2800 [ 76.555710][ T77] [ 76.555710][ T77] which lock already depends on the new lock. [ 76.555710][ T77] [ 76.560313][ T77] [ 76.560313][ T77] the existing dependency chain (in reverse order) is: [ 76.564206][ T77] [ 76.564206][ T77] -> #1 (fs_reclaim){+.+.}-{0:0}: [ 76.567376][ T77] lock_acquire+0x120/0x360 [ 76.569487][ T77] fs_reclaim_acquire+0x72/0x100 [ 76.571824][ T77] __kmalloc_cache_noprof+0x40/0x6f0 [ 76.574214][ T77] assoc_array_insert+0x92/0x2f90 [ 76.576544][ T77] __key_link_begin+0xd6/0x1f0 [ 76.578820][ T77] __key_create_or_update+0x41a/0xa30 [ 76.581386][ T77] key_create_or_update+0x42/0x60 [ 76.583837][ T77] x509_load_certificate_list+0x145/0x280 [ 76.586527][ T77] do_one_initcall+0x236/0x820 [ 76.588843][ T77] do_initcall_level+0x104/0x190 [ 76.591040][ T77] do_initcalls+0x59/0xa0 [ 76.593085][ T77] kernel_init_freeable+0x334/0x4b0 [ 76.595515][ T77] kernel_init+0x1d/0x1d0 [ 76.597606][ T77] ret_from_fork+0x4bc/0x870 [ 76.599811][ T77] ret_from_fork_asm+0x1a/0x30 [ 76.601895][ T77] [ 76.601895][ T77] -> #0 (&type->lock_class){+.+.}-{4:4}: [ 76.605232][ T77] validate_chain+0xb9b/0x2140 [ 76.607499][ T77] __lock_acquire+0xab9/0xd20 [ 76.609672][ T77] lock_acquire+0x120/0x360 [ 76.611752][ T77] down_write+0x96/0x1f0 [ 76.613797][ T77] keyring_clear+0xaf/0x240 [ 76.615921][ T77] fscrypt_put_master_key+0xca/0x190 [ 76.618396][ T77] put_crypt_info+0x26d/0x310 [ 76.620764][ T77] fscrypt_put_encryption_info+0xf6/0x140 [ 76.623436][ T77] ext4_clear_inode+0x170/0x2f0 [ 76.625785][ T77] ext4_evict_inode+0xa67/0xee0 [ 76.628079][ T77] evict+0x504/0x9c0 [ 76.630015][ T77] __dentry_kill+0x209/0x660 [ 76.632190][ T77] shrink_kill+0xa9/0x2c0 [ 76.634257][ T77] shrink_dentry_list+0x2e0/0x5e0 [ 76.636569][ T77] prune_dcache_sb+0x10e/0x180 [ 76.638914][ T77] super_cache_scan+0x369/0x4b0 [ 76.641251][ T77] do_shrink_slab+0x6ef/0x1110 [ 76.643441][ T77] shrink_slab+0x7ef/0x10d0 [ 76.645703][ T77] shrink_one+0x28a/0x7c0 [ 76.647883][ T77] shrink_node+0x315d/0x3780 [ 76.650016][ T77] kswapd+0x147c/0x2800 [ 76.652078][ T77] kthread+0x711/0x8a0 [ 76.654038][ T77] ret_from_fork+0x4bc/0x870 [ 76.656147][ T77] ret_from_fork_asm+0x1a/0x30 [ 76.658311][ T77] [ 76.658311][ T77] other info that might help us debug this: [ 76.658311][ T77] [ 76.662559][ T77] Possible unsafe locking scenario: [ 76.662559][ T77] [ 76.665607][ T77] CPU0 CPU1 [ 76.667860][ T77] ---- ---- [ 76.670083][ T77] lock(fs_reclaim); [ 76.671811][ T77] lock(&type->lock_class); [ 76.674823][ T77] lock(fs_reclaim); [ 76.677478][ T77] lock(&type->lock_class); [ 76.679382][ T77] [ 76.679382][ T77] *** DEADLOCK *** [ 76.679382][ T77] [ 76.682861][ T77] 2 locks held by kswapd0/77: [ 76.684877][ T77] #0: ffffffff8e048040 (fs_reclaim){+.+.}-{0:0}, at: kswapd+0x951/0x2800 [ 76.688472][ T77] #1: ffff88803f7c40e0 (&type->s_umount_key#31){++++}-{4:4}, at: super_cache_scan+0x91/0x4b0 [ 76.692703][ T77] [ 76.692703][ T77] stack backtrace: [ 76.695111][ T77] CPU: 0 UID: 0 PID: 77 Comm: kswapd0 Not tainted syzkaller #0 PREEMPT(full) [ 76.695125][ T77] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 76.695131][ T77] Call Trace: [ 76.695138][ T77] [ 76.695143][ T77] dump_stack_lvl+0x189/0x250 [ 76.695160][ T77] ? __pfx_dump_stack_lvl+0x10/0x10 [ 76.695172][ T77] ? __pfx__printk+0x10/0x10 [ 76.695181][ T77] ? print_lock_name+0xde/0x100 [ 76.695190][ T77] print_circular_bug+0x2ee/0x310 [ 76.695202][ T77] check_noncircular+0x134/0x160 [ 76.695214][ T77] validate_chain+0xb9b/0x2140 [ 76.695229][ T77] __lock_acquire+0xab9/0xd20 [ 76.695238][ T77] ? keyring_clear+0xaf/0x240 [ 76.695250][ T77] lock_acquire+0x120/0x360 [ 76.695259][ T77] ? keyring_clear+0xaf/0x240 [ 76.695273][ T77] down_write+0x96/0x1f0 [ 76.695287][ T77] ? keyring_clear+0xaf/0x240 [ 76.695298][ T77] ? __pfx_down_write+0x10/0x10 [ 76.695313][ T77] keyring_clear+0xaf/0x240 [ 76.695326][ T77] ? __pfx_keyring_clear+0x10/0x10 [ 76.695339][ T77] fscrypt_put_master_key+0xca/0x190 [ 76.695350][ T77] put_crypt_info+0x26d/0x310 [ 76.695361][ T77] fscrypt_put_encryption_info+0xf6/0x140 [ 76.695372][ T77] ext4_clear_inode+0x170/0x2f0 [ 76.695383][ T77] ext4_evict_inode+0xa67/0xee0 [ 76.695394][ T77] ? inode_wait_for_writeback+0xf9/0x290 [ 76.695403][ T77] ? __pfx_inode_wait_for_writeback+0x10/0x10 [ 76.695412][ T77] ? __pfx_ext4_evict_inode+0x10/0x10 [ 76.695423][ T77] ? do_raw_spin_unlock+0x4d/0x240 [ 76.695435][ T77] ? __pfx_ext4_evict_inode+0x10/0x10 [ 76.695445][ T77] evict+0x504/0x9c0 [ 76.695457][ T77] ? __pfx_evict+0x10/0x10 [ 76.695466][ T77] ? _raw_spin_unlock+0x28/0x50 [ 76.695476][ T77] ? iput+0x946/0xc50 [ 76.695490][ T77] __dentry_kill+0x209/0x660 [ 76.695506][ T77] ? shrink_kill+0x8d/0x2c0 [ 76.695519][ T77] shrink_kill+0xa9/0x2c0 [ 76.695531][ T77] shrink_dentry_list+0x2e0/0x5e0 [ 76.695545][ T77] prune_dcache_sb+0x10e/0x180 [ 76.695558][ T77] ? __pfx_prune_dcache_sb+0x10/0x10 [ 76.695571][ T77] ? list_lru_count_one+0x27/0x2c0 [ 76.695584][ T77] ? list_lru_count_one+0x264/0x2c0 [ 76.695597][ T77] super_cache_scan+0x369/0x4b0 [ 76.695611][ T77] do_shrink_slab+0x6ef/0x1110 [ 76.695622][ T77] shrink_slab+0x7ef/0x10d0 [ 76.695631][ T77] ? shrink_slab+0x1e8/0x10d0 [ 76.695639][ T77] ? __pfx_shrink_slab+0x10/0x10 [ 76.695650][ T77] shrink_one+0x28a/0x7c0 [ 76.695664][ T77] ? shrink_node+0x2f1f/0x3780 [ 76.695677][ T77] shrink_node+0x315d/0x3780 [ 76.695692][ T77] ? shrink_node+0x2f1f/0x3780 [ 76.695705][ T77] ? __lock_acquire+0xab9/0xd20 [ 76.695715][ T77] ? percpu_ref_put+0x19/0x180 [ 76.695728][ T77] ? __pfx_shrink_node+0x10/0x10 [ 76.695741][ T77] ? percpu_ref_put+0x19/0x180 [ 76.695758][ T77] ? mem_cgroup_iter+0x420/0x460 [ 76.695768][ T77] ? mem_cgroup_iter+0x3b/0x460 [ 76.695778][ T77] kswapd+0x147c/0x2800 [ 76.695793][ T77] ? kswapd+0x951/0x2800 [ 76.695806][ T77] ? __pfx_kswapd+0x10/0x10 [ 76.695817][ T77] ? __lock_acquire+0xab9/0xd20 [ 76.695832][ T77] ? _raw_spin_unlock_irqrestore+0xad/0x110 [ 76.695845][ T77] ? _raw_spin_lock_bh+0x20/0x50 [ 76.695856][ T77] ? __pfx_autoremove_wake_function+0x10/0x10 [ 76.695870][ T77] ? __pfx_set_cpus_allowed_ptr+0x10/0x10 [ 76.695883][ T77] ? __kthread_parkme+0x7b/0x200 [ 76.695895][ T77] ? __kthread_parkme+0x1a1/0x200 [ 76.695907][ T77] kthread+0x711/0x8a0 [ 76.695920][ T77] ? __pfx_kswapd+0x10/0x10 [ 76.695932][ T77] ? __pfx_kthread+0x10/0x10 [ 76.695946][ T77] ? _raw_spin_unlock_irq+0x23/0x50 [ 76.695959][ T77] ? lockdep_hardirqs_on+0x9c/0x150 [ 76.695972][ T77] ? __pfx_kthread+0x10/0x10 [ 76.695997][ T77] ret_from_fork+0x4bc/0x870 [ 76.696010][ T77] ? __pfx_ret_from_fork+0x10/0x10 [ 76.696024][ T77] ? __pfx_kthread+0x10/0x10 [ 76.696037][ T77] ret_from_fork_asm+0x1a/0x30 [ 76.696051][ T77]