[   50.926181][   T10] bridge0: port 1(bridge_slave_0) entered disabled state
[   50.946364][   T10] device veth1_macvtap left promiscuous mode
[   50.952693][   T10] device veth0_macvtap left promiscuous mode
[   50.962196][   T10] device veth1_vlan left promiscuous mode
[   50.968980][   T10] device veth0_vlan left promiscuous mode
[   51.153734][   T10] team0 (unregistering): Port device team_slave_1 removed
[   51.168374][   T10] team0 (unregistering): Port device team_slave_0 removed
[   51.181401][   T10] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   51.194309][   T10] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   51.240588][   T10] bond0 (unregistering): Released all slaves
Warning: Permanently added '10.128.15.199' (ECDSA) to the list of known hosts.
[   65.719269][ T4062] 
[   65.721851][ T4062] ======================================================
[   65.729029][ T4062] WARNING: possible circular locking dependency detected
[   65.736015][ T4062] 5.16.0-rc4-syzkaller #0 Not tainted
[   65.741511][ T4062] ------------------------------------------------------
[   65.748735][ T4062] syz-executor372/4062 is trying to acquire lock:
[   65.755232][ T4062] ffffffff8ac98640 (fs_reclaim){+.+.}-{0:0}, at: kmem_cache_alloc+0x3e/0x3a0
[   65.764237][ T4062] 
[   65.764237][ T4062] but task is already holding lock:
[   65.771577][ T4062] ffff88807c7b6850 (&mapping->i_mmap_rwsem){++++}-{3:3}, at: split_huge_page_to_list+0x34a/0x2990
[   65.782504][ T4062] 
[   65.782504][ T4062] which lock already depends on the new lock.
[   65.782504][ T4062] 
[   65.793360][ T4062] 
[   65.793360][ T4062] the existing dependency chain (in reverse order) is:
[   65.802361][ T4062] 
[   65.802361][ T4062] -> #1 (&mapping->i_mmap_rwsem){++++}-{3:3}:
[   65.810584][ T4062]        down_write+0x90/0x150
[   65.815326][ T4062]        dma_resv_lockdep+0x2cd/0x44d
[   65.820671][ T4062]        do_one_initcall+0xbe/0x440
[   65.826016][ T4062]        kernel_init_freeable+0x5ab/0x605
[   65.831706][ T4062]        kernel_init+0x14/0x130
[   65.836527][ T4062]        ret_from_fork+0x1f/0x30
[   65.841462][ T4062] 
[   65.841462][ T4062] -> #0 (fs_reclaim){+.+.}-{0:0}:
[   65.848630][ T4062]        __lock_acquire+0x2985/0x5410
[   65.853972][ T4062]        lock_acquire+0x1ab/0x510
[   65.858967][ T4062]        fs_reclaim_acquire+0x115/0x160
[   65.864482][ T4062]        kmem_cache_alloc+0x3e/0x3a0
[   65.869736][ T4062]        xas_split_alloc+0x108/0x480
[   65.874993][ T4062]        split_huge_page_to_list+0x5a6/0x2990
[   65.881132][ T4062]        truncate_inode_partial_folio+0x49c/0x710
[   65.887512][ T4062]        shmem_undo_range+0x551/0xf70
[   65.892852][ T4062]        shmem_fallocate+0x8cd/0xcd0
[   65.898115][ T4062]        vfs_fallocate+0x2a5/0xb90
[   65.903283][ T4062]        __x64_sys_fallocate+0xb0/0x100
[   65.908795][ T4062]        do_syscall_64+0x35/0xb0
[   65.913705][ T4062]        entry_SYSCALL_64_after_hwframe+0x44/0xae
[   65.920297][ T4062] 
[   65.920297][ T4062] other info that might help us debug this:
[   65.920297][ T4062] 
[   65.930630][ T4062]  Possible unsafe locking scenario:
[   65.930630][ T4062] 
[   65.938171][ T4062]        CPU0                    CPU1
[   65.943561][ T4062]        ----                    ----
[   65.948986][ T4062]   lock(&mapping->i_mmap_rwsem);
[   65.953984][ T4062]                                lock(fs_reclaim);
[   65.960453][ T4062]                                lock(&mapping->i_mmap_rwsem);
[   65.967973][ T4062]   lock(fs_reclaim);
[   65.971925][ T4062] 
[   65.971925][ T4062]  *** DEADLOCK ***
[   65.971925][ T4062] 
[   65.980302][ T4062] 3 locks held by syz-executor372/4062:
[   65.985905][ T4062]  #0: ffff88807de5a460 (sb_writers#3){.+.+}-{0:0}, at: __x64_sys_fallocate+0xb0/0x100
[   65.995513][ T4062]  #1: ffff88807c7b65f8 (&sb->s_type->i_mutex_key#8){+.+.}-{3:3}, at: shmem_fallocate+0x135/0xcd0
[   66.006256][ T4062]  #2: ffff88807c7b6850 (&mapping->i_mmap_rwsem){++++}-{3:3}, at: split_huge_page_to_list+0x34a/0x2990
[   66.017252][ T4062] 
[   66.017252][ T4062] stack backtrace:
[   66.023596][ T4062] CPU: 1 PID: 4062 Comm: syz-executor372 Not tainted 5.16.0-rc4-syzkaller #0
[   66.032421][ T4062] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   66.042461][ T4062] Call Trace:
[   66.045727][ T4062]  <TASK>
[   66.048664][ T4062]  dump_stack_lvl+0x57/0x7d
[   66.053157][ T4062]  check_noncircular+0x25f/0x2e0
[   66.058070][ T4062]  ? print_circular_bug+0x1e0/0x1e0
[   66.063238][ T4062]  ? do_raw_spin_lock+0x120/0x2b0
[   66.068418][ T4062]  ? rwlock_bug.part.0+0x90/0x90
[   66.073325][ T4062]  ? lockdep_lock+0xc6/0x200
[   66.077884][ T4062]  ? call_rcu_zapped+0xb0/0xb0
[   66.082817][ T4062]  ? _raw_spin_unlock+0x24/0x40
[   66.087760][ T4062]  ? page_vma_mapped_walk+0xb72/0x1f00
[   66.093228][ T4062]  __lock_acquire+0x2985/0x5410
[   66.098060][ T4062]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[   66.104013][ T4062]  ? page_remove_rmap+0xda0/0xda0
[   66.109017][ T4062]  lock_acquire+0x1ab/0x510
[   66.113666][ T4062]  ? kmem_cache_alloc+0x3e/0x3a0
[   66.118586][ T4062]  ? lock_release+0x720/0x720
[   66.123317][ T4062]  ? folio_mapped+0x1d6/0x270
[   66.127966][ T4062]  ? xas_split_alloc+0x108/0x480
[   66.133057][ T4062]  fs_reclaim_acquire+0x115/0x160
[   66.138056][ T4062]  ? kmem_cache_alloc+0x3e/0x3a0
[   66.142963][ T4062]  kmem_cache_alloc+0x3e/0x3a0
[   66.147785][ T4062]  xas_split_alloc+0x108/0x480
[   66.152521][ T4062]  ? folio_mapped+0x1d6/0x270
[   66.157169][ T4062]  split_huge_page_to_list+0x5a6/0x2990
[   66.162861][ T4062]  ? pagecache_get_page+0x10/0x100
[   66.167942][ T4062]  ? shmem_getpage_gfp+0x255/0x1b10
[   66.173130][ T4062]  ? can_split_huge_page+0x390/0x390
[   66.178388][ T4062]  truncate_inode_partial_folio+0x49c/0x710
[   66.184261][ T4062]  shmem_undo_range+0x551/0xf70
[   66.189100][ T4062]  ? shmem_symlink+0x640/0x640
[   66.193848][ T4062]  ? lock_downgrade+0x6e0/0x6e0
[   66.198884][ T4062]  ? down_write+0xde/0x150
[   66.203282][ T4062]  ? up_write+0x148/0x470
[   66.207761][ T4062]  ? unmap_mapping_pages+0xd2/0x240
[   66.212958][ T4062]  ? do_raw_spin_lock+0x120/0x2b0
[   66.218079][ T4062]  ? zap_vma_ptes+0xd0/0xd0
[   66.222657][ T4062]  ? rwlock_bug.part.0+0x90/0x90
[   66.227584][ T4062]  shmem_fallocate+0x8cd/0xcd0
[   66.232359][ T4062]  ? __lock_acquire+0x15ad/0x5410
[   66.237572][ T4062]  ? shmem_evict_inode+0xa90/0xa90
[   66.242799][ T4062]  ? aa_file_perm+0x41b/0xd50
[   66.247547][ T4062]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[   66.253573][ T4062]  ? aa_path_link+0x2e0/0x2e0
[   66.258240][ T4062]  vfs_fallocate+0x2a5/0xb90
[   66.262817][ T4062]  __x64_sys_fallocate+0xb0/0x100
[   66.268149][ T4062]  do_syscall_64+0x35/0xb0
[   66.272567][ T4062]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[   66.278550][ T4062] RIP: 0033:0x7f08c6fe4809
[   66.282950][ T4062] Code: 28 c3 e8 5a 14 00 00 66 2e 0f 1f 84 00 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[   66.302875][ T4062] RSP: 002b:00007ffd752649e8 EFLAGS: 00000246 ORIG_RAX: 000000000000011d
[   66.311624][ T4062] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f08c6fe4809
[   66.320383][ T4062