possible deadlock in do_read_cache_folio

============================================
WARNING: possible recursive locking detected
syzkaller #0 Not tainted
--------------------------------------------
syz-executor/5943 is trying to acquire lock:
ffff88803d88bda0 (&sb->s_type->i_mutex_key#9){++++}-{4:4}, at: inode_lock include/linux/fs.h:1027 [inline]
ffff88803d88bda0 (&sb->s_type->i_mutex_key#9){++++}-{4:4}, at: do_read_cache_folio+0x71/0x630 mm/filemap.c:4057

but task is already holding lock:
ffff88803d88bda0 (&sb->s_type->i_mutex_key#9){++++}-{4:4}, at: inode_lock include/linux/fs.h:1027 [inline]
ffff88803d88bda0 (&sb->s_type->i_mutex_key#9){++++}-{4:4}, at: __do_sys_swapon+0x8c5/0x3b30 mm/swapfile.c:3447

other info that might help us debug this:
 Possible unsafe locking scenario:

       CPU0
       ----
  lock(&sb->s_type->i_mutex_key#9);
  lock(&sb->s_type->i_mutex_key#9);

 *** DEADLOCK ***

 May be due to missing lock nesting notation

1 lock held by syz-executor/5943:
 #0: ffff88803d88bda0 (&sb->s_type->i_mutex_key#9){++++}-{4:4}, at: inode_lock include/linux/fs.h:1027 [inline]
 #0: ffff88803d88bda0 (&sb->s_type->i_mutex_key#9){++++}-{4:4}, at: __do_sys_swapon+0x8c5/0x3b30 mm/swapfile.c:3447

stack backtrace:
CPU: 2 UID: 0 PID: 5943 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
Call Trace:
 <TASK>
 __dump_stack lib/dump_stack.c:94 [inline]
 dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:120
 print_deadlock_bug+0x225/0x2f0 kernel/locking/lockdep.c:3041
 check_deadlock kernel/locking/lockdep.c:3093 [inline]
 validate_chain kernel/locking/lockdep.c:3895 [inline]
 __lock_acquire+0x1497/0x2890 kernel/locking/lockdep.c:5237
 lock_acquire kernel/locking/lockdep.c:5868 [inline]
 lock_acquire+0x179/0x330 kernel/locking/lockdep.c:5825
 down_write+0x92/0x200 kernel/locking/rwsem.c:1590
 inode_lock include/linux/fs.h:1027 [inline]
 do_read_cache_folio+0x71/0x630 mm/filemap.c:4057
 read_mapping_folio include/linux/pagemap.h:1017 [inline]
 __do_sys_swapon+0xa3c/0x3b30 mm/swapfile.c:3473
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0xcd/0xf80 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f6eec78f687
Code: 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 a7 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007ffdb225a028 EFLAGS: 00000246 ORIG_RAX: 00000000000000a7
RAX: ffffffffffffffda RBX: 00007ffdb225a030 RCX: 00007f6eec78f687
RDX: 0000000000000000 RSI: 0000000000008000 RDI: 00007f6eec814bc1
RBP: 00007f6eec814bc1 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000008 R11: 0000000000000246 R12: 00007f6eec9b4270
R13: 0000000000000000 R14: 00007f6eec830975 R15: 00007f6eec8309b1
 </TASK>


[   53.084811][   T40] audit: type=1400 audit(1767956586.888:60): avc:  denied  { rlimitinh } for  pid=5908 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[   53.096835][   T40] audit: type=1400 audit(1767956586.888:61): avc:  denied  { siginh } for  pid=5908 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
Warning: Permanently added '[localhost]:9988' (ED25519) to the list of known hosts.
[   60.278181][   T40] audit: type=1400 audit(1767956594.098:62): avc:  denied  { execute } for  pid=5933 comm="sh" name="syz-execprog" dev="sda1" ino=2020 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1
[   60.287411][   T40] audit: type=1400 audit(1767956594.098:63): avc:  denied  { execute_no_trans } for  pid=5933 comm="sh" path="/syz-execprog" dev="sda1" ino=2020 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1
2026/01/09 11:03:15 parsed 1 programs
[   61.777835][   T40] audit: type=1400 audit(1767956595.598:64): avc:  denied  { node_bind } for  pid=5933 comm="syz-execprog" saddr=::1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=tcp_socket permissive=1
[   64.448665][   T40] audit: type=1400 audit(1767956598.268:65): avc:  denied  { mounton } for  pid=5943 comm="syz-executor" path="/syzcgroup/unified" dev="sda1" ino=2023 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1
[   64.458449][   T40] audit: type=1400 audit(1767956598.278:66): avc:  denied  { mount } for  pid=5943 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   64.460855][ T5943] cgroup: Unknown subsys name 'net'
[   64.471699][   T40] audit: type=1400 audit(1767956598.288:67): avc:  denied  { unmount } for  pid=5943 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   64.617962][ T5943] cgroup: Unknown subsys name 'cpuset'
[   64.625187][ T5943] cgroup: Unknown subsys name 'rlimit'
[   64.814304][   T40] audit: type=1400 audit(1767956598.638:68): avc:  denied  { setattr } for  pid=5943 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=849 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   64.822507][   T40] audit: type=1400 audit(1767956598.638:69): avc:  denied  { create } for  pid=5943 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   64.830130][   T40] audit: type=1400 audit(1767956598.638:70): avc:  denied  { write } for  pid=5943 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   64.837309][   T40] audit: type=1400 audit(1767956598.638:71): avc:  denied  { read } for  pid=5943 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   64.898978][ T5946] SELinux:  Context root:object_r:swapfile_t is not valid (left unmapped).
Setting up swapspace version 1, size = 127995904 bytes
[   65.699886][ T5943] 
[   65.701037][ T5943] ============================================
[   65.703700][ T5943] WARNING: possible recursive locking detected
[   65.706218][ T5943] syzkaller #0 Not tainted
[   65.708005][ T5943] --------------------------------------------
[   65.710557][ T5943] syz-executor/5943 is trying to acquire lock:
[   65.713078][ T5943] ffff88803d88bda0 (&sb->s_type->i_mutex_key#9){++++}-{4:4}, at: do_read_cache_folio+0x71/0x630
[   65.717231][ T5943] 
[   65.717231][ T5943] but task is already holding lock:
[   65.720205][ T5943] ffff88803d88bda0 (&sb->s_type->i_mutex_key#9){++++}-{4:4}, at: __do_sys_swapon+0x8c5/0x3b30
[   65.724343][ T5943] 
[   65.724343][ T5943] other info that might help us debug this:
[   65.727468][ T5943]  Possible unsafe locking scenario:
[   65.727468][ T5943] 
[   65.730398][ T5943]        CPU0
[   65.731745][ T5943]        ----
[   65.733146][ T5943]   lock(&sb->s_type->i_mutex_key#9);
[   65.735015][ T5943]   lock(&sb->s_type->i_mutex_key#9);
[   65.737050][ T5943] 
[   65.737050][ T5943]  *** DEADLOCK ***
[   65.737050][ T5943] 
[   65.740266][ T5943]  May be due to missing lock nesting notation
[   65.740266][ T5943] 
[   65.743600][ T5943] 1 lock held by syz-executor/5943:
[   65.745702][ T5943]  #0: ffff88803d88bda0 (&sb->s_type->i_mutex_key#9){++++}-{4:4}, at: __do_sys_swapon+0x8c5/0x3b30
[   65.749925][ T5943] 
[   65.749925][ T5943] stack backtrace:
[   65.752320][ T5943] CPU: 2 UID: 0 PID: 5943 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[   65.752343][ T5943] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   65.752354][ T5943] Call Trace:
[   65.752363][ T5943]  <TASK>
[   65.752370][ T5943]  dump_stack_lvl+0x116/0x1f0
[   65.752397][ T5943]  print_deadlock_bug+0x225/0x2f0
[   65.752418][ T5943]  __lock_acquire+0x1497/0x2890
[   65.752442][ T5943]  lock_acquire+0x179/0x330
[   65.752461][ T5943]  ? do_read_cache_folio+0x71/0x630
[   65.752480][ T5943]  ? __pfx___might_resched+0x10/0x10
[   65.752498][ T5943]  down_write+0x92/0x200
[   65.752522][ T5943]  ? do_read_cache_folio+0x71/0x630
[   65.752539][ T5943]  ? __pfx_down_write+0x10/0x10
[   65.752564][ T5943]  ? down_write+0x14d/0x200
[   65.752587][ T5943]  do_read_cache_folio+0x71/0x630
[   65.752604][ T5943]  ? __pfx_ext4_read_folio+0x10/0x10
[   65.752622][ T5943]  __do_sys_swapon+0xa3c/0x3b30
[   65.752644][ T5943]  ? __pfx_restore_altstack+0x10/0x10
[   65.752663][ T5943]  ? lockdep_hardirqs_on+0x7c/0x110
[   65.752686][ T5943]  ? restore_signal_shadow_stack+0x63/0x460
[   65.752713][ T5943]  ? __do_sys_rt_sigreturn+0x1da/0x2c0
[   65.752739][ T5943]  ? __pfx___do_sys_swapon+0x10/0x10
[   65.752759][ T5943]  ? rcu_is_watching+0x12/0xc0
[   65.752778][ T5943]  do_syscall_64+0xcd/0xf80
[   65.752799][ T5943]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   65.752817][ T5943] RIP: 0033:0x7f6eec78f687
[   65.752830][ T5943] Code: 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 a7 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   65.752847][ T5943] RSP: 002b:00007ffdb225a028 EFLAGS: 00000246 ORIG_RAX: 00000000000000a7
[   65.752863][ T5943] RAX: ffffffffffffffda RBX: 00007ffdb225a030 RCX: 00007f6eec78f687
[   65.752875][ T5943] RDX: 0000000000000000 RSI: 0000000000008000 RDI: 00007f6eec814bc1
[   65.752885][ T5943] RBP: 00007f6eec814bc1 R08: 0000000000000000 R09: 0000000000000000
[   65.752896][ T5943] R10: 0000000000000008 R11: 0000000000000246 R12: 00007f6eec9b4270
[   65.752906][ T5943] R13: 0000000000000000 R14: 00007f6eec830975 R15: 00007f6eec8309b1
[   65.752922][ T5943]  </TASK>


syzkaller build log:
go env (err=<nil>)
AR='ar'
CC='gcc'
CGO_CFLAGS='-O2 -g'
CGO_CPPFLAGS=''
CGO_CXXFLAGS='-O2 -g'
CGO_ENABLED='1'
CGO_FFLAGS='-O2 -g'
CGO_LDFLAGS='-O2 -g'
CXX='g++'
GCCGO='gccgo'
GO111MODULE='auto'
GOAMD64='v1'
GOARCH='amd64'
GOAUTH='netrc'
GOBIN=''
GOCACHE='/syzkaller/.cache/go-build'
GOCACHEPROG=''
GODEBUG=''
GOENV='/syzkaller/.config/go/env'
GOEXE=''
GOEXPERIMENT=''
GOFIPS140='off'
GOFLAGS=''
GOGCCFLAGS='-fPIC -m64 -pthread -Wl,--no-gc-sections -fmessage-length=0 -ffile-prefix-map=/tmp/go-build1604046123=/tmp/go-build -gno-record-gcc-switches'
GOHOSTARCH='amd64'
GOHOSTOS='linux'
GOINSECURE=''
GOMOD='/syzkaller/jobs/linux/gopath/src/github.com/google/syzkaller/go.mod'
GOMODCACHE='/syzkaller/jobs/linux/gopath/pkg/mod'
GONOPROXY=''
GONOSUMDB=''
GOOS='linux'
GOPATH='/syzkaller/jobs/linux/gopath'
GOPRIVATE=''
GOPROXY='https://proxy.golang.org,direct'
GOROOT='/usr/local/go'
GOSUMDB='sum.golang.org'
GOTELEMETRY='local'
GOTELEMETRYDIR='/syzkaller/.config/go/telemetry'
GOTMPDIR=''
GOTOOLCHAIN='auto'
GOTOOLDIR='/usr/local/go/pkg/tool/linux_amd64'
GOVCS=''
GOVERSION='go1.24.4'
GOWORK=''
PKG_CONFIG='pkg-config'

git status (err=<nil>)
HEAD detached at d1b870e1003
nothing to commit, working tree clean


tput: No value for $TERM and no -T specified
tput: No value for $TERM and no -T specified
Makefile:31: run command via tools/syz-env for best compatibility, see:
Makefile:32: https://github.com/google/syzkaller/blob/master/docs/contributing.md#using-syz-env
go list -f '{{.Stale}}' -ldflags="-s -w -X github.com/google/syzkaller/prog.GitRevision=d1b870e1003b52891d2196c1e2ee42fe905010ba -X github.com/google/syzkaller/prog.gitRevisionDate=20251128-125159"  ./sys/syz-sysgen | grep -q false || go install -ldflags="-s -w -X github.com/google/syzkaller/prog.GitRevision=d1b870e1003b52891d2196c1e2ee42fe905010ba -X github.com/google/syzkaller/prog.gitRevisionDate=20251128-125159"  ./sys/syz-sysgen
make .descriptions
tput: No value for $TERM and no -T specified
tput: No value for $TERM and no -T specified
Makefile:31: run command via tools/syz-env for best compatibility, see:
Makefile:32: https://github.com/google/syzkaller/blob/master/docs/contributing.md#using-syz-env
bin/syz-sysgen
touch .descriptions
GOOS=linux GOARCH=amd64 go build -ldflags="-s -w -X github.com/google/syzkaller/prog.GitRevision=d1b870e1003b52891d2196c1e2ee42fe905010ba -X github.com/google/syzkaller/prog.gitRevisionDate=20251128-125159"  -o ./bin/linux_amd64/syz-execprog github.com/google/syzkaller/tools/syz-execprog
mkdir -p ./bin/linux_amd64
g++ -o ./bin/linux_amd64/syz-executor executor/executor.cc \
	-m64 -O2 -pthread -Wall -Werror -Wparentheses -Wunused-const-variable -Wframe-larger-than=16384 -Wno-stringop-overflow -Wno-array-bounds -Wno-format-overflow -Wno-unused-but-set-variable -Wno-unused-command-line-argument -static-pie -std=c++17 -I. -Iexecutor/_include   -DGOOS_linux=1 -DGOARCH_amd64=1 \
	-DHOSTGOOS_linux=1 -DGIT_REVISION=\"d1b870e1003b52891d2196c1e2ee42fe905010ba\"
/usr/bin/ld: /tmp/cc8lgRxb.o: in function `Connection::Connect(char const*, char const*)':
executor.cc:(.text._ZN10Connection7ConnectEPKcS1_[_ZN10Connection7ConnectEPKcS1_]+0x104): warning: Using 'gethostbyname' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking
./tools/check-syzos.sh 2>/dev/null