program: syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000280)='mnt\x00', 0x4, &(0x7f0000000000), 0x0, 0x236, &(0x7f0000000300)="$eJzs3TFoM2UcBvDnLomf/b4gVRdBUEFEtFDqJrjURaEgpYgIKlREXJRWqC1urZOLg84qnVyKuFkdpUtxUQSnqh3qImhxsDjoELlcK9VGFFNz8t3vB5fcJe97//e4e95kOS5Aa00nmU/SSTKTpJekON/grnqZPt3cntpfTgaDx38shu3q7dpZv2tJtpI8mGSvLPJiN9nYffro54NH731jvXfPe7tPTU30IE8dHx0+dvLu4usfLjyw8fmX3y8WmU//D8d1+YoRn3WL5Jb/otj/RNFtegT8E0uvfvBVlftbk9w9zH8vZeqT9+baDXu93P/OX/V964cvbp/kWIHLNxj0qt/ArQHQOmWSfopyNkm9Xpazs/V/+K87V8uXVtdemXlhdX3l+aZnKuCy9JPDRz6+8tG1P+X/u06df+D6VeX/iaWdb6r1k07TowEmqcr/zLOb90X+oXXkH9pL/qG95B/aS/6hveQf2kv+ob3kH9pL/qG95B/a63z+AYB2GVxp+g5koClNzz8AAAAAAAAAAAAAAAAAAMBF21P7y2fLpGp++nZy/HCS7qj6neHziJMbh69XfyqqZr8r6m5jeebOMXcwpvcbvvv6pm+brf/ZHc3W31xJtl5LMtftXrz+itPr79+7+W++7z03ZoExPfRks/V/3Wm2/sJB8kk1/8yNmn/K3DZ8Hz3/9KvzN2b9l38ZcwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABMzG8BAAD//8n0bSk=") r0 = openat(0xffffffffffffff9c, &(0x7f0000000540)='mnt\x00', 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r0, 0xc0506617, &(0x7f0000000580)={@id={0x2, 0x0, @a}, 0x40, 0x0, '\x00', @a}) mkdirat(0xffffffffffffff9c, &(0x7f0000000640)='mnt/encrypted_dir\x00', 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000680)='mnt/encrypted_dir\x00', 0x800, 0x0) ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r1, 0x800c6613, &(0x7f00000006c0)=@v2={0x2, @aes256, 0x0, '\x00', @a}) chdir(&(0x7f00000002c0)='mnt/encrypted_dir\x00') mknodat(0xffffffffffffff9c, &(0x7f0000000140)='./file4\x00', 0x40, 0x0) ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY_ALL_USERS(r1, 0xc0406619, &(0x7f0000000140)={@id={0x2, 0x0, @a}}) open(&(0x7f0000000180)='./file4\x00', 0x4001, 0x10a) [ 84.089750][ T5317] loop0: detected capacity change from 0 to 128 [ 84.107092][ T44] Bluetooth: hci0: command tx timeout [ 84.309678][ T5317] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 84.334329][ T5317] ext4 filesystem being mounted at /0/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 84.391968][ T5317] fscrypt: AES-256-CBC-CTS using implementation "cts-cbc-aes-aesni" [ 84.398057][ T5317] fscrypt: AES-256-XTS using implementation "xts-aes-aesni-avx" [ 84.417740][ T5317] fscrypt: loop0: 1 inode(s) still busy after removing key with identifier 69b2f6edeee720cce0577937eb8a6751, including ino 12 [ 84.475034][ T77] [ 84.476013][ T77] ====================================================== [ 84.478811][ T77] WARNING: possible circular locking dependency detected [ 84.481647][ T77] syzkaller #0 Not tainted [ 84.483569][ T77] ------------------------------------------------------ [ 84.486540][ T77] kswapd0/77 is trying to acquire lock: [ 84.489376][ T77] ffff888000e3b090 (&type->lock_class){+.+.}-{4:4}, at: keyring_clear+0xaf/0x250 [ 84.494136][ T77] [ 84.494136][ T77] but task is already holding lock: [ 84.497341][ T77] ffffffff8ea87040 (fs_reclaim){+.+.}-{0:0}, at: kswapd+0x927/0x2de0 [ 84.500783][ T77] [ 84.500783][ T77] which lock already depends on the new lock. [ 84.500783][ T77] [ 84.504918][ T77] [ 84.504918][ T77] the existing dependency chain (in reverse order) is: [ 84.508182][ T77] [ 84.508182][ T77] -> #1 (fs_reclaim){+.+.}-{0:0}: [ 84.511784][ T77] fs_reclaim_acquire+0x71/0x100 [ 84.514611][ T77] __kmalloc_cache_noprof+0x40/0x660 [ 84.517162][ T77] assoc_array_insert+0x92/0x2f60 [ 84.519566][ T77] __key_link_begin+0xd6/0x1f0 [ 84.521818][ T77] __key_create_or_update+0x449/0xa80 [ 84.524330][ T77] key_create_or_update+0x42/0x60 [ 84.526769][ T77] x509_load_certificate_list+0x145/0x280 [ 84.529775][ T77] do_one_initcall+0x250/0x870 [ 84.533356][ T77] do_initcall_level+0x104/0x190 [ 84.537356][ T77] do_initcalls+0x59/0xa0 [ 84.539661][ T77] kernel_init_freeable+0x2a6/0x3e0 [ 84.542521][ T77] kernel_init+0x1d/0x1d0 [ 84.545040][ T77] ret_from_fork+0x514/0xb70 [ 84.547834][ T77] ret_from_fork_asm+0x1a/0x30 [ 84.551121][ T77] [ 84.551121][ T77] -> #0 (&type->lock_class){+.+.}-{4:4}: [ 84.555109][ T77] __lock_acquire+0x15a5/0x2cf0 [ 84.557074][ T77] lock_acquire+0x106/0x350 [ 84.559005][ T77] down_write+0x96/0x200 [ 84.560765][ T77] keyring_clear+0xaf/0x250 [ 84.562752][ T77] fscrypt_put_master_key+0xca/0x190 [ 84.565047][ T77] put_crypt_info+0x26d/0x310 [ 84.567208][ T77] fscrypt_put_encryption_info+0xf6/0x140 [ 84.569663][ T77] ext4_evict_inode+0xbe0/0x10e0 [ 84.572047][ T77] evict+0x61e/0xb10 [ 84.574451][ T77] __dentry_kill+0x1a2/0x5e0 [ 84.577718][ T77] shrink_kill+0xa9/0x2c0 [ 84.580258][ T77] shrink_dentry_list+0x2e0/0x5e0 [ 84.582674][ T77] prune_dcache_sb+0x119/0x180 [ 84.584890][ T77] super_cache_scan+0x369/0x4b0 [ 84.586984][ T77] do_shrink_slab+0x6fb/0x1150 [ 84.589126][ T77] shrink_slab+0x835/0x11f0 [ 84.591276][ T77] shrink_one+0x2d9/0x710 [ 84.593941][ T77] shrink_node+0x31bf/0x3ae0 [ 84.596824][ T77] kswapd+0x1736/0x2de0 [ 84.599086][ T77] kthread+0x388/0x470 [ 84.601288][ T77] ret_from_fork+0x514/0xb70 [ 84.603292][ T77] ret_from_fork_asm+0x1a/0x30 [ 84.605594][ T77] [ 84.605594][ T77] other info that might help us debug this: [ 84.605594][ T77] [ 84.609704][ T77] Possible unsafe locking scenario: [ 84.609704][ T77] [ 84.612934][ T77] CPU0 CPU1 [ 84.615407][ T77] ---- ---- [ 84.617547][ T77] lock(fs_reclaim); [ 84.619188][ T77] lock(&type->lock_class); [ 84.622246][ T77] lock(fs_reclaim); [ 84.625858][ T77] lock(&type->lock_class); [ 84.628521][ T77] [ 84.628521][ T77] *** DEADLOCK *** [ 84.628521][ T77] [ 84.632210][ T77] 2 locks held by kswapd0/77: [ 84.634296][ T77] #0: ffffffff8ea87040 (fs_reclaim){+.+.}-{0:0}, at: kswapd+0x927/0x2de0 [ 84.638153][ T77] #1: ffff88801fc860d8 (&type->s_umount_key#33){++++}-{4:4}, at: super_cache_scan+0x91/0x4b0 [ 84.643432][ T77] [ 84.643432][ T77] stack backtrace: [ 84.646840][ T77] CPU: 0 UID: 0 PID: 77 Comm: kswapd0 Not tainted syzkaller #0 PREEMPT(full) [ 84.646861][ T77] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 84.646878][ T77] Call Trace: [ 84.646886][ T77] [ 84.646893][ T77] dump_stack_lvl+0xe8/0x150 [ 84.646919][ T77] print_circular_bug+0x2e1/0x300 [ 84.646936][ T77] check_noncircular+0x12e/0x150 [ 84.646950][ T77] __lock_acquire+0x15a5/0x2cf0 [ 84.646975][ T77] ? check_noncircular+0xda/0x150 [ 84.646988][ T77] ? keyring_clear+0xaf/0x250 [ 84.647007][ T77] lock_acquire+0x106/0x350 [ 84.647024][ T77] ? keyring_clear+0xaf/0x250 [ 84.647045][ T77] down_write+0x96/0x200 [ 84.647060][ T77] ? keyring_clear+0xaf/0x250 [ 84.647077][ T77] ? __pfx_down_write+0x10/0x10 [ 84.647094][ T77] keyring_clear+0xaf/0x250 [ 84.647112][ T77] ? __pfx_keyring_clear+0x10/0x10 [ 84.647129][ T77] ? crypto_destroy_tfm+0x36/0x320 [ 84.647145][ T77] fscrypt_put_master_key+0xca/0x190 [ 84.647168][ T77] put_crypt_info+0x26d/0x310 [ 84.647183][ T77] fscrypt_put_encryption_info+0xf6/0x140 [ 84.647198][ T77] ext4_evict_inode+0xbe0/0x10e0 [ 84.647219][ T77] ? __pfx_inode_wait_for_writeback+0x10/0x10 [ 84.647239][ T77] ? do_raw_spin_lock+0x12b/0x2f0 [ 84.647255][ T77] ? __pfx_ext4_evict_inode+0x10/0x10 [ 84.647272][ T77] ? do_raw_spin_unlock+0x4d/0x210 [ 84.647287][ T77] ? __pfx_ext4_evict_inode+0x10/0x10 [ 84.647304][ T77] evict+0x61e/0xb10 [ 84.647325][ T77] ? __pfx_evict+0x10/0x10 [ 84.647344][ T77] ? _raw_spin_unlock+0x28/0x50 [ 84.647362][ T77] ? iput+0xb25/0xe80 [ 84.647412][ T77] __dentry_kill+0x1a2/0x5e0 [ 84.647435][ T77] ? shrink_kill+0x8d/0x2c0 [ 84.647450][ T77] shrink_kill+0xa9/0x2c0 [ 84.647466][ T77] shrink_dentry_list+0x2e0/0x5e0 [ 84.647484][ T77] prune_dcache_sb+0x119/0x180 [ 84.647500][ T77] ? __pfx_prune_dcache_sb+0x10/0x10 [ 84.647516][ T77] ? list_lru_count_one+0x27/0x2c0 [ 84.647538][ T77] ? list_lru_count_one+0x264/0x2c0 [ 84.647557][ T77] super_cache_scan+0x369/0x4b0 [ 84.647581][ T77] do_shrink_slab+0x6fb/0x1150 [ 84.647599][ T77] shrink_slab+0x835/0x11f0 [ 84.647629][ T77] ? shrink_slab+0x1ef/0x11f0 [ 84.647643][ T77] ? __pfx_shrink_slab+0x10/0x10 [ 84.647657][ T77] ? __pfx_try_to_shrink_lruvec+0x10/0x10 [ 84.647670][ T77] ? mlock_drain_local+0x79/0x480 [ 84.647683][ T77] ? shrink_node+0x2d92/0x3ae0 [ 84.647695][ T77] shrink_one+0x2d9/0x710 [ 84.647709][ T77] ? shrink_node+0x2d92/0x3ae0 [ 84.647721][ T77] shrink_node+0x31bf/0x3ae0 [ 84.647736][ T77] ? shrink_node+0x2d92/0x3ae0 [ 84.647754][ T77] ? __lock_acquire+0x6b5/0x2cf0 [ 84.647775][ T77] ? percpu_ref_put+0x19/0x180 [ 84.647795][ T77] ? percpu_ref_put+0x19/0x180 [ 84.647812][ T77] ? __pfx_shrink_node+0x10/0x10 [ 84.647821][ T77] ? percpu_ref_put+0x19/0x180 [ 84.647836][ T77] ? percpu_ref_put+0x19/0x180 [ 84.647853][ T77] ? mem_cgroup_iter+0x420/0x450 [ 84.647872][ T77] ? mem_cgroup_iter+0x3b/0x450 [ 84.647884][ T77] kswapd+0x1736/0x2de0 [ 84.647902][ T77] ? kswapd+0x927/0x2de0 [ 84.647918][ T77] ? __pfx_kswapd+0x10/0x10 [ 84.647931][ T77] ? __lock_acquire+0x6b5/0x2cf0 [ 84.647947][ T77] ? __mutex_unlock_slowpath+0x1be/0x6f0 [ 84.647959][ T77] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 84.647975][ T77] ? __pfx_autoremove_wake_function+0x10/0x10 [ 84.647991][ T77] ? __kthread_parkme+0x7a/0x1f0 [ 84.648009][ T77] kthread+0x388/0x470 [ 84.648020][ T77] ? __pfx_kswapd+0x10/0x10 [ 84.648033][ T77] ? __pfx_kthread+0x10/0x10 [ 84.648043][ T77] ret_from_fork+0x514/0xb70 [ 84.648061][ T77] ? __pfx_ret_from_fork+0x10/0x10 [ 84.648076][ T77] ? __switch_to+0xc79/0x1410 [ 84.648089][ T77] ? __pfx_kthread+0x10/0x10 [ 84.648100][ T77] ret_from_fork_asm+0x1a/0x30 [ 84.648115][ T77]