[ OK ] Reached target Login Prompts. [ OK ] Reached target Multi-User System. [ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... Starting Load/Save RF Kill Switch Status... [ OK ] Started Load/Save RF Kill Switch Status. [ OK ] Started Update UTMP about System Runlevel Changes. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.0.68' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 29.926161] [ 29.927867] ====================================================== [ 29.934171] WARNING: possible circular locking dependency detected [ 29.940473] 4.14.209-syzkaller #0 Not tainted [ 29.944991] ------------------------------------------------------ [ 29.951320] syz-executor526/7995 is trying to acquire lock: [ 29.956998] (sb_writers#3){.+.+}, at: [] mnt_want_write+0x3a/0xb0 [ 29.964869] [ 29.964869] but task is already holding lock: [ 29.970814] (&iint->mutex){+.+.}, at: [] process_measurement+0x270/0xb20 [ 29.979302] [ 29.979302] which lock already depends on the new lock. [ 29.979302] [ 29.987607] [ 29.987607] the existing dependency chain (in reverse order) is: [ 29.997725] [ 29.997725] -> #1 (&iint->mutex){+.+.}: [ 30.003186] __mutex_lock+0xc4/0x1310 [ 30.007505] process_measurement+0x270/0xb20 [ 30.012511] path_openat+0x10ad/0x2970 [ 30.016907] do_filp_open+0x179/0x3c0 [ 30.021218] do_sys_open+0x296/0x410 [ 30.025430] do_syscall_64+0x1d5/0x640 [ 30.029817] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 30.035498] [ 30.035498] -> #0 (sb_writers#3){.+.+}: [ 30.040935] lock_acquire+0x170/0x3f0 [ 30.045230] __sb_start_write+0x64/0x260 [ 30.049790] mnt_want_write+0x3a/0xb0 [ 30.054097] ovl_open_maybe_copy_up+0xcf/0x130 [ 30.059193] ovl_d_real+0xbc/0x343 [ 30.063244] vfs_open+0x19e/0x220 [ 30.067196] dentry_open+0xa7/0x210 [ 30.071339] ima_calc_file_hash+0x56d/0x830 [ 30.076172] ima_collect_measurement+0x39d/0x430 [ 30.081443] process_measurement+0x78b/0xb20 [ 30.086359] path_openat+0x10ad/0x2970 [ 30.090756] do_filp_open+0x179/0x3c0 [ 30.095056] do_sys_open+0x296/0x410 [ 30.099286] do_syscall_64+0x1d5/0x640 [ 30.103686] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 30.109383] [ 30.109383] other info that might help us debug this: [ 30.109383] [ 30.117514] Possible unsafe locking scenario: [ 30.117514] [ 30.123559] CPU0 CPU1 [ 30.128212] ---- ---- [ 30.132851] lock(&iint->mutex); [ 30.136288] lock(sb_writers#3); [ 30.142236] lock(&iint->mutex); [ 30.148181] lock(sb_writers#3); [ 30.151620] [ 30.151620] *** DEADLOCK *** [ 30.151620] [ 30.157664] 1 lock held by syz-executor526/7995: [ 30.162403] #0: (&iint->mutex){+.+.}, at: [] process_measurement+0x270/0xb20 [ 30.171315] [ 30.171315] stack backtrace: [ 30.175791] CPU: 0 PID: 7995 Comm: syz-executor526 Not tainted 4.14.209-syzkaller #0 [ 30.183648] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 30.192982] Call Trace: [ 30.195567] dump_stack+0x1b2/0x283 [ 30.199175] print_circular_bug.constprop.0.cold+0x2d7/0x41e [ 30.204957] __lock_acquire+0x2e0e/0x3f20 [ 30.209103] ? kmem_cache_alloc+0x124/0x3c0 [ 30.213423] ? trace_hardirqs_on+0x10/0x10 [ 30.217640] ? trace_hardirqs_on+0x10/0x10 [ 30.221858] ? do_filp_open+0x179/0x3c0 [ 30.225814] ? do_syscall_64+0x1d5/0x640 [ 30.229866] ? entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 30.235212] ? __lock_acquire+0x5fc/0x3f20 [ 30.239443] ? trace_hardirqs_on+0x10/0x10 [ 30.243682] ? fs_reclaim_release+0xd0/0x110 [ 30.248081] lock_acquire+0x170/0x3f0 [ 30.251876] ? mnt_want_write+0x3a/0xb0 [ 30.255842] __sb_start_write+0x64/0x260 [ 30.259891] ? mnt_want_write+0x3a/0xb0 [ 30.263886] mnt_want_write+0x3a/0xb0 [ 30.267672] ovl_open_maybe_copy_up+0xcf/0x130 [ 30.272275] ovl_d_real+0xbc/0x343 [ 30.275791] vfs_open+0x19e/0x220 [ 30.279223] dentry_open+0xa7/0x210 [ 30.282830] ima_calc_file_hash+0x56d/0x830 [ 30.287143] ? ext4_xattr_get+0x139/0x8b0 [ 30.291277] ima_collect_measurement+0x39d/0x430 [ 30.296011] ? ima_get_action+0x70/0x70 [ 30.299991] ? vfs_getxattr_alloc+0xc8/0x2d0 [ 30.304392] ? ima_get_cache_status+0x170/0x170 [ 30.309039] process_measurement+0x78b/0xb20 [ 30.313437] ? ima_rdwr_violation_check+0x3a0/0x3a0 [ 30.318434] ? generic_file_open+0x68/0x90 [ 30.322670] ? ext4_release_file+0x2d0/0x2d0 [ 30.327056] ? apparmor_file_alloc_security+0x800/0x800 [ 30.332397] ? lock_downgrade+0x740/0x740 [ 30.336522] ? file_ra_state_init+0xc4/0x1e0 [ 30.340921] ? do_dentry_open+0x698/0xec0 [ 30.345045] ? ext4_release_file+0x2d0/0x2d0 [ 30.349429] ? vfs_open+0x10d/0x220 [ 30.353041] path_openat+0x10ad/0x2970 [ 30.356916] ? path_lookupat+0x780/0x780 [ 30.360957] ? trace_hardirqs_on+0x10/0x10 [ 30.365173] ? trace_hardirqs_on+0x10/0x10 [ 30.369387] do_filp_open+0x179/0x3c0 [ 30.373167] ? may_open_dev+0xe0/0xe0 [ 30.376960] ? lock_downgrade+0x740/0x740 [ 30.381096] ? do_raw_spin_unlock+0x164/0x220 [ 30.385573] ? _raw_spin_unlock+0x29/0x40 [ 30.389700] ? __alloc_fd+0x1be/0x490 [ 30.393482] ? _raw_spin_unlock_irq+0x24/0x80 [ 30.398065] do_sys_open+0x296/0x410 [ 30.401756] ? filp_open+0x60/0x60 [ 30.405274] ? do_syscall_64+0x4c/0x640 [ 30.409237] ? do_sys_open+0x410/0x410 [ 30.413103] do_syscall_64+0x1d5/0x640 [ 30.416971] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 30.422139] RIP: 0033:0x440399 [ 30.425312] RSP: 002b:00007ffd4d4