[ OK ] Reached target Login Prompts. [ OK ] Reached target Multi-User System. [ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... [ OK ] Started Update UTMP about System Runlevel Changes. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.0.162' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 93.382920][ T37] audit: type=1400 audit(1624026112.607:8): avc: denied { execmem } for pid=8442 comm="syz-executor337" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 [ 93.413818][ T8443] [ 93.416161][ T8443] ====================================================== [ 93.423225][ T8443] WARNING: possible circular locking dependency detected [ 93.430228][ T8443] 5.13.0-rc6-syzkaller #0 Not tainted [ 93.435585][ T8443] ------------------------------------------------------ [ 93.442586][ T8443] syz-executor337/8443 is trying to acquire lock: [ 93.448989][ T8443] ffff8880341e31a0 (&iint->mutex){+.+.}-{3:3}, at: process_measurement+0x3a8/0x17e0 [ 93.458403][ T8443] [ 93.458403][ T8443] but task is already holding lock: [ 93.465756][ T8443] ffff88802c310460 (sb_writers#5){.+.+}-{0:0}, at: path_openat+0x1ad9/0x27e0 [ 93.474565][ T8443] [ 93.474565][ T8443] which lock already depends on the new lock. [ 93.474565][ T8443] [ 93.484971][ T8443] [ 93.484971][ T8443] the existing dependency chain (in reverse order) is: [ 93.493972][ T8443] [ 93.493972][ T8443] -> #1 (sb_writers#5){.+.+}-{0:0}: [ 93.501366][ T8443] mnt_want_write+0x6e/0x3e0 [ 93.506477][ T8443] ovl_maybe_copy_up+0x11f/0x190 [ 93.511934][ T8443] ovl_open+0xba/0x270 [ 93.516537][ T8443] do_dentry_open+0x4b9/0x11b0 [ 93.521818][ T8443] dentry_open+0x132/0x1d0 [ 93.526755][ T8443] ima_calc_file_hash+0x2d2/0x4b0 [ 93.532308][ T8443] ima_collect_measurement+0x4ca/0x570 [ 93.538299][ T8443] process_measurement+0xd1c/0x17e0 [ 93.544016][ T8443] ima_file_check+0xb9/0x100 [ 93.549125][ T8443] path_openat+0x15b5/0x27e0 [ 93.554234][ T8443] do_filp_open+0x190/0x3d0 [ 93.559257][ T8443] do_sys_openat2+0x16d/0x420 [ 93.564452][ T8443] __x64_sys_open+0x119/0x1c0 [ 93.569642][ T8443] do_syscall_64+0x3a/0xb0 [ 93.574589][ T8443] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 93.581015][ T8443] [ 93.581015][ T8443] -> #0 (&iint->mutex){+.+.}-{3:3}: [ 93.588392][ T8443] __lock_acquire+0x2a17/0x5230 [ 93.593763][ T8443] lock_acquire+0x1ab/0x740 [ 93.598781][ T8443] __mutex_lock+0x139/0x10c0 [ 93.603906][ T8443] process_measurement+0x3a8/0x17e0 [ 93.609637][ T8443] ima_file_check+0xb9/0x100 [ 93.614738][ T8443] path_openat+0x15b5/0x27e0 [ 93.619864][ T8443] do_filp_open+0x190/0x3d0 [ 93.624885][ T8443] do_sys_openat2+0x16d/0x420 [ 93.630099][ T8443] __x64_sys_openat+0x13f/0x1f0 [ 93.635466][ T8443] do_syscall_64+0x3a/0xb0 [ 93.640398][ T8443] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 93.646828][ T8443] [ 93.646828][ T8443] other info that might help us debug this: [ 93.646828][ T8443] [ 93.657065][ T8443] Possible unsafe locking scenario: [ 93.657065][ T8443] [ 93.664494][ T8443] CPU0 CPU1 [ 93.669842][ T8443] ---- ---- [ 93.675206][ T8443] lock(sb_writers#5); [ 93.679360][ T8443] lock(&iint->mutex); [ 93.686043][ T8443] lock(sb_writers#5); [ 93.692719][ T8443] lock(&iint->mutex); [ 93.696869][ T8443] [ 93.696869][ T8443] *** DEADLOCK *** [ 93.696869][ T8443] [ 93.704999][ T8443] 1 lock held by syz-executor337/8443: [ 93.710447][ T8443] #0: ffff88802c310460 (sb_writers#5){.+.+}-{0:0}, at: path_openat+0x1ad9/0x27e0 [ 93.719730][ T8443] [ 93.719730][ T8443] stack backtrace: [ 93.725608][ T8443] CPU: 1 PID: 8443 Comm: syz-executor337 Not tainted 5.13.0-rc6-syzkaller #0 [ 93.734383][ T8443] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 93.744431][ T8443] Call Trace: [ 93.747700][ T8443] dump_stack+0x141/0x1d7 [ 93.752039][ T8443] check_noncircular+0x25f/0x2e0 [ 93.756981][ T8443] ? print_circular_bug+0x1e0/0x1e0 [ 93.762192][ T8443] ? check_path.constprop.0+0x50/0x50 [ 93.767580][ T8443] ? lockdep_lock+0xc6/0x200 [ 93.772190][ T8443] ? call_rcu_zapped+0xb0/0xb0 [ 93.776959][ T8443] __lock_acquire+0x2a17/0x5230 [ 93.781813][ T8443] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 93.787810][ T8443] lock_acquire+0x1ab/0x740 [ 93.792337][ T8443] ? process_measurement+0x3a8/0x17e0 [ 93.797733][ T8443] ? lock_release+0x720/0x720 [ 93.802411][ T8443] __mutex_lock+0x139/0x10c0 [ 93.807067][ T8443] ? process_measurement+0x3a8/0x17e0 [ 93.812437][ T8443] ? process_measurement+0x814/0x17e0 [ 93.817811][ T8443] ? lock_downgrade+0x6e0/0x6e0 [ 93.822684][ T8443] ? process_measurement+0x3a8/0x17e0 [ 93.828054][ T8443] ? mutex_lock_io_nested+0xf20/0xf20 [ 93.833423][ T8443] ? up_write+0x191/0x560 [ 93.837751][ T8443] ? downgrade_write+0x3a0/0x3a0 [ 93.842701][ T8443] ? do_raw_read_unlock+0x3b/0x70 [ 93.847725][ T8443] ? _raw_read_unlock+0x24/0x40 [ 93.852578][ T8443] ? integrity_iint_find+0x123/0x150 [ 93.857864][ T8443] process_measurement+0x3a8/0x17e0 [ 93.863060][ T8443] ? mmap_violation_check+0x1e0/0x1e0 [ 93.868429][ T8443] ? dquot_free_inode+0x6c0/0x6c0 [ 93.873452][ T8443] ? find_held_lock+0x2d/0x110 [ 93.878214][ T8443] ? selinux_task_getsecid_subj+0x167/0x2c0 [ 93.884105][ T8443] ? lock_downgrade+0x6e0/0x6e0 [ 93.888988][ T8443] ? ext4_file_write_iter+0x14e0/0x14e0 [ 93.894552][ T8443] ? selinux_task_getsecid_subj+0x189/0x2c0 [ 93.900441][ T8443] ima_file_check+0xb9/0x100 [ 93.905032][ T8443] ? process_measurement+0x17e0/0x17e0 [ 93.910499][ T8443] ? may_open+0x1f6/0x420 [ 93.914820][ T8443] path_openat+0x15b5/0x27e0 [ 93.919406][ T8443] ? path_lookupat+0x850/0x850 [ 93.924162][ T8443] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 93.930142][ T8443] do_filp_open+0x190/0x3d0 [ 93.934642][ T8443] ? may_open_dev+0xf0/0xf0 [ 93.939155][ T8443] ? do_raw_spin_lock+0x120/0x2b0 [ 93.944182][ T8443] ? rwlock_bug.part.0+0x90/0x90 [ 93.949128][ T8443] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 93.955373][ T8443] ? _find_next_bit+0x1e3/0x260 [ 93.960218][ T8443] ? _raw_spin_unlock+0x24/0x40 [ 93.965077][ T8443] ? alloc_fd+0x2e6/0x660 [ 93.969434][ T8443] do_sys_openat2+0x16d/0x420 [ 93.974113][ T8443] ? build_open_flags+0x6f0/0x6f0 [ 93.979146][ T8443] ? __context_tracking_exit+0xb8/0xe0 [ 93.984605][ T8443] ? lock_downgrade+0x6e0/0x6e0 [ 93.989470][ T8443] __x64_sys_openat+0x13f/0x1f0 [ 93.994336][ T8443] ? __ia32_sys_open+0x1c0/0x1c0 [ 93.999274][ T8443] ? syscall_enter_from_user_mode+0x27/0x70 [ 94.005165][ T8443] do_syscall_64+0x3a/0xb0 [ 94.009612][ T8443] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 94.015511][ T8443] RIP: 0033:0x444d09 [ 94.019421][ T8443] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 81 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 94.039032][ T8443] RSP: 002b:00007f8eefe2d2f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 94.047493][ T8443] RAX: ffffffffffffffda RBX: 00000000004ca400 RCX: 0000000000444d09 [ 94.055475][ T8443] RDX: 000000000000275a RSI: 00000000200000c0 RDI: 00000000ffffff9c [ 94.063457][ T8443] RBP: 000000000049a004 R08: 0000000000000000 R09: 0000000000000000 [ 94.071425][ T8443] R10: 0000000000000000 R11: 0000000000000246 R12: 69662f7375622f2e [ 94.079405][ T8443] R13: 3d72696472657070 R14: 0079616c7265766f R15: 000000