[ OK ] Started Getty on tty2. [ OK ] Started Serial Getty on ttyS0. [ OK ] Started Getty on tty1. [ OK ] Reached target Login Prompts. [ OK ] Reached target Multi-User System. [ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... [ OK ] Started Update UTMP about System Runlevel Changes. Starting Load/Save RF Kill Switch Status... [ OK ] Started Load/Save RF Kill Switch Status. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.0.49' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 56.260595][ T8423] [ 56.261405][ T8424] overlayfs: upperdir is in-use as upperdir/workdir of another mount, mount with '-o index=off' to override exclusive upperdir protection. [ 56.263128][ T8423] ====================================================== [ 56.263133][ T8423] WARNING: possible circular locking dependency detected [ 56.293429][ T8423] 5.13.0-rc1-syzkaller #0 Not tainted [ 56.299003][ T8423] ------------------------------------------------------ [ 56.306092][ T8423] syz-executor842/8423 is trying to acquire lock: [ 56.312478][ T8423] ffff888018006aa0 (&iint->mutex){+.+.}-{3:3}, at: process_measurement+0x3a8/0x17e0 [ 56.321866][ T8423] [ 56.321866][ T8423] but task is already holding lock: [ 56.329207][ T8423] ffff888029110460 (sb_writers#5){.+.+}-{0:0}, at: path_openat+0x1ad9/0x27e0 [ 56.337977][ T8423] [ 56.337977][ T8423] which lock already depends on the new lock. [ 56.337977][ T8423] [ 56.348362][ T8423] [ 56.348362][ T8423] the existing dependency chain (in reverse order) is: [ 56.357354][ T8423] [ 56.357354][ T8423] -> #1 (sb_writers#5){.+.+}-{0:0}: [ 56.364719][ T8423] mnt_want_write+0x6e/0x3e0 [ 56.369829][ T8423] ovl_maybe_copy_up+0x11f/0x190 [ 56.375469][ T8423] ovl_open+0xba/0x270 [ 56.380041][ T8423] do_dentry_open+0x4b9/0x11b0 [ 56.385308][ T8423] dentry_open+0x132/0x1d0 [ 56.390226][ T8423] ima_calc_file_hash+0x2d2/0x4b0 [ 56.395754][ T8423] ima_collect_measurement+0x4ca/0x570 [ 56.401710][ T8423] process_measurement+0xd1c/0x17e0 [ 56.407404][ T8423] ima_file_check+0xb9/0x100 [ 56.412495][ T8423] path_openat+0x15b5/0x27e0 [ 56.417582][ T8423] do_filp_open+0x190/0x3d0 [ 56.422581][ T8423] do_sys_openat2+0x16d/0x420 [ 56.427752][ T8423] __x64_sys_open+0x119/0x1c0 [ 56.432923][ T8423] do_syscall_64+0x3a/0xb0 [ 56.437863][ T8423] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 56.444252][ T8423] [ 56.444252][ T8423] -> #0 (&iint->mutex){+.+.}-{3:3}: [ 56.451780][ T8423] __lock_acquire+0x2a17/0x5230 [ 56.457133][ T8423] lock_acquire+0x1ab/0x740 [ 56.462221][ T8423] __mutex_lock+0x139/0x1120 [ 56.467324][ T8423] process_measurement+0x3a8/0x17e0 [ 56.473106][ T8423] ima_file_check+0xb9/0x100 [ 56.478195][ T8423] path_openat+0x15b5/0x27e0 [ 56.483299][ T8423] do_filp_open+0x190/0x3d0 [ 56.488399][ T8423] do_sys_openat2+0x16d/0x420 [ 56.493591][ T8423] __x64_sys_openat+0x13f/0x1f0 [ 56.499285][ T8423] do_syscall_64+0x3a/0xb0 [ 56.504200][ T8423] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 56.510588][ T8423] [ 56.510588][ T8423] other info that might help us debug this: [ 56.510588][ T8423] [ 56.520790][ T8423] Possible unsafe locking scenario: [ 56.520790][ T8423] [ 56.528212][ T8423] CPU0 CPU1 [ 56.533565][ T8423] ---- ---- [ 56.538901][ T8423] lock(sb_writers#5); [ 56.543038][ T8423] lock(&iint->mutex); [ 56.549685][ T8423] lock(sb_writers#5); [ 56.556597][ T8423] lock(&iint->mutex); [ 56.560725][ T8423] [ 56.560725][ T8423] *** DEADLOCK *** [ 56.560725][ T8423] [ 56.568841][ T8423] 1 lock held by syz-executor842/8423: [ 56.574272][ T8423] #0: ffff888029110460 (sb_writers#5){.+.+}-{0:0}, at: path_openat+0x1ad9/0x27e0 [ 56.583472][ T8423] [ 56.583472][ T8423] stack backtrace: [ 56.589352][ T8423] CPU: 1 PID: 8423 Comm: syz-executor842 Not tainted 5.13.0-rc1-syzkaller #0 [ 56.598103][ T8423] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 56.608145][ T8423] Call Trace: [ 56.611500][ T8423] dump_stack+0x141/0x1d7 [ 56.615815][ T8423] check_noncircular+0x25f/0x2e0 [ 56.620734][ T8423] ? print_circular_bug+0x1e0/0x1e0 [ 56.625933][ T8423] ? check_path.constprop.0+0x50/0x50 [ 56.631350][ T8423] ? lockdep_lock+0xc6/0x200 [ 56.635961][ T8423] ? call_rcu_zapped+0xb0/0xb0 [ 56.640809][ T8423] __lock_acquire+0x2a17/0x5230 [ 56.646733][ T8423] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 56.653355][ T8423] lock_acquire+0x1ab/0x740 [ 56.658567][ T8423] ? process_measurement+0x3a8/0x17e0 [ 56.664150][ T8423] ? lock_release+0x720/0x720 [ 56.669088][ T8423] __mutex_lock+0x139/0x1120 [ 56.673723][ T8423] ? process_measurement+0x3a8/0x17e0 [ 56.679077][ T8423] ? process_measurement+0x814/0x17e0 [ 56.684431][ T8423] ? lock_downgrade+0x6e0/0x6e0 [ 56.689290][ T8423] ? process_measurement+0x3a8/0x17e0 [ 56.694651][ T8423] ? mutex_lock_io_nested+0xf70/0xf70 [ 56.700750][ T8423] ? up_write+0x191/0x560 [ 56.705065][ T8423] ? downgrade_write+0x3a0/0x3a0 [ 56.710396][ T8423] ? do_raw_read_unlock+0x3b/0x70 [ 56.715967][ T8423] ? _raw_read_unlock+0x24/0x40 [ 56.720887][ T8423] ? integrity_iint_find+0x123/0x150 [ 56.726150][ T8423] process_measurement+0x3a8/0x17e0 [ 56.731329][ T8423] ? mmap_violation_check+0x1e0/0x1e0 [ 56.736737][ T8423] ? rwlock_bug.part.0+0x90/0x90 [ 56.741652][ T8423] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 56.747624][ T8423] ? find_held_lock+0x2d/0x110 [ 56.752370][ T8423] ? aa_get_task_label+0x25d/0x540 [ 56.757458][ T8423] ? lock_downgrade+0x6e0/0x6e0 [ 56.762286][ T8423] ? apparmor_file_open+0x1a5/0xab0 [ 56.767636][ T8423] ? aa_get_task_label+0x27f/0x540 [ 56.773071][ T8423] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 56.779390][ T8423] ? apparmor_task_getsecid+0xc2/0x110 [ 56.784826][ T8423] ima_file_check+0xb9/0x100 [ 56.789393][ T8423] ? process_measurement+0x17e0/0x17e0 [ 56.794918][ T8423] ? may_open+0x1f6/0x420 [ 56.799416][ T8423] path_openat+0x15b5/0x27e0 [ 56.804180][ T8423] ? path_lookupat+0x850/0x850 [ 56.808923][ T8423] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 56.815058][ T8423] do_filp_open+0x190/0x3d0 [ 56.819540][ T8423] ? may_open_dev+0xf0/0xf0 [ 56.824035][ T8423] ? do_raw_spin_lock+0x120/0x2b0 [ 56.829040][ T8423] ? rwlock_bug.part.0+0x90/0x90 [ 56.833954][ T8423] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 56.840173][ T8423] ? _find_next_bit+0x1e3/0x260 [ 56.845006][ T8423] ? _raw_spin_unlock+0x24/0x40 [ 56.849835][ T8423] ? alloc_fd+0x2e6/0x660 [ 56.854138][ T8423] do_sys_openat2+0x16d/0x420 [ 56.858793][ T8423] ? build_open_flags+0x6f0/0x6f0 [ 56.863794][ T8423] ? __context_tracking_exit+0xb8/0xe0 [ 56.869234][ T8423] ? lock_downgrade+0x6e0/0x6e0 [ 56.874066][ T8423] __x64_sys_openat+0x13f/0x1f0 [ 56.879065][ T8423] ? __ia32_sys_open+0x1c0/0x1c0 [ 56.883982][ T8423] ? syscall_enter_from_user_mode+0x27/0x70 [ 56.889943][ T8423] do_syscall_64+0x3a/0xb0 [ 56.894338][ T8423] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 56.900206][ T8423] RIP: 0033:0x444d09 [ 56.904079][ T8423] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 81 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 56.923840][ T8423] RSP: 002b:00007fea081f42f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 56.932230][ T8423] RAX: ffffffffffffffda RBX: 00000000004ca400 RCX: 0000000000444d09 [ 56.940181][ T8423] RDX: 000000000000275a RSI: 00000000200000c0 RDI: 00000000ffffff9c [ 56.948128][ T8423] RBP: 000000000049a004 R08: 0000000000000000 R09: 0000000000000000 [ 56.956074][ T8423] R10: 0000000000000000 R11: 0000000000000246 R12: 69662f7375622f2e