Warning: Permanently added '10.128.1.66' (ECDSA) to the list of known hosts. executing program [ 32.708981] audit: type=1804 audit(1624246300.585:2): pid=7960 uid=0 auid=4294967295 ses=4294967295 op="invalid_pcr" cause="open_writers" comm="syz-executor522" name="/root/bus/file0" dev="sda1" ino=13863 res=1 [ 32.712457] [ 32.729571] ====================================================== [ 32.735902] WARNING: possible circular locking dependency detected [ 32.742192] 4.14.237-syzkaller #0 Not tainted [ 32.746828] ------------------------------------------------------ [ 32.753119] syz-executor522/7960 is trying to acquire lock: [ 32.758818] (sb_writers#3){.+.+}, at: [] mnt_want_write+0x3a/0xb0 [ 32.766690] [ 32.766690] but task is already holding lock: [ 32.772645] (&iint->mutex){+.+.}, at: [] process_measurement+0x270/0xb20 [ 32.781116] [ 32.781116] which lock already depends on the new lock. [ 32.781116] [ 32.789409] [ 32.789409] the existing dependency chain (in reverse order) is: [ 32.797090] [ 32.797090] -> #1 (&iint->mutex){+.+.}: [ 32.802529] __mutex_lock+0xc4/0x1310 [ 32.806915] process_measurement+0x270/0xb20 [ 32.811836] path_openat+0x10ad/0x2970 [ 32.816217] do_filp_open+0x179/0x3c0 [ 32.820527] do_sys_open+0x296/0x410 [ 32.824746] do_syscall_64+0x1d5/0x640 [ 32.829132] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 32.834845] [ 32.834845] -> #0 (sb_writers#3){.+.+}: [ 32.840368] lock_acquire+0x170/0x3f0 [ 32.844687] __sb_start_write+0x64/0x260 [ 32.849258] mnt_want_write+0x3a/0xb0 [ 32.853576] ovl_open_maybe_copy_up+0xcf/0x130 [ 32.858738] ovl_d_real+0xbc/0x350 [ 32.862785] vfs_open+0x19e/0x220 [ 32.866745] dentry_open+0xa7/0x210 [ 32.870881] ima_calc_file_hash+0x51c/0x780 [ 32.875701] ima_collect_measurement+0x39d/0x430 [ 32.880951] process_measurement+0x78b/0xb20 [ 32.885854] path_openat+0x10ad/0x2970 [ 32.890238] do_filp_open+0x179/0x3c0 [ 32.894549] do_sys_open+0x296/0x410 [ 32.898761] do_syscall_64+0x1d5/0x640 [ 32.903146] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 32.908827] [ 32.908827] other info that might help us debug this: [ 32.908827] [ 32.916947] Possible unsafe locking scenario: [ 32.916947] [ 32.922979] CPU0 CPU1 [ 32.927705] ---- ---- [ 32.932406] lock(&iint->mutex); [ 32.935836] lock(sb_writers#3); [ 32.941786] lock(&iint->mutex); [ 32.947755] lock(sb_writers#3); [ 32.951186] [ 32.951186] *** DEADLOCK *** [ 32.951186] [ 32.957237] 1 lock held by syz-executor522/7960: [ 32.961975] #0: (&iint->mutex){+.+.}, at: [] process_measurement+0x270/0xb20 [ 32.970883] [ 32.970883] stack backtrace: [ 32.975355] CPU: 1 PID: 7960 Comm: syz-executor522 Not tainted 4.14.237-syzkaller #0 [ 32.983332] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 32.992795] Call Trace: [ 32.995414] dump_stack+0x1b2/0x281 [ 32.999028] print_circular_bug.constprop.0.cold+0x2d7/0x41e [ 33.004812] __lock_acquire+0x2e0e/0x3f20 [ 33.008938] ? kmem_cache_alloc+0x124/0x3c0 [ 33.013233] ? trace_hardirqs_on+0x10/0x10 [ 33.017445] ? trace_hardirqs_on+0x10/0x10 [ 33.021649] ? do_filp_open+0x179/0x3c0 [ 33.025614] ? do_syscall_64+0x1d5/0x640 [ 33.029649] ? entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 33.034998] ? __lock_acquire+0x5fc/0x3f20 [ 33.039208] ? trace_hardirqs_on+0x10/0x10 [ 33.043535] ? fs_reclaim_release+0xd0/0x110 [ 33.048143] lock_acquire+0x170/0x3f0 [ 33.051925] ? mnt_want_write+0x3a/0xb0 [ 33.055886] __sb_start_write+0x64/0x260 [ 33.059924] ? mnt_want_write+0x3a/0xb0 [ 33.063876] mnt_want_write+0x3a/0xb0 [ 33.067656] ovl_open_maybe_copy_up+0xcf/0x130 [ 33.072214] ovl_d_real+0xbc/0x350 [ 33.075734] vfs_open+0x19e/0x220 [ 33.079262] dentry_open+0xa7/0x210 [ 33.082884] ima_calc_file_hash+0x51c/0x780 [ 33.087183] ? ext4_xattr_get+0x139/0x8b0 [ 33.091413] ima_collect_measurement+0x39d/0x430 [ 33.096241] ? ima_get_action+0x70/0x70 [ 33.100195] ? vfs_getxattr_alloc+0xc8/0x2d0 [ 33.104593] ? ima_get_cache_status+0x170/0x170 [ 33.109238] process_measurement+0x78b/0xb20 [ 33.113643] ? ima_rdwr_violation_check+0x3a0/0x3a0 [ 33.118634] ? generic_file_open+0x68/0x90 [ 33.122844] ? ext4_release_file+0x2d0/0x2d0 [ 33.127229] ? apparmor_file_alloc_security+0x800/0x800 [ 33.132588] ? lock_downgrade+0x740/0x740 [ 33.136714] ? file_ra_state_init+0xc4/0x1e0 [ 33.141110] ? do_dentry_open+0x698/0xec0 [ 33.145249] ? ext4_release_file+0x2d0/0x2d0 [ 33.149632] ? vfs_open+0x10d/0x220 [ 33.153446] path_openat+0x10ad/0x2970 [ 33.157341] ? path_lookupat+0x780/0x780 [ 33.161386] ? trace_hardirqs_on+0x10/0x10 [ 33.165597] ? trace_hardirqs_on+0x10/0x10 [ 33.169826] do_filp_open+0x179/0x3c0 [ 33.173616] ? may_open_dev+0xe0/0xe0 [ 33.177406] ? lock_downgrade+0x740/0x740 [ 33.181563] ? do_raw_spin_unlock+0x164/0x220 [ 33.186059] ? _raw_spin_unlock+0x29/0x40 [ 33.190342] ? __alloc_fd+0x1be/0x490 [ 33.194423] do_sys_open+0x296/0x410 [ 33.198385] ? filp_open+0x60/0x60 [ 33.201910] ? do_syscall_64+0x4c/0x640 [ 33.205879] ? do_sys_open+0x410/0x410 [ 33.209759] do_syscall_64+0x1d5/0x640 [ 33.213636] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 33.218808] RIP: 0033:0x43ef79 [ 33.221972] RSP: 002b:00007ffc1a923088 EFLAGS: 00000246 ORIG_RAX: 0000000000000002 [ 33.229665] RAX: ffffffffffffffda RBX: 0030656c69662f2e RCX: 000000000043ef79 [ 33.236928] RDX: 0000000000000000 RSI: 0000000000000007 RDI: 0000000020000040 [ 33.244418] RBP: 0000000000402f60 R08: 0000000000000000 R09: 0000000000000000 [ 33.251682] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000402ff0 [ 33.258961] R13: 0000000