program: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$TCFLSH(r0, 0x400455c8, 0x104000000008) ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000100)=0x31) futex(&(0x7f0000000000), 0x0, 0x0, 0x0, 0x0, 0x0) futex(&(0x7f0000000000)=0xfffffffd, 0x6, 0x0, 0x0, 0x0, 0x0) syz_mount_image$hfsplus(&(0x7f0000000040), &(0x7f0000000080)='./file1\x00', 0x400, &(0x7f0000000140)=ANY=[], 0x1, 0x694, &(0x7f0000001100)="$eJzs3U1sHGf9B/DvbnbX3vz/Sp02SQOqRNRIBRGROLGSYi4NCKFIVKgqB8TRSpzGyiatHBc5EYLwfuDCoXeKRG5cQOIeVM7AqVcfKyFx6SmAxKKZnbXXr9l1Yq8tPp9odp5nnpd5nt/M7OzOKnKA/1nXzqXxOLVcO/fmcpFfeTTTWXk0c6efTjKRpJ40eqvU7ia1j5Kr6S35TLGx6q623X4+WJh9++NPVz7p5RrVUtav79Rukyv1LTY+rJacSXKkWj+Ddf1d39Bfa+TuaqszLAJ2th84GLdmku463z21VvJUw1+3wIFVK++bm6/5qeRoksnqc0Dvrti7Zx9qD8c9AAAAANgHL/yy/Ap/bNzjAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgMOk9/f/i1W51PvpM6n1//5/q9qWKn2oPR73AAAAAAAAAABgdN/8/w0bPvckT7KcY/18t1b+5v9qmTlRvv5f3s+9zGcx57OcuSxlKYu5mGSqLG+Wr63luaWlxYtDtLy02jIDLS8NOYP27icPAAAAAAAAAIdFY/QmP861td//AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgIKglR3qrcjnRT0+l3kgymaRV1HuY/LWfPpB+/afBXPff3dKmao/3c0wAAAAwJi88yZMs51g/362V3/lPld/7J/N+7mYpC1lKJ/O5UT4L6H3rr688mumsPJq5Uyyb+/3qP0YaRtljes8ett7z6bJGOzezUG45n+t5N53cSL1sWTjdH8/W4/pRMabaG5UhR3ajWhcz/1WaI81qN2pD15wqI1KMqBeR6aptEY3jO0dixKPT31M/9hdTX33yc+J5xny5t3r9t711MZ+fjxSTvbYxEpcGzr5TK6ntEInk83/83Xdude7enrh579zBmdIIJgaeoG2MxMxAJF7e+ZxIM1Ukbh3WSAyaLiNxcjV/Ld/It3MuZ/JWFrOQ72UuS5nPmXw9czmSuep8Ll6ndo7U1XW5t542klZ5XJrVu+jwY1rKXF4t2x7LQr6Vd3Mj87lS/ruUi3m96jGrR/jkEFd9fbR32rNfGHiY/Isk7eHa7YNiYMdX706DZ/10eR0cX7dl7Tp48fnfjxqfrRLFPn4ycETGb2MkLg5E4qWdI/Gb8m3lXufu7cVbc+8Nub/XqnVxHf3sQN0livPlxeJglbn1Z0dR9tLGsslevFrVLy69svV33KLs5GrZ9lfq5VzObFn71JY9XSrLXt6ybKYsOz1Qtu7z1tXe5y0ADryjXzzaav+9/Zf2h+2ftm+135z82sSXJ15ppfnn5lca00deq79S+0M+zA/Wvv8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC7d+/+g9tznc784oZEt9v94TZFe5hoJ+lvSZ7Wqpmn19mbRCtJmWj0E6P1MzFU5dba0Xnj988y5uaorZLnEqhGdZLdf3D7n91ud98P0xaJ5g7n/FqiW9lU1B2q+dgS/+o+vw7H/MYE7LkLS3feu3Dv/oMvLdyZe2f+nfm7s5cvz07PXr7ytws3Fzrz073XcY8S2AtrN/1xjwQAAAAAAAAAAAAY1n78t4Rtdv2ffZ4qAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcEhdOzdRpc5PF68rj2Y6xdJPr1Ysq9WT1L6f1D5Krqa3ZGqgu9p2+/lgYfbtjz9d+aSXa1RLWb++rl1zN7N4WC05k+RItR40+Qz9Xa/WuxpZqbY6wyJgZ/uBg3H7bwAAAP//2wMQAg==") r1 = creat(&(0x7f0000000000)='./bus\x00', 0x0) io_setup(0x202, &(0x7f0000000200)=0x0) ioctl$VIDIOC_UNSUBSCRIBE_EVENT(r1, 0x4020565b, &(0x7f00000002c0)={0x4, 0xeb7, 0x1}) r3 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6) ioctl$sock_bt_hidp_HIDPCONNDEL(r3, 0x400448c9, &(0x7f0000000040)={@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0xe96e}) io_submit(r2, 0x3b, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0xe7030000, 0x0, 0x1, 0x0, r1, &(0x7f0000000000), 0x70000}]) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) mkdir(&(0x7f00000020c0)='./file1\x00', 0x28c) symlink(&(0x7f0000000040)='.\x00', &(0x7f0000000100)='./file0\x00') mkdir(&(0x7f00000004c0)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) r6 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x0, 0x0) mknodat$loop(r6, &(0x7f0000000340)='./file1\x00', 0x0, 0x0) chdir(&(0x7f0000000140)='./bus\x00') setsockopt$inet_sctp6_SCTP_PR_SUPPORTED(r1, 0x84, 0x71, &(0x7f0000000300)={0x0, 0x8}, 0x8) lsetxattr$trusted_overlay_nlink(&(0x7f0000000240)='./file1\x00', &(0x7f0000000200), 0x0, 0x0, 0x1) llistxattr(&(0x7f0000000040)='./bus\x00', &(0x7f0000000180)=""/68, 0xfffffffffffffef1) r7 = socket$unix(0x1, 0x5, 0x0) ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_START_AP(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000007c0)=ANY=[@ANYBLOB="1c020000", @ANYRES16=r5, @ANYBLOB="05000000000000397c049d00000008000300", @ANYRES32=r8, @ANYBLOB="33010e0080000300ffffffffffff0802110000015050505050500000000000000000000064000000030103040600000000000005ce094600033f2bbde265d68f05dd199db862a8d569ccc56a86c47e927c4f1db8b4b7fecc533552a53cff5f79b073f7282622761bddb4b852f98e5ff54059ba70dbe3876007b393e6d9890d9aef9ccbf69634b33cd95dbca8227795151e8d8aab0e8f9936505eaf31f4a1a5b71e9df1eb0f6bbc4ff06278523f2f05f900a5e2c5aa29512df4ba4494f86c0a17ce8237cf4c795ac7e1b34ffde5ae04099e40c4078e3222a41f483b3e4db37ea35f0780c0a14875e4c0f56ccb31065c79801cc70211d93e8b84ff413b960162d038c26125030734003c040106b8042d1a0000000000000000000000000000000000000000000200000000710701ff0000ff036800080026006c09000008000c006400000008000d0000000000b1000f0001ab"], 0x21c}, 0x1, 0x0, 0x0, 0x90}, 0x4010) syz_mount_image$hfs(&(0x7f0000000240), &(0x7f0000000280)='./file0\x00', 0x3, &(0x7f0000000140)=ANY=[@ANYBLOB="0020393d67b6313442ec37317cffcba4c1068c37ebba243bf7a23e7e85d13a7aa5e6de3d57681bcf92b30b095052291093626c059a267c55d70bb20cfa0b1865bf98b8dc1a295a83a7ff13929c8eb63cc6006924eebf"], 0x1, 0x247, &(0x7f00000007c0)="$eJzs3c1qE18Yx/HfmaT/f7SlTl9EcFktuFHauhE3guQiXInaRCiGClpBXYlr8QLcewtehCvxBnTlygvIbuQ858SkeZu0mhyTfj+QMDrnmXmenpnMeQKlAnBm3a1/+3jzh385qaKKpNtSJqkmVSVd1KXai8Ojg6NWszHuQBWL8C+nEOkGxuwfNoeF+jiLiHL/r6pWev8P01EURfE9dRJIzu7+IfwnwVK4O21/beaZTceb1Akk5tpq66VWU+cBAEgrPv+z+Jxfiev3LJO242N/oZ7/7dQJJNbz/Lcuq3B+fi/Yrm6/Zy2c3591usTTnOs/hSvr2ALTlXWVlkt27vFBq3lj/2mrkemt7kQ2oLARm7bdCJduR0m2W0N60zFOX/uy1bDka9gbyD/Y+LtnLOc+uy/uvsv1QY3f679q4fw02UzlfTMV8t8ZfUSrMg+jRlS5Zie5HM8QlVRZG96RqHNFren4FwR5WZ4Wtd4XFarbLYnaGBq1VxK12R/VvZpHR06be+/uuS391CfVe9b/mf9pb2uSO9OPsZHxyhhbT9VG5hMklp2oDPyZd3qkW1p9/ur1k4etVvMZG4uwUfwfZvdfyYeNud1I/QGFWehO+thh1xel78MAv+5yof/r6Vd2rEXyb/mYdXpRdvCeI+6O6A3W7f38iTq45dEd3KQ915Vr0tXJz5jHPBeEq+urHvD9PwAAAAAAAAAAAAAAAAAAwLyZxa8TpK4RAAAAAAAAAAAAAAAAAAAAAIB5x9//Bc6uXwEAAP//aeKA6Q==") [ 86.345998][ T5308] Bluetooth: hci0: command tx timeout [ 86.433776][ T5329] loop0: detected capacity change from 0 to 1024 [ 86.491576][ T5329] overlay: ./bus is not a directory [ 86.499389][ T5329] [ 86.500714][ T5329] ====================================================== [ 86.504069][ T5329] WARNING: possible circular locking dependency detected [ 86.507439][ T5329] 6.16.0-rc3-syzkaller-00329-gdfba48a70cb6 #0 Not tainted [ 86.510868][ T5329] ------------------------------------------------------ [ 86.514643][ T5329] syz.0.0/5329 is trying to acquire lock: [ 86.517134][ T5329] ffff888011cb20b0 (&tree->tree_lock/1){+.+.}-{4:4}, at: hfsplus_find_init+0x15a/0x1d0 [ 86.521030][ T5329] [ 86.521030][ T5329] but task is already holding lock: [ 86.524060][ T5329] ffff888052ac7048 (&HFSPLUS_I(inode)->extents_lock){+.+.}-{4:4}, at: hfsplus_get_block+0x39e/0x1530 [ 86.528323][ T5329] [ 86.528323][ T5329] which lock already depends on the new lock. [ 86.528323][ T5329] [ 86.532708][ T5329] [ 86.532708][ T5329] the existing dependency chain (in reverse order) is: [ 86.536832][ T5329] [ 86.536832][ T5329] -> #1 (&HFSPLUS_I(inode)->extents_lock){+.+.}-{4:4}: [ 86.540712][ T5329] lock_acquire+0x120/0x360 [ 86.542940][ T5329] __mutex_lock+0x182/0xe80 [ 86.545206][ T5329] hfsplus_file_extend+0x1fc/0x1990 [ 86.548336][ T5329] hfsplus_bmap_reserve+0x122/0x500 [ 86.551341][ T5329] __hfsplus_ext_write_extent+0x28d/0x5b0 [ 86.554230][ T5329] __hfsplus_ext_cache_extent+0x89/0xe30 [ 86.557407][ T5329] hfsplus_file_extend+0x444/0x1990 [ 86.560557][ T5329] hfsplus_get_block+0x411/0x1530 [ 86.563573][ T5329] __block_write_begin_int+0x6b2/0x1900 [ 86.566530][ T5329] cont_write_begin+0x789/0xb50 [ 86.568772][ T5329] hfsplus_write_begin+0x66/0xb0 [ 86.570916][ T5329] generic_perform_write+0x2c4/0x910 [ 86.573383][ T5329] generic_file_write_iter+0x10f/0x540 [ 86.575614][ T5329] aio_write+0x532/0x7a0 [ 86.577511][ T5329] io_submit_one+0x78b/0x1310 [ 86.579650][ T5329] __se_sys_io_submit+0x185/0x2f0 [ 86.581859][ T5329] do_syscall_64+0xfa/0x3b0 [ 86.584137][ T5329] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 86.586692][ T5329] [ 86.586692][ T5329] -> #0 (&tree->tree_lock/1){+.+.}-{4:4}: [ 86.589774][ T5329] validate_chain+0xb9b/0x2140 [ 86.592032][ T5329] __lock_acquire+0xab9/0xd20 [ 86.594223][ T5329] lock_acquire+0x120/0x360 [ 86.596205][ T5329] __mutex_lock+0x182/0xe80 [ 86.598290][ T5329] hfsplus_find_init+0x15a/0x1d0 [ 86.600608][ T5329] hfsplus_get_block+0x8dd/0x1530 [ 86.602917][ T5329] block_read_full_folio+0x29f/0x830 [ 86.605163][ T5329] read_pages+0x35a/0x580 [ 86.606999][ T5329] page_cache_ra_unbounded+0x6b0/0x7b0 [ 86.609479][ T5329] filemap_get_pages+0x43c/0x1ea0 [ 86.611648][ T5329] filemap_read+0x3f6/0x11a0 [ 86.613817][ T5329] __kernel_read+0x469/0x8c0 [ 86.615971][ T5329] integrity_kernel_read+0x89/0xd0 [ 86.618307][ T5329] ima_calc_file_hash+0x85e/0x16f0 [ 86.620500][ T5329] ima_collect_measurement+0x428/0x8d0 [ 86.622831][ T5329] process_measurement+0x1121/0x1a40 [ 86.625167][ T5329] ima_file_check+0xd7/0x120 [ 86.627301][ T5329] security_file_post_open+0xbb/0x290 [ 86.629399][ T5329] path_openat+0x2f26/0x3830 [ 86.631372][ T5329] do_filp_open+0x1fa/0x410 [ 86.633441][ T5329] do_sys_openat2+0x121/0x1c0 [ 86.635499][ T5329] __x64_sys_openat+0x138/0x170 [ 86.637713][ T5329] do_syscall_64+0xfa/0x3b0 [ 86.639768][ T5329] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 86.642075][ T5329] [ 86.642075][ T5329] other info that might help us debug this: [ 86.642075][ T5329] [ 86.646172][ T5329] Possible unsafe locking scenario: [ 86.646172][ T5329] [ 86.649104][ T5329] CPU0 CPU1 [ 86.651369][ T5329] ---- ---- [ 86.653655][ T5329] lock(&HFSPLUS_I(inode)->extents_lock); [ 86.656147][ T5329] lock(&tree->tree_lock/1); [ 86.659185][ T5329] lock(&HFSPLUS_I(inode)->extents_lock); [ 86.662750][ T5329] lock(&tree->tree_lock/1); [ 86.664914][ T5329] [ 86.664914][ T5329] *** DEADLOCK *** [ 86.664914][ T5329] [ 86.668682][ T5329] 3 locks held by syz.0.0/5329: [ 86.670851][ T5329] #0: ffff888043f765b8 (&ima_iint_mutex_key[depth]){+.+.}-{4:4}, at: process_measurement+0x74b/0x1a40 [ 86.675743][ T5329] #1: ffff888052ac73d8 (mapping.invalidate_lock#3){.+.+}-{4:4}, at: page_cache_ra_unbounded+0x129/0x7b0 [ 86.680618][ T5329] #2: ffff888052ac7048 (&HFSPLUS_I(inode)->extents_lock){+.+.}-{4:4}, at: hfsplus_get_block+0x39e/0x1530 [ 86.685427][ T5329] [ 86.685427][ T5329] stack backtrace: [ 86.687845][ T5329] CPU: 0 UID: 0 PID: 5329 Comm: syz.0.0 Not tainted 6.16.0-rc3-syzkaller-00329-gdfba48a70cb6 #0 PREEMPT(full) [ 86.687861][ T5329] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 86.687870][ T5329] Call Trace: [ 86.687877][ T5329] [ 86.687884][ T5329] dump_stack_lvl+0x189/0x250 [ 86.687906][ T5329] ? __pfx_dump_stack_lvl+0x10/0x10 [ 86.687921][ T5329] ? __pfx__printk+0x10/0x10 [ 86.687934][ T5329] ? print_lock_name+0xde/0x100 [ 86.687947][ T5329] print_circular_bug+0x2ee/0x310 [ 86.687960][ T5329] check_noncircular+0x134/0x160 [ 86.687971][ T5329] validate_chain+0xb9b/0x2140 [ 86.687981][ T5329] ? _raw_spin_unlock_irqrestore+0xad/0x110 [ 86.687997][ T5329] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 86.688016][ T5329] __lock_acquire+0xab9/0xd20 [ 86.688033][ T5329] ? hfsplus_find_init+0x15a/0x1d0 [ 86.688046][ T5329] lock_acquire+0x120/0x360 [ 86.688055][ T5329] ? hfsplus_find_init+0x15a/0x1d0 [ 86.688068][ T5329] ? path_openat+0x2f26/0x3830 [ 86.688077][ T5329] ? do_sys_openat2+0x121/0x1c0 [ 86.688090][ T5329] ? do_syscall_64+0xfa/0x3b0 [ 86.688108][ T5329] __mutex_lock+0x182/0xe80 [ 86.688124][ T5329] ? hfsplus_find_init+0x15a/0x1d0 [ 86.688142][ T5329] ? hfsplus_find_init+0x15a/0x1d0 [ 86.688158][ T5329] ? __pfx___mutex_lock+0x10/0x10 [ 86.688173][ T5329] ? rcu_is_watching+0x15/0xb0 [ 86.688188][ T5329] ? __kmalloc_noprof+0x29b/0x4f0 [ 86.688198][ T5329] ? hfsplus_find_init+0x8c/0x1d0 [ 86.688214][ T5329] hfsplus_find_init+0x15a/0x1d0 [ 86.688231][ T5329] hfsplus_get_block+0x8dd/0x1530 [ 86.688246][ T5329] ? __pfx_hfsplus_get_block+0x10/0x10 [ 86.688259][ T5329] ? _raw_spin_unlock+0x28/0x50 [ 86.688273][ T5329] block_read_full_folio+0x29f/0x830 [ 86.688287][ T5329] ? __pfx_hfsplus_get_block+0x10/0x10 [ 86.688331][ T5329] ? __pfx_hfsplus_read_folio+0x10/0x10 [ 86.688343][ T5329] read_pages+0x35a/0x580 [ 86.688357][ T5329] ? __pfx_read_pages+0x10/0x10 [ 86.688370][ T5329] ? filemap_add_folio+0x1af/0x270 [ 86.688378][ T5329] page_cache_ra_unbounded+0x6b0/0x7b0 [ 86.688388][ T5329] filemap_get_pages+0x43c/0x1ea0 [ 86.688398][ T5329] ? is_bpf_text_address+0x292/0x2b0 [ 86.688413][ T5329] ? is_bpf_text_address+0x26/0x2b0 [ 86.688430][ T5329] ? __pfx_filemap_get_pages+0x10/0x10 [ 86.688442][ T5329] ? __lock_acquire+0xab9/0xd20 [ 86.688456][ T5329] ? __pfx___might_resched+0x10/0x10 [ 86.688476][ T5329] filemap_read+0x3f6/0x11a0 [ 86.688489][ T5329] ? kernel_text_address+0xa5/0xe0 [ 86.688502][ T5329] ? __kernel_text_address+0xd/0x40 [ 86.688516][ T5329] ? __pfx_filemap_read+0x10/0x10 [ 86.688533][ T5329] ? kasan_save_track+0x3e/0x80 [ 86.688548][ T5329] ? generic_file_read_iter+0x8f/0x510 [ 86.688560][ T5329] ? __asan_memset+0x22/0x50 [ 86.688573][ T5329] ? iov_iter_kvec+0xb8/0x180 [ 86.688589][ T5329] __kernel_read+0x469/0x8c0 [ 86.688607][ T5329] ? __pfx___kernel_read+0x10/0x10 [ 86.688628][ T5329] integrity_kernel_read+0x89/0xd0 [ 86.688640][ T5329] ? __pfx_integrity_kernel_read+0x10/0x10 [ 86.688652][ T5329] ? __kasan_kmalloc+0x93/0xb0 [ 86.688661][ T5329] ? ima_calc_file_hash+0x820/0x16f0 [ 86.688683][ T5329] ima_calc_file_hash+0x85e/0x16f0 [ 86.688703][ T5329] ? __pfx_ima_calc_file_hash+0x10/0x10 [ 86.688727][ T5329] ? stack_depot_save_flags+0x429/0x900 [ 86.688743][ T5329] ? make_vfsgid+0x49/0xa0 [ 86.688757][ T5329] ? generic_fillattr+0x63d/0x9a0 [ 86.688768][ T5329] ? hfsplus_getattr+0x235/0x2f0 [ 86.688780][ T5329] ima_collect_measurement+0x428/0x8d0 [ 86.688796][ T5329] ? __pfx_ima_collect_measurement+0x10/0x10 [ 86.688813][ T5329] ? kasan_quarantine_put+0xdd/0x220 [ 86.688830][ T5329] ? hfsplus_getxattr+0x118/0x180 [ 86.688845][ T5329] ? __pfx_ima_get_hash_algo+0x10/0x10 [ 86.688860][ T5329] process_measurement+0x1121/0x1a40 [ 86.688872][ T5329] ? __pfx_process_measurement+0x10/0x10 [ 86.688881][ T5329] ? tomoyo_check_open_permission+0x16a/0x3b0 [ 86.688889][ T5329] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 86.688896][ T5329] ? __x64_sys_openat+0x138/0x170 [ 86.688908][ T5329] ? __pfx_apparmor_file_open+0x10/0x10 [ 86.688915][ T5329] ? tomoyo_file_open+0x165/0x220 [ 86.688926][ T5329] ? end_current_label_crit_section+0x152/0x180 [ 86.688935][ T5329] ima_file_check+0xd7/0x120 [ 86.688944][ T5329] ? __pfx_ima_file_check+0x10/0x10 [ 86.688954][ T5329] security_file_post_open+0xbb/0x290 [ 86.688965][ T5329] path_openat+0x2f26/0x3830 [ 86.688979][ T5329] ? arch_stack_walk+0xfc/0x150 [ 86.688996][ T5329] ? __pfx_path_openat+0x10/0x10 [ 86.689009][ T5329] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 86.689023][ T5329] do_filp_open+0x1fa/0x410 [ 86.689041][ T5329] ? __lock_acquire+0xab9/0xd20 [ 86.689057][ T5329] ? __pfx_do_filp_open+0x10/0x10 [ 86.689077][ T5329] ? _raw_spin_unlock+0x28/0x50 [ 86.689089][ T5329] ? alloc_fd+0x64c/0x6c0 [ 86.689098][ T5329] do_sys_openat2+0x121/0x1c0 [ 86.689108][ T5329] ? __pfx_do_sys_openat2+0x10/0x10 [ 86.689118][ T5329] ? rcu_is_watching+0x15/0xb0 [ 86.689128][ T5329] __x64_sys_openat+0x138/0x170 [ 86.689137][ T5329] do_syscall_64+0xfa/0x3b0 [ 86.689148][ T5329] ? lockdep_hardirqs_on+0x9c/0x150 [ 86.689157][ T5329] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 86.689166][ T5329] ? clear_bhb_loop+0x60/0xb0 [ 86.689176][ T5329] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 86.689186][ T5329] RIP: 0033:0x7fbb4d98e929 [ 86.689197][ T5329] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 86.689207][ T5329] RSP: 002b:00007fbb4e735038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 86.689219][ T5329] RAX: ffffffffffffffda RBX: 00007fbb4dbb6080 RCX: 00007fbb4d98e929 [ 86.689227][ T5329] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: ffffffffffffff9c [ 86.689234][ T5329] RBP: 00007fbb4da10b39 R08: 0000000000000000 R09: 0000000000000000 [ 86.689240][ T5329] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 86.689247][ T5329] R13: 0000000000000000 R14: 00007fbb4dbb6080 R15: 00007ffd15697658 [ 86.689258][ T5329] [ 86.957808][ T25] audit: type=1800 audit(1751194697.925:2): pid=5329 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.0" name="file1" dev="loop0" ino=20 res=0 errno=0 [ 87.197504][ T5329] syz.0.0 (5329) used greatest stack depth: 19976 bytes left