[ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... [ OK ] Started Update UTMP about System Runlevel Changes. Starting Load/Save RF Kill Switch Status... [ OK ] Started Load/Save RF Kill Switch Status. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.0.9' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 34.919908] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 34.931644] [ 34.933270] ====================================================== [ 34.939561] WARNING: possible circular locking dependency detected [ 34.945873] 4.19.211-syzkaller #0 Not tainted [ 34.950340] ------------------------------------------------------ [ 34.956646] syz-executor311/8106 is trying to acquire lock: [ 34.962333] 00000000aab9ee55 (sb_writers#3){.+.+}, at: mnt_want_write+0x3a/0xb0 [ 34.969774] [ 34.969774] but task is already holding lock: [ 34.975735] 0000000043e7a252 (&iint->mutex){+.+.}, at: process_measurement+0x316/0x1440 [ 34.983872] [ 34.983872] which lock already depends on the new lock. [ 34.983872] [ 34.992163] [ 34.992163] the existing dependency chain (in reverse order) is: [ 34.999760] [ 34.999760] -> #1 (&iint->mutex){+.+.}: [ 35.005262] process_measurement+0x316/0x1440 [ 35.010278] ima_file_check+0xb9/0x100 [ 35.014671] path_openat+0x7e4/0x2df0 [ 35.018972] do_filp_open+0x18c/0x3f0 [ 35.023272] do_sys_open+0x3b3/0x520 [ 35.027485] do_syscall_64+0xf9/0x620 [ 35.031803] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 35.037500] [ 35.037500] -> #0 (sb_writers#3){.+.+}: [ 35.042940] __sb_start_write+0x6e/0x2a0 [ 35.047501] mnt_want_write+0x3a/0xb0 [ 35.051821] ovl_maybe_copy_up+0x11f/0x190 [ 35.056557] ovl_open+0xb4/0x260 [ 35.060438] do_dentry_open+0x4aa/0x1160 [ 35.065000] dentry_open+0x132/0x1d0 [ 35.069213] ima_calc_file_hash+0x628/0x8a0 [ 35.074059] ima_collect_measurement+0x4c4/0x570 [ 35.079314] process_measurement+0xddd/0x1440 [ 35.084307] ima_file_check+0xb9/0x100 [ 35.088695] path_openat+0x7e4/0x2df0 [ 35.092991] do_filp_open+0x18c/0x3f0 [ 35.097287] do_sys_open+0x3b3/0x520 [ 35.101502] do_syscall_64+0xf9/0x620 [ 35.106566] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 35.112248] [ 35.112248] other info that might help us debug this: [ 35.112248] [ 35.120376] Possible unsafe locking scenario: [ 35.120376] [ 35.126406] CPU0 CPU1 [ 35.131046] ---- ---- [ 35.135691] lock(&iint->mutex); [ 35.139121] lock(sb_writers#3); [ 35.145081] lock(&iint->mutex); [ 35.151071] lock(sb_writers#3); [ 35.154504] [ 35.154504] *** DEADLOCK *** [ 35.154504] [ 35.160540] 1 lock held by syz-executor311/8106: [ 35.165268] #0: 0000000043e7a252 (&iint->mutex){+.+.}, at: process_measurement+0x316/0x1440 [ 35.173830] [ 35.173830] stack backtrace: [ 35.178309] CPU: 0 PID: 8106 Comm: syz-executor311 Not tainted 4.19.211-syzkaller #0 [ 35.186953] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/26/2022 [ 35.196281] Call Trace: [ 35.198856] dump_stack+0x1fc/0x2ef [ 35.202463] print_circular_bug.constprop.0.cold+0x2d7/0x41e [ 35.208255] __lock_acquire+0x30c9/0x3ff0 [ 35.212385] ? mark_held_locks+0xf0/0xf0 [ 35.216424] ? kmem_cache_alloc+0x122/0x370 [ 35.220721] ? mark_held_locks+0xf0/0xf0 [ 35.224763] ? path_openat+0x7e4/0x2df0 [ 35.228717] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 35.234060] ? fs_reclaim_release+0xd0/0x110 [ 35.238460] lock_acquire+0x170/0x3c0 [ 35.242238] ? mnt_want_write+0x3a/0xb0 [ 35.246192] __sb_start_write+0x6e/0x2a0 [ 35.250244] ? mnt_want_write+0x3a/0xb0 [ 35.254195] mnt_want_write+0x3a/0xb0 [ 35.257974] ovl_maybe_copy_up+0x11f/0x190 [ 35.262185] ovl_open+0xb4/0x260 [ 35.265527] do_dentry_open+0x4aa/0x1160 [ 35.269568] ? ovl_fsync+0x220/0x220 [ 35.273257] ? chown_common+0x550/0x550 [ 35.277229] ? percpu_counter_add_batch+0x126/0x180 [ 35.282223] dentry_open+0x132/0x1d0 [ 35.285917] ima_calc_file_hash+0x628/0x8a0 [ 35.290230] ? xattr_list_one+0x120/0x120 [ 35.294359] ima_collect_measurement+0x4c4/0x570 [ 35.299107] ? ima_get_action+0x90/0x90 [ 35.303077] ? ima_get_cache_status+0x1d0/0x1d0 [ 35.307728] process_measurement+0xddd/0x1440 [ 35.312216] ? ima_restore_measurement_entry+0x40/0x40 [ 35.317476] ? file_ra_state_init+0xc4/0x1e0 [ 35.321863] ? aa_get_task_label+0x1e6/0x7f0 [ 35.326255] ? lock_downgrade+0x720/0x720 [ 35.330397] ? check_preemption_disabled+0x41/0x280 [ 35.335392] ? check_preemption_disabled+0x41/0x280 [ 35.340390] ? aa_get_task_label+0x20d/0x7f0 [ 35.344775] ? revert_creds+0x32b/0x460 [ 35.348730] ? aa_capable+0xb80/0xb80 [ 35.352506] ? ovl_open+0xca/0x260 [ 35.356021] ? apparmor_task_getsecid+0x88/0xc0 [ 35.360665] ima_file_check+0xb9/0x100 [ 35.364530] ? process_measurement+0x1440/0x1440 [ 35.369263] ? inode_permission+0x3d/0x140 [ 35.373477] path_openat+0x7e4/0x2df0 [ 35.377260] ? path_lookupat+0x8d0/0x8d0 [ 35.381308] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 35.386661] ? mark_held_locks+0xf0/0xf0 [ 35.390696] ? __lock_acquire+0x6de/0x3ff0 [ 35.394907] do_filp_open+0x18c/0x3f0 [ 35.398682] ? may_open_dev+0xf0/0xf0 [ 35.402459] ? lock_downgrade+0x720/0x720 [ 35.406585] ? lock_acquire+0x170/0x3c0 [ 35.410533] ? __alloc_fd+0x34/0x570 [ 35.414225] ? do_raw_spin_unlock+0x171/0x230 [ 35.418694] ? _raw_spin_unlock+0x29/0x40 [ 35.422826] ? __alloc_fd+0x28d/0x570 [ 35.426631] do_sys_open+0x3b3/0x520 [ 35.430328] ? filp_open+0x70/0x70 [ 35.433851] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 35.439195] ? trace_hardirqs_off_caller+0x6e/0x210 [ 35.444194] ? do_syscall_64+0x21/0x620 [ 35.448148] do_syscall_64+0xf9/0x620 [ 35.451928] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 35.457099] RIP: 0033:0x7f5de31361a9 [ 35.460792] Code: 28 c3 e8 2a 14 00 00 66 2e 0f 1f 84 00 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 35.479669] RSP: 002b:00007ffd44895778 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 35.487359] RAX: ffffffffffffffda RBX: 0030656c69662f2e RCX: 00007f5de31361a9 [ 35.494612] RDX: 0000000000000007 RSI: 00000000200001c0 RDI: 0000000000000003 [ 35.501867] RBP: 00007f5de30fa190 R08: 0000000000000000 R09: 0000000000000000 [ 35.509133] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f5de30fa220 [ 35.516379] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000