         Starting System Logging Service...
[[0;32m  OK  [0m] Started Permit User Sessions.
[[0;32m  OK  [0m] Found device /dev/ttyS0.
[[0;32m  OK  [0m] Started System Logging Service.
[[0;32m  OK  [0m] Started getty on tty2-tty6 if dbus and logind are not available.
[[0;32m  OK  [0m] Started OpenBSD Secure Shell server.
[[0;32m  OK  [0m] Listening on Load/Save RF Kill Switch Status /dev/rfkill Watch.
[[0;32m  OK  [0m] Started Getty on tty6.
[[0;32m  OK  [0m] Started Getty on tty5.
[[0;32m  OK  [0m] Started Getty on tty4.
[[0;32m  OK  [0m] Started Getty on tty3.
[[0;32m  OK  [0m] Started Getty on tty2.
[[0;32m  OK  [0m] Started Getty on tty1.
[[0;32m  OK  [0m] Started Serial Getty on ttyS0.
[[0;32m  OK  [0m] Reached target Login Prompts.
[[0;32m  OK  [0m] Reached target Multi-User System.
[[0;32m  OK  [0m] Reached target Graphical Interface.
         Starting Update UTMP about System Runlevel Changes...
         Starting Load/Save RF Kill Switch Status...
[[0;32m  OK  [0m] Started Load/Save RF Kill Switch Status.
[[0;32m  OK  [0m] Started Update UTMP about System Runlevel Changes.

Debian GNU/Linux 9 syzkaller ttyS0

Warning: Permanently added '10.128.0.56' (ECDSA) to the list of known hosts.
executing program
syzkaller login: [   32.467340] 
[   32.468971] ======================================================
[   32.475287] WARNING: possible circular locking dependency detected
[   32.481604] 4.19.206-syzkaller #0 Not tainted
[   32.486079] ------------------------------------------------------
[   32.492375] syz-executor678/8093 is trying to acquire lock:
[   32.498071] 000000006df09afe (sb_writers#3){.+.+}, at: mnt_want_write+0x3a/0xb0
[   32.505510] 
[   32.505510] but task is already holding lock:
[   32.511468] 00000000d5b3aa6b (&iint->mutex){+.+.}, at: process_measurement+0x316/0x1440
[   32.519679] 
[   32.519679] which lock already depends on the new lock.
[   32.519679] 
[   32.527969] 
[   32.527969] the existing dependency chain (in reverse order) is:
[   32.535563] 
[   32.535563] -> #1 (&iint->mutex){+.+.}:
[   32.541002]        process_measurement+0x316/0x1440
[   32.546004]        ima_file_check+0xb9/0x100
[   32.550392]        path_openat+0x7e4/0x2df0
[   32.554689]        do_filp_open+0x18c/0x3f0
[   32.558988]        do_sys_open+0x3b3/0x520
[   32.563202]        do_syscall_64+0xf9/0x620
[   32.567512]        entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   32.573194] 
[   32.573194] -> #0 (sb_writers#3){.+.+}:
[   32.578638]        __sb_start_write+0x6e/0x2a0
[   32.583195]        mnt_want_write+0x3a/0xb0
[   32.587580]        ovl_maybe_copy_up+0x11f/0x190
[   32.592313]        ovl_open+0xb4/0x260
[   32.596186]        do_dentry_open+0x4aa/0x1160
[   32.600741]        dentry_open+0x132/0x1d0
[   32.604973]        ima_calc_file_hash+0x628/0x8a0
[   32.609798]        ima_collect_measurement+0x4c4/0x570
[   32.615073]        process_measurement+0xddd/0x1440
[   32.620093]        ima_file_check+0xb9/0x100
[   32.624500]        path_openat+0x7e4/0x2df0
[   32.628824]        do_filp_open+0x18c/0x3f0
[   32.633145]        do_sys_open+0x3b3/0x520
[   32.637466]        do_syscall_64+0xf9/0x620
[   32.641780]        entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   32.647469] 
[   32.647469] other info that might help us debug this:
[   32.647469] 
[   32.655603]  Possible unsafe locking scenario:
[   32.655603] 
[   32.661640]        CPU0                    CPU1
[   32.666284]        ----                    ----
[   32.670923]   lock(&iint->mutex);
[   32.674356]                                lock(sb_writers#3);
[   32.680305]                                lock(&iint->mutex);
[   32.686250]   lock(sb_writers#3);
[   32.689677] 
[   32.689677]  *** DEADLOCK ***
[   32.689677] 
[   32.695714] 1 lock held by syz-executor678/8093:
[   32.700452]  #0: 00000000d5b3aa6b (&iint->mutex){+.+.}, at: process_measurement+0x316/0x1440
[   32.709131] 
[   32.709131] stack backtrace:
[   32.713610] CPU: 1 PID: 8093 Comm: syz-executor678 Not tainted 4.19.206-syzkaller #0
[   32.721466] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   32.730923] Call Trace:
[   32.733496]  dump_stack+0x1fc/0x2ef
[   32.737102]  print_circular_bug.constprop.0.cold+0x2d7/0x41e
[   32.742880]  __lock_acquire+0x30c9/0x3ff0
[   32.747008]  ? mark_held_locks+0xf0/0xf0
[   32.751047]  ? kmem_cache_alloc+0x122/0x370
[   32.755353]  ? mark_held_locks+0xf0/0xf0
[   32.759393]  ? path_openat+0x7e4/0x2df0
[   32.763348]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   32.768690]  ? fs_reclaim_release+0xd0/0x110
[   32.773078]  lock_acquire+0x170/0x3c0
[   32.776969]  ? mnt_want_write+0x3a/0xb0
[   32.780932]  __sb_start_write+0x6e/0x2a0
[   32.784970]  ? mnt_want_write+0x3a/0xb0
[   32.788927]  mnt_want_write+0x3a/0xb0
[   32.792713]  ovl_maybe_copy_up+0x11f/0x190
[   32.796931]  ovl_open+0xb4/0x260
[   32.800273]  do_dentry_open+0x4aa/0x1160
[   32.804316]  ? ovl_fsync+0x220/0x220
[   32.808026]  ? chown_common+0x550/0x550
[   32.811978]  ? percpu_counter_add_batch+0x126/0x180
[   32.816970]  dentry_open+0x132/0x1d0
[   32.820670]  ima_calc_file_hash+0x628/0x8a0
[   32.824976]  ? xattr_list_one+0x120/0x120
[   32.829099]  ima_collect_measurement+0x4c4/0x570
[   32.833830]  ? ima_get_action+0x90/0x90
[   32.837781]  ? ima_get_cache_status+0x1d0/0x1d0
[   32.842434]  process_measurement+0xddd/0x1440
[   32.847078]  ? ima_restore_measurement_entry+0x40/0x40
[   32.852329]  ? file_ra_state_init+0xc4/0x1e0
[   32.856724]  ? aa_get_task_label+0x1e6/0x7f0
[   32.861163]  ? lock_downgrade+0x720/0x720
[   32.865300]  ? check_preemption_disabled+0x41/0x280
[   32.870300]  ? check_preemption_disabled+0x41/0x280
[   32.875299]  ? aa_get_task_label+0x20d/0x7f0
[   32.879695]  ? revert_creds+0x326/0x450
[   32.883643]  ? aa_capable+0xb80/0xb80
[   32.887425]  ? ovl_open+0xca/0x260
[   32.890944]  ? apparmor_task_getsecid+0x88/0xc0
[   32.895611]  ima_file_check+0xb9/0x100
[   32.899489]  ? process_measurement+0x1440/0x1440
[   32.904235]  ? inode_permission+0x3d/0x140
[   32.908446]  path_openat+0x7e4/0x2df0
[   32.912229]  ? path_lookupat+0x8d0/0x8d0
[   32.916273]  ? mark_held_locks+0xf0/0xf0
[   32.920306]  ? __lock_acquire+0x6de/0x3ff0
[   32.924516]  do_filp_open+0x18c/0x3f0
[   32.928291]  ? may_open_dev+0xf0/0xf0
[   32.932081]  ? lock_downgrade+0x720/0x720
[   32.936204]  ? lock_acquire+0x170/0x3c0
[   32.940169]  ? __alloc_fd+0x34/0x570
[   32.944033]  ? do_raw_spin_unlock+0x171/0x230
[   32.948503]  ? _raw_spin_unlock+0x29/0x40
[   32.952623]  ? __alloc_fd+0x28d/0x570
[   32.956405]  do_sys_open+0x3b3/0x520
[   32.960097]  ? filp_open+0x70/0x70
[   32.963612]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[   32.968951]  ? trace_hardirqs_off_caller+0x6e/0x210
[   32.973946]  ? do_syscall_64+0x21/0x620
[   32.977895]  do_syscall_64+0xf9/0x620
[   32.981676]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   32.986848] RIP: 0033:0x43ef59
[   32.990019] Code: 28 c3 e8 2a 14 00 00 66 2e 0f 1f 84 00 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[   33.008902] RSP: 002b:00007ffc9de5ecc8 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
[   33.016594] RAX: ffffffffffffffda