[ OK ] Started Getty on tty2. [ OK ] Started Getty on tty1. [ OK ] Started Serial Getty on ttyS0. [ OK ] Reached target Login Prompts. [ OK ] Reached target Multi-User System. [ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... [ OK ] Started Update UTMP about System Runlevel Changes. Starting Load/Save RF Kill Switch Status... [ OK ] Started Load/Save RF Kill Switch Status. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.1.51' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 56.525570][ T8448] [ 56.526565][ T8449] overlayfs: upperdir is in-use as upperdir/workdir of another mount, mount with '-o index=off' to override exclusive upperdir protection. [ 56.528193][ T8448] ====================================================== [ 56.528199][ T8448] WARNING: possible circular locking dependency detected [ 56.556796][ T8448] 5.13.0-rc1-syzkaller #0 Not tainted [ 56.562139][ T8448] ------------------------------------------------------ [ 56.569700][ T8448] syz-executor663/8448 is trying to acquire lock: [ 56.576086][ T8448] ffff888017dc61a0 (&iint->mutex){+.+.}-{3:3}, at: process_measurement+0x3a8/0x17e0 [ 56.585645][ T8448] [ 56.585645][ T8448] but task is already holding lock: [ 56.592980][ T8448] ffff888147e56460 (sb_writers#5){.+.+}-{0:0}, at: path_openat+0x1ad9/0x27e0 [ 56.601915][ T8448] [ 56.601915][ T8448] which lock already depends on the new lock. [ 56.601915][ T8448] [ 56.612289][ T8448] [ 56.612289][ T8448] the existing dependency chain (in reverse order) is: [ 56.621275][ T8448] [ 56.621275][ T8448] -> #1 (sb_writers#5){.+.+}-{0:0}: [ 56.628632][ T8448] mnt_want_write+0x6e/0x3e0 [ 56.633731][ T8448] ovl_maybe_copy_up+0x11f/0x190 [ 56.639171][ T8448] ovl_open+0xba/0x270 [ 56.643737][ T8448] do_dentry_open+0x4b9/0x11b0 [ 56.649257][ T8448] dentry_open+0x132/0x1d0 [ 56.654346][ T8448] ima_calc_file_hash+0x2d2/0x4b0 [ 56.660141][ T8448] ima_collect_measurement+0x4ca/0x570 [ 56.666277][ T8448] process_measurement+0xd1c/0x17e0 [ 56.671971][ T8448] ima_file_check+0xb9/0x100 [ 56.677237][ T8448] path_openat+0x15b5/0x27e0 [ 56.682410][ T8448] do_filp_open+0x190/0x3d0 [ 56.687409][ T8448] do_sys_openat2+0x16d/0x420 [ 56.692666][ T8448] __x64_sys_open+0x119/0x1c0 [ 56.697835][ T8448] do_syscall_64+0x3a/0xb0 [ 56.702950][ T8448] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 56.709339][ T8448] [ 56.709339][ T8448] -> #0 (&iint->mutex){+.+.}-{3:3}: [ 56.717037][ T8448] __lock_acquire+0x2a17/0x5230 [ 56.722388][ T8448] lock_acquire+0x1ab/0x740 [ 56.727386][ T8448] __mutex_lock+0x139/0x1120 [ 56.732471][ T8448] process_measurement+0x3a8/0x17e0 [ 56.738171][ T8448] ima_file_check+0xb9/0x100 [ 56.743254][ T8448] path_openat+0x15b5/0x27e0 [ 56.748342][ T8448] do_filp_open+0x190/0x3d0 [ 56.753338][ T8448] do_sys_openat2+0x16d/0x420 [ 56.758508][ T8448] __x64_sys_openat+0x13f/0x1f0 [ 56.763849][ T8448] do_syscall_64+0x3a/0xb0 [ 56.768759][ T8448] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 56.775600][ T8448] [ 56.775600][ T8448] other info that might help us debug this: [ 56.775600][ T8448] [ 56.786188][ T8448] Possible unsafe locking scenario: [ 56.786188][ T8448] [ 56.793609][ T8448] CPU0 CPU1 [ 56.799119][ T8448] ---- ---- [ 56.804618][ T8448] lock(sb_writers#5); [ 56.808747][ T8448] lock(&iint->mutex); [ 56.815391][ T8448] lock(sb_writers#5); [ 56.822126][ T8448] lock(&iint->mutex); [ 56.826400][ T8448] [ 56.826400][ T8448] *** DEADLOCK *** [ 56.826400][ T8448] [ 56.834598][ T8448] 1 lock held by syz-executor663/8448: [ 56.840029][ T8448] #0: ffff888147e56460 (sb_writers#5){.+.+}-{0:0}, at: path_openat+0x1ad9/0x27e0 [ 56.849307][ T8448] [ 56.849307][ T8448] stack backtrace: [ 56.855424][ T8448] CPU: 1 PID: 8448 Comm: syz-executor663 Not tainted 5.13.0-rc1-syzkaller #0 [ 56.864158][ T8448] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 56.874186][ T8448] Call Trace: [ 56.877440][ T8448] dump_stack+0x141/0x1d7 [ 56.881957][ T8448] check_noncircular+0x25f/0x2e0 [ 56.886872][ T8448] ? print_circular_bug+0x1e0/0x1e0 [ 56.892131][ T8448] ? check_path.constprop.0+0x50/0x50 [ 56.897534][ T8448] ? lockdep_lock+0xc6/0x200 [ 56.902099][ T8448] ? call_rcu_zapped+0xb0/0xb0 [ 56.906841][ T8448] __lock_acquire+0x2a17/0x5230 [ 56.911670][ T8448] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 56.917641][ T8448] lock_acquire+0x1ab/0x740 [ 56.922124][ T8448] ? process_measurement+0x3a8/0x17e0 [ 56.927479][ T8448] ? lock_release+0x720/0x720 [ 56.932134][ T8448] __mutex_lock+0x139/0x1120 [ 56.936716][ T8448] ? process_measurement+0x3a8/0x17e0 [ 56.942061][ T8448] ? process_measurement+0x814/0x17e0 [ 56.947407][ T8448] ? lock_downgrade+0x6e0/0x6e0 [ 56.952233][ T8448] ? process_measurement+0x3a8/0x17e0 [ 56.957582][ T8448] ? mutex_lock_io_nested+0xf70/0xf70 [ 56.962926][ T8448] ? up_write+0x191/0x560 [ 56.967230][ T8448] ? downgrade_write+0x3a0/0x3a0 [ 56.972140][ T8448] ? do_raw_read_unlock+0x3b/0x70 [ 56.977240][ T8448] ? _raw_read_unlock+0x24/0x40 [ 56.982083][ T8448] ? integrity_iint_find+0x123/0x150 [ 56.987346][ T8448] process_measurement+0x3a8/0x17e0 [ 56.992606][ T8448] ? mmap_violation_check+0x1e0/0x1e0 [ 56.997956][ T8448] ? rwlock_bug.part.0+0x90/0x90 [ 57.002870][ T8448] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 57.008829][ T8448] ? find_held_lock+0x2d/0x110 [ 57.013568][ T8448] ? aa_get_task_label+0x25d/0x540 [ 57.018656][ T8448] ? lock_downgrade+0x6e0/0x6e0 [ 57.023485][ T8448] ? apparmor_file_open+0x1a5/0xab0 [ 57.028658][ T8448] ? aa_get_task_label+0x27f/0x540 [ 57.033745][ T8448] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 57.039964][ T8448] ? apparmor_task_getsecid+0xc2/0x110 [ 57.045397][ T8448] ima_file_check+0xb9/0x100 [ 57.049963][ T8448] ? process_measurement+0x17e0/0x17e0 [ 57.055398][ T8448] ? may_open+0x1f6/0x420 [ 57.059703][ T8448] path_openat+0x15b5/0x27e0 [ 57.064272][ T8448] ? path_lookupat+0x850/0x850 [ 57.069011][ T8448] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 57.075055][ T8448] do_filp_open+0x190/0x3d0 [ 57.079533][ T8448] ? may_open_dev+0xf0/0xf0 [ 57.084015][ T8448] ? do_raw_spin_lock+0x120/0x2b0 [ 57.089096][ T8448] ? rwlock_bug.part.0+0x90/0x90 [ 57.094008][ T8448] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 57.100227][ T8448] ? _find_next_bit+0x1e3/0x260 [ 57.105058][ T8448] ? _raw_spin_unlock+0x24/0x40 [ 57.109882][ T8448] ? alloc_fd+0x2e6/0x660 [ 57.114187][ T8448] do_sys_openat2+0x16d/0x420 [ 57.118925][ T8448] ? build_open_flags+0x6f0/0x6f0 [ 57.123923][ T8448] ? __context_tracking_exit+0xb8/0xe0 [ 57.129361][ T8448] ? lock_downgrade+0x6e0/0x6e0 [ 57.134189][ T8448] __x64_sys_openat+0x13f/0x1f0 [ 57.139029][ T8448] ? __ia32_sys_open+0x1c0/0x1c0 [ 57.143942][ T8448] ? syscall_enter_from_user_mode+0x27/0x70 [ 57.149813][ T8448] do_syscall_64+0x3a/0xb0 [ 57.154208][ T8448] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 57.160076][ T8448] RIP: 0033:0x444cf9 [ 57.163941][ T8448] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 81 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0