input: syz0 as /devices/virtual/input/input8172
======================================================
WARNING: possible circular locking dependency detected
4.19.211-syzkaller #0 Not tainted
------------------------------------------------------
syz-executor.4/28388 is trying to acquire lock:
000000007e4844bb (&ovl_i_mutex_key[depth]){+.+.}, at: inode_lock include/linux/fs.h:748 [inline]
000000007e4844bb (&ovl_i_mutex_key[depth]){+.+.}, at: process_measurement+0x926/0x1440 security/integrity/ima/ima_main.c:205

but task is already holding lock:
000000003b5b9e76 (&sig->cred_guard_mutex){+.+.}, at: prepare_bprm_creds fs/exec.c:1419 [inline]
000000003b5b9e76 (&sig->cred_guard_mutex){+.+.}, at: __do_execve_file+0x38c/0x2360 fs/exec.c:1762

which lock already depends on the new lock.


the existing dependency chain (in reverse order) is:

-> #3 (&sig->cred_guard_mutex){+.+.}:
       do_io_accounting fs/proc/base.c:2750 [inline]
       proc_tgid_io_accounting+0x1cf/0x7f0 fs/proc/base.c:2799
       proc_single_show+0xeb/0x170 fs/proc/base.c:755
       seq_read+0x4e0/0x11c0 fs/seq_file.c:232
       do_loop_readv_writev fs/read_write.c:701 [inline]
       do_loop_readv_writev fs/read_write.c:688 [inline]
       do_iter_read+0x471/0x630 fs/read_write.c:925
       vfs_readv+0xe5/0x150 fs/read_write.c:987
       do_preadv fs/read_write.c:1071 [inline]
       __do_sys_preadv fs/read_write.c:1121 [inline]
       __se_sys_preadv fs/read_write.c:1116 [inline]
       __x64_sys_preadv+0x22b/0x310 fs/read_write.c:1116
       do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293
       entry_SYSCALL_64_after_hwframe+0x49/0xbe

-> #2 (&p->lock){+.+.}:
       seq_read+0x6b/0x11c0 fs/seq_file.c:164
       proc_reg_read+0x1bd/0x2d0 fs/proc/inode.c:231
       do_loop_readv_writev fs/read_write.c:701 [inline]
       do_loop_readv_writev fs/read_write.c:688 [inline]
       do_iter_read+0x471/0x630 fs/read_write.c:925
       vfs_readv+0xe5/0x150 fs/read_write.c:987
       kernel_readv fs/splice.c:362 [inline]
       default_file_splice_read+0x457/0xa00 fs/splice.c:417
       do_splice_to+0x10e/0x160 fs/splice.c:881
       splice_direct_to_actor+0x2b9/0x8d0 fs/splice.c:959
       do_splice_direct+0x1a7/0x270 fs/splice.c:1068
       do_sendfile+0x550/0xc30 fs/read_write.c:1447
       __do_sys_sendfile64 fs/read_write.c:1508 [inline]
       __se_sys_sendfile64+0x147/0x160 fs/read_write.c:1494
       do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293
       entry_SYSCALL_64_after_hwframe+0x49/0xbe

-> #1 (sb_writers#3){.+.+}:
       sb_start_write include/linux/fs.h:1579 [inline]
       mnt_want_write+0x3a/0xb0 fs/namespace.c:360
       ovl_link+0x73/0x2b0 fs/overlayfs/dir.c:676
       vfs_link+0x7e6/0xc80 fs/namei.c:4243
       do_linkat+0x52a/0x810 fs/namei.c:4311
       __do_sys_link fs/namei.c:4340 [inline]
       __se_sys_link fs/namei.c:4338 [inline]
       __x64_sys_link+0x5d/0x80 fs/namei.c:4338
       do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293
       entry_SYSCALL_64_after_hwframe+0x49/0xbe

-> #0 (&ovl_i_mutex_key[depth]){+.+.}:
       down_write+0x34/0x90 kernel/locking/rwsem.c:70
       inode_lock include/linux/fs.h:748 [inline]
       process_measurement+0x926/0x1440 security/integrity/ima/ima_main.c:205
       ima_file_check+0xb9/0x100 security/integrity/ima/ima_main.c:391
       do_last fs/namei.c:3425 [inline]
       path_openat+0x7e4/0x2df0 fs/namei.c:3537
       do_filp_open+0x18c/0x3f0 fs/namei.c:3567
       do_open_execat+0x11d/0x5b0 fs/exec.c:853
       __do_execve_file+0x1a8b/0x2360 fs/exec.c:1770
       do_execveat_common fs/exec.c:1879 [inline]
       do_execveat+0x3d/0x50 fs/exec.c:1907
       __do_sys_execveat fs/exec.c:1988 [inline]
       __se_sys_execveat fs/exec.c:1980 [inline]
       __x64_sys_execveat+0xe1/0x120 fs/exec.c:1980
       do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293
       entry_SYSCALL_64_after_hwframe+0x49/0xbe

other info that might help us debug this:

Chain exists of:
  &ovl_i_mutex_key[depth] --> &p->lock --> &sig->cred_guard_mutex

 Possible unsafe locking scenario:

       CPU0                    CPU1
       ----                    ----
  lock(&sig->cred_guard_mutex);
                               lock(&p->lock);
                               lock(&sig->cred_guard_mutex);
  lock(&ovl_i_mutex_key[depth]);

 *** DEADLOCK ***

1 lock held by syz-executor.4/28388:
 #0: 000000003b5b9e76 (&sig->cred_guard_mutex){+.+.}, at: prepare_bprm_creds fs/exec.c:1419 [inline]
 #0: 000000003b5b9e76 (&sig->cred_guard_mutex){+.+.}, at: __do_execve_file+0x38c/0x2360 fs/exec.c:1762

stack backtrace:
CPU: 1 PID: 28388 Comm: syz-executor.4 Not tainted 4.19.211-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/22/2022
Call Trace:
 __dump_stack lib/dump_stack.c:77 [inline]
 dump_stack+0x1fc/0x2ef lib/dump_stack.c:118
 print_circular_bug.constprop.0.cold+0x2d7/0x41e kernel/locking/lockdep.c:1222
 check_prev_add kernel/locking/lockdep.c:1866 [inline]
 check_prevs_add kernel/locking/lockdep.c:1979 [inline]
 validate_chain kernel/locking/lockdep.c:2420 [inline]
 __lock_acquire+0x30c9/0x3ff0 kernel/locking/lockdep.c:3416
 lock_acquire+0x170/0x3c0 kernel/locking/lockdep.c:3908
 down_write+0x34/0x90 kernel/locking/rwsem.c:70
 inode_lock include/linux/fs.h:748 [inline]
 process_measurement+0x926/0x1440 security/integrity/ima/ima_main.c:205
 ima_file_check+0xb9/0x100 security/integrity/ima/ima_main.c:391
 do_last fs/namei.c:3425 [inline]
 path_openat+0x7e4/0x2df0 fs/namei.c:3537
 do_filp_open+0x18c/0x3f0 fs/namei.c:3567
 do_open_execat+0x11d/0x5b0 fs/exec.c:853
 __do_execve_file+0x1a8b/0x2360 fs/exec.c:1770
 do_execveat_common fs/exec.c:1879 [inline]
 do_execveat+0x3d/0x50 fs/exec.c:1907
 __do_sys_execveat fs/exec.c:1988 [inline]
 __se_sys_execveat fs/exec.c:1980 [inline]
 __x64_sys_execveat+0xe1/0x120 fs/exec.c:1980
 do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293
 entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x7f9ab9ae7279
Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007f9ab845c168 EFLAGS: 00000246 ORIG_RAX: 0000000000000142
RAX: ffffffffffffffda RBX: 00007f9ab9bf9f80 RCX: 00007f9ab9ae7279
RDX: 0000000000000000 RSI: 0000000020000040 RDI: ffffffffffffff9c
RBP: 00007f9ab9b412e9 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 00007ffc05e970ef R14: 00007f9ab845c300 R15: 0000000000022000
input: syz0 as /devices/virtual/input/input8173
Bluetooth: hci0: command 0x0405 tx timeout
input: syz0 as /devices/virtual/input/input8174
input: syz0 as /devices/virtual/input/input8175
input: syz0 as /devices/virtual/input/input8176
input: syz0 as /devices/virtual/input/input8177
input: syz0 as /devices/virtual/input/input8178
input: syz0 as /devices/virtual/input/input8179
input: syz0 as /devices/virtual/input/input8180
input: syz0 as /devices/virtual/input/input8181
input: syz0 as /devices/virtual/input/input8182
Bluetooth: Wrong link type (-22)
netlink: 132 bytes leftover after parsing attributes in process `syz-executor.0'.
input: syz0 as /devices/virtual/input/input8183
input: syz0 as /devices/virtual/input/input8184
IPVS: ftp: loaded support on port[0] = 21
input: syz0 as /devices/virtual/input/input8185
input: syz0 as /devices/virtual/input/input8186
input: syz0 as /devices/virtual/input/input8187
input: syz0 as /devices/virtual/input/input8188
input: syz0 as /devices/virtual/input/input8189
input: syz0 as /devices/virtual/input/input8190
input: syz0 as /devices/virtual/input/input8191
input: syz0 as /devices/virtual/input/input8192
input: syz0 as /devices/virtual/input/input8193
input: syz0 as /devices/virtual/input/input8194
input: syz0 as /devices/virtual/input/input8195
input: syz0 as /devices/virtual/input/input8196
input: syz0 as /devices/virtual/input/input8197
input: syz0 as /devices/virtual/input/input8198
IPVS: ftp: loaded support on port[0] = 21
NILFS (loop4): couldn't find nilfs on the device
input: syz0 as /devices/virtual/input/input8199
input: syz0 as /devices/virtual/input/input8200
input: syz0 as /devices/virtual/input/input8201
input: syz0 as /devices/virtual/input/input8202
input: syz0 as /devices/virtual/input/input8203
input: syz0 as /devices/virtual/input/input8204
input: syz0 as /devices/virtual/input/input8205
IPVS: ftp: loaded support on port[0] = 21
input: syz0 as /devices/virtual/input/input8206
input: syz0 as /devices/virtual/input/input8207
input: syz0 as /devices/virtual/input/input8208
input: syz0 as /devices/virtual/input/input8210
input: syz0 as /devices/virtual/input/input8209
IPVS: ftp: loaded support on port[0] = 21
input: syz0 as /devices/virtual/input/input8211
input: syz0 as /devices/virtual/input/input8212
input: syz0 as /devices/virtual/input/input8213
input: syz0 as /devices/virtual/input/input8214
input: syz0 as /devices/virtual/input/input8215
input: syz0 as /devices/virtual/input/input8216
input: syz0 as /devices/virtual/input/input8217
IPVS: ftp: loaded support on port[0] = 21
input: syz0 as /devices/virtual/input/input8218
input: syz0 as /devices/virtual/input/input8219
input: syz0 as /devices/virtual/input/input8220
input: syz0 as /devices/virtual/input/input8221
input: syz0 as /devices/virtual/input/input8223
input: syz0 as /devices/virtual/input/input8222
input: syz0 as /devices/virtual/input/input8224
input: syz0 as /devices/virtual/input/input8225
input: syz0 as /devices/virtual/input/input8226
input: syz0 as /devices/virtual/input/input8227
input: syz0 as /devices/virtual/input/input8228
input: syz0 as /devices/virtual/input/input8229
IPVS: ftp: loaded support on port[0] = 21
input: syz0 as /devices/virtual/input/input8230
input: syz0 as /devices/virtual/input/input8231
input: syz0 as /devices/virtual/input/input8232
input: syz0 as /devices/virtual/input/input8233
input: syz0 as /devices/virtual/input/input8234
input: syz0 as /devices/virtual/input/input8237
input: syz0 as /devices/virtual/input/input8235
input: syz0 as /devices/virtual/input/input8236
FAT-fs (loop4): bogus number of reserved sectors
FAT-fs (loop4): Can't find a valid FAT filesystem
input: syz0 as /devices/virtual/input/input8238
IPVS: ftp: loaded support on port[0] = 21
input: syz0 as /devices/virtual/input/input8240
input: syz0 as /devices/virtual/input/input8239
input: syz0 as /devices/virtual/input/input8241
input: syz0 as /devices/virtual/input/input8242
IPVS: ftp: loaded support on port[0] = 21
input: syz0 as /devices/virtual/input/input8243
Unknown ioctl 1075883590
input: syz0 as /devices/virtual/input/input8244
Unknown ioctl 1075883590
Unknown ioctl 1075883590
Unknown ioctl 1075883590
Unknown ioctl 1075883590
Unknown ioctl 1075883590
Unknown ioctl 1075883590
Unknown ioctl 1075883590
Unknown ioctl 1075883590
Unknown ioctl 1075883590
Unknown ioctl 1075883590
Unknown ioctl 1075883590
Unknown ioctl 1075883590
Unknown ioctl 1075883590
Unknown ioctl 1075883590
Unknown ioctl 1075883590
Unknown ioctl 1075883590
Unknown ioctl 1075883590
Unknown ioctl 1075883590
Unknown ioctl 1075883590
Unknown ioctl 1075883590
Unknown ioctl 1075883590
Unknown ioctl 1075883590
Unknown ioctl 1075883590
Unknown ioctl 1075883590
input: syz0 as /devices/virtual/input/input8245
input: syz0 as /devices/virtual/input/input8246
input: syz0 as /devices/virtual/input/input8247
input: syz0 as /devices/virtual/input/input8248
IPVS: ftp: loaded support on port[0] = 21
BTRFS: device fsid 3ef4e72b-bd40-425e-a16a-bfe806a542dc devid 0 transid 0 /dev/loop4
input: syz0 as /devices/virtual/input/input8249
input: syz0 as /devices/virtual/input/input8250
input: syz0 as /devices/virtual/input/input8251
BTRFS error (device loop4): superblock checksum mismatch
BTRFS error (device loop4): open_ctree failed
IPVS: ftp: loaded support on port[0] = 21
input: syz0 as /devices/virtual/input/input8252
input: syz0 as /devices/virtual/input/input8253
input: syz0 as /devices/virtual/input/input8254
input: syz0 as /devices/virtual/input/input8255
input: syz0 as /devices/virtual/input/input8256
IPVS: ftp: loaded support on port[0] = 21
BTRFS error (device loop4): superblock checksum mismatch
input: syz0 as /devices/virtual/input/input8257
BTRFS error (device loop4): open_ctree failed
input: syz0 as /devices/virtual/input/input8258
input: syz0 as /devices/virtual/input/input8260
input: syz0 as /devices/virtual/input/input8259
input: syz0 as /devices/virtual/input/input8261
input: syz0 as /devices/virtual/input/input8262
input: syz0 as /devices/virtual/input/input8263
BTRFS error (device loop4): superblock checksum mismatch
IPVS: ftp: loaded support on port[0] = 21
input: syz0 as /devices/virtual/input/input8264
BTRFS error (device loop4): open_ctree failed
input: syz0 as /devices/virtual/input/input8265
input: syz0 as /devices/virtual/input/input8266
input: syz0 as /devices/virtual/input/input8267
input: syz0 as /devices/virtual/input/input8268
BTRFS error (device loop4): superblock checksum mismatch
input: syz0 as /devices/virtual/input/input8269
BTRFS error (device loop4): open_ctree failed
input: syz0 as /devices/virtual/input/input8270
input: syz0 as /devices/virtual/input/input8271
input: syz0 as /devices/virtual/input/input8272
input: syz0 as /devices/virtual/input/input8273
input: syz0 as /devices/virtual/input/input8274
input: syz0 as /devices/virtual/input/input8275
input: syz0 as /devices/virtual/input/input8276
input: syz0 as /devices/virtual/input/input8277
input: syz0 as /devices/virtual/input/input8278
input: syz0 as /devices/virtual/input/input8279
input: syz0 as /devices/virtual/input/input8280
input: syz0 as /devices/virtual/input/input8281
input: syz0 as /devices/virtual/input/input8282
input: syz0 as /devices/virtual/input/input8283
input: syz0 as /devices/virtual/input/input8284
input: syz0 as /devices/virtual/input/input8285
input: syz0 as /devices/virtual/input/input8286
input: syz0 as /devices/virtual/input/input8287
input: syz0 as /devices/virtual/input/input8288
input: syz0 as /devices/virtual/input/input8289
input: syz0 as /devices/virtual/input/input8290
input: syz0 as /devices/virtual/input/input8291
input: syz0 as /devices/virtual/input/input8292
input: syz0 as /devices/virtual/input/input8293
input: syz0 as /devices/virtual/input/input8294
input: syz0 as /devices/virtual/input/input8295
input: syz0 as /devices/virtual/input/input8296
input: syz0 as /devices/virtual/input/input8297
input: syz0 as /devices/virtual/input/input8298
input: syz0 as /devices/virtual/input/input8299
input: syz0 as /devices/virtual/input/input8300
input: syz0 as /devices/virtual/input/input8301
input: syz0 as /devices/virtual/input/input8302
input: syz0 as /devices/virtual/input/input8303
input: syz0 as /devices/virtual/input/input8304
input: syz0 as /devices/virtual/input/input8305
input: syz0 as /devices/virtual/input/input8306
input: syz0 as /devices/virtual/input/input8307
input: syz0 as /devices/virtual/input/input8308
input: syz0 as /devices/virtual/input/input8309
input: syz0 as /devices/virtual/input/input8310
input: syz0 as /devices/virtual/input/input8311
input: syz0 as /devices/virtual/input/input8312
input: syz0 as /devices/virtual/input/input8313
input: syz0 as /devices/virtual/input/input8314
input: syz0 as /devices/virtual/input/input8315
input: syz0 as /devices/virtual/input/input8316
input: syz0 as /devices/virtual/input/input8317
input: syz0 as /devices/virtual/input/input8318
input: syz0 as /devices/virtual/input/input8319
input: syz0 as /devices/virtual/input/input8320
input: syz0 as /devices/virtual/input/input8321
input: syz0 as /devices/virtual/input/input8322
input: syz0 as /devices/virtual/input/input8323
input: syz0 as /devices/virtual/input/input8324
input: syz0 as /devices/virtual/input/input8325
input: syz0 as /devices/virtual/input/input8326
input: syz0 as /devices/virtual/input/input8327
input: syz0 as /devices/virtual/input/input8328
input: syz0 as /devices/virtual/input/input8329
input: syz0 as /devices/virtual/input/input8330
input: syz0 as /devices/virtual/input/input8331
input: syz0 as /devices/virtual/input/input8332
input: syz0 as /devices/virtual/input/input8333
input: syz0 as /devices/virtual/input/input8334
input: syz0 as /devices/virtual/input/input8335
input: syz0 as /devices/virtual/input/input8336
input: syz0 as /devices/virtual/input/input8337
input: syz0 as /devices/virtual/input/input8338
input: syz0 as /devices/virtual/input/input8339
input: syz0 as /devices/virtual/input/input8340
input: syz0 as /devices/virtual/input/input8341
input: syz0 as /devices/virtual/input/input8342
input: syz0 as /devices/virtual/input/input8343
input: syz0 as /devices/virtual/input/input8344
input: syz0 as /devices/virtual/input/input8346
input: syz0 as /devices/virtual/input/input8345
input: syz0 as /devices/virtual/input/input8347
input: syz0 as /devices/virtual/input/input8348
input: syz0 as /devices/virtual/input/input8349
input: syz0 as /devices/virtual/input/input8350
input: syz0 as /devices/virtual/input/input8351
input: syz0 as /devices/virtual/input/input8352
input: syz0 as /devices/virtual/input/input8353
input: syz0 as /devices/virtual/input/input8354