[�[0;32m OK �[0m] Reached target Login Prompts.
[�[0;32m OK �[0m] Reached target Multi-User System.
[�[0;32m OK �[0m] Reached target Graphical Interface.
Starting Update UTMP about System Runlevel Changes...
[�[0;32m OK �[0m] Started Update UTMP about System Runlevel Changes.
Debian GNU/Linux 9 syzkaller ttyS0
Warning: Permanently added '10.128.1.11' (ECDSA) to the list of known hosts.
executing program
syzkaller login: [ 43.727019][ T6793] IPVS: ftp: loaded support on port[0] = 21
[ 43.781962][ T6815] overlayfs: upperdir is in-use as upperdir/workdir of another mount, mount with '-o index=off' to override exclusive upperdir protection.
[ 43.797761][ T6816]
[ 43.798113][ T29] audit: type=1804 audit(1593314932.912:2): pid=6814 uid=0 auid=0 ses=5 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor165" name="/root/bus/file0" dev="overlay" ino=15706 res=1
[ 43.800263][ T6816] ======================================================
[ 43.826486][ T6816] WARNING: possible circular locking dependency detected
[ 43.833608][ T6816] 5.8.0-rc2-syzkaller #0 Not tainted
[ 43.838872][ T6816] ------------------------------------------------------
[ 43.846144][ T6816] syz-executor165/6816 is trying to acquire lock:
[ 43.852548][ T6816] ffff888092f48080 (&iint->mutex){+.+.}-{3:3}, at: process_measurement+0x66d/0x18e0
[ 43.861994][ T6816]
[ 43.861994][ T6816] but task is already holding lock:
[ 43.869663][ T6816] ffff888214040450 (sb_writers#4){.+.+}-{0:0}, at: mnt_want_write+0x45/0x90
[ 43.878710][ T6816]
[ 43.878710][ T6816] which lock already depends on the new lock.
[ 43.878710][ T6816]
[ 43.889096][ T6816]
[ 43.889096][ T6816] the existing dependency chain (in reverse order) is:
[ 43.898438][ T6816]
[ 43.898438][ T6816] -> #1 (sb_writers#4){.+.+}-{0:0}:
[ 43.905809][ T6816] lock_acquire+0x160/0x720
[ 43.910859][ T6816] __sb_start_write+0x14b/0x410
[ 43.916216][ T6816] mnt_want_write+0x45/0x90
[ 43.921256][ T6816] ovl_maybe_copy_up+0x117/0x180
[ 43.926941][ T6816] ovl_open+0xa2/0x200
[ 43.931511][ T6816] do_dentry_open+0x813/0x1070
[ 43.937027][ T6816] dentry_open+0xc6/0x120
[ 43.942083][ T6816] ima_calc_file_hash+0xfa/0x1f30
[ 43.948172][ T6816] ima_collect_measurement+0x1fd/0x490
[ 43.954358][ T6816] process_measurement+0xddf/0x18e0
[ 43.960058][ T6816] ima_file_check+0x9c/0xe0
[ 43.965070][ T6816] path_openat+0x27d6/0x37f0
[ 43.970299][ T6816] do_filp_open+0x191/0x3a0
[ 43.975306][ T6816] do_sys_openat2+0x463/0x770
[ 43.980640][ T6816] __x64_sys_open+0x1af/0x1e0
[ 43.985989][ T6816] do_syscall_64+0x73/0xe0
[ 43.991072][ T6816] entry_SYSCALL_64_after_hwframe+0x44/0xa9
[ 43.997472][ T6816]
[ 43.997472][ T6816] -> #0 (&iint->mutex){+.+.}-{3:3}:
[ 44.005262][ T6816] validate_chain+0x1b0c/0x8920
[ 44.010835][ T6816] __lock_acquire+0x116c/0x2c30
[ 44.016294][ T6816] lock_acquire+0x160/0x720
[ 44.021296][ T6816] __mutex_lock_common+0x189/0x2fc0
[ 44.027226][ T6816] mutex_lock_nested+0x1a/0x20
[ 44.033423][ T6816] process_measurement+0x66d/0x18e0
[ 44.041035][ T6816] ima_file_check+0x9c/0xe0
[ 44.046135][ T6816] path_openat+0x27d6/0x37f0
[ 44.051228][ T6816] do_filp_open+0x191/0x3a0
[ 44.056234][ T6816] do_sys_openat2+0x463/0x770
[ 44.061742][ T6816] __x64_sys_openat+0x1c8/0x1f0
[ 44.067347][ T6816] do_syscall_64+0x73/0xe0
[ 44.072361][ T6816] entry_SYSCALL_64_after_hwframe+0x44/0xa9
[ 44.078759][ T6816]
[ 44.078759][ T6816] other info that might help us debug this:
[ 44.078759][ T6816]
[ 44.089376][ T6816] Possible unsafe locking scenario:
[ 44.089376][ T6816]
[ 44.096820][ T6816] CPU0 CPU1
[ 44.102337][ T6816] ---- ----
[ 44.107780][ T6816] lock(sb_writers#4);
[ 44.111910][ T6816] lock(&iint->mutex);
[ 44.118859][ T6816] lock(sb_writers#4);
[ 44.125521][ T6816] lock(&iint->mutex);
[ 44.129825][ T6816]
[ 44.129825][ T6816] *** DEADLOCK ***
[ 44.129825][ T6816]
[ 44.138653][ T6816] 1 lock held by syz-executor165/6816:
[ 44.144264][ T6816] #0: ffff888214040450 (sb_writers#4){.+.+}-{0:0}, at: mnt_want_write+0x45/0x90
[ 44.153697][ T6816]
[ 44.153697][ T6816] stack backtrace:
[ 44.159670][ T6816] CPU: 1 PID: 6816 Comm: syz-executor165 Not tainted 5.8.0-rc2-syzkaller #0
[ 44.168631][ T6816] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 44.178842][ T6816] Call Trace:
[ 44.182121][ T6816] dump_stack+0x1f0/0x31e
[ 44.186517][ T6816] print_circular_bug+0xc72/0xea0
[ 44.191580][ T6816] ? stack_trace_save+0xad/0x150
[ 44.196634][ T6816] ? save_trace+0x49/0xba0
[ 44.201171][ T6816] check_noncircular+0x1fb/0x3a0
[ 44.206120][ T6816] validate_chain+0x1b0c/0x8920
[ 44.211003][ T6816] ? mark_lock+0x102/0x1b00
[ 44.215874][ T6816] __lock_acquire+0x116c/0x2c30
[ 44.220714][ T6816] ? __lock_acquire+0x116c/0x2c30
[ 44.225807][ T6816] lock_acquire+0x160/0x720
[ 44.230394][ T6816] ? process_measurement+0x66d/0x18e0
[ 44.236062][ T6816] __mutex_lock_common+0x189/0x2fc0
[ 44.241330][ T6816] ? process_measurement+0x66d/0x18e0
[ 44.246863][ T6816] ? process_measurement+0x64b/0x18e0
[ 44.252548][ T6816] ? process_measurement+0x66d/0x18e0
[ 44.258096][ T6816] ? up_write+0xe9/0x450
[ 44.262377][ T6816] mutex_lock_nested+0x1a/0x20
[ 44.267203][ T6816] process_measurement+0x66d/0x18e0
[ 44.272499][ T6816] ? rcu_lock_release+0x5/0x20
[ 44.277359][ T6816] ? smk_of_task_struct+0x1bd/0x1d0
[ 44.282735][ T6816] ? smack_task_getsecid+0x22/0x80
[ 44.287954][ T6816] ima_file_check+0x9c/0xe0
[ 44.292563][ T6816] path_openat+0x27d6/0x37f0
[ 44.297484][ T6816] do_filp_open+0x191/0x3a0
[ 44.302035][ T6816] ? _raw_spin_unlock+0x24/0x40
[ 44.306969][ T6816] ? __alloc_fd+0x55c/0x600
[ 44.311850][ T6816] do_sys_openat2+0x463/0x770
[ 44.316527][ T6816] __x64_sys_openat+0x1c8/0x1f0
[ 44.321360][ T6816] ? entry_SYSCALL_64_after_hwframe+0x44/0xa9
[ 44.327406][ T6816] do_syscall_64+0x73/0xe0
[ 44.331802][ T6816] entry_SYSCALL_64_after_hwframe+0x44/0xa9
[ 44.338565][ T6816] RIP: 0033:0x446289
[ 44.342669][ T6816] Code: Bad RIP value.
[ 44.346715][ T6816] RSP: 002b:00007fc5eb6ccdb8 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 44.355104][ T6816] RAX: ffffffffffffffda RBX: 00000000006dbc48 RCX: 0000000000446289
[ 44.363614][ T6816] RDX: 000000000000275a RSI: 00000000200001c0 RDI: 00000000ffffff9c
[ 44.371608][ T6816] RBP: 00000000006dbc40 R08: 0000000000000000 R09: 0000000000000000
[ 44.379566][ T6816] R10: 0000000000000000 R11: 0000000000000246 R12: 00000