syzbot

random: sshd: uninitialized urandom read (32 bytes read)
random: sshd: uninitialized urandom read (32 bytes read)
random: sshd: uninitialized urandom read (32 bytes read)
audit: type=1400 audit(1553261604.682:7): avc:  denied  { map } for  pid=1779 comm="syz-executor600" path="/root/syz-executor600393421" dev="sda1" ino=16482 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1
======================================================
WARNING: possible circular locking dependency detected
4.14.107+ #33 Not tainted
------------------------------------------------------
syz-executor600/1779 is trying to acquire lock:
 (&cpuctx_mutex/1){+.+.}, at: [<ffffffffb98085c1>] mutex_lock_double kernel/events/core.c:9907 [inline]
 (&cpuctx_mutex/1){+.+.}, at: [<ffffffffb98085c1>] __perf_event_ctx_lock_double kernel/events/core.c:9966 [inline]
 (&cpuctx_mutex/1){+.+.}, at: [<ffffffffb98085c1>] SYSC_perf_event_open kernel/events/core.c:10231 [inline]
 (&cpuctx_mutex/1){+.+.}, at: [<ffffffffb98085c1>] SyS_perf_event_open+0x11f1/0x2520 kernel/events/core.c:9986

but task is already holding lock:
 (&cpuctx_mutex){+.+.}, at: [<ffffffffb98085b4>] mutex_lock_double kernel/events/core.c:9906 [inline]
 (&cpuctx_mutex){+.+.}, at: [<ffffffffb98085b4>] __perf_event_ctx_lock_double kernel/events/core.c:9966 [inline]
 (&cpuctx_mutex){+.+.}, at: [<ffffffffb98085b4>] SYSC_perf_event_open kernel/events/core.c:10231 [inline]
 (&cpuctx_mutex){+.+.}, at: [<ffffffffb98085b4>] SyS_perf_event_open+0x11e4/0x2520 kernel/events/core.c:9986

which lock already depends on the new lock.


the existing dependency chain (in reverse order) is:

-> #2 (&cpuctx_mutex){+.+.}:

-> #1 (pmus_lock){+.+.}:

-> #0 (&cpuctx_mutex/1){+.+.}:

other info that might help us debug this:

Chain exists of:
  &cpuctx_mutex/1 --> pmus_lock --> &cpuctx_mutex

 Possible unsafe locking scenario:

       CPU0                    CPU1
       ----                    ----
  lock(&cpuctx_mutex);
                               lock(pmus_lock);
                               lock(&cpuctx_mutex);
  lock(&cpuctx_mutex/1);

 *** DEADLOCK ***

1 lock held by syz-executor600/1779:
 #0:  (&cpuctx_mutex){+.+.}, at: [<ffffffffb98085b4>] mutex_lock_double kernel/events/core.c:9906 [inline]
 #0:  (&cpuctx_mutex){+.+.}, at: [<ffffffffb98085b4>] __perf_event_ctx_lock_double kernel/events/core.c:9966 [inline]
 #0:  (&cpuctx_mutex){+.+.}, at: [<ffffffffb98085b4>] SYSC_perf_event_open kernel/events/core.c:10231 [inline]
 #0:  (&cpuctx_mutex){+.+.}, at: [<ffffffffb98085b4>] SyS_perf_event_open+0x11e4/0x2520 kernel/events/core.c:9986

stack backtrace:
CPU: 0 PID: 1779 Comm: syz-executor600 Not tainted 4.14.107+ #33
Call Trace:
 __dump_stack lib/dump_stack.c:17 [inline]
 dump_stack+0xb9/0x10e lib/dump_stack.c:53
 print_circular_bug.isra.0.cold+0x2dc/0x425 kernel/locking/lockdep.c:1258
 ? SyS_perf_event_open+