Warning: Permanently added '10.128.0.198' (ECDSA) to the list of known hosts. [ 51.094327] random: sshd: uninitialized urandom read (32 bytes read) [ 51.190211] audit: type=1400 audit(1561017108.865:7): avc: denied { map } for pid=1797 comm="syz-executor299" path="/root/syz-executor299467794" dev="sda1" ino=16481 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1 [ 51.260777] [ 51.262523] ====================================================== [ 51.268830] WARNING: possible circular locking dependency detected [ 51.275232] 4.14.128+ #10 Not tainted [ 51.279125] ------------------------------------------------------ [ 51.285570] syz-executor299/1797 is trying to acquire lock: [ 51.291260] (pmus_lock){+.+.}, at: [< (ptrval)>] perf_swevent_init+0x123/0x4e0 [ 51.299308] [ 51.299308] but task is already holding lock: [ 51.305739] (&cpuctx_mutex/1){+.+.}, at: [< (ptrval)>] perf_event_ctx_lock_nested+0x14d/0x2c0 [ 51.315314] [ 51.315314] which lock already depends on the new lock. [ 51.315314] [ 51.323810] [ 51.323810] the existing dependency chain (in reverse order) is: [ 51.331863] [ 51.331863] -> #2 (&cpuctx_mutex/1){+.+.}: [ 51.337813] [ 51.337813] -> #1 (&cpuctx_mutex){+.+.}: [ 51.343335] [ 51.343335] -> #0 (pmus_lock){+.+.}: [ 51.348508] [ 51.348508] other info that might help us debug this: [ 51.348508] [ 51.356631] Chain exists of: [ 51.356631] pmus_lock --> &cpuctx_mutex --> &cpuctx_mutex/1 [ 51.356631] [ 51.367308] Possible unsafe locking scenario: [ 51.367308] [ 51.373353] CPU0 CPU1 [ 51.378116] ---- ---- [ 51.382764] lock(&cpuctx_mutex/1); [ 51.386465] lock(&cpuctx_mutex); [ 51.392623] lock(&cpuctx_mutex/1); [ 51.399021] lock(pmus_lock); [ 51.402421] [ 51.402421] *** DEADLOCK *** [ 51.402421] [ 51.408649] 2 locks held by syz-executor299/1797: [ 51.413470] #0: (&pmus_srcu){....}, at: [< (ptrval)>] perf_event_alloc.part.0+0xadd/0x1e70 [ 51.422793] #1: (&cpuctx_mutex/1){+.+.}, at: [< (ptrval)>] perf_event_ctx_lock_nested+0x14d/0x2c0 [ 51.432758] [ 51.432758] stack backtrace: [ 51.437365] CPU: 1 PID: 1797 Comm: syz-executor299 Not tainted 4.14.128+ #10 [ 51.444533] Call Trace: [ 51.447123] dump_stack+0xb9/0x10e [ 51.450657] print_circular_bug.isra.0.cold+0x2dc/0x425 [ 51.456029] ? __lock_acquire+0x2d83/0x3fa0 [ 51.460353] ? __lock_acquire+0x56a/0x3fa0 [ 51.464585] ? trace_hardirqs_on+0x10/0x10 [ 51.468818] ? trace_hardirqs_on+0x10/0x10 [ 51.473058] ? __lock_acquire+0x56a/0x3fa0 [ 51.477289] ? kasan_kmalloc.part.0+0xa6/0xd0 [ 51.481817] ? __save_stack_trace+0x7a/0xf0 [ 51.486141] ? lock_acquire+0x10f/0x380 [ 51.490107] ? perf_swevent_init+0x123/0x4e0 [ 51.494517] ? perf_swevent_init+0x123/0x4e0 [ 51.498912] ? __mutex_lock+0xf7/0x1430 [ 51.502952] ? perf_swevent_init+0x123/0x4e0 [ 51.507352] ? __mutex_lock+0x6aa/0x1430 [ 51.511398] ? perf_swevent_init+0x123/0x4e0 [ 51.515803] ? perf_event_ctx_lock_nested+0x14d/0x2c0 [ 51.521125] ? perf_try_init_event+0xf1/0x200 [ 51.525606] ? __ww_mutex_wakeup_for_backoff+0x210/0x210 [ 51.531040] ? __ww_mutex_wakeup_for_backoff+0x210/0x210 [ 51.536479] ? trace_hardirqs_on+0x10/0x10 [ 51.540709] ? perf_event_ctx_lock_nested+0x117/0x2c0 [ 51.545891] ? lock_downgrade+0x5d0/0x5d0 [ 51.550111] ? lock_acquire+0x10f/0x380 [ 51.554088] ? perf_event_ctx_lock_nested+0x39/0x2c0 [ 51.559173] ? perf_swevent_init+0x123/0x4e0 [ 51.563574] ? perf_swevent_init+0x123/0x4e0 [ 51.567971] ? perf_event_ctx_lock_nested+0x14d/0x2c0 [ 51.573159] ? perf_event_ctx_lock_nested+0x247/0x2c0 [ 51.578350] ? perf_try_init_event+0xe5/0x200 [ 51.582836] ? perf_event_alloc.part.0+0xcc5/0x1e70 [ 51.587838] ? SyS_perf_event_open+0x6eb/0x2530 [ 51.592489] ? perf_bp_event+0x1a0/0x1a0 [ 51.596543] ? do_syscall_64+0x43/0x510 [ 51.600500] ? perf_bp_event+0x1a0/0x1a0 [ 51.604544] ? do_syscall_64+0x19b/0x510 [ 51.608740] ? entry_SYSCALL_64_after_h