[[0;32m  OK  [0m] Reached target Graphical Interface.
         Starting Update UTMP about System Runlevel Changes...
         Starting Load/Save RF Kill Switch Status...
[[0;32m  OK  [0m] Started Update UTMP about System Runlevel Changes.
[[0;32m  OK  [0m] Started Load/Save RF Kill Switch Status.

Debian GNU/Linux 9 syzkaller ttyS0

Warning: Permanently added '10.128.1.103' (ECDSA) to the list of known hosts.
executing program
syzkaller login: [   27.999004] 
[   28.000776] ======================================================
[   28.007083] WARNING: possible circular locking dependency detected
[   28.013392] 4.14.292-syzkaller #0 Not tainted
[   28.017860] ------------------------------------------------------
[   28.024154] syz-executor372/7981 is trying to acquire lock:
[   28.029847]  (event_mutex){+.+.}, at: [<ffffffff815b1463>] perf_trace_destroy+0x23/0xf0
[   28.037971] 
[   28.037971] but task is already holding lock:
[   28.043918]  (&event->child_mutex){+.+.}, at: [<ffffffff81659078>] perf_event_release_kernel+0x208/0x8a0
[   28.053516] 
[   28.053516] which lock already depends on the new lock.
[   28.053516] 
[   28.061809] 
[   28.061809] the existing dependency chain (in reverse order) is:
[   28.069401] 
[   28.069401] -> #5 (&event->child_mutex){+.+.}:
[   28.075443]        __mutex_lock+0xc4/0x1310
[   28.079739]        perf_event_for_each_child+0x82/0x140
[   28.085095]        _perf_ioctl+0x471/0x1a60
[   28.089407]        perf_ioctl+0x55/0x80
[   28.093355]        do_vfs_ioctl+0x75a/0xff0
[   28.097693]        SyS_ioctl+0x7f/0xb0
[   28.101559]        do_syscall_64+0x1d5/0x640
[   28.105951]        entry_SYSCALL_64_after_hwframe+0x46/0xbb
[   28.111635] 
[   28.111635] -> #4 (&cpuctx_mutex){+.+.}:
[   28.117314]        __mutex_lock+0xc4/0x1310
[   28.121621]        perf_event_init_cpu+0xb7/0x170
[   28.126531]        perf_event_init+0x2cc/0x308
[   28.131086]        start_kernel+0x45d/0x763
[   28.135496]        secondary_startup_64+0xa5/0xb0
[   28.140325] 
[   28.140325] -> #3 (pmus_lock){+.+.}:
[   28.145515]        __mutex_lock+0xc4/0x1310
[   28.149817]        perf_event_init_cpu+0x2c/0x170
[   28.154652]        cpuhp_invoke_callback+0x1e6/0x1a80
[   28.159818]        _cpu_up+0x21e/0x520
[   28.163681]        do_cpu_up+0x9a/0x160
[   28.167630]        smp_init+0x197/0x1ac
[   28.171592]        kernel_init_freeable+0x406/0x626
[   28.176593]        kernel_init+0xd/0x161
[   28.180644]        ret_from_fork+0x24/0x30
[   28.184852] 
[   28.184852] -> #2 (cpu_hotplug_lock.rw_sem){++++}:
[   28.191245]        cpus_read_lock+0x39/0xc0
[   28.195540]        static_key_slow_inc+0xe/0x20
[   28.200297]        tracepoint_add_func+0x747/0xa40
[   28.205199]        tracepoint_probe_register+0x8c/0xc0
[   28.210458]        trace_event_reg+0x272/0x330
[   28.215014]        perf_trace_init+0x424/0xa30
[   28.219570]        perf_tp_event_init+0x79/0xf0
[   28.224229]        perf_try_init_event+0x15b/0x1f0
[   28.229149]        perf_event_alloc.part.0+0xe2d/0x2640
[   28.234488]        SyS_perf_event_open+0x683/0x2530
[   28.239497]        do_syscall_64+0x1d5/0x640
[   28.243883]        entry_SYSCALL_64_after_hwframe+0x46/0xbb
[   28.249576] 
[   28.249576] -> #1 (tracepoints_mutex){+.+.}:
[   28.255459]        __mutex_lock+0xc4/0x1310
[   28.259765]        tracepoint_probe_register+0x68/0xc0
[   28.265092]        trace_event_reg+0x272/0x330
[   28.269653]        perf_trace_init+0x424/0xa30
[   28.274229]        perf_tp_event_init+0x79/0xf0
[   28.278887]        perf_try_init_event+0x15b/0x1f0
[   28.283796]        perf_event_alloc.part.0+0xe2d/0x2640
[   28.289146]        SyS_perf_event_open+0x683/0x2530
[   28.294151]        do_syscall_64+0x1d5/0x640
[   28.298544]        entry_SYSCALL_64_after_hwframe+0x46/0xbb
[   28.304239] 
[   28.304239] -> #0 (event_mutex){+.+.}:
[   28.309792]        lock_acquire+0x170/0x3f0
[   28.314107]        __mutex_lock+0xc4/0x1310
[   28.318402]        perf_trace_destroy+0x23/0xf0
[   28.323043]        _free_event+0x321/0xe20
[   28.327256]        free_event+0x32/0x40
[   28.331205]        perf_event_release_kernel+0x368/0x8a0
[   28.336630]        perf_release+0x33/0x40
[   28.340803]        __fput+0x25f/0x7a0
[   28.344599]        task_work_run+0x11f/0x190
[   28.349011]        do_exit+0xa44/0x2850
[   28.353054]        SyS_exit+0x1e/0x20
[   28.356840]        do_syscall_64+0x1d5/0x640
[   28.361252]        entry_SYSCALL_64_after_hwframe+0x46/0xbb
[   28.366938] 
[   28.366938] other info that might help us debug this:
[   28.366938] 
[   28.375071] Chain exists of:
[   28.375071]   event_mutex --> &cpuctx_mutex --> &event->child_mutex
[   28.375071] 
[   28.385804]  Possible unsafe locking scenario:
[   28.385804] 
[   28.391839]        CPU0                    CPU1
[   28.396485]        ----                    ----
[   28.401124]   lock(&event->child_mutex);
[   28.405159]                                lock(&cpuctx_mutex);
[   28.411200]                                lock(&event->child_mutex);
[   28.417751]   lock(event_mutex);
[   28.421093] 
[   28.421093]  *** DEADLOCK ***
[   28.421093] 
[   28.427143] 2 locks held by syz-executor372/7981:
[   28.431956]  #0:  (&ctx->mutex){+.+.}, at: [<ffffffff8165906e>] perf_event_release_kernel+0x1fe/0x8a0
[   28.441309]  #1:  (&event->child_mutex){+.+.}, at: [<ffffffff81659078>] perf_event_release_kernel+0x208/0x8a0
[   28.451370] 
[   28.451370] stack backtrace:
[   28.455853] CPU: 1 PID: 7981 Comm: syz-executor372 Not tainted 4.14.292-syzkaller #0
[   28.463765] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/26/2022
[   28.473105] Call Trace:
[   28.475677]  dump_stack+0x1b2/0x281
[   28.479282]  print_circular_bug.constprop.0.cold+0x2d7/0x41e
[   28.485060]  __lock_acquire+0x2e0e/0x3f20
[   28.489187]  ? trace_hardirqs_on+0x10/0x10
[   28.493398]  ? perf_group_detach+0x7f0/0x7f0
[   28.497779]  ? generic_exec_single+0x27e/0x420
[   28.502347]  ? smp_call_function_single+0x1b1/0x370
[   28.507357]  lock_acquire+0x170/0x3f0
[   28.511152]  ? perf_trace_destroy+0x23/0xf0
[   28.515463]  ? perf_trace_destroy+0x23/0xf0
[   28.519777]  __mutex_lock+0xc4/0x1310
[   28.523572]  ? perf_trace_destroy+0x23/0xf0
[   28.528008]  ? task_function_call+0xed/0x130
[   28.532397]  ? pmu_dev_release+0x20/0x20
[   28.536435]  ? perf_trace_destroy+0x23/0xf0
[   28.540759]  ? __ww_mutex_wakeup_for_backoff+0x210/0x210
[   28.546198]  ? event_function_call+0x1fa/0x3c0
[   28.550797]  ? event_sched_out+0x11b0/0x11b0
[   28.555199]  ? rcu_lockdep_current_cpu_online+0xed/0x140
[   28.560643]  ? perf_tp_event_init+0xf0/0xf0
[   28.564941]  perf_trace_destroy+0x23/0xf0
[   28.569093]  ? perf_tp_event_init+0xf0/0xf0
[   28.573575]  _free_event+0x321/0xe20
[   28.577292]  free_event+0x32/0x40
[   28.580723]  perf_event_release_kernel+0x368/0x8a0
[   28.585629]  ? perf_event_release_kernel+0x8a0/0x8a0
[   28.590705]  perf_release+0x33/0x40
[   28.594308]  __fput+0x25f/0x7a0
[   28.597581]  task_work_run+0x11f/0x190
[   28.601442]  do_exit+0xa44/0x2850
[   28.604894]  ? get_timespec64+0xb1/0xf0
[   28.608852]  ? timespec_trunc+0x120/0x120
[   28.612997]  ? mm_update_next_owner+0x5b0/0x5b0
[   28.617644]  ? SyS_clock_nanosleep+0x210/0x2d0
[   28.622201]  ? compat_SyS_clock_getres+0x180/0x180
[   28.627121]  ? __do_page_fault+0x159/0xad0
[   28.631355]  SyS_exit+0x1e/0x20
[   28.634617]  ? complete_and_exit+0x40/0x40
[   28.638827]  do_syscall_64+0x1d5/0x640
[   28.642694]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
[   28.647865] RIP: 0033:0x7f73970792a9
[   2