[ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... Starting Load/Save RF Kill Switch Status... [ OK ] Started Update UTMP about System Runlevel Changes. [ OK ] Started Load/Save RF Kill Switch Status. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.1.156' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 27.367212] [ 27.368836] ====================================================== [ 27.375125] WARNING: possible circular locking dependency detected [ 27.381417] 4.14.277-syzkaller #0 Not tainted [ 27.385882] ------------------------------------------------------ [ 27.392175] syz-executor393/7973 is trying to acquire lock: [ 27.397853] (event_mutex){+.+.}, at: [] ftrace_profile_set_filter+0x64/0x1c0 [ 27.406672] [ 27.406672] but task is already holding lock: [ 27.412611] (&cpuctx_mutex){+.+.}, at: [] perf_event_ctx_lock_nested+0x14d/0x2c0 [ 27.421775] [ 27.421775] which lock already depends on the new lock. [ 27.421775] [ 27.430060] [ 27.430060] the existing dependency chain (in reverse order) is: [ 27.437650] [ 27.437650] -> #4 (&cpuctx_mutex){+.+.}: [ 27.443166] __mutex_lock+0xc4/0x1310 [ 27.447458] perf_event_init_cpu+0xb7/0x170 [ 27.452272] perf_event_init+0x2cc/0x308 [ 27.456825] start_kernel+0x46a/0x770 [ 27.461116] secondary_startup_64+0xa5/0xb0 [ 27.465925] [ 27.465925] -> #3 (pmus_lock){+.+.}: [ 27.471095] __mutex_lock+0xc4/0x1310 [ 27.475388] perf_event_init_cpu+0x2c/0x170 [ 27.480309] cpuhp_invoke_callback+0x1e6/0x1a80 [ 27.485480] _cpu_up+0x21e/0x520 [ 27.489344] do_cpu_up+0x9a/0x160 [ 27.493297] smp_init+0x197/0x1ac [ 27.497249] kernel_init_freeable+0x406/0x626 [ 27.502238] kernel_init+0xd/0x162 [ 27.506270] ret_from_fork+0x24/0x30 [ 27.510473] [ 27.510473] -> #2 (cpu_hotplug_lock.rw_sem){++++}: [ 27.516855] cpus_read_lock+0x39/0xc0 [ 27.521146] static_key_slow_inc+0xe/0x20 [ 27.525785] tracepoint_add_func+0x747/0xa40 [ 27.530685] tracepoint_probe_register+0x8c/0xc0 [ 27.535934] trace_event_reg+0x272/0x330 [ 27.540486] perf_trace_init+0x424/0xa30 [ 27.545040] perf_tp_event_init+0x79/0xf0 [ 27.549682] perf_try_init_event+0x15b/0x1f0 [ 27.554584] perf_event_alloc.part.0+0xe2d/0x2640 [ 27.559921] SyS_perf_event_open+0x67f/0x24b0 [ 27.564907] do_syscall_64+0x1d5/0x640 [ 27.569288] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 27.574968] [ 27.574968] -> #1 (tracepoints_mutex){+.+.}: [ 27.580832] __mutex_lock+0xc4/0x1310 [ 27.585125] tracepoint_probe_register+0x68/0xc0 [ 27.590374] trace_event_reg+0x272/0x330 [ 27.594926] perf_trace_init+0x424/0xa30 [ 27.599477] perf_tp_event_init+0x79/0xf0 [ 27.604119] perf_try_init_event+0x15b/0x1f0 [ 27.609019] perf_event_alloc.part.0+0xe2d/0x2640 [ 27.614352] SyS_perf_event_open+0x67f/0x24b0 [ 27.619337] do_syscall_64+0x1d5/0x640 [ 27.623715] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 27.629392] [ 27.629392] -> #0 (event_mutex){+.+.}: [ 27.634732] lock_acquire+0x170/0x3f0 [ 27.639027] __mutex_lock+0xc4/0x1310 [ 27.643319] ftrace_profile_set_filter+0x64/0x1c0 [ 27.648653] _perf_ioctl+0x12b3/0x1a60 [ 27.653034] perf_ioctl+0x55/0x80 [ 27.656977] do_vfs_ioctl+0x75a/0xff0 [ 27.661269] SyS_ioctl+0x7f/0xb0 [ 27.665127] do_syscall_64+0x1d5/0x640 [ 27.669506] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 27.675183] [ 27.675183] other info that might help us debug this: [ 27.675183] [ 27.683291] Chain exists of: [ 27.683291] event_mutex --> pmus_lock --> &cpuctx_mutex [ 27.683291] [ 27.693147] Possible unsafe locking scenario: [ 27.693147] [ 27.699179] CPU0 CPU1 [ 27.703817] ---- ---- [ 27.708452] lock(&cpuctx_mutex); [ 27.711964] lock(pmus_lock); [ 27.717648] lock(&cpuctx_mutex); [ 27.723674] lock(event_mutex); [ 27.727013] [ 27.727013] *** DEADLOCK *** [ 27.727013] [ 27.733041] 1 lock held by syz-executor393/7973: [ 27.737765] #0: (&cpuctx_mutex){+.+.}, at: [] perf_event_ctx_lock_nested+0x14d/0x2c0 [ 27.747363] [ 27.747363] stack backtrace: [ 27.751833] CPU: 1 PID: 7973 Comm: syz-executor393 Not tainted 4.14.277-syzkaller #0 [ 27.759683] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 27.769010] Call Trace: [ 27.771580] dump_stack+0x1b2/0x281 [ 27.775182] print_circular_bug.constprop.0.cold+0x2d7/0x41e [ 27.780951] __lock_acquire+0x2e0e/0x3f20 [ 27.785070] ? trace_hardirqs_on+0x10/0x10 [ 27.789277] ? save_trace+0xd6/0x290 [ 27.792963] lock_acquire+0x170/0x3f0 [ 27.796735] ? ftrace_profile_set_filter+0x64/0x1c0 [ 27.801723] ? ftrace_profile_set_filter+0x64/0x1c0 [ 27.806715] __mutex_lock+0xc4/0x1310 [ 27.810485] ? ftrace_profile_set_filter+0x64/0x1c0 [ 27.815471] ? trace_hardirqs_on+0x10/0x10 [ 27.819677] ? __lock_acquire+0x5fc/0x3f20 [ 27.823886] ? ftrace_profile_set_filter+0x64/0x1c0 [ 27.828875] ? __ww_mutex_wakeup_for_backoff+0x210/0x210 [ 27.834456] ? __might_fault+0x104/0x1b0 [ 27.838496] ? lock_acquire+0x170/0x3f0 [ 27.842453] ? lock_downgrade+0x740/0x740 [ 27.846579] ftrace_profile_set_filter+0x64/0x1c0 [ 27.851398] ? ftrace_profile_free_filter+0x60/0x60 [ 27.856399] ? memdup_user+0x54/0xa0 [ 27.860093] _perf_ioctl+0x12b3/0x1a60 [ 27.863968] ? __ww_mutex_wakeup_for_backoff+0x210/0x210 [ 27.869401] ? lock_downgrade+0x740/0x740 [ 27.873528] ? perf_event_set_output+0x450/0x450 [ 27.878260] ? lock_acquire+0x170/0x3f0 [ 27.882209] ? lock_downgrade+0x740/0x740 [ 27.886331] ? perf_event_ctx_lock_nested+0x247/0x2c0 [ 27.891492] ? _perf_ioctl+0x1a60/0x1a60 [ 27.895525] perf_ioctl+0x55/0x80 [ 27.898961] do_vfs_ioctl+0x75a/0xff0 [ 27.902733] ? ioctl_preallocate+0x1a0/0x1a0 [ 27.907114] ? perf_bp_event+0x170/0x170 [ 27.911151] ? lock_downgrade+0x740/0x740 [ 27.915272] ? security_file_ioctl+0x83/0xb0 [ 27.919651] SyS_ioctl+0x7f/0xb0 [ 27.922988] ? do_vfs_ioctl+0xff0/0xff0 [ 27.926931] do_syscall_64+0x1d5/0x640 [ 27.930790] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 27.935953] RIP: 0033:0x7f14b721e0e9 [ 27.939635] RSP: 002b:00007ffe741bd2a8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 27.947313] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f14b721e0e9 [ 27.954557] RDX: 00000000200000c0 RSI: 0000000040082406 RDI: 0000000000000003 [ 27.961798] RBP: 00007f14b71e20d0 R08: 0000000000000000 R09: 0000000000000000 [ 27.9690