[[0;32m  OK  [0m] Reached target Graphical Interface.
         Starting Update UTMP about System Runlevel Changes...
         Starting Load/Save RF Kill Switch Status...
[[0;32m  OK  [0m] Started Update UTMP about System Runlevel Changes.
[[0;32m  OK  [0m] Started Load/Save RF Kill Switch Status.

Debian GNU/Linux 9 syzkaller ttyS0

Warning: Permanently added '10.128.0.144' (ECDSA) to the list of known hosts.
executing program
syzkaller login: [   78.457595] 
[   78.459234] ======================================================
[   78.465696] WARNING: possible circular locking dependency detected
[   78.472001] 4.14.298-syzkaller #0 Not tainted
[   78.476471] ------------------------------------------------------
[   78.482858] syz-executor706/7995 is trying to acquire lock:
[   78.488632]  (event_mutex){+.+.}, at: [<ffffffff815b25e3>] perf_trace_destroy+0x23/0xf0
[   78.496762] 
[   78.496762] but task is already holding lock:
[   78.502705]  (&event->child_mutex){+.+.}, at: [<ffffffff8165a588>] perf_event_release_kernel+0x208/0x8a0
[   78.512337] 
[   78.512337] which lock already depends on the new lock.
[   78.512337] 
[   78.520726] 
[   78.520726] the existing dependency chain (in reverse order) is:
[   78.528319] 
[   78.528319] -> #5 (&event->child_mutex){+.+.}:
[   78.534376]        __mutex_lock+0xc4/0x1310
[   78.538694]        perf_event_for_each_child+0x82/0x140
[   78.544053]        _perf_ioctl+0x3db/0x1a60
[   78.548578]        perf_ioctl+0x55/0x80
[   78.552524]        do_vfs_ioctl+0x75a/0xff0
[   78.556833]        SyS_ioctl+0x7f/0xb0
[   78.560692]        do_syscall_64+0x1d5/0x640
[   78.565072]        entry_SYSCALL_64_after_hwframe+0x5e/0xd3
[   78.570768] 
[   78.570768] -> #4 (&cpuctx_mutex){+.+.}:
[   78.576287]        __mutex_lock+0xc4/0x1310
[   78.580595]        perf_event_init_cpu+0xb7/0x170
[   78.585758]        perf_event_init+0x2cc/0x308
[   78.590669]        start_kernel+0x45d/0x763
[   78.594965]        secondary_startup_64+0xa5/0xb0
[   78.599949] 
[   78.599949] -> #3 (pmus_lock){+.+.}:
[   78.605127]        __mutex_lock+0xc4/0x1310
[   78.609424]        perf_event_init_cpu+0x2c/0x170
[   78.614769]        cpuhp_invoke_callback+0x1e6/0x1a80
[   78.620741]        _cpu_up+0x21e/0x520
[   78.624602]        do_cpu_up+0x9a/0x160
[   78.628551]        smp_init+0x197/0x1ac
[   78.632847]        kernel_init_freeable+0x406/0x626
[   78.637850]        kernel_init+0xd/0x164
[   78.641883]        ret_from_fork+0x24/0x30
[   78.646964] 
[   78.646964] -> #2 (cpu_hotplug_lock.rw_sem){++++}:
[   78.654043]        cpus_read_lock+0x39/0xc0
[   78.658368]        static_key_slow_inc+0xe/0x20
[   78.663029]        tracepoint_add_func+0x747/0xa40
[   78.668020]        tracepoint_probe_register+0x8c/0xc0
[   78.673358]        trace_event_reg+0x272/0x330
[   78.677933]        perf_trace_init+0x424/0xa30
[   78.682502]        perf_tp_event_init+0x79/0xf0
[   78.687613]        perf_try_init_event+0x15b/0x1f0
[   78.692520]        perf_event_alloc.part.0+0xe2d/0x2640
[   78.697958]        SyS_perf_event_open+0x683/0x2530
[   78.703102]        do_syscall_64+0x1d5/0x640
[   78.707488]        entry_SYSCALL_64_after_hwframe+0x5e/0xd3
[   78.713182] 
[   78.713182] -> #1 (tracepoints_mutex){+.+.}:
[   78.719430]        __mutex_lock+0xc4/0x1310
[   78.723746]        tracepoint_probe_register+0x68/0xc0
[   78.729086]        trace_event_reg+0x272/0x330
[   78.733654]        perf_trace_init+0x424/0xa30
[   78.738239]        perf_tp_event_init+0x79/0xf0
[   78.742884]        perf_try_init_event+0x15b/0x1f0
[   78.747959]        perf_event_alloc.part.0+0xe2d/0x2640
[   78.753419]        SyS_perf_event_open+0x683/0x2530
[   78.758415]        do_syscall_64+0x1d5/0x640
[   78.762838]        entry_SYSCALL_64_after_hwframe+0x5e/0xd3
[   78.768667] 
[   78.768667] -> #0 (event_mutex){+.+.}:
[   78.774023]        lock_acquire+0x170/0x3f0
[   78.779455]        __mutex_lock+0xc4/0x1310
[   78.783820]        perf_trace_destroy+0x23/0xf0
[   78.788649]        _free_event+0x321/0xe20
[   78.793062]        free_event+0x32/0x40
[   78.797020]        perf_event_release_kernel+0x368/0x8a0
[   78.802920]        perf_release+0x33/0x40
[   78.807053]        __fput+0x25f/0x7a0
[   78.810916]        task_work_run+0x11f/0x190
[   78.815394]        do_exit+0xa44/0x2850
[   78.819499]        SyS_exit+0x1e/0x20
[   78.823719]        do_syscall_64+0x1d5/0x640
[   78.828629]        entry_SYSCALL_64_after_hwframe+0x5e/0xd3
[   78.834421] 
[   78.834421] other info that might help us debug this:
[   78.834421] 
[   78.842916] Chain exists of:
[   78.842916]   event_mutex --> &cpuctx_mutex --> &event->child_mutex
[   78.842916] 
[   78.854955]  Possible unsafe locking scenario:
[   78.854955] 
[   78.861077]        CPU0                    CPU1
[   78.866946]        ----                    ----
[   78.871583]   lock(&event->child_mutex);
[   78.875708]                                lock(&cpuctx_mutex);
[   78.881749]                                lock(&event->child_mutex);
[   78.888309]   lock(event_mutex);
[   78.891647] 
[   78.891647]  *** DEADLOCK ***
[   78.891647] 
[   78.897762] 2 locks held by syz-executor706/7995:
[   78.902929]  #0:  (&ctx->mutex){+.+.}, at: [<ffffffff8165a57e>] perf_event_release_kernel+0x1fe/0x8a0
[   78.912268]  #1:  (&event->child_mutex){+.+.}, at: [<ffffffff8165a588>] perf_event_release_kernel+0x208/0x8a0
[   78.922299] 
[   78.922299] stack backtrace:
[   78.926818] CPU: 0 PID: 7995 Comm: syz-executor706 Not tainted 4.14.298-syzkaller #0
[   78.934770] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[   78.944097] Call Trace:
[   78.946754]  dump_stack+0x1b2/0x281
[   78.950355]  print_circular_bug.constprop.0.cold+0x2d7/0x41e
[   78.956213]  __lock_acquire+0x2e0e/0x3f20
[   78.960422]  ? trace_hardirqs_on+0x10/0x10
[   78.964806]  ? perf_group_detach+0x7f0/0x7f0
[   78.969232]  ? generic_exec_single+0x27e/0x420
[   78.978473]  ? smp_call_function_single+0x1b1/0x370
[   78.983468]  lock_acquire+0x170/0x3f0
[   78.987251]  ? perf_trace_destroy+0x23/0xf0
[   78.991552]  ? perf_trace_destroy+0x23/0xf0
[   78.995951]  __mutex_lock+0xc4/0x1310
[   78.999740]  ? perf_trace_destroy+0x23/0xf0
[   79.004038]  ? task_function_call+0xed/0x130
[   79.008454]  ? pmu_dev_release+0x20/0x20
[   79.012498]  ? perf_trace_destroy+0x23/0xf0
[   79.016893]  ? __ww_mutex_wakeup_for_backoff+0x210/0x210
[   79.022512]  ? event_function_call+0x1fa/0x3c0
[   79.027083]  ? event_sched_out+0x11b0/0x11b0
[   79.031473]  ? rcu_lockdep_current_cpu_online+0xed/0x140
[   79.036913]  ? perf_tp_event_init+0xf0/0xf0
[   79.041214]  perf_trace_destroy+0x23/0xf0
[   79.045423]  ? perf_tp_event_init+0xf0/0xf0
[   79.049717]  _free_event+0x321/0xe20
[   79.053577]  free_event+0x32/0x40
[   79.057005]  perf_event_release_kernel+0x368/0x8a0
[   79.061906]  ? perf_event_release_kernel+0x8a0/0x8a0
[   79.066988]  perf_release+0x33/0x40
[   79.070595]  __fput+0x25f/0x7a0
[   79.073860]  task_work_run+0x11f/0x190
[   79.077749]  do_exit+0xa44/0x2850
[   79.081189]  ? get_timespec64+0xb1/0xf0
[   79.085278]  ? timespec_trunc+0x120/0x120
[   79.089404]  ? mm_update_next_owner+0x5b0/0x5b0
[   79.094139]  ? SyS_clock_nanosleep+0x210/0x2d0
[   79.098757]  ? compat_SyS_clock_getres+0x180/0x180
[   79.103759]  ? __do_page_fault+0x159/0xad0
[   79.108110]  SyS_exit+0x1e