[ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... Starting Load/Save RF Kill Switch Status... [ OK ] Started Load/Save RF Kill Switch Status. [ OK ] Started Update UTMP about System Runlevel Changes. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.15.200' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 33.964193] [ 33.965834] ====================================================== [ 33.972135] WARNING: possible circular locking dependency detected [ 33.978535] 4.14.302-syzkaller #0 Not tainted [ 33.983533] ------------------------------------------------------ [ 33.989841] syz-executor113/7954 is trying to acquire lock: [ 33.995540] (cpu_hotplug_lock.rw_sem){++++}, at: [] static_key_slow_inc+0xe/0x20 [ 34.004724] [ 34.004724] but task is already holding lock: [ 34.010838] (tracepoints_mutex){+.+.}, at: [] tracepoint_probe_register+0x68/0xc0 [ 34.020219] [ 34.020219] which lock already depends on the new lock. [ 34.020219] [ 34.028528] [ 34.028528] the existing dependency chain (in reverse order) is: [ 34.036129] [ 34.036129] -> #5 (tracepoints_mutex){+.+.}: [ 34.042011] __mutex_lock+0xc4/0x1310 [ 34.046317] tracepoint_probe_register+0x68/0xc0 [ 34.051576] trace_event_reg+0x272/0x330 [ 34.056139] perf_trace_init+0x424/0xa30 [ 34.060702] perf_tp_event_init+0x79/0xf0 [ 34.065351] perf_try_init_event+0xdf/0x1f0 [ 34.070179] perf_event_alloc.part.0+0xe2d/0x2640 [ 34.075540] SyS_perf_event_open+0x683/0x2530 [ 34.080543] do_syscall_64+0x1d5/0x640 [ 34.084938] entry_SYSCALL_64_after_hwframe+0x5e/0xd3 [ 34.090641] [ 34.090641] -> #4 (event_mutex){+.+.}: [ 34.095998] __mutex_lock+0xc4/0x1310 [ 34.100316] perf_trace_init+0x4f/0xa30 [ 34.104793] perf_tp_event_init+0x79/0xf0 [ 34.110223] perf_try_init_event+0xdf/0x1f0 [ 34.115062] perf_event_alloc.part.0+0xe2d/0x2640 [ 34.120601] SyS_perf_event_open+0x683/0x2530 [ 34.125605] do_syscall_64+0x1d5/0x640 [ 34.130003] entry_SYSCALL_64_after_hwframe+0x5e/0xd3 [ 34.135981] [ 34.135981] -> #3 (&cpuctx_mutex/1){+.+.}: [ 34.141706] __mutex_lock+0xc4/0x1310 [ 34.146016] SyS_perf_event_open+0xd13/0x2530 [ 34.151038] do_syscall_64+0x1d5/0x640 [ 34.155431] entry_SYSCALL_64_after_hwframe+0x5e/0xd3 [ 34.161117] [ 34.161117] -> #2 (&cpuctx_mutex){+.+.}: [ 34.166650] __mutex_lock+0xc4/0x1310 [ 34.170953] perf_event_init_cpu+0xb7/0x170 [ 34.175774] perf_event_init+0x2cc/0x308 [ 34.180338] start_kernel+0x45d/0x763 [ 34.184640] secondary_startup_64+0xa5/0xb0 [ 34.189459] [ 34.189459] -> #1 (pmus_lock){+.+.}: [ 34.194900] __mutex_lock+0xc4/0x1310 [ 34.199216] perf_event_init_cpu+0x2c/0x170 [ 34.204049] cpuhp_invoke_callback+0x1e6/0x1a80 [ 34.209245] _cpu_up+0x21e/0x520 [ 34.213112] do_cpu_up+0x9a/0x160 [ 34.217353] smp_init+0x197/0x1ac [ 34.221555] kernel_init_freeable+0x406/0x626 [ 34.226662] kernel_init+0xd/0x15d [ 34.231060] ret_from_fork+0x24/0x30 [ 34.235279] [ 34.235279] -> #0 (cpu_hotplug_lock.rw_sem){++++}: [ 34.241862] lock_acquire+0x170/0x3f0 [ 34.246293] cpus_read_lock+0x39/0xc0 [ 34.250613] static_key_slow_inc+0xe/0x20 [ 34.255309] tracepoint_add_func+0x747/0xa40 [ 34.260234] tracepoint_probe_register+0x8c/0xc0 [ 34.265495] trace_event_reg+0x272/0x330 [ 34.270060] perf_trace_init+0x424/0xa30 [ 34.274625] perf_tp_event_init+0x79/0xf0 [ 34.279275] perf_try_init_event+0xdf/0x1f0 [ 34.284107] perf_event_alloc.part.0+0xe2d/0x2640 [ 34.289465] SyS_perf_event_open+0x683/0x2530 [ 34.294466] do_syscall_64+0x1d5/0x640 [ 34.298857] entry_SYSCALL_64_after_hwframe+0x5e/0xd3 [ 34.304630] [ 34.304630] other info that might help us debug this: [ 34.304630] [ 34.312965] Chain exists of: [ 34.312965] cpu_hotplug_lock.rw_sem --> event_mutex --> tracepoints_mutex [ 34.312965] [ 34.324399] Possible unsafe locking scenario: [ 34.324399] [ 34.330439] CPU0 CPU1 [ 34.335086] ---- ---- [ 34.339749] lock(tracepoints_mutex); [ 34.343719] lock(event_mutex); [ 34.349582] lock(tracepoints_mutex); [ 34.355970] lock(cpu_hotplug_lock.rw_sem); [ 34.360378] [ 34.360378] *** DEADLOCK *** [ 34.360378] [ 34.366461] 4 locks held by syz-executor113/7954: [ 34.371455] #0: (&pmus_srcu){....}, at: [] perf_event_alloc.part.0+0xc44/0x2640 [ 34.380633] #1: (&cpuctx_mutex/1){+.+.}, at: [] perf_event_ctx_lock_nested+0x14d/0x2c0 [ 34.390416] #2: (event_mutex){+.+.}, at: [] perf_trace_init+0x4f/0xa30 [ 34.398810] #3: (tracepoints_mutex){+.+.}, at: [] tracepoint_probe_register+0x68/0xc0 [ 34.408594] [ 34.408594] stack backtrace: [ 34.413082] CPU: 0 PID: 7954 Comm: syz-executor113 Not tainted 4.14.302-syzkaller #0 [ 34.420942] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 34.430276] Call Trace: [ 34.432852] dump_stack+0x1b2/0x281 [ 34.437073] print_circular_bug.constprop.0.cold+0x2d7/0x41e [ 34.442859] __lock_acquire+0x2e0e/0x3f20 [ 34.446995] ? trace_hardirqs_on+0x10/0x10 [ 34.451215] ? tracepoint_probe_register+0x68/0xc0 [ 34.456129] lock_acquire+0x170/0x3f0 [ 34.459915] ? static_key_slow_inc+0xe/0x20 [ 34.464222] ? dummy_handler+0x10/0x10 [ 34.468121] cpus_read_lock+0x39/0xc0 [ 34.471907] ? static_key_slow_inc+0xe/0x20 [ 34.476466] static_key_slow_inc+0xe/0x20 [ 34.480780] tracepoint_add_func+0x747/0xa40 [ 34.485181] ? dummy_handler+0x10/0x10 [ 34.489051] tracepoint_probe_register+0x8c/0xc0 [ 34.493808] ? for_each_kernel_tracepoint+0x80/0x80 [ 34.498849] ? pcpu_alloc+0x8f/0xf50 [ 34.502571] ? dummy_handler+0x10/0x10 [ 34.506588] trace_event_reg+0x272/0x330 [ 34.510738] perf_trace_init+0x424/0xa30 [ 34.514795] perf_tp_event_init+0x79/0xf0 [ 34.518928] perf_try_init_event+0xdf/0x1f0 [ 34.523388] perf_event_alloc.part.0+0xe2d/0x2640 [ 34.528348] SyS_perf_event_open+0x683/0x2530 [ 34.532855] ? perf_bp_event+0x180/0x180 [ 34.536902] ? lock_downgrade+0x740/0x740 [ 34.541173] ? do_syscall_64+0x4c/0x640 [ 34.545134] ? perf_bp_event+0x180/0x180 [ 34.549177] do_syscall_64+0x1d5/0x640 [ 34.553058] entry_SYSCALL_64_after_hwframe+0x5e/0xd3 [ 34.558230] RIP: 0033:0x7ff23b6fc489 [ 34.561931] RSP: 002b:00007ffeace993b8 EFLAGS: 0000