Warning: Permanently added '10.128.0.153' (ECDSA) to the list of known hosts. [ 41.191087] random: sshd: uninitialized urandom read (32 bytes read) executing program [ 41.312222] audit: type=1400 audit(1567658808.245:36): avc: denied { map } for pid=7076 comm="syz-executor922" path="/root/syz-executor922931172" dev="sda1" ino=16483 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1 [ 41.380785] [ 41.382775] ====================================================== [ 41.389204] WARNING: possible circular locking dependency detected [ 41.395601] 4.14.141 #37 Not tainted [ 41.399296] ------------------------------------------------------ [ 41.405690] syz-executor922/7076 is trying to acquire lock: [ 41.411510] (event_mutex){+.+.}, at: [] perf_trace_init+0x58/0xaa0 [ 41.420062] [ 41.420062] but task is already holding lock: [ 41.426022] (&cpuctx_mutex/1){+.+.}, at: [] perf_event_ctx_lock_nested+0x150/0x2c0 [ 41.435381] [ 41.435381] which lock already depends on the new lock. [ 41.435381] [ 41.443769] [ 41.443769] the existing dependency chain (in reverse order) is: [ 41.451544] [ 41.451544] -> #5 (&cpuctx_mutex/1){+.+.}: [ 41.457267] lock_acquire+0x16f/0x430 [ 41.461666] __mutex_lock+0xe8/0x1470 [ 41.466001] mutex_lock_nested+0x16/0x20 [ 41.470595] SYSC_perf_event_open+0x134c/0x2690 [ 41.475864] SyS_perf_event_open+0x34/0x40 [ 41.480621] do_syscall_64+0x1e8/0x640 [ 41.485106] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 41.490801] [ 41.490801] -> #4 (&cpuctx_mutex){+.+.}: [ 41.496342] lock_acquire+0x16f/0x430 [ 41.500679] __mutex_lock+0xe8/0x1470 [ 41.504988] mutex_lock_nested+0x16/0x20 [ 41.510101] perf_event_init_cpu+0xc2/0x170 [ 41.514977] perf_event_init+0x2d8/0x31a [ 41.519922] start_kernel+0x3b6/0x6fd [ 41.524772] x86_64_start_reservations+0x29/0x2b [ 41.530332] x86_64_start_kernel+0x77/0x7b [ 41.535363] secondary_startup_64+0xa5/0xb0 [ 41.540492] [ 41.540492] -> #3 (pmus_lock){+.+.}: [ 41.545906] lock_acquire+0x16f/0x430 [ 41.550298] __mutex_lock+0xe8/0x1470 [ 41.554838] mutex_lock_nested+0x16/0x20 [ 41.560068] perf_event_init_cpu+0x2f/0x170 [ 41.565188] cpuhp_invoke_callback+0x1ea/0x1ab0 [ 41.570670] _cpu_up+0x228/0x530 [ 41.574728] do_cpu_up+0x121/0x150 [ 41.578873] cpu_up+0x1b/0x20 [ 41.582498] smp_init+0x157/0x170 [ 41.586615] kernel_init_freeable+0x30b/0x532 [ 41.591831] kernel_init+0x12/0x162 [ 41.596339] ret_from_fork+0x24/0x30 [ 41.600569] [ 41.600569] -> #2 (cpu_hotplug_lock.rw_sem){++++}: [ 41.607081] lock_acquire+0x16f/0x430 [ 41.611446] cpus_read_lock+0x3d/0xc0 [ 41.616006] static_key_slow_inc+0x13/0x30 [ 41.620758] tracepoint_probe_register_prio+0x4d6/0x6d0 [ 41.626852] tracepoint_probe_register+0x2b/0x40 [ 41.632123] trace_event_reg+0x277/0x330 [ 41.637047] perf_trace_init+0x449/0xaa0 [ 41.641823] perf_tp_event_init+0x7d/0xf0 [ 41.646496] perf_try_init_event+0x164/0x200 [ 41.651610] perf_event_alloc.part.0+0xd90/0x25b0 [ 41.657563] SYSC_perf_event_open+0xad1/0x2690 [ 41.662663] SyS_perf_event_open+0x34/0x40 [ 41.667414] do_syscall_64+0x1e8/0x640 [ 41.672086] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 41.677784] [ 41.677784] -> #1 (tracepoints_mutex){+.+.}: [ 41.684399] lock_acquire+0x16f/0x430 [ 41.688722] __mutex_lock+0xe8/0x1470 [ 41.693038] mutex_lock_nested+0x16/0x20 [ 41.697616] tracepoint_probe_register_prio+0x36/0x6d0 [ 41.703431] tracepoint_probe_register+0x2b/0x40 [ 41.708717] trace_event_reg+0x277/0x330 [ 41.713643] perf_trace_init+0x449/0xaa0 [ 41.718588] perf_tp_event_init+0x7d/0xf0 [ 41.723630] perf_try_init_event+0x164/0x200 [ 41.728562] perf_event_alloc.part.0+0xd90/0x25b0 [ 41.734018] SYSC_perf_event_open+0xad1/0x2690 [ 41.740015] SyS_perf_event_open+0x34/0x40 [ 41.744772] do_syscall_64+0x1e8/0x640 [ 41.749219] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 41.754926] [ 41.754926] -> #0 (event_mutex){+.+.}: [ 41.760296] __lock_acquire+0x2cb3/0x4620 [ 41.765369] lock_acquire+0x16f/0x430 [ 41.770163] __mutex_lock+0xe8/0x1470 [ 41.774640] mutex_lock_nested+0x16/0x20 [ 41.779470] perf_trace_init+0x58/0xaa0 [ 41.783964] perf_tp_event_init+0x7d/0xf0 [ 41.788631] perf_try_init_event+0xe6/0x200 [ 41.793619] perf_event_alloc.part.0+0xd90/0x25b0 [ 41.798996] SYSC_perf_event_open+0xad1/0x2690 [ 41.804097] SyS_perf_event_open+0x34/0x40 [ 41.808848] do_syscall_64+0x1e8/0x640 [ 41.813315] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 41.819010] [ 41.819010] other info that might help us debug this: [ 41.819010] [ 41.827138] Chain exists of: [ 41.827138] event_mutex --> &cpuctx_mutex --> &cpuctx_mutex/1 [ 41.827138] [ 41.837696] Possible unsafe locking scenario: [ 41.837696] [ 41.843790] CPU0 CPU1 [ 41.848458] ---- ---- [ 41.853542] lock(&cpuctx_mutex/1); [ 41.857423] lock(&cpuctx_mutex); [ 41.863776] lock(&cpuctx_mutex/1); [ 41.870142] lock(event_mutex); [ 41.873666] [ 41.873666] *** DEADLOCK *** [ 41.873666] [ 41.879729] 2 locks held by syz-executor922/7076: [ 41.885036] #0: (&pmus_srcu){....}, at: [] perf_event_alloc.part.0+0xbaa/0x25b0 [ 41.894602] #1: (&cpuctx_mutex/1){+.+.}, at: [] perf_event_ctx_lock_nested+0x150/0x2c0 [ 41.904762] [ 41.904762] stack backtrace: [ 41.909700] CPU: 1 PID: 7076 Comm: syz-executor922 Not tainted 4.14.141 #37 [ 41.917236] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 41.926863] Call Trace: [ 41.929516] dump_stack+0x138/0x197 [ 41.933419] print_circular_bug.isra.0.cold+0x1cc/0x28f [ 41.939188] __lock_acquire+0x2cb3/0x4620 [ 41.943450] ? trace_hardirqs_on+0x10/0x10 [ 41.947760] ? trace_hardirqs_on+0x10/0x10 [ 41.951996] lock_acquire+0x16f/0x430 [ 41.955798] ? perf_trace_init+0x58/0xaa0 [ 41.960075] ? perf_trace_init+0x58/0xaa0 [ 41.964214] __mutex_lock+0xe8/0x1470 [ 41.968007] ? perf_trace_init+0x58/0xaa0 [ 41.972185] ? perf_event_ctx_lock_nested+0x150/0x2c0 [ 41.977366] ? perf_trace_init+0x58/0xaa0 [ 41.981502] ? __mutex_lock+0x36a/0x1470 [ 41.985615] ? trace_hardirqs_on+0x10/0x10 [ 41.990173] ? perf_try_init_event+0xf2/0x200 [ 41.994805] ? mutex_trylock+0x1c0/0x1c0 [ 41.999009] ? perf_event_ctx_lock_nested+0x150/0x2c0 [ 42.004222] ? perf_try_init_event+0xf2/0x200 [ 42.009079] ? mutex_trylock+0x1c0/0x1c0 [ 42.013303] ? find_held_lock+0x35/0x130 [ 42.017661] ? perf_event_ctx_lock_nested+0x119/0x2c0 [ 42.023035] mutex_lock_nested+0x16/0x20 [ 42.028729] ? lock_downgrade+0x6e0/0x6e0 [ 42.033695] ? mutex_lock_nested+0x16/0x20 [ 42.037954] perf_trace_init+0x58/0xaa0 [ 42.041916] ? mutex_lock_nested+0x16/0x20 [ 42.046443] perf_tp_event_init+0x7d/0xf0 [ 42.050706] perf_try_init_event+0xe6/0x200 [ 42.055333] perf_event_alloc.part.0+0xd90/0x25b0 [ 42.060500] SYSC_perf_event_open+0xad1/0x2690 [ 42.065190] ? perf_event_set_output+0x460/0x460 [ 42.070177] ? lock_downgrade+0x6e0/0x6e0 [ 42.074510] SyS_perf_event_open+0x34/0x40 [ 42.078742] ? perf_bp_event+0x170/0x170 [ 42.082960] do_syscall_64+0x1e8/0x640 [ 42.086848] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 42.091691] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 42.097507] RIP: 0033:0x440449 [ 42.100826] RSP: 002b:00007ffd52629378 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 42.108849] RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 0000000000440449 [ 42.116410] RDX: 0000000000000000 RSI: 00000000ffffffff RDI: 0000000020000000 [ 42.123860] RBP: 00000000006ca018 R08: 0000000000000000 R09: 00000000004002c8 [ 42.131230] R10: 0000000000000003