[[0;32m  OK  [0m] Reached target Graphical Interface.
         Starting Update UTMP about System Runlevel Changes...
         Starting Load/Save RF Kill Switch Status...
[[0;32m  OK  [0m] Started Update UTMP about System Runlevel Changes.
[[0;32m  OK  [0m] Started Load/Save RF Kill Switch Status.

Debian GNU/Linux 9 syzkaller ttyS0

Warning: Permanently added '10.128.0.205' (ECDSA) to the list of known hosts.
executing program
syzkaller login: [   27.550670] 
[   27.552292] ======================================================
[   27.558578] WARNING: possible circular locking dependency detected
[   27.564872] 4.14.295-syzkaller #0 Not tainted
[   27.569342] ------------------------------------------------------
[   27.575628] syz-executor334/7975 is trying to acquire lock:
[   27.581309]  (event_mutex){+.+.}, at: [<ffffffff815b1463>] perf_trace_destroy+0x23/0xf0
[   27.589433] 
[   27.589433] but task is already holding lock:
[   27.595371]  (&event->child_mutex){+.+.}, at: [<ffffffff81659408>] perf_event_release_kernel+0x208/0x8a0
[   27.604964] 
[   27.604964] which lock already depends on the new lock.
[   27.604964] 
[   27.613256] 
[   27.613256] the existing dependency chain (in reverse order) is:
[   27.620845] 
[   27.620845] -> #5 (&event->child_mutex){+.+.}:
[   27.626883]        __mutex_lock+0xc4/0x1310
[   27.631176]        perf_event_for_each_child+0x82/0x140
[   27.636508]        _perf_ioctl+0x471/0x1a60
[   27.640799]        perf_ioctl+0x55/0x80
[   27.644747]        do_vfs_ioctl+0x75a/0xff0
[   27.649038]        SyS_ioctl+0x7f/0xb0
[   27.652898]        do_syscall_64+0x1d5/0x640
[   27.657276]        entry_SYSCALL_64_after_hwframe+0x46/0xbb
[   27.662957] 
[   27.662957] -> #4 (&cpuctx_mutex){+.+.}:
[   27.668472]        __mutex_lock+0xc4/0x1310
[   27.672765]        perf_event_init_cpu+0xb7/0x170
[   27.677581]        perf_event_init+0x2cc/0x308
[   27.682134]        start_kernel+0x45d/0x763
[   27.686426]        secondary_startup_64+0xa5/0xb0
[   27.691235] 
[   27.691235] -> #3 (pmus_lock){+.+.}:
[   27.696400]        __mutex_lock+0xc4/0x1310
[   27.700691]        perf_event_init_cpu+0x2c/0x170
[   27.705510]        cpuhp_invoke_callback+0x1e6/0x1a80
[   27.710668]        _cpu_up+0x21e/0x520
[   27.714525]        do_cpu_up+0x9a/0x160
[   27.718469]        smp_init+0x197/0x1ac
[   27.722413]        kernel_init_freeable+0x406/0x626
[   27.727397]        kernel_init+0xd/0x161
[   27.731428]        ret_from_fork+0x24/0x30
[   27.735630] 
[   27.735630] -> #2 (cpu_hotplug_lock.rw_sem){++++}:
[   27.742011]        cpus_read_lock+0x39/0xc0
[   27.746301]        static_key_slow_inc+0xe/0x20
[   27.750944]        tracepoint_add_func+0x747/0xa40
[   27.755847]        tracepoint_probe_register+0x8c/0xc0
[   27.761095]        trace_event_reg+0x272/0x330
[   27.765646]        perf_trace_init+0x424/0xa30
[   27.770197]        perf_tp_event_init+0x79/0xf0
[   27.774838]        perf_try_init_event+0x15b/0x1f0
[   27.779736]        perf_event_alloc.part.0+0xe2d/0x2640
[   27.785073]        SyS_perf_event_open+0x683/0x2530
[   27.790060]        do_syscall_64+0x1d5/0x640
[   27.794441]        entry_SYSCALL_64_after_hwframe+0x46/0xbb
[   27.800120] 
[   27.800120] -> #1 (tracepoints_mutex){+.+.}:
[   27.805979]        __mutex_lock+0xc4/0x1310
[   27.810269]        tracepoint_probe_register+0x68/0xc0
[   27.815517]        trace_event_reg+0x272/0x330
[   27.820071]        perf_trace_init+0x424/0xa30
[   27.824621]        perf_tp_event_init+0x79/0xf0
[   27.829263]        perf_try_init_event+0x15b/0x1f0
[   27.834165]        perf_event_alloc.part.0+0xe2d/0x2640
[   27.839497]        SyS_perf_event_open+0x683/0x2530
[   27.844481]        do_syscall_64+0x1d5/0x640
[   27.848858]        entry_SYSCALL_64_after_hwframe+0x46/0xbb
[   27.854545] 
[   27.854545] -> #0 (event_mutex){+.+.}:
[   27.859886]        lock_acquire+0x170/0x3f0
[   27.864180]        __mutex_lock+0xc4/0x1310
[   27.868472]        perf_trace_destroy+0x23/0xf0
[   27.873109]        _free_event+0x321/0xe20
[   27.877311]        free_event+0x32/0x40
[   27.881256]        perf_event_release_kernel+0x368/0x8a0
[   27.886680]        perf_release+0x33/0x40
[   27.890814]        __fput+0x25f/0x7a0
[   27.894585]        task_work_run+0x11f/0x190
[   27.898966]        do_exit+0xa44/0x2850
[   27.902910]        SyS_exit+0x1e/0x20
[   27.906679]        do_syscall_64+0x1d5/0x640
[   27.911060]        entry_SYSCALL_64_after_hwframe+0x46/0xbb
[   27.916739] 
[   27.916739] other info that might help us debug this:
[   27.916739] 
[   27.924848] Chain exists of:
[   27.924848]   event_mutex --> &cpuctx_mutex --> &event->child_mutex
[   27.924848] 
[   27.935573]  Possible unsafe locking scenario:
[   27.935573] 
[   27.942775]        CPU0                    CPU1
[   27.947410]        ----                    ----
[   27.952055]   lock(&event->child_mutex);
[   27.956084]                                lock(&cpuctx_mutex);
[   27.962114]                                lock(&event->child_mutex);
[   27.968661]   lock(event_mutex);
[   27.971996] 
[   27.971996]  *** DEADLOCK ***
[   27.971996] 
[   27.978024] 2 locks held by syz-executor334/7975:
[   27.982836]  #0:  (&ctx->mutex){+.+.}, at: [<ffffffff816593fe>] perf_event_release_kernel+0x1fe/0x8a0
[   27.992173]  #1:  (&event->child_mutex){+.+.}, at: [<ffffffff81659408>] perf_event_release_kernel+0x208/0x8a0
[   28.002200] 
[   28.002200] stack backtrace:
[   28.006669] CPU: 0 PID: 7975 Comm: syz-executor334 Not tainted 4.14.295-syzkaller #0
[   28.014517] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/22/2022
[   28.023838] Call Trace:
[   28.026399]  dump_stack+0x1b2/0x281
[   28.030000]  print_circular_bug.constprop.0.cold+0x2d7/0x41e
[   28.035771]  __lock_acquire+0x2e0e/0x3f20
[   28.039977]  ? trace_hardirqs_on+0x10/0x10
[   28.044182]  ? perf_group_detach+0x7f0/0x7f0
[   28.048561]  ? generic_exec_single+0x27e/0x420
[   28.053113]  ? smp_call_function_single+0x1b1/0x370
[   28.058098]  lock_acquire+0x170/0x3f0
[   28.061869]  ? perf_trace_destroy+0x23/0xf0
[   28.066174]  ? perf_trace_destroy+0x23/0xf0
[   28.070474]  __mutex_lock+0xc4/0x1310
[   28.074246]  ? perf_trace_destroy+0x23/0xf0
[   28.078540]  ? task_function_call+0xed/0x130
[   28.082919]  ? pmu_dev_release+0x20/0x20
[   28.086950]  ? perf_trace_destroy+0x23/0xf0
[   28.091243]  ? __ww_mutex_wakeup_for_backoff+0x210/0x210
[   28.096666]  ? event_function_call+0x1fa/0x3c0
[   28.101219]  ? event_sched_out+0x11b0/0x11b0
[   28.105600]  ? rcu_lockdep_current_cpu_online+0xed/0x140
[   28.111030]  ? perf_tp_event_init+0xf0/0xf0
[   28.115327]  perf_trace_destroy+0x23/0xf0
[   28.119446]  ? perf_tp_event_init+0xf0/0xf0
[   28.123737]  _free_event+0x321/0xe20
[   28.127424]  free_event+0x32/0x40
[   28.130849]  perf_event_release_kernel+0x368/0x8a0
[   28.135753]  ? perf_event_release_kernel+0x8a0/0x8a0
[   28.140826]  perf_release+0x33/0x40
[   28.144424]  __fput+0x25f/0x7a0
[   28.147676]  task_work_run+0x11f/0x190
[   28.151536]  do_exit+0xa44/0x2850
[   28.154961]  ? get_timespec64+0xb1/0xf0
[   28.158911]  ? timespec_trunc+0x120/0x120
[   28.163034]  ? mm_update_next_owner+0x5b0/0x5b0
[   28.167673]  ? SyS_clock_nanosleep+0x210/0x2d0
[   28.172226]  ? compat_SyS_clock_getres+0x180/0x180
[   28.177127]  ? __do_page_fault+0x159/0xad0
[   28.181336]  SyS_exit+0x1e/0x20
[   28.184586]  ? complete_and_exit+0x40/0x40
[   28.188793]  do_syscall_64+0x1d5/0x640
[   28.192652]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
[   28.197829] RIP: 0033:0x7f001aede2a9
[   28.201517] RSP: 002