[ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... Starting Load/Save RF Kill Switch Status... [ OK ] Started Load/Save RF Kill Switch Status. [ OK ] Started Update UTMP about System Runlevel Changes. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.1.106' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 30.690389] [ 30.692188] ====================================================== [ 30.698489] WARNING: possible circular locking dependency detected [ 30.704778] 4.14.240-syzkaller #0 Not tainted [ 30.709849] ------------------------------------------------------ [ 30.716137] syz-executor349/7961 is trying to acquire lock: [ 30.721818] (event_mutex){+.+.}, at: [] ftrace_profile_set_filter+0x64/0x1c0 [ 30.730722] [ 30.730722] but task is already holding lock: [ 30.736661] (&cpuctx_mutex){+.+.}, at: [] perf_event_ctx_lock_nested+0x14d/0x2c0 [ 30.745822] [ 30.745822] which lock already depends on the new lock. [ 30.745822] [ 30.754120] [ 30.754120] the existing dependency chain (in reverse order) is: [ 30.761710] [ 30.761710] -> #4 (&cpuctx_mutex){+.+.}: [ 30.767242] __mutex_lock+0xc4/0x1310 [ 30.771535] perf_event_init_cpu+0xb7/0x170 [ 30.776349] perf_event_init+0x2cc/0x308 [ 30.780904] start_kernel+0x46a/0x770 [ 30.785220] secondary_startup_64+0xa5/0xb0 [ 30.790125] [ 30.790125] -> #3 (pmus_lock){+.+.}: [ 30.795293] __mutex_lock+0xc4/0x1310 [ 30.799602] perf_event_init_cpu+0x2c/0x170 [ 30.804442] cpuhp_invoke_callback+0x1e6/0x1a80 [ 30.809618] _cpu_up+0x21e/0x520 [ 30.813480] do_cpu_up+0x9a/0x160 [ 30.817438] smp_init+0x197/0x1ac [ 30.821388] kernel_init_freeable+0x406/0x626 [ 30.826399] kernel_init+0xd/0x15c [ 30.830446] ret_from_fork+0x24/0x30 [ 30.834661] [ 30.834661] -> #2 (cpu_hotplug_lock.rw_sem){++++}: [ 30.841060] cpus_read_lock+0x39/0xc0 [ 30.845357] static_key_slow_inc+0xe/0x20 [ 30.850022] tracepoint_add_func+0x747/0xa40 [ 30.854966] tracepoint_probe_register+0x8c/0xc0 [ 30.860226] trace_event_reg+0x272/0x330 [ 30.864787] perf_trace_init+0x424/0xa30 [ 30.869343] perf_tp_event_init+0x79/0xf0 [ 30.874003] perf_try_init_event+0x15b/0x1f0 [ 30.878901] perf_event_alloc.part.0+0xe2d/0x2640 [ 30.884248] SyS_perf_event_open+0x67f/0x24b0 [ 30.889238] do_syscall_64+0x1d5/0x640 [ 30.893616] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 30.899382] [ 30.899382] -> #1 (tracepoints_mutex){+.+.}: [ 30.905247] __mutex_lock+0xc4/0x1310 [ 30.909539] tracepoint_probe_register+0x68/0xc0 [ 30.914784] trace_event_reg+0x272/0x330 [ 30.919337] perf_trace_init+0x424/0xa30 [ 30.923909] perf_tp_event_init+0x79/0xf0 [ 30.928550] perf_try_init_event+0x15b/0x1f0 [ 30.933447] perf_event_alloc.part.0+0xe2d/0x2640 [ 30.938781] SyS_perf_event_open+0x67f/0x24b0 [ 30.943777] do_syscall_64+0x1d5/0x640 [ 30.948161] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 30.953929] [ 30.953929] -> #0 (event_mutex){+.+.}: [ 30.959270] lock_acquire+0x170/0x3f0 [ 30.963572] __mutex_lock+0xc4/0x1310 [ 30.967865] ftrace_profile_set_filter+0x64/0x1c0 [ 30.973200] _perf_ioctl+0x13b2/0x1a40 [ 30.977581] perf_ioctl+0x55/0x80 [ 30.981524] do_vfs_ioctl+0x75a/0xff0 [ 30.986336] SyS_ioctl+0x7f/0xb0 [ 30.990195] do_syscall_64+0x1d5/0x640 [ 30.994573] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 31.000251] [ 31.000251] other info that might help us debug this: [ 31.000251] [ 31.008360] Chain exists of: [ 31.008360] event_mutex --> pmus_lock --> &cpuctx_mutex [ 31.008360] [ 31.018213] Possible unsafe locking scenario: [ 31.018213] [ 31.024262] CPU0 CPU1 [ 31.028910] ---- ---- [ 31.033553] lock(&cpuctx_mutex); [ 31.037068] lock(pmus_lock); [ 31.042750] lock(&cpuctx_mutex); [ 31.048776] lock(event_mutex); [ 31.052127] [ 31.052127] *** DEADLOCK *** [ 31.052127] [ 31.058182] 1 lock held by syz-executor349/7961: [ 31.062906] #0: (&cpuctx_mutex){+.+.}, at: [] perf_event_ctx_lock_nested+0x14d/0x2c0 [ 31.072531] [ 31.072531] stack backtrace: [ 31.077007] CPU: 0 PID: 7961 Comm: syz-executor349 Not tainted 4.14.240-syzkaller #0 [ 31.084972] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 31.094314] Call Trace: [ 31.096882] dump_stack+0x1b2/0x281 [ 31.100485] print_circular_bug.constprop.0.cold+0x2d7/0x41e [ 31.106269] __lock_acquire+0x2e0e/0x3f20 [ 31.110391] ? trace_hardirqs_on+0x10/0x10 [ 31.114654] ? save_trace+0xd6/0x290 [ 31.118345] lock_acquire+0x170/0x3f0 [ 31.122123] ? ftrace_profile_set_filter+0x64/0x1c0 [ 31.127115] ? ftrace_profile_set_filter+0x64/0x1c0 [ 31.132154] __mutex_lock+0xc4/0x1310 [ 31.135946] ? ftrace_profile_set_filter+0x64/0x1c0 [ 31.140943] ? ftrace_profile_set_filter+0x64/0x1c0 [ 31.145958] ? __ww_mutex_wakeup_for_backoff+0x210/0x210 [ 31.151393] ? __might_fault+0x104/0x1b0 [ 31.155430] ? lock_acquire+0x170/0x3f0 [ 31.159389] ? lock_downgrade+0x740/0x740 [ 31.163512] ftrace_profile_set_filter+0x64/0x1c0 [ 31.168334] ? ftrace_profile_free_filter+0x60/0x60 [ 31.173319] ? memdup_user+0x54/0xa0 [ 31.177006] _perf_ioctl+0x13b2/0x1a40 [ 31.180865] ? __ww_mutex_wakeup_for_backoff+0x210/0x210 [ 31.186285] ? lock_downgrade+0x740/0x740 [ 31.190437] ? perf_event_set_output+0x450/0x450 [ 31.195344] ? lock_acquire+0x170/0x3f0 [ 31.199292] ? lock_downgrade+0x740/0x740 [ 31.203435] ? perf_event_ctx_lock_nested+0x247/0x2c0 [ 31.208603] ? _perf_ioctl+0x1a40/0x1a40 [ 31.212650] perf_ioctl+0x55/0x80 [ 31.216132] do_vfs_ioctl+0x75a/0xff0 [ 31.219909] ? ioctl_preallocate+0x1a0/0x1a0 [ 31.224337] ? perf_bp_event+0x170/0x170 [ 31.228405] ? lock_downgrade+0x740/0x740 [ 31.232525] ? security_file_ioctl+0x83/0xb0 [ 31.236906] SyS_ioctl+0x7f/0xb0 [ 31.240347] ? do_vfs_ioctl+0xff0/0xff0 [ 31.244295] do_syscall_64+0x1d5/0x640 [ 31.248158] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 31.253320] RIP: 0033:0x43ef59 [ 31.256483] RSP: 002b:00007fff491aafd8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 31.264163] RAX: ffffffffffffffda RBX: 0000000000400488 RCX: 000000000043ef59 [ 31.271405] RDX: 0000000020000180 RSI: 0000000040082406 RDI: 0000000000000003 [ 31.278645] RBP: 0000000000402f40 R08: 0000000000000000 R09: 0000000000400488 [ 31.285886] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000402fd0 [