[[0;32m  OK  [0m] Listening on Load/Save RF Kill Switch Status /dev/rfkill Watch.
[[0;32m  OK  [0m] Started Serial Getty on ttyS0.
[[0;32m  OK  [0m] Reached target Login Prompts.
         Starting Load/Save RF Kill Switch Status...
[[0;32m  OK  [0m] Started Load/Save RF Kill Switch Status.

Debian GNU/Linux 9 syzkaller ttyS0

Warning: Permanently added '10.128.0.152' (ECDSA) to the list of known hosts.
executing program
syzkaller login: [  142.502369] 
[  142.503998] ======================================================
[  142.510285] WARNING: possible circular locking dependency detected
[  142.516573] 4.14.295-syzkaller #0 Not tainted
[  142.521034] ------------------------------------------------------
[  142.527320] syz-executor661/7994 is trying to acquire lock:
[  142.532998]  (event_mutex){+.+.}, at: [<ffffffff815b1463>] perf_trace_destroy+0x23/0xf0
[  142.541119] 
[  142.541119] but task is already holding lock:
[  142.547065]  (&event->child_mutex){+.+.}, at: [<ffffffff81659408>] perf_event_release_kernel+0x208/0x8a0
[  142.556657] 
[  142.556657] which lock already depends on the new lock.
[  142.556657] 
[  142.564940] 
[  142.564940] the existing dependency chain (in reverse order) is:
[  142.572527] 
[  142.572527] -> #5 (&event->child_mutex){+.+.}:
[  142.578562]        __mutex_lock+0xc4/0x1310
[  142.582853]        perf_event_for_each_child+0x82/0x140
[  142.588189]        _perf_ioctl+0x471/0x1a60
[  142.592482]        perf_ioctl+0x55/0x80
[  142.596430]        do_vfs_ioctl+0x75a/0xff0
[  142.600720]        SyS_ioctl+0x7f/0xb0
[  142.604577]        do_syscall_64+0x1d5/0x640
[  142.608958]        entry_SYSCALL_64_after_hwframe+0x46/0xbb
[  142.614662] 
[  142.614662] -> #4 (&cpuctx_mutex){+.+.}:
[  142.620182]        __mutex_lock+0xc4/0x1310
[  142.624476]        perf_event_init_cpu+0xb7/0x170
[  142.629290]        perf_event_init+0x2cc/0x308
[  142.633844]        start_kernel+0x45d/0x763
[  142.638136]        secondary_startup_64+0xa5/0xb0
[  142.643051] 
[  142.643051] -> #3 (pmus_lock){+.+.}:
[  142.648222]        __mutex_lock+0xc4/0x1310
[  142.652535]        perf_event_init_cpu+0x2c/0x170
[  142.657358]        cpuhp_invoke_callback+0x1e6/0x1a80
[  142.662520]        _cpu_up+0x21e/0x520
[  142.666379]        do_cpu_up+0x9a/0x160
[  142.670326]        smp_init+0x197/0x1ac
[  142.674275]        kernel_init_freeable+0x406/0x626
[  142.679265]        kernel_init+0xd/0x161
[  142.683304]        ret_from_fork+0x24/0x30
[  142.687507] 
[  142.687507] -> #2 (cpu_hotplug_lock.rw_sem){++++}:
[  142.693903]        cpus_read_lock+0x39/0xc0
[  142.698198]        static_key_slow_inc+0xe/0x20
[  142.702838]        tracepoint_add_func+0x747/0xa40
[  142.707742]        tracepoint_probe_register+0x8c/0xc0
[  142.712991]        trace_event_reg+0x272/0x330
[  142.717545]        perf_trace_init+0x424/0xa30
[  142.722113]        perf_tp_event_init+0x79/0xf0
[  142.726761]        perf_try_init_event+0x15b/0x1f0
[  142.731664]        perf_event_alloc.part.0+0xe2d/0x2640
[  142.737003]        SyS_perf_event_open+0x683/0x2530
[  142.742003]        do_syscall_64+0x1d5/0x640
[  142.746390]        entry_SYSCALL_64_after_hwframe+0x46/0xbb
[  142.752077] 
[  142.752077] -> #1 (tracepoints_mutex){+.+.}:
[  142.757951]        __mutex_lock+0xc4/0x1310
[  142.762250]        tracepoint_probe_register+0x68/0xc0
[  142.767499]        trace_event_reg+0x272/0x330
[  142.772055]        perf_trace_init+0x424/0xa30
[  142.776608]        perf_tp_event_init+0x79/0xf0
[  142.781248]        perf_try_init_event+0x15b/0x1f0
[  142.786156]        perf_event_alloc.part.0+0xe2d/0x2640
[  142.791511]        SyS_perf_event_open+0x683/0x2530
[  142.796513]        do_syscall_64+0x1d5/0x640
[  142.800895]        entry_SYSCALL_64_after_hwframe+0x46/0xbb
[  142.806576] 
[  142.806576] -> #0 (event_mutex){+.+.}:
[  142.811919]        lock_acquire+0x170/0x3f0
[  142.816210]        __mutex_lock+0xc4/0x1310
[  142.820503]        perf_trace_destroy+0x23/0xf0
[  142.825143]        _free_event+0x321/0xe20
[  142.829352]        free_event+0x32/0x40
[  142.833299]        perf_event_release_kernel+0x368/0x8a0
[  142.838721]        perf_release+0x33/0x40
[  142.842837]        __fput+0x25f/0x7a0
[  142.846606]        task_work_run+0x11f/0x190
[  142.850988]        do_exit+0xa44/0x2850
[  142.854937]        SyS_exit+0x1e/0x20
[  142.858708]        do_syscall_64+0x1d5/0x640
[  142.863088]        entry_SYSCALL_64_after_hwframe+0x46/0xbb
[  142.868765] 
[  142.868765] other info that might help us debug this:
[  142.868765] 
[  142.876880] Chain exists of:
[  142.876880]   event_mutex --> &cpuctx_mutex --> &event->child_mutex
[  142.876880] 
[  142.887605]  Possible unsafe locking scenario:
[  142.887605] 
[  142.893633]        CPU0                    CPU1
[  142.898270]        ----                    ----
[  142.902904]   lock(&event->child_mutex);
[  142.906936]                                lock(&cpuctx_mutex);
[  142.912967]                                lock(&event->child_mutex);
[  142.919521]   lock(event_mutex);
[  142.922861] 
[  142.922861]  *** DEADLOCK ***
[  142.922861] 
[  142.928890] 2 locks held by syz-executor661/7994:
[  142.933740]  #0:  (&ctx->mutex){+.+.}, at: [<ffffffff816593fe>] perf_event_release_kernel+0x1fe/0x8a0
[  142.943076]  #1:  (&event->child_mutex){+.+.}, at: [<ffffffff81659408>] perf_event_release_kernel+0x208/0x8a0
[  142.953102] 
[  142.953102] stack backtrace:
[  142.957576] CPU: 0 PID: 7994 Comm: syz-executor661 Not tainted 4.14.295-syzkaller #0
[  142.965424] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/22/2022
[  142.974747] Call Trace:
[  142.977309]  dump_stack+0x1b2/0x281
[  142.980912]  print_circular_bug.constprop.0.cold+0x2d7/0x41e
[  142.986683]  __lock_acquire+0x2e0e/0x3f20
[  142.990806]  ? trace_hardirqs_on+0x10/0x10
[  142.995013]  ? perf_group_detach+0x7f0/0x7f0
[  142.999393]  ? generic_exec_single+0x27e/0x420
[  143.003973]  ? smp_call_function_single+0x1b1/0x370
[  143.008967]  lock_acquire+0x170/0x3f0
[  143.012740]  ? perf_trace_destroy+0x23/0xf0
[  143.017031]  ? perf_trace_destroy+0x23/0xf0
[  143.021325]  __mutex_lock+0xc4/0x1310
[  143.025096]  ? perf_trace_destroy+0x23/0xf0
[  143.029389]  ? task_function_call+0xed/0x130
[  143.033765]  ? pmu_dev_release+0x20/0x20
[  143.037795]  ? perf_trace_destroy+0x23/0xf0
[  143.042089]  ? __ww_mutex_wakeup_for_backoff+0x210/0x210
[  143.047510]  ? event_function_call+0x1fa/0x3c0
[  143.052065]  ? event_sched_out+0x11b0/0x11b0
[  143.056449]  ? rcu_lockdep_current_cpu_online+0xed/0x140
[  143.061869]  ? perf_tp_event_init+0xf0/0xf0
[  143.066161]  perf_trace_destroy+0x23/0xf0
[  143.070280]  ? perf_tp_event_init+0xf0/0xf0
[  143.074584]  _free_event+0x321/0xe20
[  143.078269]  free_event+0x32/0x40
[  143.081695]  perf_event_release_kernel+0x368/0x8a0
[  143.086597]  ? perf_event_release_kernel+0x8a0/0x8a0
[  143.091672]  perf_release+0x33/0x40
[  143.095270]  __fput+0x25f/0x7a0
[  143.098524]  task_work_run+0x11f/0x190
[  143.102386]  do_exit+0xa44/0x2850
[  143.105809]  ? get_timespec64+0xb1/0xf0
[  143.109754]  ? timespec_trunc+0x120/0x120
[  143.113874]  ? mm_update_next_owner+0x5b0/0x5b0
[  143.118513]  ? SyS_clock_nanosleep+0x210/0x2d0
[  143.123153]  ? compat_SyS_clock_getres+0x180/0x180
[  143.128073]  ? __do_page_fault+0x159/0xad0
[  143.132287]  SyS_exit+0x1e/0x20
[  143.135554]  ? complete_and_exit+0x40/0x40
[  143.139778]  do_syscall_64+0x1d5/0x640
[  143.143648]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
[  143.148819] RIP: 0033:0x7fac9e6ce2a9
[  143.152502] RSP: 002b:00007f