Warning: Permanently added '10.128.0.153' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 50.708579][ T8449] [ 50.710935][ T8449] ====================================================== [ 50.717976][ T8449] WARNING: possible circular locking dependency detected [ 50.725228][ T8449] 5.14.0-rc2-syzkaller #0 Not tainted [ 50.730571][ T8449] ------------------------------------------------------ [ 50.737620][ T8449] syz-executor238/8449 is trying to acquire lock: [ 50.744003][ T8449] ffffffff8c7658e8 (event_mutex){+.+.}-{3:3}, at: perf_trace_destroy+0x27/0xb0 [ 50.752941][ T8449] [ 50.752941][ T8449] but task is already holding lock: [ 50.760275][ T8449] ffff888033788f28 (&mm->mmap_lock#2){++++}-{3:3}, at: vm_mmap_pgoff+0x14d/0x2b0 [ 50.769374][ T8449] [ 50.769374][ T8449] which lock already depends on the new lock. [ 50.769374][ T8449] [ 50.779751][ T8449] [ 50.779751][ T8449] the existing dependency chain (in reverse order) is: [ 50.788739][ T8449] [ 50.788739][ T8449] -> #3 (&mm->mmap_lock#2){++++}-{3:3}: [ 50.796438][ T8449] lock_acquire+0x182/0x4a0 [ 50.801450][ T8449] down_write_killable+0xaa/0x1b0 [ 50.806977][ T8449] dup_mmap+0xde/0xed0 [ 50.811562][ T8449] dup_mm+0x8c/0x310 [ 50.815964][ T8449] copy_process+0x22e8/0x5b00 [ 50.821328][ T8449] kernel_clone+0x21a/0x7d0 [ 50.826326][ T8449] __x64_sys_clone+0x236/0x2b0 [ 50.831585][ T8449] do_syscall_64+0x3d/0xb0 [ 50.836500][ T8449] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 50.842891][ T8449] [ 50.842891][ T8449] -> #2 (dup_mmap_sem){++++}-{0:0}: [ 50.850308][ T8449] lock_acquire+0x182/0x4a0 [ 50.855326][ T8449] percpu_down_write+0x52/0x2f0 [ 50.860679][ T8449] register_for_each_vma+0x32/0xc20 [ 50.866386][ T8449] __uprobe_register+0x5d4/0x860 [ 50.871819][ T8449] probe_event_enable+0x399/0xbd0 [ 50.877342][ T8449] perf_trace_event_init+0x49b/0x950 [ 50.883126][ T8449] perf_uprobe_init+0x138/0x1a0 [ 50.888476][ T8449] perf_uprobe_event_init+0xfe/0x180 [ 50.894257][ T8449] perf_try_init_event+0x13e/0x3d0 [ 50.899875][ T8449] perf_event_alloc+0x1155/0x2c10 [ 50.905396][ T8449] __se_sys_perf_event_open+0x7a6/0x4020 [ 50.911522][ T8449] do_syscall_64+0x3d/0xb0 [ 50.916521][ T8449] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 50.922910][ T8449] [ 50.922910][ T8449] -> #1 (&uprobe->register_rwsem){+.+.}-{3:3}: [ 50.931231][ T8449] lock_acquire+0x182/0x4a0 [ 50.936232][ T8449] down_write+0x97/0x170 [ 50.940972][ T8449] __uprobe_register+0x4fd/0x860 [ 50.946405][ T8449] probe_event_enable+0x399/0xbd0 [ 50.951924][ T8449] perf_trace_event_init+0x49b/0x950 [ 50.957703][ T8449] perf_uprobe_init+0x138/0x1a0 [ 50.963049][ T8449] perf_uprobe_event_init+0xfe/0x180 [ 50.968827][ T8449] perf_try_init_event+0x13e/0x3d0 [ 50.974435][ T8449] perf_event_alloc+0x1155/0x2c10 [ 50.979957][ T8449] __se_sys_perf_event_open+0x7a6/0x4020 [ 50.986084][ T8449] do_syscall_64+0x3d/0xb0 [ 50.990998][ T8449] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 50.997388][ T8449] [ 50.997388][ T8449] -> #0 (event_mutex){+.+.}-{3:3}: [ 51.004656][ T8449] check_prevs_add+0x4f9/0x5b30 [ 51.010004][ T8449] __lock_acquire+0x4476/0x6100 [ 51.015352][ T8449] lock_acquire+0x182/0x4a0 [ 51.020368][ T8449] __mutex_lock_common+0x1ad/0x3770 [ 51.026064][ T8449] mutex_lock_nested+0x1a/0x20 [ 51.031327][ T8449] perf_trace_destroy+0x27/0xb0 [ 51.036676][ T8449] _free_event+0xd4d/0x12f0 [ 51.041686][ T8449] perf_mmap_close+0x8ed/0xdf0 [ 51.046944][ T8449] __do_munmap+0x1b95/0x2050 [ 51.052033][ T8449] mmap_region+0x90c/0x1df0 [ 51.057032][ T8449] do_mmap+0x89e/0x10c0 [ 51.061695][ T8449] vm_mmap_pgoff+0x19e/0x2b0 [ 51.066785][ T8449] ksys_mmap_pgoff+0x504/0x7b0 [ 51.072044][ T8449] do_syscall_64+0x3d/0xb0 [ 51.076971][ T8449] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 51.083364][ T8449] [ 51.083364][ T8449] other info that might help us debug this: [ 51.083364][ T8449] [ 51.093567][ T8449] Chain exists of: [ 51.093567][ T8449] event_mutex --> dup_mmap_sem --> &mm->mmap_lock#2 [ 51.093567][ T8449] [ 51.106050][ T8449] Possible unsafe locking scenario: [ 51.106050][ T8449] [ 51.113648][ T8449] CPU0 CPU1 [ 51.119015][ T8449] ---- ---- [ 51.124358][ T8449] lock(&mm->mmap_lock#2); [ 51.128838][ T8449] lock(dup_mmap_sem); [ 51.135499][ T8449] lock(&mm->mmap_lock#2); [ 51.142498][ T8449] lock(event_mutex); [ 51.146550][ T8449] [ 51.146550][ T8449] *** DEADLOCK *** [ 51.146550][ T8449] [ 51.154665][ T8449] 1 lock held by syz-executor238/8449: [ 51.160097][ T8449] #0: ffff888033788f28 (&mm->mmap_lock#2){++++}-{3:3}, at: vm_mmap_pgoff+0x14d/0x2b0 [ 51.169640][ T8449] [ 51.169640][ T8449] stack backtrace: [ 51.175505][ T8449] CPU: 1 PID: 8449 Comm: syz-executor238 Not tainted 5.14.0-rc2-syzkaller #0 [ 51.184249][ T8449] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 51.194279][ T8449] Call Trace: [ 51.197540][ T8449] dump_stack_lvl+0x1ae/0x29f [ 51.202200][ T8449] ? show_regs_print_info+0x12/0x12 [ 51.207472][ T8449] ? log_buf_vmcoreinfo_setup+0x498/0x498 [ 51.213167][ T8449] ? save_trace+0x5a/0x9f0 [ 51.217575][ T8449] print_circular_bug+0xb17/0xdc0 [ 51.222585][ T8449] ? hlock_conflict+0x1f0/0x1f0 [ 51.227409][ T8449] ? __bfs+0x369/0x700 [ 51.231452][ T8449] ? check_path+0x40/0x40 [ 51.235754][ T8449] ? noop_count+0x30/0x30 [ 51.240230][ T8449] ? stack_trace_save+0x104/0x1e0 [ 51.245234][ T8449] ? save_trace+0x5a/0x9f0 [ 51.249629][ T8449] check_noncircular+0x2cc/0x390 [ 51.254541][ T8449] ? add_chain_block+0x850/0x850 [ 51.259455][ T8449] ? check_prevs_add+0x1f57/0x5b30 [ 51.264557][ T8449] check_prevs_add+0x4f9/0x5b30 [ 51.269426][ T8449] ? rcu_read_lock_sched_held+0x87/0x110 [ 51.275152][ T8449] ? __bpf_trace_rcu_stall_warning+0x10/0x10 [ 51.281119][ T8449] ? reacquire_held_locks+0x5f0/0x5f0 [ 51.286469][ T8449] ? mark_lock+0x199/0x1eb0 [ 51.291128][ T8449] ? __bfs+0x700/0x700 [ 51.295171][ T8449] ? rcu_lock_release+0x9/0x20 [ 51.300003][ T8449] ? __lock_acquire+0x6100/0x6100 [ 51.305013][ T8449] ? perf_event_update_userpage+0x5ec/0x740 [ 51.310892][ T8449] ? cpu_clock_event_start+0x115/0x190 [ 51.316344][ T8449] ? perf_pmu_nop_void+0x5/0x10 [ 51.321257][ T8449] ? event_sched_in+0x1b17/0x20a0 [ 51.326274][ T8449] ? __lock_acquire+0x44fa/0x6100 [ 51.331389][ T8449] ? mark_lock+0x199/0x1eb0 [ 51.335868][ T8449] ? __lock_acquire+0x145b/0x6100 [ 51.340869][ T8449] ? trace_lock_acquire+0x190/0x190 [ 51.346057][ T8449] ? mark_lock+0x199/0x1eb0 [ 51.350537][ T8449] ? __bfs+0x700/0x700 [ 51.354581][ T8449] ? trace_lock_acquire+0x190/0x190 [ 51.359781][ T8449] ? lockdep_lock+0x102/0x2c0 [ 51.364459][ T8449] ? lockdep_unlock+0x145/0x2e0 [ 51.369285][ T8449] ? lockdep_lock+0x2c0/0x2c0 [ 51.373943][ T8449] ? lockdep_lock+0x102/0x2c0 [ 51.378608][ T8449] ? lockdep_count_forward_deps+0x240/0x240 [ 51.384475][ T8449] ? __lock_acquire+0x44fa/0x6100 [ 51.389480][ T8449] __lock_acquire+0x4476/0x6100 [ 51.394336][ T8449] ? trace_lock_acquire+0x190/0x190 [ 51.399530][ T8449] ? lockdep_hardirqs_on_prepare+0x3e2/0x750 [ 51.405585][ T8449] ? print_irqtrace_events+0x220/0x220 [ 51.411023][ T8449] ? do_raw_spin_unlock+0x134/0x8a0 [ 51.416202][ T8449] ? rcu_read_lock_sched_held+0x87/0x110 [ 51.421815][ T8449] ? __bpf_trace_rcu_stall_warning+0x10/0x10 [ 51.427799][ T8449] ? rcu_read_lock_sched_held+0x87/0x110 [ 51.433409][ T8449] ? __bpf_trace_rcu_stall_warning+0x10/0x10 [ 51.439370][ T8449] lock_acquire+0x182/0x4a0 [ 51.443853][ T8449] ? perf_trace_destroy+0x27/0xb0 [ 51.448854][ T8449] ? perf_swevent_read+0x10/0x10 [ 51.453769][ T8449] ? read_lock_is_recursive+0x10/0x10 [ 51.459129][ T8449] ? __might_sleep+0x100/0x100 [ 51.463880][ T8449] ? perf_event_detach_bpf_prog+0x2cc/0x340 [ 51.469765][ T8449] ? __lock_acquire+0x6100/0x6100 [ 51.474770][ T8449] __mutex_lock_common+0x1ad/0x3770 [ 51.479960][ T8449] ? perf_trace_destroy+0x27/0xb0 [ 51.484965][ T8449] ? __mutex_unlock_slowpath+0x17b/0x5a0 [ 51.490574][ T8449] ? perf_trace_destroy+0x27/0xb0 [ 51.495763][ T8449] ? mutex_lock_io_nested+0x60/0x60 [ 51.500938][ T8449] ? rcu_read_lock_sched_held+0x87/0x110 [ 51.506546][ T8449] ? __bpf_trace_rcu_stall_warning+0x10/0x10 [ 51.512513][ T8449] ? perf_event_detach_bpf_prog+0x2cc/0x340 [ 51.518383][ T8449] ? perf_mmap_close+0xb27/0xdf0 [ 51.523297][ T8449] ? perf_swevent_read+0x10/0x10 [ 51.528299][ T8449] mutex_lock_nested+0x1a/0x20 [ 51.533040][ T8449] perf_trace_destroy+0x27/0xb0 [ 51.537894][ T8449] ? perf_swevent_read+0x10/0x10 [ 51.542807][ T8449] _free_event+0xd4d/0x12f0 [ 51.547288][ T8449] ? add_event_to_groups+0x440/0x440 [ 51.552553][ T8449] perf_mmap_close+0x8ed/0xdf0 [ 51.557298][ T8449] ? __might_sleep+0x100/0x100 [ 51.562124][ T8449] ? perf_mmap_open+0x1a0/0x1a0 [ 51.566952][ T8449] ? vmacache_find+0x4ef/0x5d0 [ 51.571692][ T8449] ? perf_mmap_open+0x1a0/0x1a0 [ 51.576528][ T8449] __do_munmap+0x1b95/0x2050 [ 51.581117][ T8449] mmap_region+0x90c/0x1df0 [ 51.585602][ T8449] ? __might_sleep+0x100/0x100 [ 51.590343][ T8449] ? rcu_read_lock_sched_held+0x87/0x110 [ 51.595955][ T8449] ? get_unmapped_area+0x380/0x380 [ 51.601042][ T8449] ? security_mmap_addr+0x97/0xb0 [ 51.606130][ T8449] do_mmap+0x89e/0x10c0 [ 51.610263][ T8449] vm_mmap_pgoff+0x19e/0x2b0 [ 51.614831][ T8449] ? account_locked_vm+0xd0/0xd0 [ 51.619744][ T8449] ? __fget_files+0x35a/0x390 [ 51.624399][ T8449] ksys_mmap_pgoff+0x504/0x7b0 [ 51.629139][ T8449] ? print_irqtrace_events+0x220/0x220 [ 51.634577][ T8449] ? mmap_region+0x1df0/0x1df0 [ 51.639315][ T8449] ? syscall_enter_from_user_mode+0x2e/0x1b0 [ 51.645294][ T8449] ? lockdep_hardirqs_on+0x8d/0x130 [ 51.650467][ T8449] do_syscall_64+0x3d/0xb0 [ 51.654861][ T8449] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 51.660742][ T8449] RIP: 0033:0x44e009 [ 51.664618][ T8449] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 91 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 51.684199][ T8449] RSP: 002b:00007fefce402308 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 51.692589][ T8449] RAX: ffffffffffffffda RBX: 00000000004cc4e8 RCX: 000000000044e009 [ 51.700538][ T8449] RDX: 0000000000000000 RSI: 0000000000003000 RDI: 0000000020ffc000 [ 51.708494][ T8449] RBP: 00000000004cc4e0 R08: 00