======================================================
WARNING: possible circular locking dependency detected
4.14.91+ #1 Not tainted
------------------------------------------------------
syz-executor4/4079 is trying to acquire lock:
 (&mm->mmap_sem){++++}, at: [<ffffffff920c0db4>] __might_fault+0xd4/0x1b0 mm/memory.c:4554

but task is already holding lock:
 (&sb->s_type->i_mutex_key#5){++++}, at: [<ffffffff9219375c>] inode_lock_shared include/linux/fs.h:725 [inline]
 (&sb->s_type->i_mutex_key#5){++++}, at: [<ffffffff9219375c>] iterate_dir+0xbc/0x5f0 fs/readdir.c:41

which lock already depends on the new lock.


the existing dependency chain (in reverse order) is:

-> #8 (&sb->s_type->i_mutex_key#5){++++}:

-> #7 (event_mutex){+.+.}:

-> #6 (&event->child_mutex){+.+.}:

-> #5 (&cpuctx_mutex){+.+.}:

-> #4 (pmus_lock){+.+.}:

-> #3 (cpu_hotplug_lock.rw_sem){++++}:

-> #2 (&sb->s_type->i_mutex_key#10){+.+.}:

-> #1 (ashmem_mutex){+.+.}:

-> #0 (&mm->mmap_sem){++++}:

other info that might help us debug this:

Chain exists of:
  &mm->mmap_sem --> event_mutex --> &sb->s_type->i_mutex_key#5

 Possible unsafe locking scenario:

       CPU0                    CPU1
       ----                    ----
  lock(&sb->s_type->i_mutex_key#5);
                               lock(event_mutex);
                               lock(&sb->s_type->i_mutex_key#5);
  lock(&mm->mmap_sem);

 *** DEADLOCK ***

2 locks held by syz-executor4/4079:
 #0:  (&f->f_pos_lock){+.+.}, at: [<ffffffff921b9126>] __fdget_pos+0xa6/0xc0 fs/file.c:768
 #1:  (&sb->s_type->i_mutex_key#5){++++}, at: [<ffffffff9219375c>] inode_lock_shared include/linux/fs.h:725 [inline]
 #1:  (&sb->s_type->i_mutex_key#5){++++}, at: [<ffffffff9219375c>] iterate_dir+0xbc/0x5f0 fs/readdir.c:41

stack backtrace:
CPU: 1 PID: 4079 Comm: syz-executor4 Not tainted 4.14.91+ #1
Call Trace:
 __dump_stack lib/dump_stack.c:17 [inline]
 dump_stack+0xb9/0x10e lib/dump_stack.c:53
 print_circular_bug.isra.0.cold+0x2dc/0x425 kernel/locking/lockdep.c:1258
kauditd_printk_skb: 500 callbacks suppressed
audit: type=1400 audit(2000000173.682:38967): avc:  denied  { prog_load } for  pid=4275 comm="syz-executor4" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=bpf permissive=1
ip6_tunnel: ip6tnl2 xmit: Local address not yet configured!
audit: type=1400 audit(2000000173.752:38968): avc:  denied  { prog_load } for  pid=4278 comm="syz-executor4" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=bpf permissive=1
audit: type=1400 audit(2000000173.822:38969): avc:  denied  { prog_load } for  pid=4284 comm="syz-executor4" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=bpf permissive=1
audit: type=1400 audit(2000000173.862:38970): avc:  denied  { prog_load } for  pid=4287 comm="syz-executor4" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=bpf permissive=1
audit: type=1400 audit(2000000173.922:38971): avc:  denied  { prog_load } for  pid=4291 comm="syz-executor4" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=bpf permissive=1
audit: type=1400 audit(2000000173.982:38972): avc:  denied  { map } for  pid=4299 comm="modprobe" path="/bin/kmod" dev="sda1" ino=1440 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1
audit: type=1400 audit(2000000173.982:38974): avc:  denied  { map } for  pid=4299 comm="modprobe" path="/lib/x86_64-linux-gnu/libkmod.so.2.1.3" dev="sda1" ino=2811 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1
audit: type=1400 audit(2000000173.982:38975): avc:  denied  { map } for  pid=4299 comm="modprobe" path="/lib/x86_64-linux-gnu/libkmod.so.2.1.3" dev="sda1" ino=2811 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1
audit: type=1400 audit(2000000173.992:38976): avc:  denied  { map } for  pid=4299 comm="modprobe" path="/lib/x86_64-linux-gnu/libc-2.13.so" dev="sda1" ino=2784 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1
audit: type=1400 audit(2000000173.992:38977): avc:  denied  { map } for  pid=4299 comm="modprobe" path="/lib/x86_64-linux-gnu/libc-2.13.so" dev="sda1" ino=2784 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1
ip6_tunnel: ip6tnl28 xmit: Local address not yet configured!
ip6_tunnel: ip6tnl49 xmit: Local address not yet configured!
kauditd_printk_skb: 377 callbacks suppressed
audit: type=1400 audit(2000000178.702:39354): avc:  denied  { search } for  pid=190 comm="udevd" name="/" dev="sysfs" ino=1 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:netcontrol_device_t:s0 tclass=dir permissive=1
audit: type=1400 audit(2000000178.702:39355): avc:  denied  { search } for  pid=190 comm="udevd" name="/" dev="sysfs" ino=1 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:netcontrol_device_t:s0 tclass=dir permissive=1
audit: type=1400 audit(2000000178.702:39356): avc:  denied  { search } for  pid=190 comm="udevd" name="/" dev="sysfs" ino=1 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:netcontrol_device_t:s0 tclass=dir permissive=1
audit: type=1400 audit(2000000178.702:39357): avc:  denied  { search } for  pid=7183 comm="udevd" name="/" dev="sysfs" ino=1 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:netcontrol_device_t:s0 tclass=dir permissive=1
audit: type=1400 audit(2000000178.702:39358): avc:  denied  { search } for  pid=7183 comm="udevd" name="/" dev="sysfs" ino=1 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:netcontrol_device_t:s0 tclass=dir permissive=1
audit: type=1400 audit(2000000178.702:39359): avc:  denied  { search } for  pid=7183 comm="udevd" name="/" dev="sysfs" ino=1 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:netcontrol_device_t:s0 tclass=dir permissive=1
audit: type=1400 audit(2000000178.702:39360): avc:  denied  { search } for  pid=7183 comm="udevd" name="/" dev="sysfs" ino=1 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:netcontrol_device_t:s0 tclass=dir permissive=1
audit: type=1400 audit(2000000178.702:39361): avc:  denied  { search } for  pid=190 comm="udevd" name="/" dev="sysfs" ino=1 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:netcontrol_device_t:s0 tclass=dir permissive=1
audit: type=1400 audit(2000000178.702:39362): avc:  denied  { search } for  pid=7183 comm="udevd" name="/" dev="sysfs" ino=1 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:netcontrol_device_t:s0 tclass=dir permissive=1
audit: type=1400 audit(2000000178.702:39363): avc:  denied  { search } for  pid=7183 comm="udevd" name="/" dev="sysfs" ino=1 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:netcontrol_device_t:s0 tclass=dir permissive=1
ip6_tunnel: ip6tnl8 xmit: Local address not yet configured!
ip6_tunnel: ip6tnl45 xmit: Local address not yet configured!
ip6_tunnel: ip6tnl50 xmit: Local address not yet configured!