======================================================
WARNING: possible circular locking dependency detected
4.14.97+ #2 Not tainted
------------------------------------------------------
syz-executor3/8200 is trying to acquire lock:
 (&mm->mmap_sem){++++}, at: [<ffffffff9dec1614>] __might_fault+0xd4/0x1b0 mm/memory.c:4577

but task is already holding lock:
 (&sb->s_type->i_mutex_key#5){++++}, at: [<ffffffff9df93ffc>] inode_lock_shared include/linux/fs.h:725 [inline]
 (&sb->s_type->i_mutex_key#5){++++}, at: [<ffffffff9df93ffc>] iterate_dir+0xbc/0x5f0 fs/readdir.c:41

which lock already depends on the new lock.


the existing dependency chain (in reverse order) is:

-> #8 (&sb->s_type->i_mutex_key#5){++++}:

-> #7 (event_mutex){+.+.}:

-> #6 (&event->child_mutex){+.+.}:

-> #5 (&cpuctx_mutex){+.+.}:

-> #4 (pmus_lock){+.+.}:

-> #3 (cpu_hotplug_lock.rw_sem){++++}:

-> #2 (&sb->s_type->i_mutex_key#10){+.+.}:

-> #1 (ashmem_mutex){+.+.}:

-> #0 (&mm->mmap_sem){++++}:

other info that might help us debug this:

Chain exists of:
  &mm->mmap_sem --> event_mutex --> &sb->s_type->i_mutex_key#5

 Possible unsafe locking scenario:

       CPU0                    CPU1
       ----                    ----
  lock(&sb->s_type->i_mutex_key#5);
                               lock(event_mutex);
                               lock(&sb->s_type->i_mutex_key#5);
  lock(&mm->mmap_sem);

 *** DEADLOCK ***

2 locks held by syz-executor3/8200:
 #0:  (&f->f_pos_lock){+.+.}, at: [<ffffffff9dfb99c6>] __fdget_pos+0xa6/0xc0 fs/file.c:768
 #1:  (&sb->s_type->i_mutex_key#5){++++}, at: [<ffffffff9df93ffc>] inode_lock_shared include/linux/fs.h:725 [inline]
 #1:  (&sb->s_type->i_mutex_key#5){++++}, at: [<ffffffff9df93ffc>] iterate_dir+0xbc/0x5f0 fs/readdir.c:41

stack backtrace:
SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1050 sclass=netlink_route_socket pig=8207 comm=syz-executor5
CPU: 0 PID: 8200 Comm: syz-executor3 Not tainted 4.14.97+ #2
Call Trace:
 __dump_stack lib/dump_stack.c:17 [inline]
 dump_stack+0xb9/0x10e lib/dump_stack.c:53
 print_circular_bug.isra.0.cold+0x2dc/0x425 kernel/locking/lockdep.c:1258
device nr0
 entered promiscuous mode
input: syz1 as /devices/virtual/input/input42
input: syz1 as /devices/virtual/input/input43
kauditd_printk_skb: 255 callbacks suppressed
audit: type=1400 audit(2000000128.580:60818): avc:  denied  { map } for  pid=8238 comm="modprobe" path="/bin/kmod" dev="sda1" ino=1440 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1
audit: type=1400 audit(2000000128.580:60819): avc:  denied  { map } for  pid=8238 comm="modprobe" path="/bin/kmod" dev="sda1" ino=1440 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1
audit: type=1400 audit(2000000128.590:60820): avc:  denied  { map } for  pid=8238 comm="modprobe" path="/lib/x86_64-linux-gnu/ld-2.13.so" dev="sda1" ino=2668 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1
audit: type=1400 audit(2000000128.590:60821): avc:  denied  { map } for  pid=8238 comm="modprobe" path="/lib/x86_64-linux-gnu/ld-2.13.so" dev="sda1" ino=2668 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1
audit: type=1400 audit(2000000128.620:60822): avc:  denied  { map } for  pid=8238 comm="modprobe" path="/etc/ld.so.cache" dev="sda1" ino=2503 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1
audit: type=1400 audit(2000000128.630:60823): avc:  denied  { map } for  pid=8238 comm="modprobe" path="/lib/x86_64-linux-gnu/libkmod.so.2.1.3" dev="sda1" ino=2811 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1
audit: type=1400 audit(2000000128.640:60824): avc:  denied  { map } for  pid=8238 comm="modprobe" path="/lib/x86_64-linux-gnu/libkmod.so.2.1.3" dev="sda1" ino=2811 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1
audit: type=1400 audit(2000000128.660:60825): avc:  denied  { map } for  pid=8238 comm="modprobe" path="/lib/x86_64-linux-gnu/libc-2.13.so" dev="sda1" ino=2784 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1
audit: type=1400 audit(2000000128.660:60826): avc:  denied  { map } for  pid=8244 comm="blkid" path="/sbin/blkid" dev="sda1" ino=16128 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1
audit: type=1400 audit(2000000128.660:60827): avc:  denied  { map } for  pid=8238 comm="modprobe" path="/lib/x86_64-linux-gnu/libc-2.13.so" dev="sda1" ino=2784 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1
device nr0
 entered promiscuous mode
input: syz1 as /devices/virtual/input/input44
input: syz1 as /devices/virtual/input/input45
device nr0
 entered promiscuous mode
device nr0
 entered promiscuous mode
input: syz1 as /devices/virtual/input/input46
kauditd_printk_skb: 204 callbacks suppressed
audit: type=1400 audit(2000000135.140:61032): avc:  denied  { create } for  pid=8331 comm="syz-executor4" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1
input: syz1 as /devices/virtual/input/input47
audit: type=1400 audit(2000000135.140:61033): avc:  denied  { write } for  pid=8331 comm="syz-executor4" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1
device nr0
 entered promiscuous mode
audit: type=1400 audit(2000000135.170:61034): avc:  denied  { map } for  pid=8337 comm="modprobe" path="/bin/kmod" dev="sda1" ino=1440 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1
audit: type=1400 audit(2000000135.170:61035): avc:  denied  { map } for  pid=8337 comm="modprobe" path="/bin/kmod" dev="sda1" ino=1440 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1
audit: type=1400 audit(2000000135.170:61036): avc:  denied  { map } for  pid=8337 comm="modprobe" path="/lib/x86_64-linux-gnu/ld-2.13.so" dev="sda1" ino=2668 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1
audit: type=1400 audit(2000000135.180:61037): avc:  denied  { map } for  pid=8337 comm="modprobe" path="/lib/x86_64-linux-gnu/ld-2.13.so" dev="sda1" ino=2668 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1
audit: type=1400 audit(2000000135.180:61038): avc:  denied  { map } for  pid=8337 comm="modprobe" path="/etc/ld.so.cache" dev="sda1" ino=2503 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1
audit: type=1400 audit(2000000135.190:61039): avc:  denied  { map } for  pid=8337 comm="modprobe" path="/lib/x86_64-linux-gnu/libkmod.so.2.1.3" dev="sda1" ino=2811 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1
audit: type=1400 audit(2000000135.200:61040): avc:  denied  { map } for  pid=8337 comm="modprobe" path="/lib/x86_64-linux-gnu/libkmod.so.2.1.3" dev="sda1" ino=2811 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1
audit: audit_backlog=65 > audit_backlog_limit=64
input: syz1 as /devices/virtual/input/input48