[�[0;32m OK �[0m] Reached target Graphical Interface.
Starting Update UTMP about System Runlevel Changes...
[�[0;32m OK �[0m] Started Update UTMP about System Runlevel Changes.
Starting Load/Save RF Kill Switch Status...
[�[0;32m OK �[0m] Started Load/Save RF Kill Switch Status.
Debian GNU/Linux 9 syzkaller ttyS0
Warning: Permanently added '10.128.0.232' (ECDSA) to the list of known hosts.
syzkaller login: [ 27.842715] IPVS: ftp: loaded support on port[0] = 21
[ 27.882039] IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready
[ 27.894259] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 27.901418] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 27.921871] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
executing program
[ 27.938805] IPv6: ADDRCONF(NETDEV_UP): wlan1: link is not ready
[ 27.953525] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 27.961149] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 27.968410] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[ 27.984198]
[ 27.985821] ======================================================
[ 27.992104] WARNING: possible circular locking dependency detected
[ 27.998390] 4.14.206-syzkaller #0 Not tainted
[ 28.002863] ------------------------------------------------------
[ 28.009149] syz-executor739/8042 is trying to acquire lock:
[ 28.014826] (event_mutex){+.+.}, at: [<ffffffff815d1593>] perf_trace_destroy+0x23/0xf0
[ 28.022952]
[ 28.022952] but task is already holding lock:
[ 28.028888] (&event->child_mutex){+.+.}, at: [<ffffffff81679578>] perf_event_release_kernel+0x208/0x8a0
[ 28.038500]
[ 28.038500] which lock already depends on the new lock.
[ 28.038500]
[ 28.046802]
[ 28.046802] the existing dependency chain (in reverse order) is:
[ 28.054390]
[ 28.054390] -> #5 (&event->child_mutex){+.+.}:
[ 28.060425] __mutex_lock+0xc4/0x1310
[ 28.064718] perf_event_for_each_child+0x82/0x140
[ 28.070051] _perf_ioctl+0x47f/0x1a80
[ 28.074343] perf_ioctl+0x55/0x80
[ 28.078291] do_vfs_ioctl+0x75a/0xff0
[ 28.082579] SyS_ioctl+0x7f/0xb0
[ 28.086447] do_syscall_64+0x1d5/0x640
[ 28.090825] entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 28.096501]
[ 28.096501] -> #4 (&cpuctx_mutex){+.+.}:
[ 28.102023] __mutex_lock+0xc4/0x1310
[ 28.106322] perf_event_init_cpu+0xb7/0x170
[ 28.111132] perf_event_init+0x2cc/0x308
[ 28.115682] start_kernel+0x46a/0x770
[ 28.119970] secondary_startup_64+0xa5/0xb0
[ 28.124777]
[ 28.124777] -> #3 (pmus_lock){+.+.}:
[ 28.130064] __mutex_lock+0xc4/0x1310
[ 28.134353] perf_event_init_cpu+0x2c/0x170
[ 28.139181] cpuhp_invoke_callback+0x1e6/0x1a80
[ 28.144337] _cpu_up+0x219/0x500
[ 28.148197] do_cpu_up+0x9a/0x160
[ 28.152139] smp_init+0x197/0x1ac
[ 28.156079] kernel_init_freeable+0x3f4/0x614
[ 28.161074] kernel_init+0xd/0x167
[ 28.165112] ret_from_fork+0x24/0x30
[ 28.169322]
[ 28.169322] -> #2 (cpu_hotplug_lock.rw_sem){++++}:
[ 28.175712] cpus_read_lock+0x39/0xc0
[ 28.180018] static_key_slow_inc+0xe/0x20
[ 28.184655] tracepoint_add_func+0x517/0x750
[ 28.189563] tracepoint_probe_register+0x8c/0xc0
[ 28.194809] trace_event_reg+0x272/0x330
[ 28.199361] perf_trace_init+0x424/0xa30
[ 28.203932] perf_tp_event_init+0x79/0xf0
[ 28.208588] perf_try_init_event+0x15b/0x1f0
[ 28.213502] perf_event_alloc.part.0+0xe2d/0x2640
[ 28.218830] SyS_perf_event_open+0x67f/0x24b0
[ 28.223813] do_syscall_64+0x1d5/0x640
[ 28.228186] entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 28.233865]
[ 28.233865] -> #1 (tracepoints_mutex){+.+.}:
[ 28.239722] __mutex_lock+0xc4/0x1310
[ 28.244029] tracepoint_probe_register+0x68/0xc0
[ 28.249273] trace_event_reg+0x272/0x330
[ 28.253859] perf_trace_init+0x424/0xa30
[ 28.258409] perf_tp_event_init+0x79/0xf0
[ 28.263042] perf_try_init_event+0x15b/0x1f0
[ 28.267954] perf_event_alloc.part.0+0xe2d/0x2640
[ 28.273295] SyS_perf_event_open+0x67f/0x24b0
[ 28.278295] do_syscall_64+0x1d5/0x640
[ 28.282671] entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 28.288350]
[ 28.288350] -> #0 (event_mutex){+.+.}:
[ 28.293687] lock_acquire+0x170/0x3f0
[ 28.297989] __mutex_lock+0xc4/0x1310
[ 28.302289] perf_trace_destroy+0x23/0xf0
[ 28.306923] _free_event+0x321/0xe20
[ 28.311122] free_event+0x32/0x40
[ 28.315065] perf_event_release_kernel+0x368/0x8a0
[ 28.320480] perf_release+0x33/0x40
[ 28.324598] __fput+0x25f/0x7a0
[ 28.328378] task_work_run+0x11f/0x190
[ 28.332751] do_exit+0xa08/0x27f0
[ 28.336692] do_group_exit+0x100/0x2e0
[ 28.341081] get_signal+0x38d/0x1ca0
[ 28.345281] do_signal+0x7c/0x1550
[ 28.349311] exit_to_usermode_loop+0x160/0x200
[ 28.354381] syscall_return_slowpath+0x295/0x320
[ 28.359624] ret_from_fork+0x15/0x30
[ 28.363823]
[ 28.363823] other info that might help us debug this:
[ 28.363823]
[ 28.371947] Chain exists of:
[ 28.371947] event_mutex --> &cpuctx_mutex --> &event->child_mutex
[ 28.371947]
[ 28.382662] Possible unsafe locking scenario:
[ 28.382662]
[ 28.388685] CPU0 CPU1
[ 28.393316] ---- ----
[ 28.397947] lock(&event->child_mutex);
[ 28.401974] lock(&cpuctx_mutex);
[ 28.408010] lock(&event->child_mutex);
[ 28.414556] lock(event_mutex);
[ 28.417904]
[ 28.417904] *** DEADLOCK ***
[ 28.417904]
[ 28.423953] 2 locks held by syz-executor739/8042:
[ 28.428788] #0: (&ctx->mutex){+.+.}, at: [<ffffffff8167956e>] perf_event_release_kernel+0x1fe/0x8a0
[ 28.438117] #1: (&event->child_mutex){+.+.}, at: [<ffffffff81679578>] perf_event_release_kernel+0x208/0x8a0
[ 28.448138]
[ 28.448138] stack backtrace:
[ 28.452602] CPU: 1 PID: 8042 Comm: syz-executor739 Not tainted 4.14.206-syzkaller #0
[ 28.460448] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 28.469768] Call Trace:
[ 28.472331] dump_stack+0x1b2/0x283
[ 28.475926] print_circular_bug.constprop.0.cold+0x2d7/0x41e
[ 28.481700] __lock_acquire+0x2e0e/0x3f20
[ 28.485827] ? trace_hardirqs_on+0x10/0x10
[ 28.490027] ? perf_group_detach+0x7f0/0x7f0
[ 28.494404] ? generic_exec_single+0x27e/0x420
[ 28.498968] ? smp_call_function_single+0x1b1/0x370
[ 28.503954] lock_acquire+0x170/0x3f0
[ 28.507738] ? perf_trace_destroy+0x23/0xf0
[ 28.512029] ? perf_trace_destroy+0x23/0xf0
[ 28.516320] __mutex_lock+0xc4/0x1310
[ 28.520089] ? perf_trace_destroy+0x23/0xf0
[ 28.524392] ? task_function_call+0xed/0x130
[ 28.528769] ? pmu_dev_release+0x20/0x20
[ 28.532795] ? perf_trace_destroy+0x23/0xf0
[ 28.537083] ? __ww_mutex_wakeup_for_backoff+0x210/0x210
[ 28.542499] ? event_function_call+0x1fa/0x3c0
[ 28.547060] ? event_sched_out+0x11b0/0x11b0
[ 28.551447] ? rcu_lockdep_current_cpu_online+0xed/0x140
[ 28.556890] ? perf_tp_event_init+0xf0/0xf0
[ 28.561176] perf_trace_destroy+0x23/0xf0
[ 28.565302] ? perf_tp_event_init+0xf0/0xf0
[ 28.569591] _free_event+0x321/0xe20
[ 28.573285] free_event+0x32/0x40
[ 28.576704] perf_event_release_kernel+0x368/0x8a0
[ 28.581599] ? perf_event_release_kernel+0x8a0/0x8a0
[ 28.586669] perf_release+0x33/0x40
[ 28.590263] __fput+0x25f/0x7a0
[ 28.593523] task_work_run+0x11f/0x190
[ 28.597390] do_exit+0xa08/0x27f0
[ 28.600831] ? mm_update_next_owner+0x5b0/0x5b0
[ 28.605478] ? get_signal+0x323/0x1ca0
[ 28.609345] ? lock_acquire+0x170/0x3f0
[ 28.613285] ? lock_downgrade+0x740/0x740
[ 28.617409] do_group_exit+0x100/0x2e0
[ 28.621262] get_signal+0x38d/0x1ca0
[ 28.624957] do_signal+0x7c/0x1550
[ 28.628462] ? __perf_event_task_sched_in+0x693/0x8c0
[ 28.633632] ? trace_hardirqs_on+0x10/0x10
[ 28.637832] ? setup_sigcontext+0x820/0x820
[ 28.642122] ? check_preemption_disabled+0x35/0x240
[ 28.647105] ? finish_task_switch+0x178/0x610
[ 28.651585] ? lock_downgrade+0x740/0x740
[ 28.655701] ? _raw_spin_unlock_irq+0x24/0x80
[ 28.660165] ? trace_hardirqs_on_caller+0x3a8/0x580
[ 28.665146] ? exit_to_usermode_loop+0x41/0x200
[ 28.669780] exit_to_usermode_loop+0x160/0x200
[ 28.674329] syscall_return_slowpath+0x295/0x320
[ 28.679054] ret_from_fork+0x15/0x30
[ 28.682748] RIP: 0033:0x441749
[ 28.685920] RSP: 002b:00007fffbf1b0ee8 EFLAGS: 00000246 ORIG_RAX: 00000