forked to background, child pid 3207 no interfaces have a carrier [ 28.035518][ T3208] 8021q: adding VLAN 0 to HW filter on device bond0 [ 28.047137][ T3208] eql: remember to turn off Van-Jacobson compression on your slave devices Starting sshd: OK syzkaller Warning: Permanently added '10.128.0.166' (ECDSA) to the list of known hosts. executing program executing program syzkaller login: [ 45.442207][ T3624] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512 executing program [ 45.678631][ T3632] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512 executing program [ 45.914501][ T3639] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512 [ 45.989609][ T3649] [ 45.991966][ T3649] ====================================================== [ 45.998953][ T3649] WARNING: possible circular locking dependency detected [ 46.005944][ T3649] 6.1.0-rc6-syzkaller-00251-g0b1dcc2cf55a #0 Not tainted [ 46.012944][ T3649] ------------------------------------------------------ [ 46.019941][ T3649] syz-executor424/3649 is trying to acquire lock: [ 46.026646][ T3649] ffff88801f591350 (&ndev->req_lock){+.+.}-{3:3}, at: nci_start_poll+0x688/0x900 [ 46.035796][ T3649] [ 46.035796][ T3649] but task is already holding lock: [ 46.043333][ T3649] ffff88801f596508 (&genl_data->genl_data_mutex){+.+.}-{3:3}, at: nfc_genl_start_poll+0x19e/0x490 [ 46.053934][ T3649] [ 46.053934][ T3649] which lock already depends on the new lock. [ 46.053934][ T3649] [ 46.064315][ T3649] [ 46.064315][ T3649] the existing dependency chain (in reverse order) is: [ 46.073305][ T3649] [ 46.073305][ T3649] -> #3 (&genl_data->genl_data_mutex){+.+.}-{3:3}: [ 46.081967][ T3649] __mutex_lock+0x12f/0x1360 [ 46.087069][ T3649] nfc_urelease_event_work+0x143/0x2d0 [ 46.093034][ T3649] process_one_work+0x9bf/0x1710 [ 46.098475][ T3649] worker_thread+0x669/0x1090 [ 46.103749][ T3649] kthread+0x2e8/0x3a0 [ 46.108322][ T3649] ret_from_fork+0x1f/0x30 [ 46.113274][ T3649] [ 46.113274][ T3649] -> #2 (nfc_devlist_mutex){+.+.}-{3:3}: [ 46.121070][ T3649] __mutex_lock+0x12f/0x1360 [ 46.126171][ T3649] nfc_register_device+0x32/0x3b0 [ 46.131694][ T3649] nci_register_device+0x7cb/0xb50 [ 46.137311][ T3649] virtual_ncidev_open+0x71/0x110 [ 46.142842][ T3649] misc_open+0x37a/0x4a0 [ 46.147593][ T3649] chrdev_open+0x26a/0x770 [ 46.152519][ T3649] do_dentry_open+0x6cc/0x13f0 [ 46.157784][ T3649] path_openat+0x1bf6/0x2860 [ 46.162879][ T3649] do_filp_open+0x1ba/0x410 [ 46.167878][ T3649] do_sys_openat2+0x16d/0x4c0 [ 46.173055][ T3649] __x64_sys_openat+0x143/0x1f0 [ 46.178404][ T3649] do_syscall_64+0x39/0xb0 [ 46.183328][ T3649] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 46.189729][ T3649] [ 46.189729][ T3649] -> #1 (nci_mutex){+.+.}-{3:3}: [ 46.196836][ T3649] __mutex_lock+0x12f/0x1360 [ 46.201937][ T3649] virtual_nci_close+0x17/0x50 [ 46.207214][ T3649] nci_dev_up+0x4cb/0x660 [ 46.212052][ T3649] nfc_dev_up+0x1aa/0x3b0 [ 46.216880][ T3649] nfc_genl_dev_up+0xa6/0xf0 [ 46.221970][ T3649] genl_family_rcv_msg_doit+0x228/0x320 [ 46.228024][ T3649] genl_rcv_msg+0x445/0x780 [ 46.233119][ T3649] netlink_rcv_skb+0x157/0x430 [ 46.238390][ T3649] genl_rcv+0x28/0x40 [ 46.242897][ T3649] netlink_unicast+0x547/0x7f0 [ 46.248189][ T3649] netlink_sendmsg+0x91b/0xe10 [ 46.253465][ T3649] sock_sendmsg+0xd3/0x120 [ 46.258385][ T3649] ____sys_sendmsg+0x712/0x8c0 [ 46.263653][ T3649] ___sys_sendmsg+0x110/0x1b0 [ 46.268833][ T3649] __sys_sendmsg+0xf7/0x1c0 [ 46.273835][ T3649] do_syscall_64+0x39/0xb0 [ 46.278759][ T3649] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 46.285159][ T3649] [ 46.285159][ T3649] -> #0 (&ndev->req_lock){+.+.}-{3:3}: [ 46.292788][ T3649] __lock_acquire+0x2a43/0x56d0 [ 46.298251][ T3649] lock_acquire+0x1e3/0x630 [ 46.303270][ T3649] __mutex_lock+0x12f/0x1360 [ 46.308373][ T3649] nci_start_poll+0x688/0x900 [ 46.313567][ T3649] nfc_start_poll+0x192/0x320 [ 46.318752][ T3649] nfc_genl_start_poll+0x1ac/0x490 [ 46.324374][ T3649] genl_family_rcv_msg_doit+0x228/0x320 [ 46.330422][ T3649] genl_rcv_msg+0x445/0x780 [ 46.335423][ T3649] netlink_rcv_skb+0x157/0x430 [ 46.340694][ T3649] genl_rcv+0x28/0x40 [ 46.345174][ T3649] netlink_unicast+0x547/0x7f0 [ 46.350445][ T3649] netlink_sendmsg+0x91b/0xe10 [ 46.355715][ T3649] sock_sendmsg+0xd3/0x120 [ 46.360637][ T3649] ____sys_sendmsg+0x712/0x8c0 [ 46.365914][ T3649] ___sys_sendmsg+0x110/0x1b0 [ 46.371134][ T3649] __sys_sendmsg+0xf7/0x1c0 [ 46.376138][ T3649] do_syscall_64+0x39/0xb0 [ 46.381058][ T3649] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 46.387459][ T3649] [ 46.387459][ T3649] other info that might help us debug this: [ 46.387459][ T3649] [ 46.397673][ T3649] Chain exists of: [ 46.397673][ T3649] &ndev->req_lock --> nfc_devlist_mutex --> &genl_data->genl_data_mutex [ 46.397673][ T3649] [ 46.411933][ T3649] Possible unsafe locking scenario: [ 46.411933][ T3649] [ 46.419360][ T3649] CPU0 CPU1 [ 46.424704][ T3649] ---- ---- [ 46.430048][ T3649] lock(&genl_data->genl_data_mutex); [ 46.435484][ T3649] lock(nfc_devlist_mutex); [ 46.442594][ T3649] lock(&genl_data->genl_data_mutex); [ 46.450553][ T3649] lock(&ndev->req_lock); [ 46.454945][ T3649] [ 46.454945][ T3649] *** DEADLOCK *** [ 46.454945][ T3649] [ 46.463072][ T3649] 4 locks held by syz-executor424/3649: [ 46.468592][ T3649] #0: ffffffff8df50630 (cb_lock){++++}-{3:3}, at: genl_rcv+0x19/0x40 [ 46.476760][ T3649] #1: ffffffff8df506e8 (genl_mutex){+.+.}-{3:3}, at: genl_rcv_msg+0x50d/0x780 [ 46.485709][ T3649] #2: ffff88801f596508 (&genl_data->genl_data_mutex){+.+.}-{3:3}, at: nfc_genl_start_poll+0x19e/0x490 [ 46.496754][ T3649] #3: ffff88801f596100 (&dev->mutex){....}-{3:3}, at: nfc_start_poll+0x58/0x320 [ 46.505961][ T3649] [ 46.505961][ T3649] stack backtrace: [ 46.511827][ T3649] CPU: 1 PID: 3649 Comm: syz-executor424 Not tainted 6.1.0-rc6-syzkaller-00251-g0b1dcc2cf55a #0 [ 46.522214][ T3649] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 46.532249][ T3649] Call Trace: [ 46.535507][ T3649] [ 46.538419][ T3649] dump_stack_lvl+0xd1/0x138 [ 46.543001][ T3649] check_noncircular+0x25f/0x2e0 [ 46.547932][ T3649] ? print_circular_bug+0x1e0/0x1e0 [ 46.553123][ T3649] ? __kmem_cache_free+0xaf/0x3b0 [ 46.558134][ T3649] ? kasan_save_stack+0x35/0x40 [ 46.562971][ T3649] ? ____kasan_slab_free+0x160/0x1c0 [ 46.568246][ T3649] ? slab_free_freelist_hook+0x8b/0x1c0 [ 46.573780][ T3649] ? __kmem_cache_free+0xaf/0x3b0 [ 46.578875][ T3649] ? nfc_llcp_build_gb.isra.0+0x2b8/0x3f0 [ 46.584589][ T3649] ? nfc_llcp_general_bytes+0x30/0xe0 [ 46.589978][ T3649] __lock_acquire+0x2a43/0x56d0 [ 46.594865][ T3649] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 46.600836][ T3649] lock_acquire+0x1e3/0x630 [ 46.605322][ T3649] ? nci_start_poll+0x688/0x900 [ 46.610158][ T3649] ? lock_release+0x810/0x810 [ 46.614820][ T3649] __mutex_lock+0x12f/0x1360 [ 46.619392][ T3649] ? nci_start_poll+0x688/0x900 [ 46.624247][ T3649] ? nfc_llcp_build_gb.isra.0+0x2b8/0x3f0 [ 46.629959][ T3649] ? nci_start_poll+0x688/0x900 [ 46.634795][ T3649] ? nfc_llcp_reserve_sdp_ssap+0x120/0x120 [ 46.640587][ T3649] ? mutex_lock_io_nested+0x11a0/0x11a0 [ 46.646137][ T3649] ? rcu_read_lock_sched_held+0x3e/0x70 [ 46.651668][ T3649] ? trace_contention_end+0x153/0x1e0 [ 46.657024][ T3649] nci_start_poll+0x688/0x900 [ 46.661775][ T3649] ? nci_dep_link_up+0x1b0/0x1b0 [ 46.666700][ T3649] ? nfc_genl_start_poll+0x19e/0x490 [ 46.671980][ T3649] ? mutex_lock_io_nested+0x11a0/0x11a0 [ 46.677521][ T3649] nfc_start_poll+0x192/0x320 [ 46.682183][ T3649] nfc_genl_start_poll+0x1ac/0x490 [ 46.687277][ T3649] genl_family_rcv_msg_doit+0x228/0x320 [ 46.692811][ T3649] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290 [ 46.700165][ T3649] ? mutex_lock_io_nested+0x11a0/0x11a0 [ 46.705698][ T3649] ? ns_capable+0xdd/0x100 [ 46.710097][ T3649] genl_rcv_msg+0x445/0x780 [ 46.714581][ T3649] ? genl_start+0x670/0x670 [ 46.719061][ T3649] ? nfc_genl_dep_link_up+0x250/0x250 [ 46.724433][ T3649] ? lock_release+0x810/0x810 [ 46.729099][ T3649] netlink_rcv_skb+0x157/0x430 [ 46.733873][ T3649] ? genl_start+0x670/0x670 [ 46.738358][ T3649] ? netlink_ack+0xd60/0xd60 [ 46.742935][ T3649] ? netlink_deliver_tap+0x1b1/0xc50 [ 46.748225][ T3649] genl_rcv+0x28/0x40 [ 46.752187][ T3649] netlink_unicast+0x547/0x7f0 [ 46.756956][ T3649] ? netlink_attachskb+0x890/0x890 [ 46.762138][ T3649] ? __virt_addr_valid+0x61/0x2e0 [ 46.767144][ T3649] ? __phys_addr_symbol+0x30/0x70 [ 46.772165][ T3649] ? __check_object_size+0x2e2/0x5a0 [ 46.777434][ T3649] netlink_sendmsg+0x91b/0xe10 [ 46.782184][ T3649] ? netlink_unicast+0x7f0/0x7f0 [ 46.787108][ T3649] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 46.792380][ T3649] ? netlink_unicast+0x7f0/0x7f0 [ 46.797306][ T3649] sock_sendmsg+0xd3/0x120 [ 46.801707][ T3649] ____sys_sendmsg+0x712/0x8c0 [ 46.806453][ T3649] ? copy_msghdr_from_user+0xfc/0x150 [ 46.811805][ T3649] ? kernel_sendmsg+0x50/0x50 [ 46.816466][ T3649] ___sys_sendmsg+0x110/0x1b0 [ 46.821123][ T3649] ? do_recvmmsg+0x6e0/0x6e0 [ 46.825690][ T3649] ? __fget_files+0x248/0x440 [ 46.830349][ T3649] ? lock_downgrade+0x6e0/0x6e0 [ 46.835188][ T3649] ? futex_wake_mark+0x1a0/0x1a0 [ 46.840112][ T3649] ? __fget_files+0x26a/0x440 [ 46.844770][ T3649] ? __fget_light+0xe5/0x270 [ 46.849340][ T3649] __sys_sendmsg+0xf7/0x1c0 [ 46.853821][ T3649] ? __sys_sendmsg_sock+0x40/0x40 [ 46.858821][ T3649] ? restore_fpregs_from_fpstate+0xc1/0x1c0 [ 46.864705][ T3649] ? syscall_enter_from_user_mode+0x26/0xb0 [ 46.870596][ T3649] ? lockdep_hardirqs_on+0x7d/0x100 [ 46.875796][ T3649] do_syscall_64+0x39/0xb0 [ 46.880214][ T3649] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 46.886093][ T3649] RIP: 0033:0x7f4a5c3ac649 [ 46.890509][ T3649] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 41 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 46.910096][ T3649] RSP: 002b:00007f4a5c33c318 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 46.918486][ T3649] RAX: ffffffffffffffda RBX: 00007f4a5c434438 RCX: 00007f4a5c3ac649 [ 46.926438][ T3649] RDX: 0000000000000000 RSI: 0000000020000440 RDI: 0000000000000004 [ 46.934389][ T3649] RBP: 00007f4a5c434430 R08: 0000000000000003 R09: 0000000000000000 [ 46.942345][ T3649] R10: 0000000000000008 R11: 0000000000000246 R12: 00007f4a5c402074 [ 46.950297][ T3649] R13: 00007ffcf4705ccf R14: 00007f4a5c33c400 R15: 0000000000022000 [ 46.958254][ T3649] [ 47.077395][ T3649] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512 [ 47.086132][ T3649] nci: nci_start_poll: failed to set local general bytes executing program [ 52.119984][ T3649] nci: __nci_request: wait_for_completion_interruptible_timeout failed 0 executing program [ 52.350889][ T3652] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512 executing program [ 52.576371][ T3659] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512 executing program [ 52.803678][ T3665] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512 [ 53.031350][ T3675] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512 [ 53.040072][ T3675] nci: nci_start_poll: failed to set local general bytes