Warning: Permanently added '10.128.0.244' (ECDSA) to the list of known hosts.
executing program
executing program
[  138.183509][ T3641] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
executing program
[  138.420602][ T3648] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  138.497285][ T3658] 
[  138.501958][ T3658] ======================================================
[  138.510146][ T3658] WARNING: possible circular locking dependency detected
[  138.517227][ T3658] 6.1.0-rc6-syzkaller-00251-g0b1dcc2cf55a #0 Not tainted
[  138.524221][ T3658] ------------------------------------------------------
[  138.531226][ T3658] syz-executor364/3658 is trying to acquire lock:
[  138.537699][ T3658] ffff8880175e2350 (&ndev->req_lock){+.+.}-{3:3}, at: nci_start_poll+0x688/0x900
[  138.546833][ T3658] 
[  138.546833][ T3658] but task is already holding lock:
[  138.554177][ T3658] ffff88801c820508 (&genl_data->genl_data_mutex){+.+.}-{3:3}, at: nfc_genl_start_poll+0x19e/0x490
[  138.564773][ T3658] 
[  138.564773][ T3658] which lock already depends on the new lock.
[  138.564773][ T3658] 
[  138.575154][ T3658] 
[  138.575154][ T3658] the existing dependency chain (in reverse order) is:
[  138.584145][ T3658] 
[  138.584145][ T3658] -> #3 (&genl_data->genl_data_mutex){+.+.}-{3:3}:
[  138.592814][ T3658]        __mutex_lock+0x12f/0x1360
[  138.597927][ T3658]        nfc_urelease_event_work+0x143/0x2d0
[  138.603892][ T3658]        process_one_work+0x9bf/0x1710
[  138.609338][ T3658]        worker_thread+0x669/0x1090
[  138.614521][ T3658]        kthread+0x2e8/0x3a0
[  138.619091][ T3658]        ret_from_fork+0x1f/0x30
[  138.624115][ T3658] 
[  138.624115][ T3658] -> #2 (nfc_devlist_mutex){+.+.}-{3:3}:
[  138.631933][ T3658]        __mutex_lock+0x12f/0x1360
[  138.637036][ T3658]        nfc_register_device+0x32/0x3b0
[  138.642563][ T3658]        nci_register_device+0x7cb/0xb50
[  138.648186][ T3658]        virtual_ncidev_open+0x71/0x110
[  138.653723][ T3658]        misc_open+0x37a/0x4a0
[  138.658476][ T3658]        chrdev_open+0x26a/0x770
[  138.663406][ T3658]        do_dentry_open+0x6cc/0x13f0
[  138.668760][ T3658]        path_openat+0x1bf6/0x2860
[  138.673955][ T3658]        do_filp_open+0x1ba/0x410
[  138.678961][ T3658]        do_sys_openat2+0x16d/0x4c0
[  138.684144][ T3658]        __x64_sys_openat+0x143/0x1f0
[  138.689518][ T3658]        do_syscall_64+0x39/0xb0
[  138.694445][ T3658]        entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  138.700847][ T3658] 
[  138.700847][ T3658] -> #1 (nci_mutex){+.+.}-{3:3}:
[  138.707954][ T3658]        __mutex_lock+0x12f/0x1360
[  138.713069][ T3658]        virtual_nci_close+0x17/0x50
[  138.718344][ T3658]        nci_dev_up+0x4cb/0x660
[  138.723184][ T3658]        nfc_dev_up+0x1aa/0x3b0
[  138.728017][ T3658]        nfc_genl_dev_up+0xa6/0xf0
[  138.733475][ T3658]        genl_family_rcv_msg_doit+0x228/0x320
[  138.739610][ T3658]        genl_rcv_msg+0x445/0x780
[  138.744702][ T3658]        netlink_rcv_skb+0x157/0x430
[  138.749978][ T3658]        genl_rcv+0x28/0x40
[  138.754464][ T3658]        netlink_unicast+0x547/0x7f0
[  138.759746][ T3658]        netlink_sendmsg+0x91b/0xe10
[  138.765019][ T3658]        sock_sendmsg+0xd3/0x120
[  138.769942][ T3658]        ____sys_sendmsg+0x712/0x8c0
[  138.775410][ T3658]        ___sys_sendmsg+0x110/0x1b0
[  138.780857][ T3658]        __sys_sendmsg+0xf7/0x1c0
[  138.785864][ T3658]        do_syscall_64+0x39/0xb0
[  138.790790][ T3658]        entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  138.797602][ T3658] 
[  138.797602][ T3658] -> #0 (&ndev->req_lock){+.+.}-{3:3}:
[  138.805229][ T3658]        __lock_acquire+0x2a43/0x56d0
[  138.811467][ T3658]        lock_acquire+0x1e3/0x630
[  138.816493][ T3658]        __mutex_lock+0x12f/0x1360
[  138.821765][ T3658]        nci_start_poll+0x688/0x900
[  138.826953][ T3658]        nfc_start_poll+0x192/0x320
[  138.833269][ T3658]        nfc_genl_start_poll+0x1ac/0x490
[  138.838890][ T3658]        genl_family_rcv_msg_doit+0x228/0x320
[  138.844956][ T3658]        genl_rcv_msg+0x445/0x780
[  138.849964][ T3658]        netlink_rcv_skb+0x157/0x430
[  138.856412][ T3658]        genl_rcv+0x28/0x40
[  138.861392][ T3658]        netlink_unicast+0x547/0x7f0
[  138.866757][ T3658]        netlink_sendmsg+0x91b/0xe10
[  138.873860][ T3658]        sock_sendmsg+0xd3/0x120
[  138.878789][ T3658]        ____sys_sendmsg+0x712/0x8c0
[  138.886150][ T3658]        ___sys_sendmsg+0x110/0x1b0
[  138.891849][ T3658]        __sys_sendmsg+0xf7/0x1c0
[  138.897377][ T3658]        do_syscall_64+0x39/0xb0
[  138.902307][ T3658]        entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  138.908709][ T3658] 
[  138.908709][ T3658] other info that might help us debug this:
[  138.908709][ T3658] 
[  138.919003][ T3658] Chain exists of:
[  138.919003][ T3658]   &ndev->req_lock --> nfc_devlist_mutex --> &genl_data->genl_data_mutex
[  138.919003][ T3658] 
[  138.933233][ T3658]  Possible unsafe locking scenario:
[  138.933233][ T3658] 
[  138.940660][ T3658]        CPU0                    CPU1
[  138.946006][ T3658]        ----                    ----
[  138.951348][ T3658]   lock(&genl_data->genl_data_mutex);
[  138.956787][ T3658]                                lock(nfc_devlist_mutex);
[  138.963877][ T3658]                                lock(&genl_data->genl_data_mutex);
[  138.971838][ T3658]   lock(&ndev->req_lock);
[  138.976235][ T3658] 
[  138.976235][ T3658]  *** DEADLOCK ***
[  138.976235][ T3658] 
[  138.984357][ T3658] 4 locks held by syz-executor364/3658:
[  138.989879][ T3658]  #0: ffffffff8df50630 (cb_lock){++++}-{3:3}, at: genl_rcv+0x19/0x40
[  138.998039][ T3658]  #1: ffffffff8df506e8 (genl_mutex){+.+.}-{3:3}, at: genl_rcv_msg+0x50d/0x780
[  139.006980][ T3658]  #2: ffff88801c820508 (&genl_data->genl_data_mutex){+.+.}-{3:3}, at: nfc_genl_start_poll+0x19e/0x490
[  139.018011][ T3658]  #3: ffff88801c820100 (&dev->mutex){....}-{3:3}, at: nfc_start_poll+0x58/0x320
[  139.027144][ T3658] 
[  139.027144][ T3658] stack backtrace:
[  139.033011][ T3658] CPU: 0 PID: 3658 Comm: syz-executor364 Not tainted 6.1.0-rc6-syzkaller-00251-g0b1dcc2cf55a #0
[  139.043404][ T3658] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[  139.053534][ T3658] Call Trace:
[  139.056799][ T3658]  <TASK>
[  139.059713][ T3658]  dump_stack_lvl+0xd1/0x138
[  139.064289][ T3658]  check_noncircular+0x25f/0x2e0
[  139.069219][ T3658]  ? print_circular_bug+0x1e0/0x1e0
[  139.074409][ T3658]  ? __kmem_cache_free+0xaf/0x3b0
[  139.079422][ T3658]  ? kasan_save_stack+0x35/0x40
[  139.084610][ T3658]  ? ____kasan_slab_free+0x160/0x1c0
[  139.091304][ T3658]  ? slab_free_freelist_hook+0x8b/0x1c0
[  139.097444][ T3658]  ? __kmem_cache_free+0xaf/0x3b0
[  139.103762][ T3658]  ? nfc_llcp_build_gb.isra.0+0x2b8/0x3f0
[  139.109473][ T3658]  ? nfc_llcp_general_bytes+0x30/0xe0
[  139.116239][ T3658]  __lock_acquire+0x2a43/0x56d0
[  139.121262][ T3658]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[  139.127502][ T3658]  lock_acquire+0x1e3/0x630
[  139.132194][ T3658]  ? nci_start_poll+0x688/0x900
[  139.137559][ T3658]  ? lock_release+0x810/0x810
[  139.142239][ T3658]  __mutex_lock+0x12f/0x1360
[  139.146838][ T3658]  ? nci_start_poll+0x688/0x900
[  139.151684][ T3658]  ? nfc_llcp_build_gb.isra.0+0x2b8/0x3f0
[  139.158263][ T3658]  ? nci_start_poll+0x688/0x900
[  139.163114][ T3658]  ? nfc_llcp_reserve_sdp_ssap+0x120/0x120
[  139.168928][ T3658]  ? mutex_lock_io_nested+0x11a0/0x11a0
[  139.174465][ T3658]  ? rcu_read_lock_sched_held+0x3e/0x70
[  139.180004][ T3658]  ? trace_contention_end+0x153/0x1e0
[  139.185365][ T3658]  nci_start_poll+0x688/0x900
[  139.190035][ T3658]  ? nci_dep_link_up+0x1b0/0x1b0
[  139.194962][ T3658]  ? nfc_genl_start_poll+0x19e/0x490
[  139.200234][ T3658]  ? mutex_lock_io_nested+0x11a0/0x11a0
[  139.205772][ T3658]  nfc_start_poll+0x192/0x320
[  139.210433][ T3658]  nfc_genl_start_poll+0x1ac/0x490
[  139.215530][ T3658]  genl_family_rcv_msg_doit+0x228/0x320
[  139.221064][ T3658]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290
[  139.228418][ T3658]  ? mutex_lock_io_nested+0x11a0/0x11a0
[  139.233965][ T3658]  ? ns_capable+0xdd/0x100
[  139.239257][ T3658]  genl_rcv_msg+0x445/0x780
[  139.244135][ T3658]  ? genl_start+0x670/0x670
[  139.248994][ T3658]  ? nfc_genl_dep_link_up+0x250/0x250
[  139.254356][ T3658]  ? lock_release+0x810/0x810
[  139.260248][ T3658]  netlink_rcv_skb+0x157/0x430
[  139.265007][ T3658]  ? genl_start+0x670/0x670
[  139.269496][ T3658]  ? netlink_ack+0xd60/0xd60
[  139.274447][ T3658]  ? netlink_deliver_tap+0x1b1/0xc50
[  139.280429][ T3658]  genl_rcv+0x28/0x40
[  139.284487][ T3658]  netlink_unicast+0x547/0x7f0
[  139.289266][ T3658]  ? netlink_attachskb+0x890/0x890
[  139.294370][ T3658]  ? __virt_addr_valid+0x61/0x2e0
[  139.299389][ T3658]  ? __phys_addr_symbol+0x30/0x70
[  139.304405][ T3658]  ? __check_object_size+0x2e2/0x5a0
[  139.309684][ T3658]  netlink_sendmsg+0x91b/0xe10
[  139.314443][ T3658]  ? netlink_unicast+0x7f0/0x7f0
[  139.319463][ T3658]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  139.324823][ T3658]  ? netlink_unicast+0x7f0/0x7f0
[  139.329752][ T3658]  sock_sendmsg+0xd3/0x120
[  139.334159][ T3658]  ____sys_sendmsg+0x712/0x8c0
[  139.338943][ T3658]  ? copy_msghdr_from_user+0xfc/0x150
[  139.344302][ T3658]  ? kernel_sendmsg+0x50/0x50
[  139.348979][ T3658]  ___sys_sendmsg+0x110/0x1b0
[  139.354465][ T3658]  ? do_recvmmsg+0x6e0/0x6e0
[  139.359563][ T3658]  ? __fget_files+0x248/0x440
[  139.364233][ T3658]  ? lock_downgrade+0x6e0/0x6e0
[  139.369097][ T3658]  ? futex_wake_mark+0x1a0/0x1a0
[  139.374026][ T3658]  ? __fget_files+0x26a/0x440
[  139.379910][ T3658]  ? __fget_light+0xe5/0x270
[  139.385061][ T3658]  __sys_sendmsg+0xf7/0x1c0
[  139.389811][ T3658]  ? __sys_sendmsg_sock+0x40/0x40
[  139.394836][ T3658]  ? restore_fpregs_from_fpstate+0xc1/0x1c0
[  139.400987][ T3658]  ? syscall_enter_from_user_mode+0x26/0xb0
[  139.406867][ T3658]  ? lockdep_hardirqs_on+0x7d/0x100
[  139.413885][ T3658]  do_syscall_64+0x39/0xb0
[  139.418789][ T3658]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  139.424671][ T3658] RIP: 0033:0x7fab57228649
[  139.429068][ T3658] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 41 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[  139.448659][ T3658] RSP: 002b:00007fab571b8318 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  139.457055][ T3658] RAX: ffffffffffffffda RBX: 00007fab572b0438 RCX: 00007fab57228649
[  139.465011][ T3658] RDX: 0000000000000000 RSI: 0000000020000440 RDI: 0000000000000004
[  139.472966][ T3658] RBP: 00007fab572b0430 R08: 0000000000000003 R09: 0000000000000000
[  139.480923][ T3658] R10: 0000000000000008 R11: 0000000000000246 R12: 00007fab5727e074
[  139.488879][ T3658] R13: 00007fff5d58391f R14: 00007fab571b8400 R15: 0000000000022000
[  139.496851][ T3658]  </TASK>
[  139.614975][ T3658] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  139.626749][ T3658] nci: nci_start_poll: failed to set local general bytes
executing program
[  144.658624][ T3658] nci: __nci_request: wait_for_completion_interruptible_timeout failed 0
[  144.888534][ T3665] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  144.897670][ T3665] nci: nci_start_poll: failed to set local general bytes