Warning: Permanently added '10.128.1.12' (ECDSA) to the list of known hosts.
executing program
[   35.357608][ T4225] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
executing program
[   35.588064][ T4232] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
executing program
[   35.816279][ T4239] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
executing program
[   36.044908][ T4247] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
executing program
[   36.111983][ T4257] 
[   36.112536][ T4257] ======================================================
[   36.114147][ T4257] WARNING: possible circular locking dependency detected
[   36.115588][ T4257] 6.1.29-syzkaller #0 Not tainted
[   36.116659][ T4257] ------------------------------------------------------
[   36.118134][ T4257] syz-executor206/4257 is trying to acquire lock:
[   36.119458][ T4257] ffff0000d0201350 (&ndev->req_lock){+.+.}-{3:3}, at: nci_start_poll+0x498/0x1204
[   36.121485][ T4257] 
[   36.121485][ T4257] but task is already holding lock:
[   36.123048][ T4257] ffff0000d0203520 (&genl_data->genl_data_mutex){+.+.}-{3:3}, at: nfc_genl_start_poll+0x1a8/0x308
[   36.125331][ T4257] 
[   36.125331][ T4257] which lock already depends on the new lock.
[   36.125331][ T4257] 
[   36.127585][ T4257] 
[   36.127585][ T4257] the existing dependency chain (in reverse order) is:
[   36.129457][ T4257] 
[   36.129457][ T4257] -> #3 (&genl_data->genl_data_mutex){+.+.}-{3:3}:
[   36.131275][ T4257]        __mutex_lock_common+0x190/0x21a0
[   36.132518][ T4257]        mutex_lock_nested+0x38/0x44
[   36.133679][ T4257]        nfc_urelease_event_work+0xfc/0x2a8
[   36.134888][ T4257]        process_one_work+0x7ac/0x1404
[   36.136055][ T4257]        worker_thread+0x8e4/0xfec
[   36.137215][ T4257]        kthread+0x250/0x2d8
[   36.138198][ T4257]        ret_from_fork+0x10/0x20
[   36.139304][ T4257] 
[   36.139304][ T4257] -> #2 (nfc_devlist_mutex){+.+.}-{3:3}:
[   36.141030][ T4257]        __mutex_lock_common+0x190/0x21a0
[   36.142300][ T4257]        mutex_lock_nested+0x38/0x44
[   36.143356][ T4257]        nfc_register_device+0x4c/0x310
[   36.144586][ T4257]        nci_register_device+0x6ac/0x7c4
[   36.145773][ T4257]        virtual_ncidev_open+0x6c/0xd8
[   36.147002][ T4257]        misc_open+0x2f0/0x368
[   36.148046][ T4257]        chrdev_open+0x3e8/0x4fc
[   36.149160][ T4257]        do_dentry_open+0x734/0xfa0
[   36.150323][ T4257]        vfs_open+0x7c/0x90
[   36.151302][ T4257]        path_openat+0x1e14/0x2548
[   36.152421][ T4257]        do_filp_open+0x1bc/0x3cc
[   36.153479][ T4257]        do_sys_openat2+0x128/0x3d8
[   36.154621][ T4257]        __arm64_sys_openat+0x1f0/0x240
[   36.155836][ T4257]        invoke_syscall+0x98/0x2c0
[   36.156932][ T4257]        el0_svc_common+0x138/0x258
[   36.158020][ T4257]        do_el0_svc+0x64/0x218
[   36.159043][ T4257]        el0_svc+0x58/0x168
[   36.160065][ T4257]        el0t_64_sync_handler+0x84/0xf0
[   36.161307][ T4257]        el0t_64_sync+0x18c/0x190
[   36.162429][ T4257] 
[   36.162429][ T4257] -> #1 (nci_mutex){+.+.}-{3:3}:
[   36.164048][ T4257]        __mutex_lock_common+0x190/0x21a0
[   36.165322][ T4257]        mutex_lock_nested+0x38/0x44
[   36.166480][ T4257]        virtual_nci_close+0x28/0x58
[   36.167638][ T4257]        nci_dev_up+0x754/0xb10
[   36.168691][ T4257]        nfc_dev_up+0x154/0x300
[   36.169780][ T4257]        nfc_genl_dev_up+0x98/0xdc
[   36.170971][ T4257]        genl_rcv_msg+0x948/0xc2c
[   36.172053][ T4257]        netlink_rcv_skb+0x20c/0x3b8
[   36.173292][ T4257]        genl_rcv+0x38/0x50
[   36.174276][ T4257]        netlink_unicast+0x660/0x8d4
[   36.175399][ T4257]        netlink_sendmsg+0x834/0xb18
[   36.176590][ T4257]        ____sys_sendmsg+0x558/0x844
[   36.177798][ T4257]        __sys_sendmsg+0x26c/0x33c
[   36.178880][ T4257]        __arm64_sys_sendmsg+0x80/0x94
[   36.180142][ T4257]        invoke_syscall+0x98/0x2c0
[   36.181232][ T4257]        el0_svc_common+0x138/0x258
[   36.182442][ T4257]        do_el0_svc+0x64/0x218
[   36.183428][ T4257]        el0_svc+0x58/0x168
[   36.184377][ T4257]        el0t_64_sync_handler+0x84/0xf0
[   36.185627][ T4257]        el0t_64_sync+0x18c/0x190
[   36.186638][ T4257] 
[   36.186638][ T4257] -> #0 (&ndev->req_lock){+.+.}-{3:3}:
[   36.188361][ T4257]        __lock_acquire+0x3338/0x764c
[   36.189532][ T4257]        lock_acquire+0x26c/0x7cc
[   36.190594][ T4257]        __mutex_lock_common+0x190/0x21a0
[   36.191869][ T4257]        mutex_lock_nested+0x38/0x44
[   36.193027][ T4257]        nci_start_poll+0x498/0x1204
[   36.194135][ T4257]        nfc_start_poll+0x164/0x2a4
[   36.195298][ T4257]        nfc_genl_start_poll+0x1b8/0x308
[   36.196499][ T4257]        genl_rcv_msg+0x948/0xc2c
[   36.197626][ T4257]        netlink_rcv_skb+0x20c/0x3b8
[   36.198829][ T4257]        genl_rcv+0x38/0x50
[   36.199794][ T4257]        netlink_unicast+0x660/0x8d4
[   36.200906][ T4257]        netlink_sendmsg+0x834/0xb18
[   36.202109][ T4257]        ____sys_sendmsg+0x558/0x844
[   36.203285][ T4257]        __sys_sendmsg+0x26c/0x33c
[   36.204409][ T4257]        __arm64_sys_sendmsg+0x80/0x94
[   36.205591][ T4257]        invoke_syscall+0x98/0x2c0
[   36.206697][ T4257]        el0_svc_common+0x138/0x258
[   36.207862][ T4257]        do_el0_svc+0x64/0x218
[   36.208925][ T4257]        el0_svc+0x58/0x168
[   36.209933][ T4257]        el0t_64_sync_handler+0x84/0xf0
[   36.211143][ T4257]        el0t_64_sync+0x18c/0x190
[   36.212211][ T4257] 
[   36.212211][ T4257] other info that might help us debug this:
[   36.212211][ T4257] 
[   36.214317][ T4257] Chain exists of:
[   36.214317][ T4257]   &ndev->req_lock --> nfc_devlist_mutex --> &genl_data->genl_data_mutex
[   36.214317][ T4257] 
[   36.217371][ T4257]  Possible unsafe locking scenario:
[   36.217371][ T4257] 
[   36.218921][ T4257]        CPU0                    CPU1
[   36.220161][ T4257]        ----                    ----
[   36.221249][ T4257]   lock(&genl_data->genl_data_mutex);
[   36.222419][ T4257]                                lock(nfc_devlist_mutex);
[   36.224017][ T4257]                                lock(&genl_data->genl_data_mutex);
[   36.225779][ T4257]   lock(&ndev->req_lock);
[   36.226748][ T4257] 
[   36.226748][ T4257]  *** DEADLOCK ***
[   36.226748][ T4257] 
[   36.228563][ T4257] 4 locks held by syz-executor206/4257:
[   36.229862][ T4257]  #0: ffff800017bd0070 (cb_lock){++++}-{3:3}, at: genl_rcv+0x28/0x50
[   36.231677][ T4257]  #1: ffff800017bcff28 (genl_mutex){+.+.}-{3:3}, at: genl_rcv_msg+0x114/0xc2c
[   36.233558][ T4257]  #2: ffff0000d0203520 (&genl_data->genl_data_mutex){+.+.}-{3:3}, at: nfc_genl_start_poll+0x1a8/0x308
[   36.235933][ T4257]  #3: ffff0000d0203100 (&dev->mutex){....}-{3:3}, at: nfc_start_poll+0x60/0x2a4
[   36.237895][ T4257] 
[   36.237895][ T4257] stack backtrace:
[   36.239260][ T4257] CPU: 1 PID: 4257 Comm: syz-executor206 Not tainted 6.1.29-syzkaller #0
[   36.240982][ T4257] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/14/2023
[   36.243059][ T4257] Call trace:
[   36.243766][ T4257]  dump_backtrace+0x1c8/0x1f4
[   36.244851][ T4257]  show_stack+0x2c/0x3c
[   36.245753][ T4257]  dump_stack_lvl+0x108/0x170
[   36.246752][ T4257]  dump_stack+0x1c/0x5c
[   36.247670][ T4257]  print_circular_bug+0x150/0x1b8
[   36.248694][ T4257]  check_noncircular+0x2cc/0x378
[   36.249801][ T4257]  __lock_acquire+0x3338/0x764c
[   36.250838][ T4257]  lock_acquire+0x26c/0x7cc
[   36.251808][ T4257]  __mutex_lock_common+0x190/0x21a0
[   36.252927][ T4257]  mutex_lock_nested+0x38/0x44
[   36.253894][ T4257]  nci_start_poll+0x498/0x1204
[   36.254895][ T4257]  nfc_start_poll+0x164/0x2a4
[   36.255925][ T4257]  nfc_genl_start_poll+0x1b8/0x308
[   36.257028][ T4257]  genl_rcv_msg+0x948/0xc2c
[   36.258014][ T4257]  netlink_rcv_skb+0x20c/0x3b8
[   36.259091][ T4257]  genl_rcv+0x38/0x50
[   36.259974][ T4257]  netlink_unicast+0x660/0x8d4
[   36.260959][ T4257]  netlink_sendmsg+0x834/0xb18
[   36.261989][ T4257]  ____sys_sendmsg+0x558/0x844
[   36.263076][ T4257]  __sys_sendmsg+0x26c/0x33c
[   36.264105][ T4257]  __arm64_sys_sendmsg+0x80/0x94
[   36.265116][ T4257]  invoke_syscall+0x98/0x2c0
[   36.266126][ T4257]  el0_svc_common+0x138/0x258
[   36.267108][ T4257]  do_el0_svc+0x64/0x218
[   36.267994][ T4257]  el0_svc+0x58/0x168
[   36.268910][ T4257]  el0t_64_sync_handler+0x84/0xf0
[   36.270016][ T4257]  el0t_64_sync+0x18c/0x190
[   36.384024][ T4257] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[   36.386021][ T4257] nci: nci_start_poll: failed to set local general bytes
[   41.395071][ T4257] nci: __nci_request: wait_for_completion_interruptible_timeout failed 0
executing program
[   41.616599][ T4260] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
executing program
[   41.836641][ T4267] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
executing program
[   42.055775][ T4273] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
executing program
[   42.275409][ T4279] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
executing program
[   42.493805][ T4285] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
executing program
[   42.713332][ T4291] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
executing program
[   42.932104][ T4297] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
executing program
[   43.152209][ T4303] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
executing program
[   43.372955][ T4313] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[   43.375093][ T4313] nci: nci_start_poll: failed to set local general bytes