[ 15.560263][ T3892] 8021q: adding VLAN 0 to HW filter on device bond0 [ 15.564289][ T3892] eql: remember to turn off Van-Jacobson compression on your slave devices [ 15.606001][ T11] gvnic 0000:00:00.0 enp0s0: Device link is up. [ 15.610372][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): enp0s0: link becomes ready Starting sshd: OK syzkaller Warning: Permanently added '10.128.10.24' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 40.653204][ T4219] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512 executing program [ 40.883562][ T4227] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512 executing program [ 41.111485][ T4234] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512 executing program [ 41.340013][ T4241] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512 executing program [ 41.567079][ T4248] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512 executing program [ 41.794249][ T4254] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512 executing program [ 42.022358][ T4260] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512 executing program [ 42.249249][ T4266] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512 executing program [ 42.476402][ T4273] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512 executing program [ 42.704419][ T4279] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512 executing program [ 42.931314][ T4285] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512 executing program [ 43.160447][ T4291] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512 executing program [ 43.388556][ T4297] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512 executing program [ 43.615832][ T4303] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512 executing program [ 43.843030][ T4309] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512 executing program [ 44.071648][ T4315] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512 executing program [ 44.137762][ T4321] [ 44.138395][ T4321] ====================================================== [ 44.140096][ T4321] WARNING: possible circular locking dependency detected [ 44.141723][ T4321] 6.1.26-syzkaller #0 Not tainted [ 44.142881][ T4321] ------------------------------------------------------ [ 44.144508][ T4321] syz-executor384/4321 is trying to acquire lock: [ 44.146036][ T4321] ffff0000de572350 (&ndev->req_lock){+.+.}-{3:3}, at: nci_start_poll+0x498/0x1204 [ 44.148292][ T4321] [ 44.148292][ T4321] but task is already holding lock: [ 44.150042][ T4321] ffff0000de573520 (&genl_data->genl_data_mutex){+.+.}-{3:3}, at: nfc_genl_start_poll+0x1a8/0x308 [ 44.152301][ T4321] [ 44.152301][ T4321] which lock already depends on the new lock. [ 44.152301][ T4321] [ 44.154589][ T4321] [ 44.154589][ T4321] the existing dependency chain (in reverse order) is: [ 44.156628][ T4321] [ 44.156628][ T4321] -> #3 (&genl_data->genl_data_mutex){+.+.}-{3:3}: [ 44.158558][ T4321] __mutex_lock_common+0x190/0x21a0 [ 44.159887][ T4321] mutex_lock_nested+0x38/0x44 [ 44.161156][ T4321] nfc_urelease_event_work+0xfc/0x2a8 [ 44.162523][ T4321] process_one_work+0x7ac/0x1404 [ 44.163738][ T4321] worker_thread+0x8e4/0xfec [ 44.164953][ T4321] kthread+0x250/0x2d8 [ 44.165947][ T4321] ret_from_fork+0x10/0x20 [ 44.166986][ T4321] [ 44.166986][ T4321] -> #2 (nfc_devlist_mutex){+.+.}-{3:3}: [ 44.168730][ T4321] __mutex_lock_common+0x190/0x21a0 [ 44.170143][ T4321] mutex_lock_nested+0x38/0x44 [ 44.171291][ T4321] nfc_register_device+0x4c/0x310 [ 44.172600][ T4321] nci_register_device+0x6ac/0x7c4 [ 44.173935][ T4321] virtual_ncidev_open+0x6c/0xd8 [ 44.175170][ T4321] misc_open+0x2f0/0x368 [ 44.176276][ T4321] chrdev_open+0x3e8/0x4fc [ 44.177377][ T4321] do_dentry_open+0x734/0xfa0 [ 44.178667][ T4321] vfs_open+0x7c/0x90 [ 44.179710][ T4321] path_openat+0x1e14/0x2548 [ 44.180861][ T4321] do_filp_open+0x1bc/0x3cc [ 44.181939][ T4321] do_sys_openat2+0x128/0x3d8 [ 44.183277][ T4321] __arm64_sys_openat+0x1f0/0x240 [ 44.184502][ T4321] invoke_syscall+0x98/0x2c0 [ 44.185605][ T4321] el0_svc_common+0x138/0x258 [ 44.186847][ T4321] do_el0_svc+0x64/0x218 [ 44.187892][ T4321] el0_svc+0x58/0x168 [ 44.188908][ T4321] el0t_64_sync_handler+0x84/0xf0 [ 44.190175][ T4321] el0t_64_sync+0x18c/0x190 [ 44.191206][ T4321] [ 44.191206][ T4321] -> #1 (nci_mutex){+.+.}-{3:3}: [ 44.192912][ T4321] __mutex_lock_common+0x190/0x21a0 [ 44.194277][ T4321] mutex_lock_nested+0x38/0x44 [ 44.195407][ T4321] virtual_nci_close+0x28/0x58 [ 44.196583][ T4321] nci_dev_up+0x754/0xb10 [ 44.197732][ T4321] nfc_dev_up+0x154/0x300 [ 44.198788][ T4321] nfc_genl_dev_up+0x98/0xdc [ 44.200029][ T4321] genl_rcv_msg+0x948/0xc2c [ 44.201129][ T4321] netlink_rcv_skb+0x20c/0x3b8 [ 44.202290][ T4321] genl_rcv+0x38/0x50 [ 44.203376][ T4321] netlink_unicast+0x660/0x8d4 [ 44.204539][ T4321] netlink_sendmsg+0x834/0xb18 [ 44.205727][ T4321] ____sys_sendmsg+0x558/0x844 [ 44.206927][ T4321] __sys_sendmsg+0x26c/0x33c [ 44.208149][ T4321] __arm64_sys_sendmsg+0x80/0x94 [ 44.209340][ T4321] invoke_syscall+0x98/0x2c0 [ 44.210564][ T4321] el0_svc_common+0x138/0x258 [ 44.211750][ T4321] do_el0_svc+0x64/0x218 [ 44.212809][ T4321] el0_svc+0x58/0x168 [ 44.213894][ T4321] el0t_64_sync_handler+0x84/0xf0 [ 44.215114][ T4321] el0t_64_sync+0x18c/0x190 [ 44.216161][ T4321] [ 44.216161][ T4321] -> #0 (&ndev->req_lock){+.+.}-{3:3}: [ 44.217881][ T4321] __lock_acquire+0x3338/0x764c [ 44.219113][ T4321] lock_acquire+0x26c/0x7cc [ 44.220275][ T4321] __mutex_lock_common+0x190/0x21a0 [ 44.221615][ T4321] mutex_lock_nested+0x38/0x44 [ 44.222840][ T4321] nci_start_poll+0x498/0x1204 [ 44.224098][ T4321] nfc_start_poll+0x164/0x2a4 [ 44.225235][ T4321] nfc_genl_start_poll+0x1b8/0x308 [ 44.226536][ T4321] genl_rcv_msg+0x948/0xc2c [ 44.227631][ T4321] netlink_rcv_skb+0x20c/0x3b8 [ 44.228858][ T4321] genl_rcv+0x38/0x50 [ 44.229840][ T4321] netlink_unicast+0x660/0x8d4 [ 44.231068][ T4321] netlink_sendmsg+0x834/0xb18 [ 44.232215][ T4321] ____sys_sendmsg+0x558/0x844 [ 44.233378][ T4321] __sys_sendmsg+0x26c/0x33c [ 44.234517][ T4321] __arm64_sys_sendmsg+0x80/0x94 [ 44.235799][ T4321] invoke_syscall+0x98/0x2c0 [ 44.236968][ T4321] el0_svc_common+0x138/0x258 [ 44.238109][ T4321] do_el0_svc+0x64/0x218 [ 44.239166][ T4321] el0_svc+0x58/0x168 [ 44.240210][ T4321] el0t_64_sync_handler+0x84/0xf0 [ 44.241469][ T4321] el0t_64_sync+0x18c/0x190 [ 44.242642][ T4321] [ 44.242642][ T4321] other info that might help us debug this: [ 44.242642][ T4321] [ 44.244979][ T4321] Chain exists of: [ 44.244979][ T4321] &ndev->req_lock --> nfc_devlist_mutex --> &genl_data->genl_data_mutex [ 44.244979][ T4321] [ 44.248222][ T4321] Possible unsafe locking scenario: [ 44.248222][ T4321] [ 44.249864][ T4321] CPU0 CPU1 [ 44.251131][ T4321] ---- ---- [ 44.252379][ T4321] lock(&genl_data->genl_data_mutex); [ 44.253560][ T4321] lock(nfc_devlist_mutex); [ 44.255206][ T4321] lock(&genl_data->genl_data_mutex); [ 44.257035][ T4321] lock(&ndev->req_lock); [ 44.258095][ T4321] [ 44.258095][ T4321] *** DEADLOCK *** [ 44.258095][ T4321] [ 44.259871][ T4321] 4 locks held by syz-executor384/4321: [ 44.261141][ T4321] #0: ffff800017bbf050 (cb_lock){++++}-{3:3}, at: genl_rcv+0x28/0x50 [ 44.262971][ T4321] #1: ffff800017bbef08 (genl_mutex){+.+.}-{3:3}, at: genl_rcv_msg+0x114/0xc2c [ 44.264953][ T4321] #2: ffff0000de573520 (&genl_data->genl_data_mutex){+.+.}-{3:3}, at: nfc_genl_start_poll+0x1a8/0x308 [ 44.267519][ T4321] #3: ffff0000de573100 (&dev->mutex){....}-{3:3}, at: nfc_start_poll+0x60/0x2a4 [ 44.269684][ T4321] [ 44.269684][ T4321] stack backtrace: [ 44.271089][ T4321] CPU: 0 PID: 4321 Comm: syz-executor384 Not tainted 6.1.26-syzkaller #0 [ 44.272946][ T4321] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/30/2023 [ 44.275149][ T4321] Call trace: [ 44.275885][ T4321] dump_backtrace+0x1c8/0x1f4 [ 44.276939][ T4321] show_stack+0x2c/0x3c [ 44.277842][ T4321] dump_stack_lvl+0x108/0x170 [ 44.278852][ T4321] dump_stack+0x1c/0x5c [ 44.279749][ T4321] print_circular_bug+0x150/0x1b8 [ 44.280908][ T4321] check_noncircular+0x2cc/0x378 [ 44.282015][ T4321] __lock_acquire+0x3338/0x764c [ 44.283170][ T4321] lock_acquire+0x26c/0x7cc [ 44.284167][ T4321] __mutex_lock_common+0x190/0x21a0 [ 44.285413][ T4321] mutex_lock_nested+0x38/0x44 [ 44.286509][ T4321] nci_start_poll+0x498/0x1204 [ 44.287589][ T4321] nfc_start_poll+0x164/0x2a4 [ 44.288630][ T4321] nfc_genl_start_poll+0x1b8/0x308 [ 44.289821][ T4321] genl_rcv_msg+0x948/0xc2c [ 44.290855][ T4321] netlink_rcv_skb+0x20c/0x3b8 [ 44.291923][ T4321] genl_rcv+0x38/0x50 [ 44.292876][ T4321] netlink_unicast+0x660/0x8d4 [ 44.294008][ T4321] netlink_sendmsg+0x834/0xb18 [ 44.295037][ T4321] ____sys_sendmsg+0x558/0x844 [ 44.296108][ T4321] __sys_sendmsg+0x26c/0x33c [ 44.297172][ T4321] __arm64_sys_sendmsg+0x80/0x94 [ 44.298298][ T4321] invoke_syscall+0x98/0x2c0 [ 44.299283][ T4321] el0_svc_common+0x138/0x258 [ 44.300431][ T4321] do_el0_svc+0x64/0x218 [ 44.301459][ T4321] el0_svc+0x58/0x168 [ 44.302374][ T4321] el0t_64_sync_handler+0x84/0xf0 [ 44.303564][ T4321] el0t_64_sync+0x18c/0x190 [ 44.306595][ T4321] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512 [ 44.308777][ T4321] nci: nci_start_poll: failed to set local general bytes [ 49.368080][ T4321] nci: __nci_request: wait_for_completion_interruptible_timeout failed 0 executing program [ 49.591207][ T4332] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512 [ 49.593173][ T4332] nci: nci_start_poll: failed to set local general bytes