Warning: Permanently added '10.128.1.121' (ED25519) to the list of known hosts.
executing program
[   50.134045][ T3506] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[   50.142927][ T3506] nci: nci_start_poll: failed to set local general bytes
[   55.161113][ T3506] nci: __nci_request: wait_for_completion_interruptible_timeout failed 0
[   55.169770][ T3506] 
[   55.172087][ T3506] ======================================================
[   55.179096][ T3506] WARNING: possible circular locking dependency detected
[   55.186094][ T3506] 5.15.148-syzkaller #0 Not tainted
[   55.191446][ T3506] ------------------------------------------------------
[   55.198444][ T3506] syz-executor408/3506 is trying to acquire lock:
[   55.204840][ T3506] ffffffff8d133548 (nci_mutex){+.+.}-{3:3}, at: virtual_nci_close+0x13/0x40
[   55.213543][ T3506] 
[   55.213543][ T3506] but task is already holding lock:
[   55.220888][ T3506] ffff888147737350 (&ndev->req_lock){+.+.}-{3:3}, at: nci_close_device+0x106/0x5f0
[   55.230180][ T3506] 
[   55.230180][ T3506] which lock already depends on the new lock.
[   55.230180][ T3506] 
[   55.240681][ T3506] 
[   55.240681][ T3506] the existing dependency chain (in reverse order) is:
[   55.249687][ T3506] 
[   55.249687][ T3506] -> #3 (&ndev->req_lock){+.+.}-{3:3}:
[   55.257325][ T3506]        lock_acquire+0x1db/0x4f0
[   55.262338][ T3506]        __mutex_lock_common+0x1da/0x25a0
[   55.268043][ T3506]        mutex_lock_nested+0x17/0x20
[   55.273319][ T3506]        nci_start_poll+0x59f/0xf20
[   55.278505][ T3506]        nfc_start_poll+0x184/0x2f0
[   55.283819][ T3506]        nfc_genl_start_poll+0x1e7/0x350
[   55.289449][ T3506]        genl_rcv_msg+0xfbd/0x14a0
[   55.294548][ T3506]        netlink_rcv_skb+0x1cf/0x410
[   55.299828][ T3506]        genl_rcv+0x24/0x40
[   55.304345][ T3506]        netlink_unicast+0x7b6/0x980
[   55.309619][ T3506]        netlink_sendmsg+0xa30/0xd60
[   55.314897][ T3506]        ____sys_sendmsg+0x59e/0x8f0
[   55.320173][ T3506]        ___sys_sendmsg+0x252/0x2e0
[   55.325367][ T3506]        __se_sys_sendmsg+0x19a/0x260
[   55.330724][ T3506]        do_syscall_64+0x3d/0xb0
[   55.335651][ T3506]        entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   55.342052][ T3506] 
[   55.342052][ T3506] -> #2 (&genl_data->genl_data_mutex){+.+.}-{3:3}:
[   55.350737][ T3506]        lock_acquire+0x1db/0x4f0
[   55.355841][ T3506]        __mutex_lock_common+0x1da/0x25a0
[   55.361552][ T3506]        mutex_lock_nested+0x17/0x20
[   55.366922][ T3506]        nfc_urelease_event_work+0x113/0x2f0
[   55.372974][ T3506]        process_one_work+0x8a1/0x10c0
[   55.378422][ T3506]        worker_thread+0xaca/0x1280
[   55.383695][ T3506]        kthread+0x3f6/0x4f0
[   55.388267][ T3506]        ret_from_fork+0x1f/0x30
[   55.393194][ T3506] 
[   55.393194][ T3506] -> #1 (nfc_devlist_mutex){+.+.}-{3:3}:
[   55.400997][ T3506]        lock_acquire+0x1db/0x4f0
[   55.406017][ T3506]        __mutex_lock_common+0x1da/0x25a0
[   55.411730][ T3506]        mutex_lock_nested+0x17/0x20
[   55.417097][ T3506]        nfc_register_device+0x38/0x310
[   55.422634][ T3506]        nci_register_device+0x7be/0x900
[   55.428253][ T3506]        virtual_ncidev_open+0x55/0xc0
[   55.433707][ T3506]        misc_open+0x304/0x380
[   55.438458][ T3506]        chrdev_open+0x54a/0x630
[   55.443379][ T3506]        do_dentry_open+0x807/0xfb0
[   55.448564][ T3506]        path_openat+0x2702/0x2f20
[   55.453662][ T3506]        do_filp_open+0x21c/0x460
[   55.458672][ T3506]        do_sys_openat2+0x13b/0x500
[   55.463856][ T3506]        __x64_sys_openat+0x243/0x290
[   55.469212][ T3506]        do_syscall_64+0x3d/0xb0
[   55.474136][ T3506]        entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   55.480536][ T3506] 
[   55.480536][ T3506] -> #0 (nci_mutex){+.+.}-{3:3}:
[   55.487648][ T3506]        validate_chain+0x1649/0x5930
[   55.493015][ T3506]        __lock_acquire+0x1295/0x1ff0
[   55.498374][ T3506]        lock_acquire+0x1db/0x4f0
[   55.503381][ T3506]        __mutex_lock_common+0x1da/0x25a0
[   55.509089][ T3506]        mutex_lock_nested+0x17/0x20
[   55.514363][ T3506]        virtual_nci_close+0x13/0x40
[   55.519633][ T3506]        nci_close_device+0x3a8/0x5f0
[   55.524994][ T3506]        nci_unregister_device+0x3c/0x230
[   55.530701][ T3506]        virtual_ncidev_close+0x55/0x90
[   55.536232][ T3506]        __fput+0x3bf/0x890
[   55.540730][ T3506]        task_work_run+0x129/0x1a0
[   55.545829][ T3506]        do_exit+0x6a3/0x2480
[   55.550494][ T3506]        do_group_exit+0x144/0x310
[   55.555626][ T3506]        get_signal+0xc66/0x14e0
[   55.560601][ T3506]        arch_do_signal_or_restart+0xc3/0x1890
[   55.566842][ T3506]        exit_to_user_mode_loop+0x97/0x130
[   55.572653][ T3506]        exit_to_user_mode_prepare+0xb1/0x140
[   55.578731][ T3506]        syscall_exit_to_user_mode+0x5d/0x250
[   55.584968][ T3506]        do_syscall_64+0x49/0xb0
[   55.589893][ T3506]        entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   55.596299][ T3506] 
[   55.596299][ T3506] other info that might help us debug this:
[   55.596299][ T3506] 
[   55.606514][ T3506] Chain exists of:
[   55.606514][ T3506]   nci_mutex --> &genl_data->genl_data_mutex --> &ndev->req_lock
[   55.606514][ T3506] 
[   55.620064][ T3506]  Possible unsafe locking scenario:
[   55.620064][ T3506] 
[   55.627515][ T3506]        CPU0                    CPU1
[   55.632879][ T3506]        ----                    ----
[   55.638243][ T3506]   lock(&ndev->req_lock);
[   55.642652][ T3506]                                lock(&genl_data->genl_data_mutex);
[   55.650622][ T3506]                                lock(&ndev->req_lock);
[   55.657547][ T3506]   lock(nci_mutex);
[   55.661429][ T3506] 
[   55.661429][ T3506]  *** DEADLOCK ***
[   55.661429][ T3506] 
[   55.669560][ T3506] 1 lock held by syz-executor408/3506:
[   55.675000][ T3506]  #0: ffff888147737350 (&ndev->req_lock){+.+.}-{3:3}, at: nci_close_device+0x106/0x5f0
[   55.684729][ T3506] 
[   55.684729][ T3506] stack backtrace:
[   55.690598][ T3506] CPU: 0 PID: 3506 Comm: syz-executor408 Not tainted 5.15.148-syzkaller #0
[   55.699167][ T3506] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[   55.709205][ T3506] Call Trace:
[   55.712559][ T3506]  <TASK>
[   55.715476][ T3506]  dump_stack_lvl+0x1e3/0x2cb
[   55.720162][ T3506]  ? io_uring_drop_tctx_refs+0x19d/0x19d
[   55.725788][ T3506]  ? print_circular_bug+0x12b/0x1a0
[   55.730983][ T3506]  check_noncircular+0x2f8/0x3b0
[   55.735905][ T3506]  ? add_chain_block+0x850/0x850
[   55.740842][ T3506]  ? lockdep_lock+0x11f/0x2a0
[   55.745546][ T3506]  validate_chain+0x1649/0x5930
[   55.750390][ T3506]  ? mark_lock+0x98/0x340
[   55.754699][ T3506]  ? reacquire_held_locks+0x660/0x660
[   55.760048][ T3506]  ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[   55.766017][ T3506]  ? _raw_spin_unlock+0x40/0x40
[   55.770854][ T3506]  ? __up_console_sem+0x124/0x1e0
[   55.775864][ T3506]  ? prb_read_valid+0xa5/0xf0
[   55.780615][ T3506]  ? console_lock+0x70/0x70
[   55.785103][ T3506]  ? prb_final_commit+0x20/0x20
[   55.789941][ T3506]  ? mark_lock+0x98/0x340
[   55.794252][ T3506]  ? console_unlock+0xdbc/0x12b0
[   55.799172][ T3506]  __lock_acquire+0x1295/0x1ff0
[   55.804017][ T3506]  lock_acquire+0x1db/0x4f0
[   55.808515][ T3506]  ? virtual_nci_close+0x13/0x40
[   55.813447][ T3506]  ? read_lock_is_recursive+0x10/0x10
[   55.818805][ T3506]  ? __might_sleep+0xc0/0xc0
[   55.823383][ T3506]  __mutex_lock_common+0x1da/0x25a0
[   55.828570][ T3506]  ? virtual_nci_close+0x13/0x40
[   55.833496][ T3506]  ? __wake_up_klogd+0xd5/0x100
[   55.838334][ T3506]  ? vprintk_emit+0xf5/0x150
[   55.842909][ T3506]  ? virtual_nci_close+0x13/0x40
[   55.847831][ T3506]  ? _printk+0xd1/0x111
[   55.851972][ T3506]  ? mutex_lock_io_nested+0x60/0x60
[   55.857157][ T3506]  ? panic+0x84d/0x84d
[   55.861214][ T3506]  ? _raw_spin_unlock_irq+0x1f/0x40
[   55.866401][ T3506]  mutex_lock_nested+0x17/0x20
[   55.871152][ T3506]  virtual_nci_close+0x13/0x40
[   55.875900][ T3506]  nci_close_device+0x3a8/0x5f0
[   55.880745][ T3506]  ? nci_unregister_device+0x230/0x230
[   55.886192][ T3506]  ? mutex_unlock+0x10/0x10
[   55.890687][ T3506]  nci_unregister_device+0x3c/0x230
[   55.895873][ T3506]  ? virtual_ncidev_open+0xc0/0xc0
[   55.900973][ T3506]  virtual_ncidev_close+0x55/0x90
[   55.905985][ T3506]  ? virtual_ncidev_open+0xc0/0xc0
[   55.911168][ T3506]  __fput+0x3bf/0x890
[   55.915144][ T3506]  task_work_run+0x129/0x1a0
[   55.919725][ T3506]  do_exit+0x6a3/0x2480
[   55.923876][ T3506]  ? put_task_struct+0x80/0x80
[   55.928625][ T3506]  ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[   55.934685][ T3506]  do_group_exit+0x144/0x310
[   55.939283][ T3506]  ? lockdep_hardirqs_on+0x94/0x130
[   55.944471][ T3506]  get_signal+0xc66/0x14e0
[   55.948972][ T3506]  arch_do_signal_or_restart+0xc3/0x1890
[   55.954600][ T3506]  ? get_sigframe_size+0x10/0x10
[   55.959533][ T3506]  ? exit_to_user_mode_loop+0x39/0x130
[   55.964981][ T3506]  exit_to_user_mode_loop+0x97/0x130
[   55.970256][ T3506]  exit_to_user_mode_prepare+0xb1/0x140
[   55.975794][ T3506]  syscall_exit_to_user_mode+0x5d/0x250
[   55.981414][ T3506]  do_syscall_64+0x49/0xb0
[   55.985822][ T3506]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   55.991709][ T3506] RIP: 0033:0x7f2c00a55fb9
[   55.996114][ T3506] Code: Unable to access opcode bytes at RIP 0x7f2c00a55f8f.
[   56.003473][ T3506] RSP: 002b:00007f2c009f6238 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   56.011883][ T3506] RAX: 0000