Warning: Permanently added '10.128.1.72' (ECDSA) to the list of known hosts. executing program [ 36.798421][ T4309] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512 executing program [ 36.869948][ T4320] [ 36.870485][ T4320] ====================================================== [ 36.872231][ T4320] WARNING: possible circular locking dependency detected [ 36.874020][ T4320] 6.1.15-syzkaller #0 Not tainted [ 36.875278][ T4320] ------------------------------------------------------ [ 36.876935][ T4320] syz-executor166/4320 is trying to acquire lock: [ 36.878552][ T4320] ffff0000cd49b350 (&ndev->req_lock){+.+.}-{3:3}, at: nci_start_poll+0x498/0x1204 [ 36.880845][ T4320] [ 36.880845][ T4320] but task is already holding lock: [ 36.882756][ T4320] ffff0000cd49a520 (&genl_data->genl_data_mutex){+.+.}-{3:3}, at: nfc_genl_start_poll+0x1a8/0x308 [ 36.885395][ T4320] [ 36.885395][ T4320] which lock already depends on the new lock. [ 36.885395][ T4320] [ 36.887937][ T4320] [ 36.887937][ T4320] the existing dependency chain (in reverse order) is: [ 36.890226][ T4320] [ 36.890226][ T4320] -> #3 (&genl_data->genl_data_mutex){+.+.}-{3:3}: [ 36.892418][ T4320] __mutex_lock_common+0x190/0x21a0 [ 36.893838][ T4320] mutex_lock_nested+0x38/0x44 [ 36.895123][ T4320] nfc_urelease_event_work+0xfc/0x2a8 [ 36.896537][ T4320] process_one_work+0x848/0x16b4 [ 36.897983][ T4320] worker_thread+0x8e4/0xfec [ 36.899185][ T4320] kthread+0x24c/0x2d4 [ 36.900384][ T4320] ret_from_fork+0x10/0x20 [ 36.901643][ T4320] [ 36.901643][ T4320] -> #2 (nfc_devlist_mutex){+.+.}-{3:3}: [ 36.903575][ T4320] __mutex_lock_common+0x190/0x21a0 [ 36.905009][ T4320] mutex_lock_nested+0x38/0x44 [ 36.906278][ T4320] nfc_register_device+0x4c/0x310 [ 36.907700][ T4320] nci_register_device+0x6ac/0x7c4 [ 36.909106][ T4320] virtual_ncidev_open+0x6c/0xd8 [ 36.910526][ T4320] misc_open+0x2f0/0x368 [ 36.911684][ T4320] chrdev_open+0x3e8/0x4fc [ 36.912875][ T4320] do_dentry_open+0x734/0xfa0 [ 36.914173][ T4320] vfs_open+0x7c/0x90 [ 36.915269][ T4320] path_openat+0x1e10/0x2540 [ 36.916610][ T4320] do_filp_open+0x1bc/0x3cc [ 36.917856][ T4320] do_sys_openat2+0x128/0x3d8 [ 36.919204][ T4320] __arm64_sys_openat+0x1f0/0x240 [ 36.920586][ T4320] invoke_syscall+0x98/0x2c0 [ 36.921888][ T4320] el0_svc_common+0x138/0x258 [ 36.923143][ T4320] do_el0_svc+0x64/0x218 [ 36.924307][ T4320] el0_svc+0x58/0x168 [ 36.925467][ T4320] el0t_64_sync_handler+0x84/0xf0 [ 36.926837][ T4320] el0t_64_sync+0x18c/0x190 [ 36.928078][ T4320] [ 36.928078][ T4320] -> #1 (nci_mutex){+.+.}-{3:3}: [ 36.929851][ T4320] __mutex_lock_common+0x190/0x21a0 [ 36.931232][ T4320] mutex_lock_nested+0x38/0x44 [ 36.932616][ T4320] virtual_nci_close+0x28/0x58 [ 36.933888][ T4320] nci_dev_up+0x754/0xb10 [ 36.935162][ T4320] nfc_dev_up+0x154/0x300 [ 36.936402][ T4320] nfc_genl_dev_up+0x98/0xdc [ 36.937627][ T4320] genl_rcv_msg+0x948/0xc2c [ 36.938943][ T4320] netlink_rcv_skb+0x20c/0x3b8 [ 36.940215][ T4320] genl_rcv+0x38/0x50 [ 36.941413][ T4320] netlink_unicast+0x660/0x8d4 [ 36.942702][ T4320] netlink_sendmsg+0x800/0xae0 [ 36.944012][ T4320] ____sys_sendmsg+0x558/0x844 [ 36.945336][ T4320] __sys_sendmsg+0x26c/0x33c [ 36.946639][ T4320] __arm64_sys_sendmsg+0x80/0x94 [ 36.947991][ T4320] invoke_syscall+0x98/0x2c0 [ 36.949332][ T4320] el0_svc_common+0x138/0x258 [ 36.950648][ T4320] do_el0_svc+0x64/0x218 [ 36.951898][ T4320] el0_svc+0x58/0x168 [ 36.953020][ T4320] el0t_64_sync_handler+0x84/0xf0 [ 36.954505][ T4320] el0t_64_sync+0x18c/0x190 [ 36.955843][ T4320] [ 36.955843][ T4320] -> #0 (&ndev->req_lock){+.+.}-{3:3}: [ 36.957781][ T4320] __lock_acquire+0x3338/0x764c [ 36.959079][ T4320] lock_acquire+0x2f8/0x8dc [ 36.960339][ T4320] __mutex_lock_common+0x190/0x21a0 [ 36.961734][ T4320] mutex_lock_nested+0x38/0x44 [ 36.963084][ T4320] nci_start_poll+0x498/0x1204 [ 36.964392][ T4320] nfc_start_poll+0x164/0x2a4 [ 36.965718][ T4320] nfc_genl_start_poll+0x1b8/0x308 [ 36.967090][ T4320] genl_rcv_msg+0x948/0xc2c [ 36.968324][ T4320] netlink_rcv_skb+0x20c/0x3b8 [ 36.969697][ T4320] genl_rcv+0x38/0x50 [ 36.970884][ T4320] netlink_unicast+0x660/0x8d4 [ 36.972172][ T4320] netlink_sendmsg+0x800/0xae0 [ 36.973476][ T4320] ____sys_sendmsg+0x558/0x844 [ 36.974783][ T4320] __sys_sendmsg+0x26c/0x33c [ 36.976039][ T4320] __arm64_sys_sendmsg+0x80/0x94 [ 36.977389][ T4320] invoke_syscall+0x98/0x2c0 [ 36.978645][ T4320] el0_svc_common+0x138/0x258 [ 36.979908][ T4320] do_el0_svc+0x64/0x218 [ 36.981103][ T4320] el0_svc+0x58/0x168 [ 36.982169][ T4320] el0t_64_sync_handler+0x84/0xf0 [ 36.983572][ T4320] el0t_64_sync+0x18c/0x190 [ 36.984808][ T4320] [ 36.984808][ T4320] other info that might help us debug this: [ 36.984808][ T4320] [ 36.987268][ T4320] Chain exists of: [ 36.987268][ T4320] &ndev->req_lock --> nfc_devlist_mutex --> &genl_data->genl_data_mutex [ 36.987268][ T4320] [ 36.990849][ T4320] Possible unsafe locking scenario: [ 36.990849][ T4320] [ 36.992764][ T4320] CPU0 CPU1 [ 36.994093][ T4320] ---- ---- [ 36.995452][ T4320] lock(&genl_data->genl_data_mutex); [ 36.996816][ T4320] lock(nfc_devlist_mutex); [ 36.998557][ T4320] lock(&genl_data->genl_data_mutex); [ 37.000492][ T4320] lock(&ndev->req_lock); [ 37.001650][ T4320] [ 37.001650][ T4320] *** DEADLOCK *** [ 37.001650][ T4320] [ 37.003641][ T4320] 4 locks held by syz-executor166/4320: [ 37.004965][ T4320] #0: ffff800017d78ed0 (cb_lock){++++}-{3:3}, at: genl_rcv+0x28/0x50 [ 37.006989][ T4320] #1: ffff800017d78d88 (genl_mutex){+.+.}-{3:3}, at: genl_rcv_msg+0x114/0xc2c [ 37.009315][ T4320] #2: ffff0000cd49a520 (&genl_data->genl_data_mutex){+.+.}-{3:3}, at: nfc_genl_start_poll+0x1a8/0x308 [ 37.011940][ T4320] #3: ffff0000cd49a100 (&dev->mutex){....}-{3:3}, at: nfc_start_poll+0x60/0x2a4 [ 37.014241][ T4320] [ 37.014241][ T4320] stack backtrace: [ 37.015675][ T4320] CPU: 1 PID: 4320 Comm: syz-executor166 Not tainted 6.1.15-syzkaller #0 [ 37.017730][ T4320] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/02/2023 [ 37.020152][ T4320] Call trace: [ 37.020936][ T4320] dump_backtrace+0x1c8/0x1f4 [ 37.022079][ T4320] show_stack+0x2c/0x3c [ 37.023109][ T4320] dump_stack_lvl+0x108/0x170 [ 37.024301][ T4320] dump_stack+0x1c/0x58 [ 37.025294][ T4320] print_circular_bug+0x150/0x1b8 [ 37.026568][ T4320] check_noncircular+0x2cc/0x378 [ 37.027801][ T4320] __lock_acquire+0x3338/0x764c [ 37.029007][ T4320] lock_acquire+0x2f8/0x8dc [ 37.030124][ T4320] __mutex_lock_common+0x190/0x21a0 [ 37.031438][ T4320] mutex_lock_nested+0x38/0x44 [ 37.032551][ T4320] nci_start_poll+0x498/0x1204 [ 37.033802][ T4320] nfc_start_poll+0x164/0x2a4 [ 37.034970][ T4320] nfc_genl_start_poll+0x1b8/0x308 [ 37.036261][ T4320] genl_rcv_msg+0x948/0xc2c [ 37.037396][ T4320] netlink_rcv_skb+0x20c/0x3b8 [ 37.038536][ T4320] genl_rcv+0x38/0x50 [ 37.039497][ T4320] netlink_unicast+0x660/0x8d4 [ 37.040686][ T4320] netlink_sendmsg+0x800/0xae0 [ 37.041877][ T4320] ____sys_sendmsg+0x558/0x844 [ 37.043127][ T4320] __sys_sendmsg+0x26c/0x33c [ 37.044220][ T4320] __arm64_sys_sendmsg+0x80/0x94 [ 37.045498][ T4320] invoke_syscall+0x98/0x2c0 [ 37.046656][ T4320] el0_svc_common+0x138/0x258 [ 37.047797][ T4320] do_el0_svc+0x64/0x218 [ 37.048873][ T4320] el0_svc+0x58/0x168 [ 37.049768][ T4320] el0t_64_sync_handler+0x84/0xf0 [ 37.050945][ T4320] el0t_64_sync+0x18c/0x190 [ 37.162946][ T4320] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512 [ 37.165115][ T4320] nci: nci_start_poll: failed to set local general bytes [ 42.180800][ T4320] nci: __nci_request: wait_for_completion_interruptible_timeout failed 0 executing program [ 42.402826][ T4324] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512 [ 42.405025][ T4324] nci: nci_start_poll: failed to set local general bytes