Warning: Permanently added '10.128.0.223' (ECDSA) to the list of known hosts.
executing program
executing program
[   64.430769][ T3545] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[   64.516982][ T3556] 
[   64.519354][ T3556] ======================================================
[   64.526393][ T3556] WARNING: possible circular locking dependency detected
[   64.533410][ T3556] 6.1.29-syzkaller #0 Not tainted
[   64.538438][ T3556] ------------------------------------------------------
[   64.545487][ T3556] syz-executor135/3556 is trying to acquire lock:
[   64.551901][ T3556] ffff888018bba350 (&ndev->req_lock){+.+.}-{3:3}, at: nci_start_poll+0x59f/0xf20
[   64.561064][ T3556] 
[   64.561064][ T3556] but task is already holding lock:
[   64.568424][ T3556] ffff888018bbc508 (&genl_data->genl_data_mutex){+.+.}-{3:3}, at: nfc_genl_start_poll+0x1da/0x350
[   64.579045][ T3556] 
[   64.579045][ T3556] which lock already depends on the new lock.
[   64.579045][ T3556] 
[   64.589445][ T3556] 
[   64.589445][ T3556] the existing dependency chain (in reverse order) is:
[   64.598542][ T3556] 
[   64.598542][ T3556] -> #3 (&genl_data->genl_data_mutex){+.+.}-{3:3}:
[   64.607228][ T3556]        lock_acquire+0x1f8/0x5a0
[   64.612253][ T3556]        __mutex_lock_common+0x1d4/0x2520
[   64.617974][ T3556]        mutex_lock_nested+0x17/0x20
[   64.623265][ T3556]        nfc_urelease_event_work+0x113/0x2f0
[   64.629244][ T3556]        process_one_work+0x8aa/0x11f0
[   64.634722][ T3556]        worker_thread+0xa5f/0x1210
[   64.639946][ T3556]        kthread+0x26e/0x300
[   64.644570][ T3556]        ret_from_fork+0x1f/0x30
[   64.649519][ T3556] 
[   64.649519][ T3556] -> #2 (nfc_devlist_mutex){+.+.}-{3:3}:
[   64.657349][ T3556]        lock_acquire+0x1f8/0x5a0
[   64.662386][ T3556]        __mutex_lock_common+0x1d4/0x2520
[   64.668123][ T3556]        mutex_lock_nested+0x17/0x20
[   64.673420][ T3556]        nfc_register_device+0x38/0x310
[   64.679067][ T3556]        nci_register_device+0x7be/0x900
[   64.684717][ T3556]        virtual_ncidev_open+0x55/0xc0
[   64.690214][ T3556]        misc_open+0x304/0x380
[   64.694998][ T3556]        chrdev_open+0x54a/0x630
[   64.699962][ T3556]        do_dentry_open+0x7f9/0x10f0
[   64.705266][ T3556]        path_openat+0x2644/0x2e60
[   64.710384][ T3556]        do_filp_open+0x230/0x480
[   64.715417][ T3556]        do_sys_openat2+0x13b/0x500
[   64.720627][ T3556]        __x64_sys_openat+0x243/0x290
[   64.726008][ T3556]        do_syscall_64+0x3d/0xb0
[   64.730950][ T3556]        entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   64.737368][ T3556] 
[   64.737368][ T3556] -> #1 (nci_mutex){+.+.}-{3:3}:
[   64.744497][ T3556]        lock_acquire+0x1f8/0x5a0
[   64.749519][ T3556]        __mutex_lock_common+0x1d4/0x2520
[   64.755257][ T3556]        mutex_lock_nested+0x17/0x20
[   64.760548][ T3556]        virtual_nci_close+0x13/0x40
[   64.765839][ T3556]        nci_dev_up+0x954/0xd40
[   64.770690][ T3556]        nfc_dev_up+0x185/0x330
[   64.775569][ T3556]        nfc_genl_dev_up+0x80/0xd0
[   64.780690][ T3556]        genl_rcv_msg+0xc1a/0xf70
[   64.785712][ T3556]        netlink_rcv_skb+0x1cd/0x410
[   64.791003][ T3556]        genl_rcv+0x24/0x40
[   64.795522][ T3556]        netlink_unicast+0x7bf/0x990
[   64.800808][ T3556]        netlink_sendmsg+0xa26/0xd60
[   64.806101][ T3556]        ____sys_sendmsg+0x59e/0x8f0
[   64.811392][ T3556]        __sys_sendmsg+0x2a9/0x390
[   64.816505][ T3556]        do_syscall_64+0x3d/0xb0
[   64.821443][ T3556]        entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   64.827872][ T3556] 
[   64.827872][ T3556] -> #0 (&ndev->req_lock){+.+.}-{3:3}:
[   64.835524][ T3556]        validate_chain+0x1667/0x58e0
[   64.840913][ T3556]        __lock_acquire+0x125b/0x1f80
[   64.846285][ T3556]        lock_acquire+0x1f8/0x5a0
[   64.851316][ T3556]        __mutex_lock_common+0x1d4/0x2520
[   64.857039][ T3556]        mutex_lock_nested+0x17/0x20
[   64.862324][ T3556]        nci_start_poll+0x59f/0xf20
[   64.867523][ T3556]        nfc_start_poll+0x184/0x2f0
[   64.872743][ T3556]        nfc_genl_start_poll+0x1e7/0x350
[   64.878402][ T3556]        genl_rcv_msg+0xc1a/0xf70
[   64.883435][ T3556]        netlink_rcv_skb+0x1cd/0x410
[   64.888732][ T3556]        genl_rcv+0x24/0x40
[   64.893248][ T3556]        netlink_unicast+0x7bf/0x990
[   64.898539][ T3556]        netlink_sendmsg+0xa26/0xd60
[   64.903831][ T3556]        ____sys_sendmsg+0x59e/0x8f0
[   64.909208][ T3556]        __sys_sendmsg+0x2a9/0x390
[   64.914325][ T3556]        do_syscall_64+0x3d/0xb0
[   64.919261][ T3556]        entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   64.925773][ T3556] 
[   64.925773][ T3556] other info that might help us debug this:
[   64.925773][ T3556] 
[   64.935995][ T3556] Chain exists of:
[   64.935995][ T3556]   &ndev->req_lock --> nfc_devlist_mutex --> &genl_data->genl_data_mutex
[   64.935995][ T3556] 
[   64.950254][ T3556]  Possible unsafe locking scenario:
[   64.950254][ T3556] 
[   64.957699][ T3556]        CPU0                    CPU1
[   64.963064][ T3556]        ----                    ----
[   64.968421][ T3556]   lock(&genl_data->genl_data_mutex);
[   64.973881][ T3556]                                lock(nfc_devlist_mutex);
[   64.980997][ T3556]                                lock(&genl_data->genl_data_mutex);
[   64.988978][ T3556]   lock(&ndev->req_lock);
[   64.993395][ T3556] 
[   64.993395][ T3556]  *** DEADLOCK ***
[   64.993395][ T3556] 
[   65.001533][ T3556] 4 locks held by syz-executor135/3556:
[   65.007078][ T3556]  #0: ffffffff8e0f9a30 (cb_lock){++++}-{3:3}, at: genl_rcv+0x15/0x40
[   65.015276][ T3556]  #1: ffffffff8e0f98e8 (genl_mutex){+.+.}-{3:3}, at: genl_rcv_msg+0x125/0xf70
[   65.024238][ T3556]  #2: ffff888018bbc508 (&genl_data->genl_data_mutex){+.+.}-{3:3}, at: nfc_genl_start_poll+0x1da/0x350
[   65.035302][ T3556]  #3: ffff888018bbc100 (&dev->mutex){....}-{3:3}, at: nfc_start_poll+0x56/0x2f0
[   65.044447][ T3556] 
[   65.044447][ T3556] stack backtrace:
[   65.050328][ T3556] CPU: 0 PID: 3556 Comm: syz-executor135 Not tainted 6.1.29-syzkaller #0
[   65.058736][ T3556] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/28/2023
[   65.068793][ T3556] Call Trace:
[   65.072075][ T3556]  <TASK>
[   65.075010][ T3556]  dump_stack_lvl+0x1e3/0x2cb
[   65.079705][ T3556]  ? nf_tcp_handle_invalid+0x642/0x642
[   65.085173][ T3556]  ? print_circular_bug+0x12b/0x1a0
[   65.090389][ T3556]  check_noncircular+0x2fa/0x3b0
[   65.095344][ T3556]  ? add_chain_block+0x850/0x850
[   65.100291][ T3556]  ? lockdep_lock+0x11f/0x2a0
[   65.104984][ T3556]  ? _find_first_zero_bit+0xd0/0x100
[   65.110281][ T3556]  validate_chain+0x1667/0x58e0
[   65.115156][ T3556]  ? do_raw_spin_unlock+0x137/0x8a0
[   65.120359][ T3556]  ? reacquire_held_locks+0x660/0x660
[   65.125730][ T3556]  ? _raw_spin_unlock_irqrestore+0xd9/0x130
[   65.131633][ T3556]  ? _raw_spin_unlock+0x40/0x40
[   65.136576][ T3556]  ? stack_trace_save+0x113/0x1c0
[   65.141605][ T3556]  ? stack_trace_snprint+0xe0/0xe0
[   65.146716][ T3556]  ? __stack_depot_save+0x3f5/0x470
[   65.151920][ T3556]  ? nfc_llcp_build_gb+0x4a2/0x710
[   65.157038][ T3556]  ? kasan_set_track+0x60/0x70
[   65.161808][ T3556]  ? kasan_save_free_info+0x27/0x40
[   65.167010][ T3556]  ? mark_lock+0x9a/0x340
[   65.171345][ T3556]  ? nfc_genl_start_poll+0x1e7/0x350
[   65.176640][ T3556]  __lock_acquire+0x125b/0x1f80
[   65.181501][ T3556]  lock_acquire+0x1f8/0x5a0
[   65.186028][ T3556]  ? nci_start_poll+0x59f/0xf20
[   65.190891][ T3556]  ? read_lock_is_recursive+0x10/0x10
[   65.196267][ T3556]  ? __might_sleep+0xb0/0xb0
[   65.200859][ T3556]  ? kasan_quarantine_put+0xd4/0x220
[   65.206167][ T3556]  ? lockdep_hardirqs_on+0x94/0x130
[   65.211376][ T3556]  __mutex_lock_common+0x1d4/0x2520
[   65.216575][ T3556]  ? nci_start_poll+0x59f/0xf20
[   65.221429][ T3556]  ? nfc_llcp_build_gb+0x4a2/0x710
[   65.226544][ T3556]  ? nci_start_poll+0x59f/0xf20
[   65.231394][ T3556]  ? nfc_llcp_general_bytes+0x140/0x140
[   65.236937][ T3556]  ? mutex_lock_io_nested+0x60/0x60
[   65.242148][ T3556]  ? read_lock_is_recursive+0x10/0x10
[   65.247531][ T3556]  mutex_lock_nested+0x17/0x20
[   65.252296][ T3556]  nci_start_poll+0x59f/0xf20
[   65.256979][ T3556]  ? nci_dev_down+0x40/0x40
[   65.261486][ T3556]  ? __mutex_lock_common+0x429/0x2520
[   65.266952][ T3556]  ? __mutex_lock_common+0x429/0x2520
[   65.272333][ T3556]  ? class_find_device+0x273/0x2c0
[   65.277473][ T3556]  ? nfc_get_device+0xf0/0xf0
[   65.282154][ T3556]  ? nfc_start_poll+0x56/0x2f0
[   65.286918][ T3556]  ? class_for_each_device+0x2b0/0x2b0
[   65.292379][ T3556]  ? mutex_lock_io_nested+0x60/0x60
[   65.297586][ T3556]  ? mutex_lock_io_nested+0x60/0x60
[   65.302809][ T3556]  ? nfc_get_device+0x94/0xf0
[   65.307492][ T3556]  nfc_start_poll+0x184/0x2f0
[   65.312184][ T3556]  nfc_genl_start_poll+0x1e7/0x350
[   65.317306][ T3556]  genl_rcv_msg+0xc1a/0xf70
[   65.321809][ T3556]  ? kernel_text_address+0x9f/0xd0
[   65.326929][ T3556]  ? genl_bind+0x360/0x360
[   65.331365][ T3556]  ? mark_lock+0x9a/0x340
[   65.335781][ T3556]  ? mark_lock+0x9a/0x340
[   65.340112][ T3556]  ? __lock_acquire+0x125b/0x1f80
[   65.345141][ T3556]  ? nfc_genl_dev_down+0xd0/0xd0
[   65.350095][ T3556]  netlink_rcv_skb+0x1cd/0x410
[   65.354890][ T3556]  ? genl_bind+0x360/0x360
[   65.359316][ T3556]  ? netlink_ack+0xe60/0xe60
[   65.363921][ T3556]  ? down_read+0x1b1/0x2e0
[   65.368342][ T3556]  ? genl_rcv+0x9/0x40
[   65.372419][ T3556]  genl_rcv+0x24/0x40
[   65.376408][ T3556]  netlink_unicast+0x7bf/0x990
[   65.381184][ T3556]  ? netlink_detachskb+0x90/0x90
[   65.386150][ T3556]  ? __phys_addr_symbol+0x2b/0x70
[   65.391181][ T3556]  ? bpf_lsm_netlink_send+0x5/0x10
[   65.396293][ T3556]  netlink_sendmsg+0xa26/0xd60
[   65.401073][ T3556]  ? netlink_getsockopt+0x5a0/0x5a0
[   65.406282][ T3556]  ? aa_sock_msg_perm+0x91/0x150
[   65.411234][ T3556]  ? bpf_lsm_socket_sendmsg+0x5/0x10
[   65.416535][ T3556]  ? security_socket_sendmsg+0x7d/0xa0
[   65.422003][ T3556]  ? netlink_getsockopt+0x5a0/0x5a0
[   65.427215][ T3556]  ____sys_sendmsg+0x59e/0x8f0
[   65.431995][ T3556]  ? __sys_sendmsg_sock+0x30/0x30
[   65.437045][ T3556]  __sys_sendmsg+0x2a9/0x390
[   65.441646][ T3556]  ? ____sys_sendmsg+0x8f0/0x8f0
[   65.446586][ T3556]  ? vfs_write+0x923/0xba0
[   65.451123][ T3556]  ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[   65.457133][ T3556]  ? syscall_enter_from_user_mode+0x2e/0x220
[   65.463137][ T3556]  ? lockdep_hardirqs_on+0x94/0x130
[   65.468351][ T3556]  ? syscall_enter_from_user_mode+0x2e/0x220
[   65.474346][ T3556]  do_syscall_64+0x3d/0xb0
[   65.478766][ T3556]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   65.484659][ T3556] RIP: 0033:0x7fade844a649
[   65.489072][ T3556] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 41 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[   65.508693][ T3556] RSP: 002b:00007fade83da318 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   65.517117][ T3556] RAX: ffffffffffffffda RBX: 00007fade84d2438 RCX: 00007fade844a649
[   65.525088][ T3556] RDX: 0000000000000000 RSI: 0000000020000440 RDI: 0000000000000004
[   65.533070][ T3556] RBP: 00007fade84d2430 R08: 0000000000000003 R09: 0000000000000000
[   65.541076][ T3556] R10: 0000000000000008 R11: 0000000000000246 R12: 00007fade84a0074
[   65.549146][ T3556] R13: 00007ffed2c4837f R14: 00007fade83da400 R15: 0000000000022000
[   65.557135][ T3556]  </TASK>
[   65.670906][ T3556] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[   65.679697][ T3556] nci: nci_start_poll: failed to set local general bytes
executing program
[   70.733075][ T3556] nci: __nci_request: wait_for_completion_interruptible_timeout failed 0
[   70.966107][ T3559] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[   70.974954][ T3559] nci: nci_start_poll: failed to set local general bytes