Warning: Permanently added '10.128.1.138' (ED25519) to the list of known hosts. executing program [ 39.233582][ T4223] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512 executing program [ 39.463606][ T4231] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512 executing program [ 39.532128][ T4242] [ 39.532744][ T4242] ====================================================== [ 39.534422][ T4242] WARNING: possible circular locking dependency detected [ 39.536167][ T4242] 6.1.55-syzkaller #0 Not tainted [ 39.537443][ T4242] ------------------------------------------------------ [ 39.539184][ T4242] syz-executor401/4242 is trying to acquire lock: [ 39.540858][ T4242] ffff0000d3292350 (&ndev->req_lock){+.+.}-{3:3}, at: nci_start_poll+0x498/0x1204 [ 39.543196][ T4242] [ 39.543196][ T4242] but task is already holding lock: [ 39.545017][ T4242] ffff0000d3293520 (&genl_data->genl_data_mutex){+.+.}-{3:3}, at: nfc_genl_start_poll+0x1a8/0x308 [ 39.547623][ T4242] [ 39.547623][ T4242] which lock already depends on the new lock. [ 39.547623][ T4242] [ 39.550148][ T4242] [ 39.550148][ T4242] the existing dependency chain (in reverse order) is: [ 39.552421][ T4242] [ 39.552421][ T4242] -> #3 (&genl_data->genl_data_mutex){+.+.}-{3:3}: [ 39.554504][ T4242] __mutex_lock_common+0x190/0x21a0 [ 39.555916][ T4242] mutex_lock_nested+0x38/0x44 [ 39.557234][ T4242] nfc_urelease_event_work+0xfc/0x2b0 [ 39.558639][ T4242] process_one_work+0x7ac/0x1404 [ 39.559939][ T4242] worker_thread+0x8e4/0xfec [ 39.561194][ T4242] kthread+0x250/0x2d8 [ 39.562319][ T4242] ret_from_fork+0x10/0x20 [ 39.563529][ T4242] [ 39.563529][ T4242] -> #2 (nfc_devlist_mutex){+.+.}-{3:3}: [ 39.565497][ T4242] __mutex_lock_common+0x190/0x21a0 [ 39.566957][ T4242] mutex_lock_nested+0x38/0x44 [ 39.568262][ T4242] nfc_register_device+0x4c/0x310 [ 39.569652][ T4242] nci_register_device+0x6ac/0x7c4 [ 39.570999][ T4242] virtual_ncidev_open+0x6c/0xd8 [ 39.572335][ T4242] misc_open+0x2f0/0x368 [ 39.573517][ T4242] chrdev_open+0x3e8/0x4fc [ 39.574677][ T4242] do_dentry_open+0x734/0xfa0 [ 39.575951][ T4242] vfs_open+0x7c/0x90 [ 39.577081][ T4242] path_openat+0x1e14/0x2548 [ 39.578385][ T4242] do_filp_open+0x1bc/0x3cc [ 39.579650][ T4242] do_sys_openat2+0x128/0x3d8 [ 39.580944][ T4242] __arm64_sys_openat+0x1f0/0x240 [ 39.582358][ T4242] invoke_syscall+0x98/0x2c0 [ 39.583643][ T4242] el0_svc_common+0x138/0x258 [ 39.584918][ T4242] do_el0_svc+0x64/0x218 [ 39.586051][ T4242] el0_svc+0x58/0x168 [ 39.587155][ T4242] el0t_64_sync_handler+0x84/0xf0 [ 39.588517][ T4242] el0t_64_sync+0x18c/0x190 [ 39.589737][ T4242] [ 39.589737][ T4242] -> #1 (nci_mutex){+.+.}-{3:3}: [ 39.591487][ T4242] __mutex_lock_common+0x190/0x21a0 [ 39.592921][ T4242] mutex_lock_nested+0x38/0x44 [ 39.594280][ T4242] virtual_nci_close+0x28/0x58 [ 39.595616][ T4242] nci_dev_up+0x754/0xb10 [ 39.596841][ T4242] nfc_dev_up+0x154/0x300 [ 39.598032][ T4242] nfc_genl_dev_up+0x98/0xdc [ 39.599337][ T4242] genl_rcv_msg+0x948/0xc2c [ 39.600606][ T4242] netlink_rcv_skb+0x20c/0x3b8 [ 39.601918][ T4242] genl_rcv+0x38/0x50 [ 39.603040][ T4242] netlink_unicast+0x65c/0x898 [ 39.604353][ T4242] netlink_sendmsg+0x834/0xb18 [ 39.605634][ T4242] ____sys_sendmsg+0x558/0x844 [ 39.606939][ T4242] __sys_sendmsg+0x26c/0x33c [ 39.608164][ T4242] __arm64_sys_sendmsg+0x80/0x94 [ 39.609561][ T4242] invoke_syscall+0x98/0x2c0 [ 39.610859][ T4242] el0_svc_common+0x138/0x258 [ 39.612229][ T4242] do_el0_svc+0x64/0x218 [ 39.613453][ T4242] el0_svc+0x58/0x168 [ 39.614540][ T4242] el0t_64_sync_handler+0x84/0xf0 [ 39.615920][ T4242] el0t_64_sync+0x18c/0x190 [ 39.617169][ T4242] [ 39.617169][ T4242] -> #0 (&ndev->req_lock){+.+.}-{3:3}: [ 39.619136][ T4242] __lock_acquire+0x3338/0x764c [ 39.620408][ T4242] lock_acquire+0x26c/0x7cc [ 39.621699][ T4242] __mutex_lock_common+0x190/0x21a0 [ 39.623109][ T4242] mutex_lock_nested+0x38/0x44 [ 39.624434][ T4242] nci_start_poll+0x498/0x1204 [ 39.625732][ T4242] nfc_start_poll+0x164/0x2a4 [ 39.627065][ T4242] nfc_genl_start_poll+0x1b8/0x308 [ 39.628456][ T4242] genl_rcv_msg+0x948/0xc2c [ 39.629721][ T4242] netlink_rcv_skb+0x20c/0x3b8 [ 39.631020][ T4242] genl_rcv+0x38/0x50 [ 39.632196][ T4242] netlink_unicast+0x65c/0x898 [ 39.633562][ T4242] netlink_sendmsg+0x834/0xb18 [ 39.634973][ T4242] ____sys_sendmsg+0x558/0x844 [ 39.636396][ T4242] __sys_sendmsg+0x26c/0x33c [ 39.637687][ T4242] __arm64_sys_sendmsg+0x80/0x94 [ 39.639071][ T4242] invoke_syscall+0x98/0x2c0 [ 39.640433][ T4242] el0_svc_common+0x138/0x258 [ 39.641682][ T4242] do_el0_svc+0x64/0x218 [ 39.642870][ T4242] el0_svc+0x58/0x168 [ 39.644051][ T4242] el0t_64_sync_handler+0x84/0xf0 [ 39.645492][ T4242] el0t_64_sync+0x18c/0x190 [ 39.646711][ T4242] [ 39.646711][ T4242] other info that might help us debug this: [ 39.646711][ T4242] [ 39.649350][ T4242] Chain exists of: [ 39.649350][ T4242] &ndev->req_lock --> nfc_devlist_mutex --> &genl_data->genl_data_mutex [ 39.649350][ T4242] [ 39.653118][ T4242] Possible unsafe locking scenario: [ 39.653118][ T4242] [ 39.655011][ T4242] CPU0 CPU1 [ 39.656380][ T4242] ---- ---- [ 39.657706][ T4242] lock(&genl_data->genl_data_mutex); [ 39.659121][ T4242] lock(nfc_devlist_mutex); [ 39.660946][ T4242] lock(&genl_data->genl_data_mutex); [ 39.663049][ T4242] lock(&ndev->req_lock); [ 39.664234][ T4242] [ 39.664234][ T4242] *** DEADLOCK *** [ 39.664234][ T4242] [ 39.666250][ T4242] 4 locks held by syz-executor401/4242: [ 39.667653][ T4242] #0: ffff800017ee4e70 (cb_lock){++++}-{3:3}, at: genl_rcv+0x28/0x50 [ 39.669797][ T4242] #1: ffff800017ee4d28 (genl_mutex){+.+.}-{3:3}, at: genl_rcv_msg+0x114/0xc2c [ 39.672185][ T4242] #2: ffff0000d3293520 (&genl_data->genl_data_mutex){+.+.}-{3:3}, at: nfc_genl_start_poll+0x1a8/0x308 [ 39.675065][ T4242] #3: ffff0000d3293100 (&dev->mutex){....}-{3:3}, at: nfc_start_poll+0x60/0x2a4 [ 39.677446][ T4242] [ 39.677446][ T4242] stack backtrace: [ 39.678982][ T4242] CPU: 1 PID: 4242 Comm: syz-executor401 Not tainted 6.1.55-syzkaller #0 [ 39.681109][ T4242] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023 [ 39.683666][ T4242] Call trace: [ 39.684543][ T4242] dump_backtrace+0x1c8/0x1f4 [ 39.685804][ T4242] show_stack+0x2c/0x3c [ 39.686857][ T4242] dump_stack_lvl+0x108/0x170 [ 39.688107][ T4242] dump_stack+0x1c/0x5c [ 39.689124][ T4242] print_circular_bug+0x150/0x1b8 [ 39.690369][ T4242] check_noncircular+0x2cc/0x378 [ 39.691599][ T4242] __lock_acquire+0x3338/0x764c [ 39.692853][ T4242] lock_acquire+0x26c/0x7cc [ 39.694019][ T4242] __mutex_lock_common+0x190/0x21a0 [ 39.695461][ T4242] mutex_lock_nested+0x38/0x44 [ 39.696640][ T4242] nci_start_poll+0x498/0x1204 [ 39.697822][ T4242] nfc_start_poll+0x164/0x2a4 [ 39.699015][ T4242] nfc_genl_start_poll+0x1b8/0x308 [ 39.700271][ T4242] genl_rcv_msg+0x948/0xc2c [ 39.701397][ T4242] netlink_rcv_skb+0x20c/0x3b8 [ 39.702556][ T4242] genl_rcv+0x38/0x50 [ 39.703583][ T4242] netlink_unicast+0x65c/0x898 [ 39.704803][ T4242] netlink_sendmsg+0x834/0xb18 [ 39.706028][ T4242] ____sys_sendmsg+0x558/0x844 [ 39.707242][ T4242] __sys_sendmsg+0x26c/0x33c [ 39.708391][ T4242] __arm64_sys_sendmsg+0x80/0x94 [ 39.709769][ T4242] invoke_syscall+0x98/0x2c0 [ 39.710910][ T4242] el0_svc_common+0x138/0x258 [ 39.712096][ T4242] do_el0_svc+0x64/0x218 [ 39.713157][ T4242] el0_svc+0x58/0x168 [ 39.714176][ T4242] el0t_64_sync_handler+0x84/0xf0 [ 39.715451][ T4242] el0t_64_sync+0x18c/0x190 [ 39.828937][ T4242] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512 [ 39.831074][ T4242] nci: nci_start_poll: failed to set local general bytes [ 44.904117][ T4237] nci: __nci_request: wait_for_completion_interruptible_timeout failed 0 executing program [ 45.124971][ T4249] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512 [ 45.127391][ T4249] nci: nci_start_poll: failed to set local general bytes