./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor2974530533 <...> Warning: Permanently added '10.128.0.157' (ECDSA) to the list of known hosts. execve("./syz-executor2974530533", ["./syz-executor2974530533"], 0x7ffc9299df80 /* 10 vars */) = 0 brk(NULL) = 0x555556de7000 brk(0x555556de7c40) = 0x555556de7c40 arch_prctl(ARCH_SET_FS, 0x555556de7300) = 0 uname({sysname="Linux", nodename="syzkaller", ...}) = 0 set_tid_address(0x555556de75d0) = 3614 set_robust_list(0x555556de75e0, 24) = 0 rt_sigaction(SIGRTMIN, {sa_handler=0x7ff50a3839d0, sa_mask=[], sa_flags=SA_RESTORER|SA_SIGINFO, sa_restorer=0x7ff50a3840a0}, NULL, 8) = 0 rt_sigaction(SIGRT_1, {sa_handler=0x7ff50a383a70, sa_mask=[], sa_flags=SA_RESTORER|SA_RESTART|SA_SIGINFO, sa_restorer=0x7ff50a3840a0}, NULL, 8) = 0 rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor2974530533", 4096) = 28 brk(0x555556e08c40) = 0x555556e08c40 brk(0x555556e09000) = 0x555556e09000 mprotect(0x7ff50a444000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 3615 attached , child_tidptr=0x555556de75d0) = 3615 [pid 3615] set_robust_list(0x555556de75e0, 24) = 0 [pid 3615] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3615] setpgid(0, 0) = 0 [pid 3615] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3615] write(3, "1000", 4) = 4 [pid 3615] close(3) = 0 [pid 3615] futex(0x7ff50a44a42c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3615] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7ff50a353000 [pid 3615] mprotect(0x7ff50a354000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 3615] clone(child_stack=0x7ff50a3733f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 3616 attached [pid 3616] set_robust_list(0x7ff50a3739e0, 24) = 0 [pid 3616] futex(0x7ff50a44a428, FUTEX_WAIT_PRIVATE, 0, NULL [pid 3615] <... clone resumed>, parent_tid=[3616], tls=0x7ff50a373700, child_tidptr=0x7ff50a3739d0) = 3616 [pid 3615] futex(0x7ff50a44a428, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 3616] <... futex resumed>) = 0 [pid 3616] openat(AT_FDCWD, "/dev/virtual_nci", O_RDWR [pid 3615] futex(0x7ff50a44a42c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 3616] <... openat resumed>) = 3 [pid 3616] futex(0x7ff50a44a42c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 3615] <... futex resumed>) = 0 [pid 3616] futex(0x7ff50a44a428, FUTEX_WAIT_PRIVATE, 0, NULL [pid 3615] futex(0x7ff50a44a428, FUTEX_WAKE_PRIVATE, 1000000 [pid 3616] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 3615] <... futex resumed>) = 0 [pid 3616] ioctl(3, _IOC(_IOC_NONE, 0, 0, 0) [pid 3615] futex(0x7ff50a44a42c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 3616] <... ioctl resumed>, 0x200000c0) = 0 [pid 3616] futex(0x7ff50a44a42c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 3615] <... futex resumed>) = 0 [pid 3616] futex(0x7ff50a44a428, FUTEX_WAIT_PRIVATE, 0, NULL [pid 3615] futex(0x7ff50a44a428, FUTEX_WAKE_PRIVATE, 1000000 [pid 3616] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 3615] <... futex resumed>) = 0 [pid 3616] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC [pid 3615] futex(0x7ff50a44a42c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 3616] <... socket resumed>) = 4 [pid 3616] futex(0x7ff50a44a42c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 3615] <... futex resumed>) = 0 [pid 3616] futex(0x7ff50a44a428, FUTEX_WAIT_PRIVATE, 0, NULL [pid 3615] futex(0x7ff50a44a428, FUTEX_WAKE_PRIVATE, 1000000 [pid 3616] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 3615] <... futex resumed>) = 0 [pid 3616] sendto(4, [{nlmsg_len=28, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x03\x00\x00\x00\x08\x00\x02\x00\x6e\x66\x63\x00"], 28, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12 [pid 3615] futex(0x7ff50a44a42c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 3616] <... sendto resumed>) = 28 [pid 3616] recvfrom(4, [{nlmsg_len=472, nlmsg_type=nlctrl, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=3615}, "\x01\x02\x00\x00\x08\x00\x02\x00\x6e\x66\x63\x00\x06\x00\x01\x00\x1d\x00\x00\x00\x08\x00\x03\x00\x01\x00\x00\x00\x08\x00\x04\x00\x00\x00\x00\x00\x08\x00\x05\x00\x1f\x00\x00\x00\x80\x01\x06\x00\x14\x00\x01\x00\x08\x00\x01\x00\x01\x00\x00\x00\x08\x00\x02\x00\x0e\x00\x00\x00\x14\x00\x02\x00\x08\x00\x01\x00\x02\x00\x00\x00\x08\x00\x02\x00\x0b\x00\x00\x00\x14\x00\x03\x00\x08\x00\x01\x00\x03\x00\x00\x00"...], 4096, 0, NULL, NULL) = 472 [pid 3616] recvfrom(4, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=3615}, {error=0, msg={nlmsg_len=28, nlmsg_type=nlctrl, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36 [pid 3616] futex(0x7ff50a44a42c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 3615] <... futex resumed>) = 0 [pid 3616] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="\x1c\x00\x00\x00\x1d\x00\x01\x00\x23\x01\x00\x00\x34\x02\x00\x00\x02\x00\x00\x00\x08\x00\x01\x00\x02\x00\x00\x00", iov_len=28}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0 [pid 3615] futex(0x7ff50a44a428, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3615] futex(0x7ff50a44a42c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 3615] futex(0x7ff50a44a42c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0}) = -1 ETIMEDOUT (Connection timed out) [pid 3615] futex(0x7ff50a44a43c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3615] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7ff50a332000 [pid 3615] mprotect(0x7ff50a333000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 3615] clone(child_stack=0x7ff50a3523f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[3621], tls=0x7ff50a352700, child_tidptr=0x7ff50a3529d0) = 3621 [pid 3615] futex(0x7ff50a44a438, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3615] futex(0x7ff50a44a43c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 3621 attached [pid 3621] set_robust_list(0x7ff50a3529e0, 24) = 0 [pid 3621] write(3, "\x40\x00\x00\x00\x00\x00", 6) = 6 [pid 3621] futex(0x7ff50a44a43c, FUTEX_WAKE_PRIVATE, 1000000 [pid 3615] <... futex resumed>) = 0 [pid 3615] futex(0x7ff50a44a438, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3615] futex(0x7ff50a44a43c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 3621] <... futex resumed>) = 1 [pid 3621] write(3, "\x40\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 20) = 20 [pid 3621] futex(0x7ff50a44a43c, FUTEX_WAKE_PRIVATE, 1000000 [pid 3615] <... futex resumed>) = 0 [pid 3615] futex(0x7ff50a44a438, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3615] futex(0x7ff50a44a43c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 3621] <... futex resumed>) = 1 [pid 3621] write(3, "\x41\x00\x00\x00", 4) = 4 [pid 3621] futex(0x7ff50a44a43c, FUTEX_WAKE_PRIVATE, 1000000 [pid 3615] <... futex resumed>) = 0 [pid 3615] futex(0x7ff50a44a438, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3615] futex(0x7ff50a44a43c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 3621] <... futex resumed>) = 1 [pid 3621] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="\x24\x00\x00\x00\x1d\x00\x01\x00\x23\x01\x00\x00\x34\x02\x00\x00\x06\x00\x00\x00\x08\x00\x01\x00\x02\x00\x00\x00\x08\x00\x03\x00\xff\xff\xff\xff", iov_len=36}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0 [pid 3615] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 3615] futex(0x7ff50a44a43c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0}) = -1 ETIMEDOUT (Connection timed out) [pid 3615] exit_group(0) = ? [pid 3621] <... sendmsg resumed>) = ? [pid 3616] <... sendmsg resumed>) = ? [pid 3621] +++ exited with 0 +++ [pid 3616] +++ exited with 0 +++ [pid 3615] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3615, si_uid=0, si_status=0, si_utime=0, si_stime=3} --- clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556de75d0) = 3622 ./strace-static-x86_64: Process 3622 attached [pid 3622] set_robust_list(0x555556de75e0, 24) = 0 [pid 3622] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3622] setpgid(0, 0) = 0 [pid 3622] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3622] write(3, "1000", 4) = 4 [pid 3622] close(3) = 0 [pid 3622] futex(0x7ff50a44a42c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3622] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7ff50a353000 [pid 3622] mprotect(0x7ff50a354000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 3622] clone(child_stack=0x7ff50a3733f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[3623], tls=0x7ff50a373700, child_tidptr=0x7ff50a3739d0) = 3623 [pid 3622] futex(0x7ff50a44a428, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3622] futex(0x7ff50a44a42c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 3623 attached [pid 3623] set_robust_list(0x7ff50a3739e0, 24) = 0 [pid 3623] openat(AT_FDCWD, "/dev/virtual_nci", O_RDWR) = 3 [pid 3623] futex(0x7ff50a44a42c, FUTEX_WAKE_PRIVATE, 1000000 [pid 3622] <... futex resumed>) = 0 [pid 3622] futex(0x7ff50a44a428, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3622] futex(0x7ff50a44a42c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 3623] <... futex resumed>) = 1 [pid 3623] ioctl(3, _IOC(_IOC_NONE, 0, 0, 0), 0x200000c0) = 0 [pid 3623] futex(0x7ff50a44a42c, FUTEX_WAKE_PRIVATE, 1000000 [pid 3622] <... futex resumed>) = 0 [pid 3622] futex(0x7ff50a44a428, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3622] futex(0x7ff50a44a42c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 3623] <... futex resumed>) = 1 [pid 3623] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC) = 4 [pid 3623] futex(0x7ff50a44a42c, FUTEX_WAKE_PRIVATE, 1000000 [pid 3622] <... futex resumed>) = 0 [pid 3622] futex(0x7ff50a44a428, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3622] futex(0x7ff50a44a42c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 3623] <... futex resumed>) = 1 [pid 3623] sendto(4, [{nlmsg_len=28, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x03\x00\x00\x00\x08\x00\x02\x00\x6e\x66\x63\x00"], 28, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 28 [pid 3623] recvfrom(4, [{nlmsg_len=472, nlmsg_type=nlctrl, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=3622}, "\x01\x02\x00\x00\x08\x00\x02\x00\x6e\x66\x63\x00\x06\x00\x01\x00\x1d\x00\x00\x00\x08\x00\x03\x00\x01\x00\x00\x00\x08\x00\x04\x00\x00\x00\x00\x00\x08\x00\x05\x00\x1f\x00\x00\x00\x80\x01\x06\x00\x14\x00\x01\x00\x08\x00\x01\x00\x01\x00\x00\x00\x08\x00\x02\x00\x0e\x00\x00\x00\x14\x00\x02\x00\x08\x00\x01\x00\x02\x00\x00\x00\x08\x00\x02\x00\x0b\x00\x00\x00\x14\x00\x03\x00\x08\x00\x01\x00\x03\x00\x00\x00"...], 4096, 0, NULL, NULL) = 472 [pid 3623] recvfrom(4, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=3622}, {error=0, msg={nlmsg_len=28, nlmsg_type=nlctrl, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36 [pid 3623] futex(0x7ff50a44a42c, FUTEX_WAKE_PRIVATE, 1000000 [pid 3622] <... futex resumed>) = 0 [pid 3622] futex(0x7ff50a44a428, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3622] futex(0x7ff50a44a42c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 3623] <... futex resumed>) = 1 syzkaller login: [ 51.876917][ T3616] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512 [pid 3623] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="\x1c\x00\x00\x00\x1d\x00\x01\x00\x23\x01\x00\x00\x34\x02\x00\x00\x02\x00\x00\x00\x08\x00\x01\x00\x02\x00\x00\x00", iov_len=28}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0 [pid 3622] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 3622] futex(0x7ff50a44a42c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0}) = -1 ETIMEDOUT (Connection timed out) [pid 3622] futex(0x7ff50a44a43c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3622] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7ff50a332000 [pid 3622] mprotect(0x7ff50a333000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 3622] clone(child_stack=0x7ff50a3523f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[3627], tls=0x7ff50a352700, child_tidptr=0x7ff50a3529d0) = 3627 [pid 3622] futex(0x7ff50a44a438, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3622] futex(0x7ff50a44a43c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 3627 attached [pid 3627] set_robust_list(0x7ff50a3529e0, 24) = 0 [pid 3627] write(3, "\x40\x00\x00\x00\x00\x00", 6) = 6 [pid 3627] futex(0x7ff50a44a43c, FUTEX_WAKE_PRIVATE, 1000000 [pid 3622] <... futex resumed>) = 0 [pid 3622] futex(0x7ff50a44a438, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3622] futex(0x7ff50a44a43c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 3627] <... futex resumed>) = 1 [pid 3627] write(3, "\x40\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 20) = 20 [pid 3627] futex(0x7ff50a44a43c, FUTEX_WAKE_PRIVATE, 1000000 [pid 3622] <... futex resumed>) = 0 [pid 3622] futex(0x7ff50a44a438, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3622] futex(0x7ff50a44a43c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 3627] <... futex resumed>) = 1 [pid 3627] write(3, "\x41\x00\x00\x00", 4) = 4 [pid 3623] <... sendmsg resumed>) = 28 [pid 3623] futex(0x7ff50a44a42c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3623] futex(0x7ff50a44a428, FUTEX_WAIT_PRIVATE, 0, NULL [pid 3627] futex(0x7ff50a44a43c, FUTEX_WAKE_PRIVATE, 1000000 [pid 3622] <... futex resumed>) = 0 [pid 3622] futex(0x7ff50a44a428, FUTEX_WAKE_PRIVATE, 1000000 [pid 3623] <... futex resumed>) = 0 [pid 3622] <... futex resumed>) = 1 [ 51.978330][ T3623] [ 51.980687][ T3623] ====================================================== [ 51.987680][ T3623] WARNING: possible circular locking dependency detected [ 51.994682][ T3623] 6.1.0-rc5-syzkaller #0 Not tainted [ 51.999943][ T3623] ------------------------------------------------------ [ 52.006938][ T3623] syz-executor297/3623 is trying to acquire lock: [ 52.013328][ T3623] ffff88801fc74350 (&ndev->req_lock){+.+.}-{3:3}, at: nci_start_poll+0x57a/0xef0 [ 52.022460][ T3623] [ 52.022460][ T3623] but task is already holding lock: [ 52.029804][ T3623] ffff888017e0d508 (&genl_data->genl_data_mutex){+.+.}-{3:3}, at: nfc_genl_start_poll+0x1d2/0x340 [ 52.040396][ T3623] [ 52.040396][ T3623] which lock already depends on the new lock. [ 52.040396][ T3623] [ 52.050794][ T3623] [ 52.050794][ T3623] the existing dependency chain (in reverse order) is: [ 52.059793][ T3623] [ 52.059793][ T3623] -> #3 (&genl_data->genl_data_mutex){+.+.}-{3:3}: [ 52.068469][ T3623] lock_acquire+0x1a7/0x400 [ 52.073491][ T3623] __mutex_lock_common+0x1de/0x26c0 [ 52.079200][ T3623] mutex_lock_nested+0x17/0x20 [ 52.084473][ T3623] nfc_urelease_event_work+0x10a/0x300 [ 52.090447][ T3623] process_one_work+0x81c/0xd10 [ 52.095809][ T3623] worker_thread+0xb14/0x1330 [ 52.101002][ T3623] kthread+0x266/0x300 [ 52.105587][ T3623] ret_from_fork+0x1f/0x30 [ 52.110519][ T3623] [ 52.110519][ T3623] -> #2 (nfc_devlist_mutex){+.+.}-{3:3}: [ 52.118341][ T3623] lock_acquire+0x1a7/0x400 [ 52.123353][ T3623] __mutex_lock_common+0x1de/0x26c0 [ 52.129233][ T3623] mutex_lock_nested+0x17/0x20 [ 52.134520][ T3623] nfc_register_device+0x33/0x320 [ 52.140074][ T3623] nci_register_device+0x7c7/0x900 [ 52.145696][ T3623] virtual_ncidev_open+0x55/0xc0 [ 52.151149][ T3623] misc_open+0x346/0x3c0 [ 52.155910][ T3623] chrdev_open+0x5fb/0x680 [ 52.160839][ T3623] do_dentry_open+0x85f/0x11b0 [ 52.166118][ T3623] path_openat+0x260e/0x2e00 [ 52.171221][ T3623] do_filp_open+0x275/0x500 [ 52.176241][ T3623] do_sys_openat2+0x13b/0x500 [ 52.181433][ T3623] __x64_sys_openat+0x243/0x290 [ 52.186795][ T3623] do_syscall_64+0x2b/0x70 [ 52.191720][ T3623] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 52.198124][ T3623] [ 52.198124][ T3623] -> #1 (nci_mutex){+.+.}-{3:3}: [ 52.205234][ T3623] lock_acquire+0x1a7/0x400 [ 52.210250][ T3623] __mutex_lock_common+0x1de/0x26c0 [ 52.215955][ T3623] mutex_lock_nested+0x17/0x20 [ 52.221223][ T3623] virtual_nci_close+0x13/0x40 [ 52.226503][ T3623] nci_open_device+0x918/0xd00 [ 52.231780][ T3623] nfc_dev_up+0x17d/0x320 [ 52.236618][ T3623] nfc_genl_dev_up+0x7f/0xc0 [ 52.241717][ T3623] genl_rcv_msg+0xc02/0xf60 [ 52.246731][ T3623] netlink_rcv_skb+0x1f0/0x460 [ 52.252005][ T3623] genl_rcv+0x24/0x40 [ 52.256498][ T3623] netlink_unicast+0x7e7/0x9c0 [ 52.261775][ T3623] netlink_sendmsg+0x9b3/0xcd0 [ 52.267050][ T3623] ____sys_sendmsg+0x597/0x8e0 [ 52.272325][ T3623] __sys_sendmsg+0x28e/0x390 [ 52.277426][ T3623] do_syscall_64+0x2b/0x70 [ 52.282352][ T3623] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 52.288757][ T3623] [ 52.288757][ T3623] -> #0 (&ndev->req_lock){+.+.}-{3:3}: [ 52.296386][ T3623] validate_chain+0x184a/0x6470 [ 52.301750][ T3623] __lock_acquire+0x1292/0x1f60 [ 52.307111][ T3623] lock_acquire+0x1a7/0x400 [ 52.312123][ T3623] __mutex_lock_common+0x1de/0x26c0 [ 52.317826][ T3623] mutex_lock_nested+0x17/0x20 [ 52.323097][ T3623] nci_start_poll+0x57a/0xef0 [ 52.328283][ T3623] nfc_start_poll+0x185/0x2f0 [ 52.333469][ T3623] nfc_genl_start_poll+0x1df/0x340 [ 52.339088][ T3623] genl_rcv_msg+0xc02/0xf60 [ 52.344102][ T3623] netlink_rcv_skb+0x1f0/0x460 [ 52.349375][ T3623] genl_rcv+0x24/0x40 [ 52.353869][ T3623] netlink_unicast+0x7e7/0x9c0 [ 52.359142][ T3623] netlink_sendmsg+0x9b3/0xcd0 [ 52.364420][ T3623] ____sys_sendmsg+0x597/0x8e0 [ 52.369691][ T3623] __sys_sendmsg+0x28e/0x390 [ 52.374790][ T3623] do_syscall_64+0x2b/0x70 [ 52.379714][ T3623] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 52.386115][ T3623] [ 52.386115][ T3623] other info that might help us debug this: [ 52.386115][ T3623] [ 52.396324][ T3623] Chain exists of: [ 52.396324][ T3623] &ndev->req_lock --> nfc_devlist_mutex --> &genl_data->genl_data_mutex [ 52.396324][ T3623] [ 52.410557][ T3623] Possible unsafe locking scenario: [ 52.410557][ T3623] [ 52.417986][ T3623] CPU0 CPU1 [ 52.423332][ T3623] ---- ---- [ 52.428679][ T3623] lock(&genl_data->genl_data_mutex); [ 52.434122][ T3623] lock(nfc_devlist_mutex); [ 52.441217][ T3623] lock(&genl_data->genl_data_mutex); [ 52.449178][ T3623] lock(&ndev->req_lock); [ 52.453578][ T3623] [ 52.453578][ T3623] *** DEADLOCK *** [ 52.453578][ T3623] [ 52.461704][ T3623] 4 locks held by syz-executor297/3623: [ 52.467229][ T3623] #0: ffffffff8de415d0 (cb_lock){++++}-{3:3}, at: genl_rcv+0x15/0x40 [ 52.475401][ T3623] #1: ffffffff8de41488 (genl_mutex){+.+.}-{3:3}, at: genl_rcv_msg+0x123/0xf60 [ 52.484354][ T3623] #2: ffff888017e0d508 (&genl_data->genl_data_mutex){+.+.}-{3:3}, at: nfc_genl_start_poll+0x1d2/0x340 [ 52.495388][ T3623] #3: ffff888017e0d100 (&dev->mutex){....}-{3:3}, at: nfc_start_poll+0x61/0x2f0 [ 52.504517][ T3623] [ 52.504517][ T3623] stack backtrace: [ 52.510386][ T3623] CPU: 0 PID: 3623 Comm: syz-executor297 Not tainted 6.1.0-rc5-syzkaller #0 [ 52.519045][ T3623] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 52.529088][ T3623] Call Trace: [ 52.532356][ T3623] [ 52.535275][ T3623] dump_stack_lvl+0x1e3/0x2cb [ 52.539944][ T3623] ? nf_tcp_handle_invalid+0x62e/0x62e [ 52.545394][ T3623] ? print_circular_bug+0x13e/0x1c0 [ 52.550584][ T3623] check_noncircular+0x2f9/0x3b0 [ 52.555515][ T3623] ? add_chain_block+0x850/0x850 [ 52.560442][ T3623] ? lockdep_lock+0x11d/0x2a0 [ 52.565112][ T3623] ? _find_first_zero_bit+0xe8/0x110 [ 52.570392][ T3623] validate_chain+0x184a/0x6470 [ 52.575239][ T3623] ? lockdep_hardirqs_on_prepare+0x448/0x7b0 [ 52.581221][ T3623] ? reacquire_held_locks+0x680/0x680 [ 52.586596][ T3623] ? do_raw_spin_unlock+0x134/0x8a0 [ 52.591790][ T3623] ? _raw_spin_unlock_irqrestore+0x8b/0x130 [ 52.597677][ T3623] ? lockdep_hardirqs_on+0x95/0x140 [ 52.602872][ T3623] ? _raw_spin_unlock_irqrestore+0xd9/0x130 [ 52.608758][ T3623] ? _raw_spin_unlock+0x40/0x40 [ 52.613600][ T3623] ? stack_trace_save+0x12d/0x1f0 [ 52.618620][ T3623] ? stack_trace_snprint+0xf0/0xf0 [ 52.623725][ T3623] ? __stack_depot_save+0x41c/0x4a0 [ 52.628935][ T3623] ? __kmem_cache_free+0x71/0x110 [ 52.633967][ T3623] ? kasan_set_track+0x61/0x70 [ 52.638736][ T3623] ? kasan_set_track+0x4c/0x70 [ 52.643499][ T3623] ? kasan_save_free_info+0x27/0x40 [ 52.648693][ T3623] ? ____kasan_slab_free+0xd6/0x120 [ 52.653883][ T3623] ? slab_free_freelist_hook+0x12e/0x1a0 [ 52.659511][ T3623] ? __kmem_cache_free+0x71/0x110 [ 52.664524][ T3623] ? nfc_llcp_build_gb+0x499/0x710 [ 52.669626][ T3623] ? nfc_llcp_general_bytes+0xda/0x160 [ 52.675073][ T3623] ? nci_start_poll+0x4ce/0xef0 [ 52.679912][ T3623] ? mark_lock+0x9a/0x350 [ 52.684233][ T3623] __lock_acquire+0x1292/0x1f60 [ 52.689082][ T3623] lock_acquire+0x1a7/0x400 [ 52.693574][ T3623] ? nci_start_poll+0x57a/0xef0 [ 52.698415][ T3623] ? read_lock_is_recursive+0x10/0x10 [ 52.703778][ T3623] ? __might_sleep+0xc0/0xc0 [ 52.708375][ T3623] ? slab_free_freelist_hook+0x12e/0x1a0 [ 52.714009][ T3623] ? trace_kmalloc+0x30/0xf0 [ 52.718603][ T3623] ? nfc_llcp_build_gb+0x499/0x710 [ 52.723713][ T3623] __mutex_lock_common+0x1de/0x26c0 [ 52.728909][ T3623] ? nci_start_poll+0x57a/0xef0 [ 52.733750][ T3623] ? nfc_llcp_build_gb+0x499/0x710 [ 52.738861][ T3623] ? nci_start_poll+0x57a/0xef0 [ 52.743702][ T3623] ? nfc_llcp_general_bytes+0x160/0x160 [ 52.749244][ T3623] ? mutex_lock_io_nested+0x60/0x60 [ 52.754435][ T3623] mutex_lock_nested+0x17/0x20 [ 52.759191][ T3623] nci_start_poll+0x57a/0xef0 [ 52.763860][ T3623] ? nci_dev_down+0x40/0x40 [ 52.768356][ T3623] ? __mutex_lock_common+0x45d/0x26c0 [ 52.773720][ T3623] ? __mutex_lock_common+0x45d/0x26c0 [ 52.779080][ T3623] ? class_find_device+0x280/0x2d0 [ 52.784184][ T3623] ? nfc_get_device+0xf0/0xf0 [ 52.788851][ T3623] ? nfc_start_poll+0x61/0x2f0 [ 52.793607][ T3623] ? mutex_lock_io_nested+0x60/0x60 [ 52.798791][ T3623] ? mutex_lock_io_nested+0x60/0x60 [ 52.803979][ T3623] ? nfc_get_device+0x93/0xf0 [ 52.808658][ T3623] nfc_start_poll+0x185/0x2f0 [ 52.813325][ T3623] nfc_genl_start_poll+0x1df/0x340 [ 52.818431][ T3623] genl_rcv_msg+0xc02/0xf60 [ 52.822926][ T3623] ? kernel_text_address+0x9e/0xd0 [ 52.828028][ T3623] ? genl_bind+0x370/0x370 [ 52.832437][ T3623] ? mark_lock+0x9a/0x350 [ 52.836771][ T3623] ? mark_lock+0x9a/0x350 [ 52.841094][ T3623] ? nfc_genl_dev_down+0xc0/0xc0 [ 52.846027][ T3623] netlink_rcv_skb+0x1f0/0x460 [ 52.850783][ T3623] ? genl_bind+0x370/0x370 [ 52.855193][ T3623] ? netlink_ack+0xef0/0xef0 [ 52.859778][ T3623] ? __down_read_common+0x156/0x2a0 [ 52.864964][ T3623] genl_rcv+0x24/0x40 [ 52.868937][ T3623] netlink_unicast+0x7e7/0x9c0 [ 52.873696][ T3623] ? netlink_detachskb+0xa0/0xa0 [ 52.878623][ T3623] ? __phys_addr_symbol+0x2b/0x70 [ 52.883636][ T3623] ? 0xffffffff81000000 [ 52.887778][ T3623] ? __check_object_size+0x15a/0x210 [ 52.893050][ T3623] ? bpf_lsm_netlink_send+0x5/0x10 [ 52.898155][ T3623] netlink_sendmsg+0x9b3/0xcd0 [ 52.902913][ T3623] ? netlink_getsockopt+0x9c0/0x9c0 [ 52.908112][ T3623] ? bpf_lsm_socket_sendmsg+0x5/0x10 [ 52.913388][ T3623] ? security_socket_sendmsg+0x9d/0xb0 [ 52.918839][ T3623] ? netlink_getsockopt+0x9c0/0x9c0 [ 52.924034][ T3623] ____sys_sendmsg+0x597/0x8e0 [ 52.928791][ T3623] ? __sys_sendmsg_sock+0x30/0x30 [ 52.933812][ T3623] __sys_sendmsg+0x28e/0x390 [ 52.938392][ T3623] ? ____sys_sendmsg+0x8e0/0x8e0 [ 52.943331][ T3623] ? do_notify_parent+0xeb0/0xeb0 [ 52.948345][ T3623] ? lockdep_hardirqs_on_prepare+0x448/0x7b0 [ 52.954320][ T3623] ? syscall_enter_from_user_mode+0x2e/0x1d0 [ 52.960293][ T3623] ? syscall_enter_from_user_mode+0x86/0x1d0 [ 52.966263][ T3623] do_syscall_64+0x2b/0x70 [ 52.970667][ T3623] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 52.976553][ T3623] RIP: 0033:0x7ff50a3c2639 [ 52.980954][ T3623] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 41 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 53.000547][ T3623] RSP: 002b:00007ff50a373318 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 53.008949][ T3623] RAX: ffffffffffffffda RBX: 00007ff50a44a428 RCX: 00007ff50a3c2639 [ 53.016906][ T3623] RDX: 0000000000000000 RSI: 0000000020000440 RDI: 0000000000000004 [ 53.024864][ T3623] RBP: 00007ff50a44a420 R08: 0000000000000003 R09: 0000000000000000 [pid 3623] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="\x24\x00\x00\x00\x1d\x00\x01\x00\x23\x01\x00\x00\x34\x02\x00\x00\x06\x00\x00\x00\x08\x00\x01\x00\x02\x00\x00\x00\x08\x00\x03\x00\xff\xff\xff\xff", iov_len=36}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0 [pid 3622] futex(0x7ff50a44a42c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 3627] <... futex resumed>) = 1 [ 53.032822][ T3623] R10: 0000000000000008 R11: 0000000000000246 R12: 00007ff50a418064 [ 53.040777][ T3623] R13: 00007ffeeffb422f R14: 00007ff50a373400 R15: 0000000000022000 [ 53.048742][ T3623] [pid 3627] futex(0x7ff50a44a438, FUTEX_WAIT_PRIVATE, 0, NULL [pid 3622] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 3622] exit_group(0) = ? [pid 3627] <... futex resumed>) = ? [pid 3627] +++ exited with 0 +++ [pid 3623] <... sendmsg resumed>) = ? [ 53.221854][ T3623] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512 [ 53.230684][ T3623] nci: nci_start_poll: failed to set local general bytes [pid 3614] kill(-3622, SIGKILL) = 0 [pid 3614] kill(3622, SIGKILL) = 0 [pid 3614] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 3614] fstat(3, {st_mode=S_IFDIR|0755, st_size=0, ...}) = 0 [pid 3614] getdents64(3, 0x555556de8620 /* 2 entries */, 32768) = 48 [pid 3614] getdents64(3, 0x555556de8620 /* 0 entries */, 32768) = 0 [pid 3614] close(3) = 0 [pid 3623] +++ exited with 0 +++ [pid 3622] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3622, si_uid=0, si_status=0, si_utime=0, si_stime=110} --- clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556de75d0) = 3629 ./strace-static-x86_64: Process 3629 attached [pid 3629] set_robust_list(0x555556de75e0, 24) = 0 [pid 3629] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3629] setpgid(0, 0) = 0 [pid 3629] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3629] write(3, "1000", 4) = 4 [pid 3629] close(3) = 0 [pid 3629] futex(0x7ff50a44a42c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3629] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7ff50a353000 [pid 3629] mprotect(0x7ff50a354000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 3629] clone(child_stack=0x7ff50a3733f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[3631], tls=0x7ff50a373700, child_tidptr=0x7ff50a3739d0) = 3631 [pid 3629] futex(0x7ff50a44a428, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3629] futex(0x7ff50a44a42c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 3631 attached [pid 3631] set_robust_list(0x7ff50a3739e0, 24) = 0 [pid 3631] openat(AT_FDCWD, "/dev/virtual_nci", O_RDWR) = 3 [pid 3631] futex(0x7ff50a44a42c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 3629] <... futex resumed>) = 0 [pid 3629] futex(0x7ff50a44a428, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3629] futex(0x7ff50a44a42c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 3631] ioctl(3, _IOC(_IOC_NONE, 0, 0, 0), 0x200000c0) = 0 [pid 3631] futex(0x7ff50a44a42c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 3629] <... futex resumed>) = 0 [pid 3629] futex(0x7ff50a44a428, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3629] futex(0x7ff50a44a42c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 3631] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC) = 4 [pid 3631] futex(0x7ff50a44a42c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 3629] <... futex resumed>) = 0 [pid 3629] futex(0x7ff50a44a428, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3629] futex(0x7ff50a44a42c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 3631] sendto(4, [{nlmsg_len=28, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x03\x00\x00\x00\x08\x00\x02\x00\x6e\x66\x63\x00"], 28, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 28 [pid 3631] recvfrom(4, [{nlmsg_len=472, nlmsg_type=nlctrl, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=3629}, "\x01\x02\x00\x00\x08\x00\x02\x00\x6e\x66\x63\x00\x06\x00\x01\x00\x1d\x00\x00\x00\x08\x00\x03\x00\x01\x00\x00\x00\x08\x00\x04\x00\x00\x00\x00\x00\x08\x00\x05\x00\x1f\x00\x00\x00\x80\x01\x06\x00\x14\x00\x01\x00\x08\x00\x01\x00\x01\x00\x00\x00\x08\x00\x02\x00\x0e\x00\x00\x00\x14\x00\x02\x00\x08\x00\x01\x00\x02\x00\x00\x00\x08\x00\x02\x00\x0b\x00\x00\x00\x14\x00\x03\x00\x08\x00\x01\x00\x03\x00\x00\x00"...], 4096, 0, NULL, NULL) = 472 [pid 3631] recvfrom(4, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=3629}, {error=0, msg={nlmsg_len=28, nlmsg_type=nlctrl, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36 [pid 3631] futex(0x7ff50a44a42c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 3629] <... futex resumed>) = 0 [pid 3631] futex(0x7ff50a44a428, FUTEX_WAIT_PRIVATE, 0, NULL [pid 3629] futex(0x7ff50a44a428, FUTEX_WAKE_PRIVATE, 1000000 [pid 3631] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 3629] <... futex resumed>) = 0 [pid 3631] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="\x1c\x00\x00\x00\x1d\x00\x01\x00\x23\x01\x00\x00\x34\x02\x00\x00\x02\x00\x00\x00\x08\x00\x01\x00\x02\x00\x00\x00", iov_len=28}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0 [ 58.260627][ T3623] nci: __nci_request: wait_for_completion_interruptible_timeout failed 0 [pid 3629] futex(0x7ff50a44a42c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 3629] futex(0x7ff50a44a43c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3629] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7ff50a332000 [pid 3629] mprotect(0x7ff50a333000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 3629] clone(child_stack=0x7ff50a3523f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[3635], tls=0x7ff50a352700, child_tidptr=0x7ff50a3529d0) = 3635 [pid 3629] futex(0x7ff50a44a438, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3629] futex(0x7ff50a44a43c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 3635 attached [pid 3635] set_robust_list(0x7ff50a3529e0, 24) = 0 [pid 3635] write(3, "\x40\x00\x00\x00\x00\x00", 6) = 6 [pid 3635] futex(0x7ff50a44a43c, FUTEX_WAKE_PRIVATE, 1000000 [pid 3629] <... futex resumed>) = 0 [pid 3629] futex(0x7ff50a44a438, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3629] futex(0x7ff50a44a43c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 3635] <... futex resumed>) = 1 [pid 3635] write(3, "\x40\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 20) = 20 [pid 3635] futex(0x7ff50a44a43c, FUTEX_WAKE_PRIVATE, 1000000 [pid 3629] <... futex resumed>) = 0 [pid 3629] futex(0x7ff50a44a438, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3629] futex(0x7ff50a44a43c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 3635] <... futex resumed>) = 1 [pid 3635] write(3, "\x41\x00\x00\x00", 4 [pid 3631] <... sendmsg resumed>) = 28 [pid 3631] futex(0x7ff50a44a42c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 3631] futex(0x7ff50a44a428, FUTEX_WAIT_PRIVATE, 0, NULL [pid 3635] <... write resumed>) = 4 [pid 3635] futex(0x7ff50a44a43c, FUTEX_WAKE_PRIVATE, 1000000 [pid 3629] <... futex resumed>) = 0 [pid 3629] futex(0x7ff50a44a428, FUTEX_WAKE_PRIVATE, 1000000 [pid 3631] <... futex resumed>) = 0 [pid 3629] <... futex resumed>) = 1 [pid 3631] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="\x24\x00\x00\x00\x1d\x00\x01\x00\x23\x01\x00\x00\x34\x02\x00\x00\x06\x00\x00\x00\x08\x00\x01\x00\x02\x00\x00\x00\x08\x00\x03\x00\xff\xff\xff\xff", iov_len=36}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0 [pid 3629] futex(0x7ff50a44a42c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 3635] <... futex resumed>) = 1 [pid 3635] futex(0x7ff50a44a438, FUTEX_WAIT_PRIVATE, 0, NULL [pid 3629] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 3629] exit_group(0 [pid 3635] <... futex resumed>) = ? [pid 3629] <... exit_group resumed>) = ? [pid 3635] +++ exited with 0 +++ [pid 3631] <... sendmsg resumed>) = ? [ 58.524031][ T3631] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512 [ 58.533221][ T3631] nci: nci_start_poll: failed to set local general bytes