[ 9.531354][ T2610] 8021q: adding VLAN 0 to HW filter on device bond0 [ 9.540884][ T2610] eql: remember to turn off Van-Jacobson compression on your slave devices [ 9.566942][ T127] gvnic 0000:00:00.0 enp0s0: Device link is up. [ 9.569810][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): enp0s0: link becomes ready Starting sshd: OK syzkaller Warning: Permanently added '10.128.1.4' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 58.402230][ T3038] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512 [ 58.404592][ T3038] nci: nci_start_poll: failed to set local general bytes [ 63.444497][ T3038] nci: __nci_request: wait_for_completion_interruptible_timeout failed 0 [ 63.446914][ T3038] [ 63.447524][ T3038] ====================================================== [ 63.449336][ T3038] WARNING: possible circular locking dependency detected [ 63.451142][ T3038] 6.1.0-rc5-syzkaller-32254-g9e4ce762f0e7 #0 Not tainted [ 63.452957][ T3038] ------------------------------------------------------ [ 63.454902][ T3038] syz-executor209/3038 is trying to acquire lock: [ 63.456584][ T3038] ffff80000d5e93e0 (nci_mutex){+.+.}-{3:3}, at: virtual_nci_close+0x28/0x58 [ 63.458967][ T3038] [ 63.458967][ T3038] but task is already holding lock: [ 63.460918][ T3038] ffff0000cb6dab50 (&ndev->req_lock){+.+.}-{3:3}, at: nci_close_device+0x74/0x2b4 [ 63.463374][ T3038] [ 63.463374][ T3038] which lock already depends on the new lock. [ 63.463374][ T3038] [ 63.466160][ T3038] [ 63.466160][ T3038] the existing dependency chain (in reverse order) is: [ 63.468565][ T3038] [ 63.468565][ T3038] -> #3 (&ndev->req_lock){+.+.}-{3:3}: [ 63.470588][ T3038] __mutex_lock_common+0xd4/0xca8 [ 63.472065][ T3038] mutex_lock_nested+0x38/0x44 [ 63.473443][ T3038] nci_set_local_general_bytes+0xbc/0x480 [ 63.475120][ T3038] nci_start_poll+0x1e8/0x474 [ 63.476516][ T3038] nfc_start_poll+0xfc/0x170 [ 63.477865][ T3038] nfc_genl_start_poll+0xd4/0x174 [ 63.479339][ T3038] genl_rcv_msg+0x458/0x4f4 [ 63.480648][ T3038] netlink_rcv_skb+0xe8/0x1d4 [ 63.481999][ T3038] genl_rcv+0x38/0x50 [ 63.483193][ T3038] netlink_unicast_kernel+0xfc/0x1dc [ 63.484711][ T3038] netlink_unicast+0x164/0x248 [ 63.486092][ T3038] netlink_sendmsg+0x484/0x584 [ 63.487489][ T3038] ____sys_sendmsg+0x2f8/0x440 [ 63.488857][ T3038] __sys_sendmsg+0x1ac/0x228 [ 63.490390][ T3038] __arm64_sys_sendmsg+0x2c/0x3c [ 63.491850][ T3038] el0_svc_common+0x138/0x220 [ 63.493332][ T3038] do_el0_svc+0x48/0x164 [ 63.494611][ T3038] el0_svc+0x58/0x150 [ 63.495778][ T3038] el0t_64_sync_handler+0x84/0xf0 [ 63.497234][ T3038] el0t_64_sync+0x190/0x194 [ 63.498538][ T3038] [ 63.498538][ T3038] -> #2 (&genl_data->genl_data_mutex){+.+.}-{3:3}: [ 63.500833][ T3038] __mutex_lock_common+0xd4/0xca8 [ 63.502318][ T3038] mutex_lock_nested+0x38/0x44 [ 63.503686][ T3038] nfc_urelease_event_work+0x88/0x16c [ 63.505257][ T3038] process_one_work+0x2d8/0x504 [ 63.506666][ T3038] worker_thread+0x340/0x610 [ 63.508001][ T3038] kthread+0x12c/0x158 [ 63.509233][ T3038] ret_from_fork+0x10/0x20 [ 63.510522][ T3038] [ 63.510522][ T3038] -> #1 (nfc_devlist_mutex){+.+.}-{3:3}: [ 63.512590][ T3038] __mutex_lock_common+0xd4/0xca8 [ 63.514037][ T3038] mutex_lock_nested+0x38/0x44 [ 63.515444][ T3038] nfc_register_device+0x34/0x208 [ 63.516921][ T3038] nci_register_device+0x338/0x3b0 [ 63.518416][ T3038] virtual_ncidev_open+0x6c/0xd8 [ 63.519860][ T3038] misc_open+0x1b8/0x200 [ 63.521110][ T3038] chrdev_open+0x2b4/0x2e8 [ 63.522437][ T3038] do_dentry_open+0x364/0x748 [ 63.523799][ T3038] vfs_open+0x38/0x48 [ 63.524992][ T3038] path_openat+0xe34/0x11c4 [ 63.526316][ T3038] do_filp_open+0xdc/0x1b8 [ 63.527602][ T3038] do_sys_openat2+0xb8/0x22c [ 63.529094][ T3038] __arm64_sys_openat+0xb0/0xe0 [ 63.530537][ T3038] el0_svc_common+0x138/0x220 [ 63.531905][ T3038] do_el0_svc+0x48/0x164 [ 63.533162][ T3038] el0_svc+0x58/0x150 [ 63.534370][ T3038] el0t_64_sync_handler+0x84/0xf0 [ 63.535825][ T3038] el0t_64_sync+0x190/0x194 [ 63.537157][ T3038] [ 63.537157][ T3038] -> #0 (nci_mutex){+.+.}-{3:3}: [ 63.539035][ T3038] __lock_acquire+0x1530/0x3084 [ 63.540456][ T3038] lock_acquire+0x100/0x1f8 [ 63.541810][ T3038] __mutex_lock_common+0xd4/0xca8 [ 63.543325][ T3038] mutex_lock_nested+0x38/0x44 [ 63.544705][ T3038] virtual_nci_close+0x28/0x58 [ 63.546114][ T3038] nci_close_device+0x188/0x2b4 [ 63.547538][ T3038] nci_unregister_device+0x3c/0x100 [ 63.549099][ T3038] virtual_ncidev_close+0x70/0xb0 [ 63.550572][ T3038] __fput+0x198/0x3e4 [ 63.551784][ T3038] ____fput+0x20/0x30 [ 63.552990][ T3038] task_work_run+0x100/0x148 [ 63.554344][ T3038] do_exit+0x2dc/0xcac [ 63.555571][ T3038] do_group_exit+0x98/0xcc [ 63.556870][ T3038] get_signal+0xabc/0xb2c [ 63.558145][ T3038] do_signal+0x128/0x438 [ 63.559399][ T3038] do_notify_resume+0xc0/0x1f0 [ 63.560786][ T3038] el0_svc+0x9c/0x150 [ 63.562026][ T3038] el0t_64_sync_handler+0x84/0xf0 [ 63.563509][ T3038] el0t_64_sync+0x190/0x194 [ 63.564828][ T3038] [ 63.564828][ T3038] other info that might help us debug this: [ 63.564828][ T3038] [ 63.567721][ T3038] Chain exists of: [ 63.567721][ T3038] nci_mutex --> &genl_data->genl_data_mutex --> &ndev->req_lock [ 63.567721][ T3038] [ 63.571317][ T3038] Possible unsafe locking scenario: [ 63.571317][ T3038] [ 63.573255][ T3038] CPU0 CPU1 [ 63.574666][ T3038] ---- ---- [ 63.576074][ T3038] lock(&ndev->req_lock); [ 63.577218][ T3038] lock(&genl_data->genl_data_mutex); [ 63.579293][ T3038] lock(&ndev->req_lock); [ 63.581120][ T3038] lock(nci_mutex); [ 63.582147][ T3038] [ 63.582147][ T3038] *** DEADLOCK *** [ 63.582147][ T3038] [ 63.584326][ T3038] 1 lock held by syz-executor209/3038: [ 63.585778][ T3038] #0: ffff0000cb6dab50 (&ndev->req_lock){+.+.}-{3:3}, at: nci_close_device+0x74/0x2b4 [ 63.588321][ T3038] [ 63.588321][ T3038] stack backtrace: [ 63.589838][ T3038] CPU: 1 PID: 3038 Comm: syz-executor209 Not tainted 6.1.0-rc5-syzkaller-32254-g9e4ce762f0e7 #0 [ 63.592564][ T3038] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/30/2022 [ 63.595208][ T3038] Call trace: [ 63.596055][ T3038] dump_backtrace+0x1c4/0x1f0 [ 63.597279][ T3038] show_stack+0x2c/0x54 [ 63.598358][ T3038] dump_stack_lvl+0x104/0x16c [ 63.599574][ T3038] dump_stack+0x1c/0x58 [ 63.600648][ T3038] print_circular_bug+0x2c4/0x2c8 [ 63.601991][ T3038] check_noncircular+0x14c/0x154 [ 63.603281][ T3038] __lock_acquire+0x1530/0x3084 [ 63.604549][ T3038] lock_acquire+0x100/0x1f8 [ 63.605740][ T3038] __mutex_lock_common+0xd4/0xca8 [ 63.607058][ T3038] mutex_lock_nested+0x38/0x44 [ 63.608323][ T3038] virtual_nci_close+0x28/0x58 [ 63.609559][ T3038] nci_close_device+0x188/0x2b4 [ 63.610845][ T3038] nci_unregister_device+0x3c/0x100 [ 63.612233][ T3038] virtual_ncidev_close+0x70/0xb0 [ 63.613545][ T3038] __fput+0x198/0x3e4 [ 63.614618][ T3038] ____fput+0x20/0x30 [ 63.615659][ T3038] task_work_run+0x100/0x148 [ 63.616856][ T3038] do_exit+0x2dc/0xcac [ 63.617908][ T3038] do_group_exit+0x98/0xcc [ 63.619049][ T3038] get_signal+0xabc/0xb2c [ 63.620173][ T3038] do_signal+0x128/0x438 [ 63.621304][ T3038] do_notify_resume+0xc0/0x1f0 [ 63.622563][ T3038] el0_svc+0x9c/0x150 [ 63.623595][ T3038] el0t_64_sync_handler+0x84/0xf0 [ 63.624935][ T3038] el0t_64_sync+0x190/0x194 executing program [ 63.842302][ T3042] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512 [ 63.844693][ T3042] nci: nci_start_poll: failed to set local general bytes executing program [ 68.884472][ T3042] nci: __nci_request: wait_for_completion_interruptible_timeout failed 0 [ 69.098711][ T3054] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512 [ 69.101044][ T3054] nci: nci_start_poll: failed to set local general bytes [ 69.604552][ T2162] cfg80211: failed to load regulatory.db