Warning: Permanently added '10.128.0.153' (ECDSA) to the list of known hosts.
executing program
executing program
syzkaller login: [   53.155375][ T3547] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
executing program
[   53.402864][ T3554] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[   53.484346][ T3564] 
[   53.486706][ T3564] ======================================================
[   53.493711][ T3564] WARNING: possible circular locking dependency detected
[   53.500711][ T3564] 6.1.34-syzkaller #0 Not tainted
[   53.505716][ T3564] ------------------------------------------------------
[   53.512740][ T3564] syz-executor251/3564 is trying to acquire lock:
[   53.519135][ T3564] ffff88801929f350 (&ndev->req_lock){+.+.}-{3:3}, at: nci_start_poll+0x59f/0xf20
[   53.528267][ T3564] 
[   53.528267][ T3564] but task is already holding lock:
[   53.535869][ T3564] ffff888019290508 (&genl_data->genl_data_mutex){+.+.}-{3:3}, at: nfc_genl_start_poll+0x1da/0x350
[   53.546544][ T3564] 
[   53.546544][ T3564] which lock already depends on the new lock.
[   53.546544][ T3564] 
[   53.556933][ T3564] 
[   53.556933][ T3564] the existing dependency chain (in reverse order) is:
[   53.565925][ T3564] 
[   53.565925][ T3564] -> #3 (&genl_data->genl_data_mutex){+.+.}-{3:3}:
[   53.574592][ T3564]        lock_acquire+0x1f8/0x5a0
[   53.579598][ T3564]        __mutex_lock_common+0x1d4/0x2520
[   53.585400][ T3564]        mutex_lock_nested+0x17/0x20
[   53.590667][ T3564]        nfc_urelease_event_work+0x113/0x2f0
[   53.596629][ T3564]        process_one_work+0x8aa/0x11f0
[   53.602070][ T3564]        worker_thread+0xa5f/0x1210
[   53.607252][ T3564]        kthread+0x26e/0x300
[   53.611854][ T3564]        ret_from_fork+0x1f/0x30
[   53.616774][ T3564] 
[   53.616774][ T3564] -> #2 (nfc_devlist_mutex){+.+.}-{3:3}:
[   53.624567][ T3564]        lock_acquire+0x1f8/0x5a0
[   53.629573][ T3564]        __mutex_lock_common+0x1d4/0x2520
[   53.635279][ T3564]        mutex_lock_nested+0x17/0x20
[   53.640730][ T3564]        nfc_register_device+0x38/0x310
[   53.646283][ T3564]        nci_register_device+0x7be/0x900
[   53.652087][ T3564]        virtual_ncidev_open+0x55/0xc0
[   53.657907][ T3564]        misc_open+0x304/0x380
[   53.662688][ T3564]        chrdev_open+0x54a/0x630
[   53.667618][ T3564]        do_dentry_open+0x7f9/0x10f0
[   53.672902][ T3564]        path_openat+0x2644/0x2e60
[   53.678018][ T3564]        do_filp_open+0x230/0x480
[   53.683025][ T3564]        do_sys_openat2+0x13b/0x500
[   53.688208][ T3564]        __x64_sys_openat+0x243/0x290
[   53.693580][ T3564]        do_syscall_64+0x3d/0xb0
[   53.698507][ T3564]        entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   53.704989][ T3564] 
[   53.704989][ T3564] -> #1 (nci_mutex){+.+.}-{3:3}:
[   53.712092][ T3564]        lock_acquire+0x1f8/0x5a0
[   53.717111][ T3564]        __mutex_lock_common+0x1d4/0x2520
[   53.722826][ T3564]        mutex_lock_nested+0x17/0x20
[   53.728139][ T3564]        virtual_nci_close+0x13/0x40
[   53.733415][ T3564]        nci_dev_up+0x954/0xd40
[   53.738339][ T3564]        nfc_dev_up+0x185/0x330
[   53.743700][ T3564]        nfc_genl_dev_up+0x80/0xd0
[   53.748797][ T3564]        genl_rcv_msg+0xc1a/0xf70
[   53.753805][ T3564]        netlink_rcv_skb+0x1cd/0x410
[   53.759075][ T3564]        genl_rcv+0x24/0x40
[   53.763563][ T3564]        netlink_unicast+0x7bf/0x990
[   53.768834][ T3564]        netlink_sendmsg+0xa26/0xd60
[   53.774108][ T3564]        ____sys_sendmsg+0x59e/0x8f0
[   53.779406][ T3564]        __sys_sendmsg+0x2a9/0x390
[   53.784599][ T3564]        do_syscall_64+0x3d/0xb0
[   53.789619][ T3564]        entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   53.796016][ T3564] 
[   53.796016][ T3564] -> #0 (&ndev->req_lock){+.+.}-{3:3}:
[   53.803656][ T3564]        validate_chain+0x1667/0x58e0
[   53.809037][ T3564]        __lock_acquire+0x125b/0x1f80
[   53.814390][ T3564]        lock_acquire+0x1f8/0x5a0
[   53.819394][ T3564]        __mutex_lock_common+0x1d4/0x2520
[   53.825095][ T3564]        mutex_lock_nested+0x17/0x20
[   53.830364][ T3564]        nci_start_poll+0x59f/0xf20
[   53.835547][ T3564]        nfc_start_poll+0x184/0x2f0
[   53.840811][ T3564]        nfc_genl_start_poll+0x1e7/0x350
[   53.846513][ T3564]        genl_rcv_msg+0xc1a/0xf70
[   53.851517][ T3564]        netlink_rcv_skb+0x1cd/0x410
[   53.856870][ T3564]        genl_rcv+0x24/0x40
[   53.861370][ T3564]        netlink_unicast+0x7bf/0x990
[   53.866741][ T3564]        netlink_sendmsg+0xa26/0xd60
[   53.872095][ T3564]        ____sys_sendmsg+0x59e/0x8f0
[   53.877459][ T3564]        __sys_sendmsg+0x2a9/0x390
[   53.882738][ T3564]        do_syscall_64+0x3d/0xb0
[   53.888098][ T3564]        entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   53.894500][ T3564] 
[   53.894500][ T3564] other info that might help us debug this:
[   53.894500][ T3564] 
[   53.904716][ T3564] Chain exists of:
[   53.904716][ T3564]   &ndev->req_lock --> nfc_devlist_mutex --> &genl_data->genl_data_mutex
[   53.904716][ T3564] 
[   53.918967][ T3564]  Possible unsafe locking scenario:
[   53.918967][ T3564] 
[   53.926411][ T3564]        CPU0                    CPU1
[   53.932054][ T3564]        ----                    ----
[   53.937674][ T3564]   lock(&genl_data->genl_data_mutex);
[   53.943123][ T3564]                                lock(nfc_devlist_mutex);
[   53.950217][ T3564]                                lock(&genl_data->genl_data_mutex);
[   53.958264][ T3564]   lock(&ndev->req_lock);
[   53.962706][ T3564] 
[   53.962706][ T3564]  *** DEADLOCK ***
[   53.962706][ T3564] 
[   53.971439][ T3564] 4 locks held by syz-executor251/3564:
[   53.977418][ T3564]  #0: ffffffff8e0fbed0 (cb_lock){++++}-{3:3}, at: genl_rcv+0x15/0x40
[   53.985583][ T3564]  #1: ffffffff8e0fbd88 (genl_mutex){+.+.}-{3:3}, at: genl_rcv_msg+0x125/0xf70
[   53.994529][ T3564]  #2: ffff888019290508 (&genl_data->genl_data_mutex){+.+.}-{3:3}, at: nfc_genl_start_poll+0x1da/0x350
[   54.005557][ T3564]  #3: ffff888019290100 (&dev->mutex){....}-{3:3}, at: nfc_start_poll+0x56/0x2f0
[   54.015107][ T3564] 
[   54.015107][ T3564] stack backtrace:
[   54.021499][ T3564] CPU: 0 PID: 3564 Comm: syz-executor251 Not tainted 6.1.34-syzkaller #0
[   54.030066][ T3564] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/27/2023
[   54.040283][ T3564] Call Trace:
[   54.044107][ T3564]  <TASK>
[   54.047111][ T3564]  dump_stack_lvl+0x1e3/0x2cb
[   54.051838][ T3564]  ? nf_tcp_handle_invalid+0x642/0x642
[   54.057289][ T3564]  ? print_circular_bug+0x12b/0x1a0
[   54.062597][ T3564]  check_noncircular+0x2fa/0x3b0
[   54.067619][ T3564]  ? add_chain_block+0x850/0x850
[   54.072638][ T3564]  ? lockdep_lock+0x11f/0x2a0
[   54.077305][ T3564]  ? _find_first_zero_bit+0xd0/0x100
[   54.082578][ T3564]  validate_chain+0x1667/0x58e0
[   54.087418][ T3564]  ? do_raw_spin_unlock+0x137/0x8a0
[   54.092604][ T3564]  ? reacquire_held_locks+0x660/0x660
[   54.097967][ T3564]  ? _raw_spin_unlock_irqrestore+0xd9/0x130
[   54.103847][ T3564]  ? _raw_spin_unlock+0x40/0x40
[   54.108682][ T3564]  ? stack_trace_save+0x113/0x1c0
[   54.113776][ T3564]  ? stack_trace_snprint+0xe0/0xe0
[   54.118871][ T3564]  ? __stack_depot_save+0x3f5/0x470
[   54.124057][ T3564]  ? nfc_llcp_build_gb+0x4a2/0x710
[   54.129161][ T3564]  ? kasan_set_track+0x60/0x70
[   54.133919][ T3564]  ? kasan_save_free_info+0x27/0x40
[   54.139106][ T3564]  ? mark_lock+0x9a/0x340
[   54.143421][ T3564]  ? nfc_genl_start_poll+0x1e7/0x350
[   54.148695][ T3564]  __lock_acquire+0x125b/0x1f80
[   54.153624][ T3564]  lock_acquire+0x1f8/0x5a0
[   54.158109][ T3564]  ? nci_start_poll+0x59f/0xf20
[   54.162947][ T3564]  ? read_lock_is_recursive+0x10/0x10
[   54.168567][ T3564]  ? __might_sleep+0xb0/0xb0
[   54.173145][ T3564]  ? kasan_quarantine_put+0xd4/0x220
[   54.178415][ T3564]  ? lockdep_hardirqs_on+0x94/0x130
[   54.183606][ T3564]  __mutex_lock_common+0x1d4/0x2520
[   54.188791][ T3564]  ? nci_start_poll+0x59f/0xf20
[   54.193630][ T3564]  ? nfc_llcp_build_gb+0x4a2/0x710
[   54.198727][ T3564]  ? nci_start_poll+0x59f/0xf20
[   54.203570][ T3564]  ? nfc_llcp_general_bytes+0x140/0x140
[   54.209106][ T3564]  ? mutex_lock_io_nested+0x60/0x60
[   54.214378][ T3564]  ? read_lock_is_recursive+0x10/0x10
[   54.219827][ T3564]  mutex_lock_nested+0x17/0x20
[   54.224612][ T3564]  nci_start_poll+0x59f/0xf20
[   54.229364][ T3564]  ? nci_dev_down+0x40/0x40
[   54.234061][ T3564]  ? __mutex_lock_common+0x429/0x2520
[   54.239507][ T3564]  ? __mutex_lock_common+0x429/0x2520
[   54.244875][ T3564]  ? class_find_device+0x273/0x2c0
[   54.249989][ T3564]  ? nfc_get_device+0xf0/0xf0
[   54.254665][ T3564]  ? nfc_start_poll+0x56/0x2f0
[   54.259689][ T3564]  ? class_for_each_device+0x2b0/0x2b0
[   54.265348][ T3564]  ? mutex_lock_io_nested+0x60/0x60
[   54.270627][ T3564]  ? mutex_lock_io_nested+0x60/0x60
[   54.276252][ T3564]  ? nfc_get_device+0x94/0xf0
[   54.281003][ T3564]  nfc_start_poll+0x184/0x2f0
[   54.285667][ T3564]  nfc_genl_start_poll+0x1e7/0x350
[   54.290855][ T3564]  genl_rcv_msg+0xc1a/0xf70
[   54.295346][ T3564]  ? kernel_text_address+0x9f/0xd0
[   54.300534][ T3564]  ? genl_bind+0x360/0x360
[   54.305034][ T3564]  ? mark_lock+0x9a/0x340
[   54.309347][ T3564]  ? mark_lock+0x9a/0x340
[   54.313660][ T3564]  ? __lock_acquire+0x125b/0x1f80
[   54.318858][ T3564]  ? nfc_genl_dev_down+0xd0/0xd0
[   54.323873][ T3564]  netlink_rcv_skb+0x1cd/0x410
[   54.328623][ T3564]  ? genl_bind+0x360/0x360
[   54.333115][ T3564]  ? netlink_ack+0xe60/0xe60
[   54.337703][ T3564]  ? down_read+0x1b1/0x2e0
[   54.342454][ T3564]  ? genl_rcv+0x9/0x40
[   54.346632][ T3564]  genl_rcv+0x24/0x40
[   54.350947][ T3564]  netlink_unicast+0x7bf/0x990
[   54.355798][ T3564]  ? netlink_detachskb+0x90/0x90
[   54.360912][ T3564]  ? __phys_addr_symbol+0x2b/0x70
[   54.366017][ T3564]  ? bpf_lsm_netlink_send+0x5/0x10
[   54.371120][ T3564]  netlink_sendmsg+0xa26/0xd60
[   54.375882][ T3564]  ? netlink_getsockopt+0x5b0/0x5b0
[   54.381064][ T3564]  ? aa_sock_msg_perm+0x91/0x150
[   54.385996][ T3564]  ? bpf_lsm_socket_sendmsg+0x5/0x10
[   54.391265][ T3564]  ? security_socket_sendmsg+0x7d/0xa0
[   54.396712][ T3564]  ? netlink_getsockopt+0x5b0/0x5b0
[   54.401894][ T3564]  ____sys_sendmsg+0x59e/0x8f0
[   54.406648][ T3564]  ? __sys_sendmsg_sock+0x30/0x30
[   54.411666][ T3564]  __sys_sendmsg+0x2a9/0x390
[   54.416332][ T3564]  ? ____sys_sendmsg+0x8f0/0x8f0
[   54.421284][ T3564]  ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[   54.427341][ T3564]  ? syscall_enter_from_user_mode+0x2e/0x220
[   54.433316][ T3564]  ? lockdep_hardirqs_on+0x94/0x130
[   54.438528][ T3564]  ? syscall_enter_from_user_mode+0x2e/0x220
[   54.444585][ T3564]  do_syscall_64+0x3d/0xb0
[   54.449010][ T3564]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   54.454907][ T3564] RIP: 0033:0x7f99e6307649
[   54.459319][ T3564] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 41 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[   54.479093][ T3564] RSP: 002b:00007f99e6297318 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   54.487519][ T3564] RAX: ffffffffffffffda RBX: 00007f99e638f438 RCX: 00007f99e6307649
[   54.495483][ T3564] RDX: 0000000000000000 RSI: 0000000020000440 RDI: 0000000000000004
[   54.503448][ T3564] RBP: 00007f99e638f430 R08: 0000000000000003 R09: 0000000000000000
[   54.511590][ T3564] R10: 0000000000000008 R11: 0000000000000246 R12: 00007f99e635d074
[   54.520156][ T3564] R13: 00007ffff709079f R14: 00007f99e6297400 R15: 0000000000022000
[   54.528305][ T3564]  </TASK>
[   54.643715][ T3564] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[   54.652995][ T3564] nci: nci_start_poll: failed to set local general bytes
executing program
[   59.662413][ T3564] nci: __nci_request: wait_for_completion_interruptible_timeout failed 0
[   59.895463][ T3567] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[   59.909851][ T3567] nci: nci_start_poll: failed to set local general bytes