Warning: Permanently added '10.128.0.37' (ECDSA) to the list of known hosts.
executing program
syzkaller login: [   69.597948][ T3631] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[   69.606854][ T3631] nci: nci_start_poll: failed to set local general bytes
[   74.678363][ T3631] nci: __nci_request: wait_for_completion_interruptible_timeout failed 0
[   74.686999][ T3631] 
[   74.689318][ T3631] ======================================================
[   74.696319][ T3631] WARNING: possible circular locking dependency detected
[   74.703323][ T3631] 6.1.20-syzkaller #0 Not tainted
[   74.708341][ T3631] ------------------------------------------------------
[   74.715433][ T3631] syz-executor133/3631 is trying to acquire lock:
[   74.721832][ T3631] ffffffff8d7caea8 (nci_mutex){+.+.}-{3:3}, at: virtual_nci_close+0x13/0x40
[   74.730545][ T3631] 
[   74.730545][ T3631] but task is already holding lock:
[   74.737996][ T3631] ffff888079dcc350 (&ndev->req_lock){+.+.}-{3:3}, at: nci_close_device+0x106/0x5f0
[   74.747315][ T3631] 
[   74.747315][ T3631] which lock already depends on the new lock.
[   74.747315][ T3631] 
[   74.757709][ T3631] 
[   74.757709][ T3631] the existing dependency chain (in reverse order) is:
[   74.766709][ T3631] 
[   74.766709][ T3631] -> #3 (&ndev->req_lock){+.+.}-{3:3}:
[   74.774344][ T3631]        lock_acquire+0x23a/0x630
[   74.779370][ T3631]        __mutex_lock_common+0x1d4/0x2520
[   74.785094][ T3631]        mutex_lock_nested+0x17/0x20
[   74.790389][ T3631]        nci_start_poll+0x59f/0xf20
[   74.795683][ T3631]        nfc_start_poll+0x184/0x2f0
[   74.800908][ T3631]        nfc_genl_start_poll+0x1e7/0x350
[   74.806543][ T3631]        genl_rcv_msg+0xc1a/0xf70
[   74.811567][ T3631]        netlink_rcv_skb+0x1cd/0x410
[   74.816859][ T3631]        genl_rcv+0x24/0x40
[   74.821359][ T3631]        netlink_unicast+0x7bf/0x990
[   74.826666][ T3631]        netlink_sendmsg+0xa26/0xd60
[   74.831950][ T3631]        ____sys_sendmsg+0x59e/0x8f0
[   74.837227][ T3631]        __sys_sendmsg+0x2a9/0x390
[   74.842345][ T3631]        do_syscall_64+0x3d/0xb0
[   74.847273][ T3631]        entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   74.853691][ T3631] 
[   74.853691][ T3631] -> #2 (&genl_data->genl_data_mutex){+.+.}-{3:3}:
[   74.862372][ T3631]        lock_acquire+0x23a/0x630
[   74.867484][ T3631]        __mutex_lock_common+0x1d4/0x2520
[   74.873199][ T3631]        mutex_lock_nested+0x17/0x20
[   74.878581][ T3631]        nfc_urelease_event_work+0x113/0x2f0
[   74.884549][ T3631]        process_one_work+0x909/0x1380
[   74.890002][ T3631]        worker_thread+0xa5f/0x1210
[   74.895211][ T3631]        kthread+0x268/0x300
[   74.899790][ T3631]        ret_from_fork+0x1f/0x30
[   74.904730][ T3631] 
[   74.904730][ T3631] -> #1 (nfc_devlist_mutex){+.+.}-{3:3}:
[   74.912550][ T3631]        lock_acquire+0x23a/0x630
[   74.917581][ T3631]        __mutex_lock_common+0x1d4/0x2520
[   74.923290][ T3631]        mutex_lock_nested+0x17/0x20
[   74.928577][ T3631]        nfc_register_device+0x38/0x310
[   74.934118][ T3631]        nci_register_device+0x7be/0x900
[   74.939853][ T3631]        virtual_ncidev_open+0x55/0xc0
[   74.945326][ T3631]        misc_open+0x304/0x380
[   74.950105][ T3631]        chrdev_open+0x54a/0x630
[   74.955052][ T3631]        do_dentry_open+0x7f9/0x10f0
[   74.960352][ T3631]        path_openat+0x2644/0x2e60
[   74.965458][ T3631]        do_filp_open+0x230/0x480
[   74.970477][ T3631]        do_sys_openat2+0x13b/0x500
[   74.975678][ T3631]        __x64_sys_openat+0x243/0x290
[   74.981084][ T3631]        do_syscall_64+0x3d/0xb0
[   74.986027][ T3631]        entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   74.992443][ T3631] 
[   74.992443][ T3631] -> #0 (nci_mutex){+.+.}-{3:3}:
[   74.999564][ T3631]        validate_chain+0x1667/0x58e0
[   75.004942][ T3631]        __lock_acquire+0x125b/0x1f80
[   75.010329][ T3631]        lock_acquire+0x23a/0x630
[   75.015365][ T3631]        __mutex_lock_common+0x1d4/0x2520
[   75.021079][ T3631]        mutex_lock_nested+0x17/0x20
[   75.026357][ T3631]        virtual_nci_close+0x13/0x40
[   75.031643][ T3631]        nci_close_device+0x3a8/0x5f0
[   75.037010][ T3631]        nci_unregister_device+0x3c/0x230
[   75.042726][ T3631]        virtual_ncidev_close+0x55/0x90
[   75.048275][ T3631]        __fput+0x3b7/0x890
[   75.052767][ T3631]        task_work_run+0x246/0x300
[   75.057871][ T3631]        do_exit+0x6fb/0x2300
[   75.062548][ T3631]        do_group_exit+0x202/0x2b0
[   75.067650][ T3631]        get_signal+0x16f7/0x17d0
[   75.072671][ T3631]        arch_do_signal_or_restart+0xb0/0x1a10
[   75.078814][ T3631]        exit_to_user_mode_loop+0x6a/0x100
[   75.084612][ T3631]        exit_to_user_mode_prepare+0xb1/0x140
[   75.090672][ T3631]        syscall_exit_to_user_mode+0x60/0x2d0
[   75.096735][ T3631]        do_syscall_64+0x49/0xb0
[   75.101683][ T3631]        entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   75.108110][ T3631] 
[   75.108110][ T3631] other info that might help us debug this:
[   75.108110][ T3631] 
[   75.118423][ T3631] Chain exists of:
[   75.118423][ T3631]   nci_mutex --> &genl_data->genl_data_mutex --> &ndev->req_lock
[   75.118423][ T3631] 
[   75.131975][ T3631]  Possible unsafe locking scenario:
[   75.131975][ T3631] 
[   75.139411][ T3631]        CPU0                    CPU1
[   75.144763][ T3631]        ----                    ----
[   75.150116][ T3631]   lock(&ndev->req_lock);
[   75.154523][ T3631]                                lock(&genl_data->genl_data_mutex);
[   75.162489][ T3631]                                lock(&ndev->req_lock);
[   75.169424][ T3631]   lock(nci_mutex);
[   75.173328][ T3631] 
[   75.173328][ T3631]  *** DEADLOCK ***
[   75.173328][ T3631] 
[   75.181469][ T3631] 1 lock held by syz-executor133/3631:
[   75.186913][ T3631]  #0: ffff888079dcc350 (&ndev->req_lock){+.+.}-{3:3}, at: nci_close_device+0x106/0x5f0
[   75.196655][ T3631] 
[   75.196655][ T3631] stack backtrace:
[   75.202529][ T3631] CPU: 0 PID: 3631 Comm: syz-executor133 Not tainted 6.1.20-syzkaller #0
[   75.210929][ T3631] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/02/2023
[   75.221062][ T3631] Call Trace:
[   75.224334][ T3631]  <TASK>
[   75.227255][ T3631]  dump_stack_lvl+0x1e3/0x2cb
[   75.231928][ T3631]  ? nf_tcp_handle_invalid+0x642/0x642
[   75.237382][ T3631]  ? print_circular_bug+0x12b/0x1a0
[   75.242573][ T3631]  check_noncircular+0x2fa/0x3b0
[   75.247518][ T3631]  ? add_chain_block+0x850/0x850
[   75.252455][ T3631]  ? lockdep_lock+0x11f/0x2a0
[   75.257129][ T3631]  ? prb_read_valid+0xf0/0xf0
[   75.261814][ T3631]  ? console_lock_spinning_disable_and_check+0x79/0xa0
[   75.268678][ T3631]  ? _find_first_zero_bit+0xd0/0x100
[   75.273969][ T3631]  validate_chain+0x1667/0x58e0
[   75.278822][ T3631]  ? __lock_acquire+0x125b/0x1f80
[   75.283847][ T3631]  ? desc_read+0x200/0x3f0
[   75.288257][ T3631]  ? memcpy+0x3c/0x60
[   75.292245][ T3631]  ? reacquire_held_locks+0x660/0x660
[   75.297622][ T3631]  ? desc_read+0x1a2/0x3f0
[   75.302038][ T3631]  ? _prb_read_valid+0xb46/0xbe0
[   75.306978][ T3631]  ? mark_lock+0x9a/0x340
[   75.311303][ T3631]  __lock_acquire+0x125b/0x1f80
[   75.316164][ T3631]  lock_acquire+0x23a/0x630
[   75.320671][ T3631]  ? virtual_nci_close+0x13/0x40
[   75.325616][ T3631]  ? read_lock_is_recursive+0x10/0x10
[   75.331013][ T3631]  ? __might_sleep+0xb0/0xb0
[   75.335641][ T3631]  ? find_next_clump8+0x1a0/0x1a0
[   75.340686][ T3631]  ? console_unlock+0x281/0x6e0
[   75.345528][ T3631]  ? console_unlock+0x6aa/0x6e0
[   75.350374][ T3631]  __mutex_lock_common+0x1d4/0x2520
[   75.355572][ T3631]  ? virtual_nci_close+0x13/0x40
[   75.360511][ T3631]  ? irq_work_queue+0xc6/0x150
[   75.365285][ T3631]  ? __wake_up_klogd+0xd5/0x100
[   75.370130][ T3631]  ? vprintk_emit+0x109/0x1f0
[   75.374798][ T3631]  ? virtual_nci_close+0x13/0x40
[   75.379736][ T3631]  ? _printk+0xd1/0x111
[   75.383900][ T3631]  ? mutex_lock_io_nested+0x60/0x60
[   75.389098][ T3631]  ? panic+0x75d/0x75d
[   75.393162][ T3631]  ? _raw_spin_unlock_irq+0x1f/0x40
[   75.398365][ T3631]  mutex_lock_nested+0x17/0x20
[   75.403124][ T3631]  virtual_nci_close+0x13/0x40
[   75.407883][ T3631]  nci_close_device+0x3a8/0x5f0
[   75.412731][ T3631]  ? nci_unregister_device+0x230/0x230
[   75.418186][ T3631]  ? mutex_unlock+0x10/0x10
[   75.422687][ T3631]  nci_unregister_device+0x3c/0x230
[   75.427884][ T3631]  ? virtual_ncidev_open+0xc0/0xc0
[   75.432995][ T3631]  virtual_ncidev_close+0x55/0x90
[   75.438014][ T3631]  ? virtual_ncidev_open+0xc0/0xc0
[   75.443127][ T3631]  __fput+0x3b7/0x890
[   75.447113][ T3631]  task_work_run+0x246/0x300
[   75.451706][ T3631]  ? task_work_cancel+0x2b0/0x2b0
[   75.456733][ T3631]  ? exit_task_namespaces+0xdd/0xf0
[   75.461933][ T3631]  do_exit+0x6fb/0x2300
[   75.466105][ T3631]  ? read_lock_is_recursive+0x10/0x10
[   75.471492][ T3631]  ? put_task_struct+0x80/0x80
[   75.476255][ T3631]  ? get_signal+0x137e/0x17d0
[   75.481020][ T3631]  ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[   75.487012][ T3631]  ? print_irqtrace_events+0x210/0x210
[   75.492467][ T3631]  ? _raw_spin_lock_irq+0xdb/0x110
[   75.497579][ T3631]  do_group_exit+0x202/0x2b0
[   75.502183][ T3631]  ? _raw_spin_unlock_irq+0x1f/0x40
[   75.507380][ T3631]  ? lockdep_hardirqs_on+0x94/0x130
[   75.512577][ T3631]  get_signal+0x16f7/0x17d0
[   75.517089][ T3631]  ? __bpf_trace_rcu_stall_warning+0x10/0x10
[   75.523067][ T3631]  ? ptrace_notify+0x370/0x370
[   75.527835][ T3631]  arch_do_signal_or_restart+0xb0/0x1a10
[   75.533464][ T3631]  ? ____sys_sendmsg+0x8f0/0x8f0
[   75.538412][ T3631]  ? get_sigframe_size+0x10/0x10
[   75.543356][ T3631]  ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[   75.549344][ T3631]  ? exit_to_user_mode_loop+0x39/0x100
[   75.554795][ T3631]  exit_to_user_mode_loop+0x6a/0x100
[   75.560090][ T3631]  exit_to_user_mode_prepare+0xb1/0x140
[   75.565634][ T3631]  syscall_exit_to_user_mode+0x60/0x2d0
[   75.571200][ T3631]  do_syscall_64+0x49/0xb0
[   75.575614][ T3631]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   75.581528][ T3631] RIP: 0033:0x7fd1872ce649
[   75.585932][ T3631] Code: Unable to access opcode bytes at 0x7fd1872ce61f.
[   75.592937][ T3631] RSP: 002b:00007fd18727f318 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   75.601341][ T3631] RAX: 0000000000000024 RBX: 00007fd187356428 RCX: 00007fd1872ce649
[   75.609314][ T3631] RDX: 0000000000000000 RSI: 0000000020000440 RDI: 0000000000000004
[   75.617276][ T3631] RBP: 00007fd187356420 R08: 0000000000000003 R09: 0000000000000000
executing program
[   75.625240][ T3631] R10: 0000000000000008 R11: 0000000000000246 R12: 00007fd187324074
[   75.633203][ T3631] R13: 00007ffd3856b58f R14: 00007fd18727f400 R15: 0000000000022000
[   75.641178][ T3631]  </TASK>
executing program
[   75.876170][ T3639] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
executing program
[   76.107988][ T3645] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[   76.347779][ T3655] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[   76.356606][ T3655] nci: nci_start_poll: failed to set local general bytes
executing program
[   81.397961][ T3655] nci: __nci_request: wait_for_completion_interruptible_timeout failed 0
[   81.398403][   T14] cfg80211: failed to load regulatory.db
executing program
[   81.632383][ T3658] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[   81.861068][ T3669] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[   81.870262][ T3669] nci: nci_start_poll: failed to set local general bytes