====================================================== WARNING: possible circular locking dependency detected 6.0.0-syzkaller-00372-ga5088ee7251e #0 Not tainted ------------------------------------------------------ kworker/u4:6/3707 is trying to acquire lock: ffff888020ac40e8 ((work_completion)(&(&cp->cp_send_w)->work)){+.+.}-{0:0}, at: __flush_work+0xcf/0x1a0 kernel/workqueue.c:3069 but task is already holding lock: ffff88807f3e40f0 (k-sk_lock-AF_INET6){+.+.}-{0:0}, at: lock_sock include/net/sock.h:1712 [inline] ffff88807f3e40f0 (k-sk_lock-AF_INET6){+.+.}-{0:0}, at: rds_tcp_reset_callbacks+0x235/0x400 net/rds/tcp.c:169 which lock already depends on the new lock. the existing dependency chain (in reverse order) is: -> #1 (k-sk_lock-AF_INET6){+.+.}-{0:0}: lock_acquire+0x1a7/0x400 kernel/locking/lockdep.c:5666 lock_sock_nested+0x44/0xf0 net/core/sock.c:3393 lock_sock include/net/sock.h:1712 [inline] tcp_sock_set_cork+0x29/0x1b0 net/ipv4/tcp.c:3337 rds_send_xmit+0x43e/0x2690 net/rds/send.c:194 rds_send_worker+0x7d/0x2c0 net/rds/threads.c:200 process_one_work+0x81c/0xd10 kernel/workqueue.c:2289 worker_thread+0xb14/0x1330 kernel/workqueue.c:2436 kthread+0x266/0x300 kernel/kthread.c:376 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:306 -> #0 ((work_completion)(&(&cp->cp_send_w)->work)){+.+.}-{0:0}: check_prev_add kernel/locking/lockdep.c:3095 [inline] check_prevs_add kernel/locking/lockdep.c:3214 [inline] validate_chain+0x1872/0x6600 kernel/locking/lockdep.c:3829 __lock_acquire+0x1292/0x1f60 kernel/locking/lockdep.c:5053 lock_acquire+0x1a7/0x400 kernel/locking/lockdep.c:5666 __flush_work+0xeb/0x1a0 kernel/workqueue.c:3069 __cancel_work_timer+0x517/0x6a0 kernel/workqueue.c:3160 rds_tcp_reset_callbacks+0x246/0x400 net/rds/tcp.c:171 rds_tcp_accept_one+0x950/0xb10 net/rds/tcp_listen.c:203 rds_tcp_accept_worker+0x3b/0xb0 net/rds/tcp.c:529 process_one_work+0x81c/0xd10 kernel/workqueue.c:2289 worker_thread+0xb14/0x1330 kernel/workqueue.c:2436 kthread+0x266/0x300 kernel/kthread.c:376 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:306 other info that might help us debug this: Possible unsafe locking scenario: CPU0 CPU1 ---- ---- lock(k-sk_lock-AF_INET6); lock((work_completion)(&(&cp->cp_send_w)->work)); lock(k-sk_lock-AF_INET6); lock((work_completion)(&(&cp->cp_send_w)->work)); *** DEADLOCK *** 4 locks held by kworker/u4:6/3707: #0: ffff888027d1b138 ((wq_completion)krdsd){+.+.}-{0:0}, at: process_one_work+0x796/0xd10 kernel/workqueue.c:2262 #1: ffffc9000433fd00 ((work_completion)(&rtn->rds_tcp_accept_w)){+.+.}-{0:0}, at: process_one_work+0x7d0/0xd10 kernel/workqueue.c:2264 #2: ffff8880345f8088 (&tc->t_conn_path_lock){+.+.}-{3:3}, at: rds_tcp_accept_one+0x741/0xb10 net/rds/tcp_listen.c:195 #3: ffff88807f3e40f0 (k-sk_lock-AF_INET6){+.+.}-{0:0}, at: lock_sock include/net/sock.h:1712 [inline] #3: ffff88807f3e40f0 (k-sk_lock-AF_INET6){+.+.}-{0:0}, at: rds_tcp_reset_callbacks+0x235/0x400 net/rds/tcp.c:169 stack backtrace: CPU: 1 PID: 3707 Comm: kworker/u4:6 Not tainted 6.0.0-syzkaller-00372-ga5088ee7251e #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/22/2022 Workqueue: krdsd rds_tcp_accept_worker Call Trace: __dump_stack lib/dump_stack.c:88 [inline] dump_stack_lvl+0x1e3/0x2cb lib/dump_stack.c:106 check_noncircular+0x2f9/0x3b0 kernel/locking/lockdep.c:2175 check_prev_add kernel/locking/lockdep.c:3095 [inline] check_prevs_add kernel/locking/lockdep.c:3214 [inline] validate_chain+0x1872/0x6600 kernel/locking/lockdep.c:3829 __lock_acquire+0x1292/0x1f60 kernel/locking/lockdep.c:5053 lock_acquire+0x1a7/0x400 kernel/locking/lockdep.c:5666 __flush_work+0xeb/0x1a0 kernel/workqueue.c:3069 __cancel_work_timer+0x517/0x6a0 kernel/workqueue.c:3160 rds_tcp_reset_callbacks+0x246/0x400 net/rds/tcp.c:171 rds_tcp_accept_one+0x950/0xb10 net/rds/tcp_listen.c:203 rds_tcp_accept_worker+0x3b/0xb0 net/rds/tcp.c:529 process_one_work+0x81c/0xd10 kernel/workqueue.c:2289 worker_thread+0xb14/0x1330 kernel/workqueue.c:2436 kthread+0x266/0x300 kernel/kthread.c:376 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:306