=========================[ 631.240319][ T9836] ============================================
WARNING: possible recursive locking detected
syzkaller #0 Tainted: G L
--------------------------------------------
kworker/u8:16/9836 is trying to acquire lock:
ffff888061305358 (k-sk_lock-AF_INET6){+.+.}-{0:0}, at: lock_sock include/net/sock.h:1709 [inline]
ffff888061305358 (k-sk_lock-AF_INET6){+.+.}-{0:0}, at: inet6_getname+0x15d/0x650 net/ipv6/af_inet6.c:533
but task is already holding lock:
ffff888061305358 (k-sk_lock-AF_INET6){+.+.}-{0:0}, at: lock_sock include/net/sock.h:1709 [inline]
ffff888061305358 (k-sk_lock-AF_INET6){+.+.}-{0:0}, at: rds_tcp_recv_path+0xfe/0x340 net/rds/tcp_recv.c:304
other info that might help us debug this:
Possible unsafe locking scenario:
CPU0
----
lock(k-sk_lock-AF_INET6);
lock(k-sk_lock-AF_INET6);
*** DEADLOCK ***
May be due to missing lock nesting notation
7 locks held by kworker/u8:16/9836:
#0: ffff88802a0d2138 ((wq_completion)krds_cp_wq#1/0){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3250 [inline]
#0: ffff88802a0d2138 ((wq_completion)krds_cp_wq#1/0){+.+.}-{0:0}, at: process_scheduled_works+0x9ea/0x1830 kernel/workqueue.c:3358
#1: ffffc900063a7c40 ((work_completion)(&(&cp->cp_recv_w)->work)){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3251 [inline]
#1: ffffc900063a7c40 ((work_completion)(&(&cp->cp_recv_w)->work)){+.+.}-{0:0}, at: process_scheduled_works+0xa25/0x1830 kernel/workqueue.c:3358
#2: ffff888061305358 (k-sk_lock-AF_INET6){+.+.}-{0:0}, at: lock_sock include/net/sock.h:1709 [inline]
#2: ffff888061305358 (k-sk_lock-AF_INET6){+.+.}-{0:0}, at: rds_tcp_recv_path+0xfe/0x340 net/rds/tcp_recv.c:304
#3: ffffffff8dc64fa0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0x3c/0x420 kernel/softirq.c:163
#4: ffffffff8ddcd780 (rcu_read_lock){....}-{1:3}, at: __local_bh_disable_ip+0x3c/0x420 kernel/softirq.c:163
#5: ffff888061305590 (k-clock-AF_INET6){++..}-{3:3}, at: read_lock_bh include/linux/rwlock_rt.h:45 [inline]
#5: ffff888061305590 (k-clock-AF_INET6){++..}-{3:3}, at: rds_tcp_data_ready+0x127/0x8e0 net/rds/tcp_recv.c:320
#6: ffffffff8ddcd780 (rcu_read_lock){....}-{1:3}, at: rcu_lock_acquire include/linux/rcupdate.h:312 [inline]
#6: ffffffff8ddcd780 (rcu_read_lock){....}-{1:3}, at: rcu_read_lock include/linux/rcupdate.h:850 [inline]
#6: ffffffff8ddcd780 (rcu_read_lock){....}-{1:3}, at: rt_read_lock+0x277/0x4b0 kernel/locking/spinlock_rt.c:234
stack backtrace:
CPU: 0 UID: 0 PID: 9836 Comm: kworker/u8:16 Tainted: G L syzkaller #0 PREEMPT_{RT,(full)}
Tainted: [L]=SOFTLOCKUP
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
Workqueue: krds_cp_wq#1/0 rds_recv_worker
Call Trace:
dump_stack_lvl+0xe8/0x150 lib/dump_stack.c:120
print_deadlock_bug+0x279/0x290 kernel/locking/lockdep.c:3041
check_deadlock kernel/locking/lockdep.c:3093 [inline]
validate_chain kernel/locking/lockdep.c:3895 [inline]
__lock_acquire+0x253f/0x2cf0 kernel/locking/lockdep.c:5237
lock_acquire+0xf0/0x2e0 kernel/locking/lockdep.c:5868
lock_sock_nested+0x3e/0x130 net/core/sock.c:3780
lock_sock include/net/sock.h:1709 [inline]
inet6_getname+0x15d/0x650 net/ipv6/af_inet6.c:533
rds_tcp_get_peer_sport net/rds/tcp_listen.c:70 [inline]
rds_tcp_conn_slots_available+0x288/0x470 net/rds/tcp_listen.c:149
rds_recv_hs_exthdrs+0x64f/0x800 net/rds/recv.c:265
rds_recv_incoming+0x9f6/0x12e0 net/rds/recv.c:389
rds_tcp_data_recv+0x816/0xa40 net/rds/tcp_recv.c:243
__tcp_read_sock+0x196/0x970 net/ipv4/tcp.c:1702
rds_tcp_read_sock net/rds/tcp_recv.c:277 [inline]
rds_tcp_data_ready+0x32d/0x8e0 net/rds/tcp_recv.c:331
tcp_data_queue+0x1e2e/0x5e50 net/ipv4/tcp_input.c:5719
tcp_rcv_established+0xf45/0x2740 net/ipv4/tcp_input.c:6710
tcp_v6_do_rcv+0x88b/0x1ac0 net/ipv6/tcp_ipv6.c:1609
sk_backlog_rcv include/net/sock.h:1185 [inline]
__release_sock+0x20b/0x3d0 net/core/sock.c:3213
release_sock+0x75/0x210 net/core/sock.c:3795
rds_tcp_recv_path+0x2ee/0x340 net/rds/tcp_recv.c:306
rds_recv_worker+0xc6/0x310 net/rds/threads.c:226
process_one_work kernel/workqueue.c:3275 [inline]
process_scheduled_works+0xb02/0x1830 kernel/workqueue.c:3358
worker_thread+0xa50/0xfc0 kernel/workqueue.c:3439
kthread+0x388/0x470 kernel/kthread.c:467
ret_from_fork+0x51e/0xb90 arch/x86/kernel/process.c:158
ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245
BUG: sleeping function called from invalid context at net/core/sock.c:3782
in_atomic(): 0, irqs_disabled(): 0, non_block: 0, pid: 9836, name: kworker/u8:16
preempt_count: 0, expected: 0
RCU nest depth: 2, expected: 0
INFO: lockdep is turned off.
CPU: 0 UID: 0 PID: 9836 Comm: kworker/u8:16 Tainted: G L syzkaller #0 PREEMPT_{RT,(full)}
Tainted: [L]=SOFTLOCKUP
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
Workqueue: krds_cp_wq#1/0 rds_recv_worker
Call Trace:
dump_stack_lvl+0xe8/0x150 lib/dump_stack.c:120
__might_resched+0x329/0x480 kernel/sched/core.c:8884
lock_sock_nested+0x53/0x130 net/core/sock.c:3782
lock_sock include/net/sock.h:1709 [inline]
inet6_getname+0x15d/0x650 net/ipv6/af_inet6.c:533
rds_tcp_get_peer_sport net/rds/tcp_listen.c:70 [inline]
rds_tcp_conn_slots_available+0x288/0x470 net/rds/tcp_listen.c:149
rds_recv_hs_exthdrs+0x64f/0x800 net/rds/recv.c:265
rds_recv_incoming+0x9f6/0x12e0 net/rds/recv.c:389
rds_tcp_data_recv+0x816/0xa40 net/rds/tcp_recv.c:243
__tcp_read_sock+0x196/0x970 net/ipv4/tcp.c:1702
rds_tcp_read_sock net/rds/tcp_recv.c:277 [inline]
rds_tcp_data_ready+0x32d/0x8e0 net/rds/tcp_recv.c:331
tcp_data_queue+0x1e2e/0x5e50 net/ipv4/tcp_input.c:5719
tcp_rcv_established+0xf45/0x2740 net/ipv4/tcp_input.c:6710
tcp_v6_do_rcv+0x88b/0x1ac0 net/ipv6/tcp_ipv6.c:1609
sk_backlog_rcv include/net/sock.h:1185 [inline]
__release_sock+0x20b/0x3d0 net/core/sock.c:3213
release_sock+0x75/0x210 net/core/sock.c:3795
rds_tcp_recv_path+0x2ee/0x340 net/rds/tcp_recv.c:306
rds_recv_worker+0xc6/0x310 net/rds/threads.c:226
process_one_work kernel/workqueue.c:3275 [inline]
process_scheduled_works+0xb02/0x1830 kernel/workqueue.c:3358
worker_thread+0xa50/0xfc0 kernel/workqueue.c:3439
kthread+0x388/0x470 kernel/kthread.c:467
ret_from_fork+0x51e/0xb90 arch/x86/kernel/process.c:158
ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245
------------[ cut here ]------------
Voluntary context switch within RCU read-side critical section!
WARNING: kernel/rcu/tree_plugin.h:332 at rcu_note_context_switch+0xcac/0xf40 kernel/rcu/tree_plugin.h:332, CPU#0: kworker/u8:16/9836
Modules linked in:
CPU: 0 UID: 0 PID: 9836 Comm: kworker/u8:16 Tainted: G W L syzkaller #0 PREEMPT_{RT,(full)}
Tainted: [W]=WARN, [L]=SOFTLOCKUP
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
Workqueue: krds_cp_wq#1/0 rds_recv_worker
RIP: 0010:rcu_note_context_switch+0xcac/0xf40 kernel/rcu/tree_plugin.h:332
Code: 00 41 c6 45 00 00 48 8b 3d 11 c7 bf 0d 48 81 c4 b8 00 00 00 5b 41 5c 41 5d 41 5e 41 5f 5d e9 8b 62 ff ff 48 8d 3d 14 84 c3 0d <67> 48 0f b9 3a e9 1b f4 ff ff 90 0f 0b 90 45 84 e4 0f 84 ea f3 ff
RSP: 0018:ffffc900063a6a70 EFLAGS: 00010002
RAX: 0000000000000000 RBX: ffff888037cc3c80 RCX: 0000000080000002
RDX: 0000000000000000 RSI: ffffffff8ba643e0 RDI: ffffffff8f6d8fd0
RBP: dffffc0000000000 R08: ffffffff8f6a25b7 R09: 1ffffffff1ed44b6
R10: dffffc0000000000 R11: fffffbfff1ed44b7 R12: 0000000000000000
R13: 0000000000000000 R14: ffff8880b883cb80 R15: ffff888037cc4104
FS: 0000000000000000(0000) GS:ffff888126343000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007f03169b7dac CR3: 0000000028cb6000 CR4: 00000000003526f0
Call Trace:
__schedule+0x2b0/0x52c0 kernel/sched/core.c:6791
__schedule_loop kernel/sched/core.c:6989 [inline]
schedule+0x164/0x360 kernel/sched/core.c:7004
__lock_sock+0x175/0x2e0 net/core/sock.c:3188
lock_sock_nested+0xb3/0x130 net/core/sock.c:3785
lock_sock include/net/sock.h:1709 [inline]
inet6_getname+0x15d/0x650 net/ipv6/af_inet6.c:533
rds_tcp_get_peer_sport net/rds/tcp_listen.c:70 [inline]
rds_tcp_conn_slots_available+0x288/0x470 net/rds/tcp_listen.c:149
rds_recv_hs_exthdrs+0x64f/0x800 net/rds/recv.c:265
rds_recv_incoming+0x9f6/0x12e0 net/rds/recv.c:389
rds_tcp_data_recv+0x816/0xa40 net/rds/tcp_recv.c:243
__tcp_read_sock+0x196/0x970 net/ipv4/tcp.c:1702
rds_tcp_read_sock net/rds/tcp_recv.c:277 [inline]
rds_tcp_data_ready+0x32d/0x8e0 net/rds/tcp_recv.c:331
tcp_data_queue+0x1e2e/0x5e50 net/ipv4/tcp_input.c:5719
tcp_rcv_established+0xf45/0x2740 net/ipv4/tcp_input.c:6710
tcp_v6_do_rcv+0x88b/0x1ac0 net/ipv6/tcp_ipv6.c:1609
sk_backlog_rcv include/net/sock.h:1185 [inline]
__release_sock+0x20b/0x3d0 net/core/sock.c:3213
release_sock+0x75/0x210 net/core/sock.c:3795
rds_tcp_recv_path+0x2ee/0x340 net/rds/tcp_recv.c:306
rds_recv_worker+0xc6/0x310 net/rds/threads.c:226
process_one_work kernel/workqueue.c:3275 [inline]
process_scheduled_works+0xb02/0x1830 kernel/workqueue.c:3358
worker_thread+0xa50/0xfc0 kernel/workqueue.c:3439
kthread+0x388/0x470 kernel/kthread.c:467
ret_from_fork+0x51e/0xb90 arch/x86/kernel/process.c:158
ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245
----------------
Code disassembly (best guess):
0: 00 41 c6 add %al,-0x3a(%rcx)
3: 45 00 00 add %r8b,(%r8)
6: 48 8b 3d 11 c7 bf 0d mov 0xdbfc711(%rip),%rdi # 0xdbfc71e
d: 48 81 c4 b8 00 00 00 add $0xb8,%rsp
14: 5b pop %rbx
15: 41 5c pop %r12
17: 41 5d pop %r13
19: 41 5e pop %r14
1b: 41 5f pop %r15
1d: 5d pop %rbp
1e: e9 8b 62 ff ff jmp 0xffff62ae
23: 48 8d 3d 14 84 c3 0d lea 0xdc38414(%rip),%rdi # 0xdc3843e
* 2a: 67 48 0f b9 3a ud1 (%edx),%rdi <-- trapping instruction
2f: e9 1b f4 ff ff jmp 0xfffff44f
34: 90 nop
35: 0f 0b ud2
37: 90 nop
38: 45 84 e4 test %r12b,%r12b
3b: 0f .byte 0xf
3c: 84 ea test %ch,%dl
3e: f3 repz
3f: ff .byte 0xff