================================
WARNING: inconsistent lock state
6.1.0-rc6-syzkaller-32662-g6d464646530f #0 Not tainted
--------------------------------
inconsistent {IN-SOFTIRQ-R} -> {SOFTIRQ-ON-W} usage.
syz-executor.2/9442 [HC0[0]:SC0[0]:HE1:SE1] takes:
ffff0000cb674738 (clock-AF_INET6){+++-}-{2:2}, at: l2tp_tunnel_register+0x354/0x79c net/l2tp/l2tp_core.c:1477
{IN-SOFTIRQ-R} state was registered at:
  lock_acquire+0x100/0x1f8 kernel/locking/lockdep.c:5668
  __raw_read_lock_bh include/linux/rwlock_api_smp.h:176 [inline]
  _raw_read_lock_bh+0x64/0x7c kernel/locking/spinlock.c:252
  rds_tcp_listen_data_ready+0x28/0xb0 net/rds/tcp_listen.c:239
  tcp_data_ready+0x124/0x1b8 net/ipv4/tcp_input.c:5005
  tcp_data_queue+0xe48/0x1148 net/ipv4/tcp_input.c:5079
  tcp_rcv_established+0x6a0/0xa64 net/ipv4/tcp_input.c:6005
  tcp_v6_do_rcv+0x54c/0x788 net/ipv6/tcp_ipv6.c:1502
  tcp_v6_rcv+0xea8/0x1008 net/ipv6/tcp_ipv6.c:1761
  ip6_protocol_deliver_rcu+0x4d0/0x83c net/ipv6/ip6_input.c:439
  ip6_input_finish+0xe0/0x188 net/ipv6/ip6_input.c:484
  NF_HOOK include/linux/netfilter.h:302 [inline]
  ip6_input+0x68/0x8c net/ipv6/ip6_input.c:493
  dst_input include/net/dst.h:455 [inline]
  ip6_rcv_finish+0x138/0x158 net/ipv6/ip6_input.c:79
  NF_HOOK include/linux/netfilter.h:302 [inline]
  ipv6_rcv+0x88/0xb8 net/ipv6/ip6_input.c:309
  __netif_receive_skb_one_core net/core/dev.c:5489 [inline]
  __netif_receive_skb+0x70/0x14c net/core/dev.c:5603
  process_backlog+0x240/0x388 net/core/dev.c:5931
  __napi_poll+0x5c/0x24c net/core/dev.c:6498
  napi_poll+0x110/0x484 net/core/dev.c:6565
  net_rx_action+0x18c/0x414 net/core/dev.c:6676
  _stext+0x168/0x37c
  ____do_softirq+0x14/0x20 arch/arm64/kernel/irq.c:80
  call_on_irq_stack+0x2c/0x54 arch/arm64/kernel/entry.S:892
  do_softirq_own_stack+0x20/0x2c arch/arm64/kernel/irq.c:85
  do_softirq+0xac/0x108 kernel/softirq.c:472
  __local_bh_enable_ip+0x18c/0x1a4 kernel/softirq.c:396
  local_bh_enable+0x28/0x34 include/linux/bottom_half.h:33
  rcu_read_unlock_bh include/linux/rcupdate.h:808 [inline]
  ip6_finish_output2+0xa1c/0xbec net/ipv6/ip6_output.c:135
  __ip6_finish_output net/ipv6/ip6_output.c:195 [inline]
  ip6_finish_output+0x448/0x4c4 net/ipv6/ip6_output.c:206
  NF_HOOK_COND include/linux/netfilter.h:291 [inline]
  ip6_output+0x180/0x2dc net/ipv6/ip6_output.c:227
  dst_output include/net/dst.h:445 [inline]
  NF_HOOK include/linux/netfilter.h:302 [inline]
  ip6_xmit+0x888/0xb88 net/ipv6/ip6_output.c:343
  inet6_csk_xmit+0x1e8/0x30c net/ipv6/inet6_connection_sock.c:135
  __tcp_transmit_skb+0xaf4/0xe60 net/ipv4/tcp_output.c:1402
  tcp_transmit_skb net/ipv4/tcp_output.c:1420 [inline]
  tcp_write_xmit+0x84c/0x1938 net/ipv4/tcp_output.c:2696
  __tcp_push_pending_frames net/ipv4/tcp_output.c:2880 [inline]
  tcp_send_fin+0x2dc/0x43c net/ipv4/tcp_output.c:3435
  tcp_shutdown+0xa0/0xb0 net/ipv4/tcp.c:2816
  mptcp_subflow_shutdown+0xd4/0x184 net/mptcp/protocol.c:2779
  __mptcp_check_send_data_fin+0x1a0/0x200 net/mptcp/protocol.c:2853
  __mptcp_wr_shutdown net/mptcp/protocol.c:2869 [inline]
  __mptcp_close+0x39c/0x444 net/mptcp/protocol.c:2925
  mptcp_close+0x38/0x168 net/mptcp/protocol.c:2969
  inet_release+0xc8/0xe4 net/ipv4/af_inet.c:428
  inet6_release+0x3c/0x58 net/ipv6/af_inet6.c:488
  __sock_release net/socket.c:650 [inline]
  sock_close+0x50/0xf0 net/socket.c:1365
  __fput+0x198/0x3e4 fs/file_table.c:320
  ____fput+0x20/0x30 fs/file_table.c:348
  task_work_run+0x100/0x148 kernel/task_work.c:179
  resume_user_mode_work include/linux/resume_user_mode.h:49 [inline]
  do_notify_resume+0x174/0x1f0 arch/arm64/kernel/signal.c:1127
  prepare_exit_to_user_mode arch/arm64/kernel/entry-common.c:137 [inline]
  exit_to_user_mode arch/arm64/kernel/entry-common.c:142 [inline]
  el0_svc+0x9c/0x150 arch/arm64/kernel/entry-common.c:638
  el0t_64_sync_handler+0x84/0xf0 arch/arm64/kernel/entry-common.c:655
  el0t_64_sync+0x190/0x194 arch/arm64/kernel/entry.S:584
irq event stamp: 251
hardirqs last  enabled at (251): [<ffff80000c090584>] __raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:151 [inline]
hardirqs last  enabled at (251): [<ffff80000c090584>] _raw_spin_unlock_irqrestore+0x48/0x8c kernel/locking/spinlock.c:194
hardirqs last disabled at (250): [<ffff80000c0903c0>] __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:108 [inline]
hardirqs last disabled at (250): [<ffff80000c0903c0>] _raw_spin_lock_irqsave+0xa4/0xb4 kernel/locking/spinlock.c:162
softirqs last  enabled at (248): [<ffff80000bb30344>] local_bh_enable+0x10/0x34 include/linux/bottom_half.h:32
softirqs last disabled at (246): [<ffff80000bb30310>] local_bh_disable+0x10/0x34 include/linux/bottom_half.h:19

other info that might help us debug this:
 Possible unsafe locking scenario:

       CPU0
       ----
  lock(clock-AF_INET6);
  <Interrupt>
    lock(clock-AF_INET6);

 *** DEADLOCK ***

1 lock held by syz-executor.2/9442:
 #0: ffff00010288a130 (sk_lock-AF_PPPOX){+.+.}-{0:0}, at: lock_sock include/net/sock.h:1721 [inline]
 #0: ffff00010288a130 (sk_lock-AF_PPPOX){+.+.}-{0:0}, at: pppol2tp_connect+0x184/0x6c4 net/l2tp/l2tp_ppp.c:675

stack backtrace:
CPU: 1 PID: 9442 Comm: syz-executor.2 Not tainted 6.1.0-rc6-syzkaller-32662-g6d464646530f #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/30/2022
Call trace:
 dump_backtrace+0x1c4/0x1f0 arch/arm64/kernel/stacktrace.c:156
 show_stack+0x2c/0x54 arch/arm64/kernel/stacktrace.c:163
 __dump_stack lib/dump_stack.c:88 [inline]
 dump_stack_lvl+0x104/0x16c lib/dump_stack.c:106
 dump_stack+0x1c/0x58 lib/dump_stack.c:113
 print_usage_bug+0x39c/0x3cc kernel/locking/lockdep.c:3963
 mark_lock_irq+0x4a8/0x4b4
 mark_lock+0x154/0x1b4 kernel/locking/lockdep.c:4634
 __lock_acquire+0x618/0x3084 kernel/locking/lockdep.c:5009
 lock_acquire+0x100/0x1f8 kernel/locking/lockdep.c:5668
 __raw_write_lock include/linux/rwlock_api_smp.h:209 [inline]
 _raw_write_lock+0x54/0x6c kernel/locking/spinlock.c:300
 l2tp_tunnel_register+0x354/0x79c net/l2tp/l2tp_core.c:1477
 pppol2tp_connect+0x3e8/0x6c4 net/l2tp/l2tp_ppp.c:723
 __sys_connect_file net/socket.c:1976 [inline]
 __sys_connect+0x184/0x190 net/socket.c:1993
 __do_sys_connect net/socket.c:2003 [inline]
 __se_sys_connect net/socket.c:2000 [inline]
 __arm64_sys_connect+0x28/0x3c net/socket.c:2000
 __invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
 invoke_syscall arch/arm64/kernel/syscall.c:52 [inline]
 el0_svc_common+0x138/0x220 arch/arm64/kernel/syscall.c:142
 do_el0_svc+0x48/0x164 arch/arm64/kernel/syscall.c:206
 el0_svc+0x58/0x150 arch/arm64/kernel/entry-common.c:637
 el0t_64_sync_handler+0x84/0xf0 arch/arm64/kernel/entry-common.c:655
 el0t_64_sync+0x190/0x194 arch/arm64/kernel/entry.S:584
BUG: sleeping function called from invalid context at include/linux/percpu-rwsem.h:49
in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 9442, name: syz-executor.2
preempt_count: 1, expected: 0
RCU nest depth: 0, expected: 0
INFO: lockdep is turned off.
Preemption disabled at:
[<ffff80000bb2e438>] l2tp_tunnel_register+0x354/0x79c net/l2tp/l2tp_core.c:1477
CPU: 1 PID: 9442 Comm: syz-executor.2 Not tainted 6.1.0-rc6-syzkaller-32662-g6d464646530f #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/30/2022
Call trace:
 dump_backtrace+0x1c4/0x1f0 arch/arm64/kernel/stacktrace.c:156
 show_stack+0x2c/0x54 arch/arm64/kernel/stacktrace.c:163
 __dump_stack lib/dump_stack.c:88 [inline]
 dump_stack_lvl+0x104/0x16c lib/dump_stack.c:106
 dump_stack+0x1c/0x58 lib/dump_stack.c:113
 __might_resched+0x208/0x218 kernel/sched/core.c:9908
 __might_sleep+0x48/0x78 kernel/sched/core.c:9837
 percpu_down_read include/linux/percpu-rwsem.h:49 [inline]
 cpus_read_lock+0x28/0x1e0 kernel/cpu.c:310
 static_key_slow_inc+0x1c/0x38 kernel/jump_label.c:158
 udpv6_encap_enable+0x1c/0x28 net/ipv6/udp.c:473
 udp_tunnel_encap_enable include/net/udp_tunnel.h:187 [inline]
 setup_udp_tunnel_sock+0xec/0x124 net/ipv4/udp_tunnel_core.c:81
 l2tp_tunnel_register+0x68c/0x79c net/l2tp/l2tp_core.c:1509
 pppol2tp_connect+0x3e8/0x6c4 net/l2tp/l2tp_ppp.c:723
 __sys_connect_file net/socket.c:1976 [inline]
 __sys_connect+0x184/0x190 net/socket.c:1993
 __do_sys_connect net/socket.c:2003 [inline]
 __se_sys_connect net/socket.c:2000 [inline]
 __arm64_sys_connect+0x28/0x3c net/socket.c:2000
 __invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
 invoke_syscall arch/arm64/kernel/syscall.c:52 [inline]
 el0_svc_common+0x138/0x220 arch/arm64/kernel/syscall.c:142
 do_el0_svc+0x48/0x164 arch/arm64/kernel/syscall.c:206
 el0_svc+0x58/0x150 arch/arm64/kernel/entry-common.c:637
 el0t_64_sync_handler+0x84/0xf0 arch/arm64/kernel/entry-common.c:655
 el0t_64_sync+0x190/0x194 arch/arm64/kernel/entry.S:584