============================================
WARNING: possible recursive locking detected
syzkaller #0 Tainted: G             L     
--------------------------------------------
kworker/u8:24/11880 is trying to acquire lock:
ffff888028ca5358 (k-sk_lock-AF_INET6){+.+.}-{0:0}, at: lock_sock include/net/sock.h:1709 [inline]
ffff888028ca5358 (k-sk_lock-AF_INET6){+.+.}-{0:0}, at: inet6_getname+0x15d/0x650 net/ipv6/af_inet6.c:533

but task is already holding lock:
ffff888028ca6358 (k-sk_lock-AF_INET6){+.+.}-{0:0}, at: lock_sock include/net/sock.h:1709 [inline]
ffff888028ca6358 (k-sk_lock-AF_INET6){+.+.}-{0:0}, at: tcp_sock_set_cork+0x2c/0x2e0 net/ipv4/tcp.c:3694

other info that might help us debug this:
 Possible unsafe locking scenario:

       CPU0
       ----
  lock(k-sk_lock-AF_INET6);
  lock(k-sk_lock-AF_INET6);

 *** DEADLOCK ***

 May be due to missing lock nesting notation

14 locks held by kworker/u8:24/11880:
 #0: ffff88803eaa5138 ((wq_completion)krds_cp_wq#1/0){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3250 [inline]
 #0: ffff88803eaa5138 ((wq_completion)krds_cp_wq#1/0){+.+.}-{0:0}, at: process_scheduled_works+0x9ea/0x1830 kernel/workqueue.c:3358
 #1: ffffc90003eefc40 ((work_completion)(&(&cp->cp_send_w)->work)){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3251 [inline]
 #1: ffffc90003eefc40 ((work_completion)(&(&cp->cp_send_w)->work)){+.+.}-{0:0}, at: process_scheduled_works+0xa25/0x1830 kernel/workqueue.c:3358
 #2: ffff888028ca6358 (k-sk_lock-AF_INET6){+.+.}-{0:0}, at: lock_sock include/net/sock.h:1709 [inline]
 #2: ffff888028ca6358 (k-sk_lock-AF_INET6){+.+.}-{0:0}, at: tcp_sock_set_cork+0x2c/0x2e0 net/ipv4/tcp.c:3694
 #3: ffffffff8ddcd780 (rcu_read_lock){....}-{1:3}, at: rcu_lock_acquire include/linux/rcupdate.h:312 [inline]
 #3: ffffffff8ddcd780 (rcu_read_lock){....}-{1:3}, at: rcu_read_lock include/linux/rcupdate.h:850 [inline]
 #3: ffffffff8ddcd780 (rcu_read_lock){....}-{1:3}, at: inet6_csk_xmit+0x110/0x6c0 net/ipv6/inet6_connection_sock.c:112
 #4: ffffffff8ddcd780 (rcu_read_lock){....}-{1:3}, at: rcu_lock_acquire include/linux/rcupdate.h:312 [inline]
 #4: ffffffff8ddcd780 (rcu_read_lock){....}-{1:3}, at: rcu_read_lock include/linux/rcupdate.h:850 [inline]
 #4: ffffffff8ddcd780 (rcu_read_lock){....}-{1:3}, at: ip6_xmit+0x283/0x1980 net/ipv6/ip6_output.c:284
 #5: ffffffff8ddcd780 (rcu_read_lock){....}-{1:3}, at: rcu_lock_acquire include/linux/rcupdate.h:312 [inline]
 #5: ffffffff8ddcd780 (rcu_read_lock){....}-{1:3}, at: rcu_read_lock include/linux/rcupdate.h:850 [inline]
 #5: ffffffff8ddcd780 (rcu_read_lock){....}-{1:3}, at: ip6_output+0x126/0x550 net/ipv6/ip6_output.c:234
 #6: ffffffff8ddcd780 (rcu_read_lock){....}-{1:3}, at: __local_bh_disable_ip+0x3c/0x420 kernel/softirq.c:163
 #7: ffffffff8ddcd780 (rcu_read_lock){....}-{1:3}, at: rcu_lock_acquire include/linux/rcupdate.h:312 [inline]
 #7: ffffffff8ddcd780 (rcu_read_lock){....}-{1:3}, at: rcu_read_lock include/linux/rcupdate.h:850 [inline]
 #7: ffffffff8ddcd780 (rcu_read_lock){....}-{1:3}, at: process_backlog+0x271/0xc60 net/core/dev.c:6620
 #8: ffffffff8ddcd780 (rcu_read_lock){....}-{1:3}, at: rcu_lock_acquire include/linux/rcupdate.h:312 [inline]
 #8: ffffffff8ddcd780 (rcu_read_lock){....}-{1:3}, at: rcu_read_lock include/linux/rcupdate.h:850 [inline]
 #8: ffffffff8ddcd780 (rcu_read_lock){....}-{1:3}, at: ip6_input+0x23/0x270 net/ipv6/ip6_input.c:499
 #9: ffff888028ca5298 (k-slock-AF_INET6/1){+...}-{3:3}, at: tcp_v6_rcv+0x2577/0x2f60 net/ipv6/tcp_ipv6.c:1875
 #10: ffffffff8ddcd780 (rcu_read_lock){....}-{1:3}, at: rcu_lock_acquire include/linux/rcupdate.h:312 [inline]
 #10: ffffffff8ddcd780 (rcu_read_lock){....}-{1:3}, at: rcu_read_lock include/linux/rcupdate.h:850 [inline]
 #10: ffffffff8ddcd780 (rcu_read_lock){....}-{1:3}, at: __rt_spin_lock kernel/locking/spinlock_rt.c:50 [inline]
 #10: ffffffff8ddcd780 (rcu_read_lock){....}-{1:3}, at: rt_spin_lock_nested+0x1de/0x3f0 kernel/locking/spinlock_rt.c:65
 #11: ffffffff8dc64fa0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0x3c/0x420 kernel/softirq.c:163
 #12: ffff888028ca5590 (k-clock-AF_INET6){++..}-{3:3}, at: read_lock_bh include/linux/rwlock_rt.h:45 [inline]
 #12: ffff888028ca5590 (k-clock-AF_INET6){++..}-{3:3}, at: rds_tcp_data_ready+0x127/0x8e0 net/rds/tcp_recv.c:320
 #13: ffffffff8ddcd780 (rcu_read_lock){....}-{1:3}, at: rcu_lock_acquire include/linux/rcupdate.h:312 [inline]
 #13: ffffffff8ddcd780 (rcu_read_lock){....}-{1:3}, at: rcu_read_lock include/linux/rcupdate.h:850 [inline]
 #13: ffffffff8ddcd780 (rcu_read_lock){....}-{1:3}, at: rt_read_lock+0x277/0x4b0 kernel/locking/spinlock_rt.c:234

stack backtrace:
CPU: 0 UID: 0 PID: 11880 Comm: kworker/u8:24 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
Tainted: [L]=SOFTLOCKUP
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
Workqueue: krds_cp_wq#1/0 rds_send_worker
Call Trace:
 <TASK>
 dump_stack_lvl+0xe8/0x150 lib/dump_stack.c:120
 print_deadlock_bug+0x279/0x290 kernel/locking/lockdep.c:3041
 check_deadlock kernel/locking/lockdep.c:3093 [inline]
 validate_chain kernel/locking/lockdep.c:3895 [inline]
 __lock_acquire+0x253f/0x2cf0 kernel/locking/lockdep.c:5237
 lock_acquire+0xf0/0x2e0 kernel/locking/lockdep.c:5868
 lock_sock_nested+0x3e/0x130 net/core/sock.c:3780
 lock_sock include/net/sock.h:1709 [inline]
 inet6_getname+0x15d/0x650 net/ipv6/af_inet6.c:533
 rds_tcp_get_peer_sport net/rds/tcp_listen.c:70 [inline]
 rds_tcp_conn_slots_available+0x288/0x470 net/rds/tcp_listen.c:149
 rds_recv_hs_exthdrs+0x64f/0x800 net/rds/recv.c:265
 rds_recv_incoming+0x9f6/0x12e0 net/rds/recv.c:389
 rds_tcp_data_recv+0x816/0xa40 net/rds/tcp_recv.c:243
 __tcp_read_sock+0x196/0x970 net/ipv4/tcp.c:1702
 rds_tcp_read_sock net/rds/tcp_recv.c:277 [inline]
 rds_tcp_data_ready+0x32d/0x8e0 net/rds/tcp_recv.c:331
 tcp_data_queue+0x1e2e/0x5e50 net/ipv4/tcp_input.c:5719
 tcp_rcv_established+0xf45/0x2740 net/ipv4/tcp_input.c:6710
 tcp_v6_do_rcv+0x88b/0x1ac0 net/ipv6/tcp_ipv6.c:1609
 tcp_v6_rcv+0x2653/0x2f60 net/ipv6/tcp_ipv6.c:1879
 ip6_protocol_deliver_rcu+0xa73/0x1600 net/ipv6/ip6_input.c:438
 ip6_input_finish+0x191/0x370 net/ipv6/ip6_input.c:489
 NF_HOOK+0x336/0x3c0 include/linux/netfilter.h:318
 ip6_input+0x16a/0x270 net/ipv6/ip6_input.c:500
 NF_HOOK+0x336/0x3c0 include/linux/netfilter.h:318
 __netif_receive_skb_one_core net/core/dev.c:6156 [inline]
 __netif_receive_skb net/core/dev.c:6269 [inline]
 process_backlog+0x3ce/0xc60 net/core/dev.c:6621
 __napi_poll+0xaf/0x580 net/core/dev.c:7685
 napi_poll net/core/dev.c:7748 [inline]
 net_rx_action+0x696/0xe00 net/core/dev.c:7900
 handle_softirqs+0x1de/0x6f0 kernel/softirq.c:622
 __do_softirq kernel/softirq.c:656 [inline]
 __local_bh_enable_ip+0x170/0x2b0 kernel/softirq.c:302
 local_bh_enable include/linux/bottom_half.h:33 [inline]
 rcu_read_unlock_bh include/linux/rcupdate.h:924 [inline]
 __dev_queue_xmit+0x1eba/0x39e0 net/core/dev.c:4863
 NF_HOOK_COND include/linux/netfilter.h:307 [inline]
 ip6_output+0x340/0x550 net/ipv6/ip6_output.c:246
 NF_HOOK include/linux/netfilter.h:318 [inline]
 ip6_xmit+0x1149/0x1980 net/ipv6/ip6_output.c:358
 inet6_csk_xmit+0x3bd/0x6c0 net/ipv6/inet6_connection_sock.c:115
 __tcp_transmit_skb+0x249b/0x43e0 net/ipv4/tcp_output.c:1693
 tcp_transmit_skb net/ipv4/tcp_output.c:1711 [inline]
 tcp_write_xmit+0x16e8/0x6980 net/ipv4/tcp_output.c:3064
 __tcp_push_pending_frames+0x97/0x380 net/ipv4/tcp_output.c:3247
 tcp_push_pending_frames include/net/tcp.h:2282 [inline]
 __tcp_sock_set_cork net/ipv4/tcp.c:3688 [inline]
 tcp_sock_set_cork+0x186/0x2e0 net/ipv4/tcp.c:3695
 rds_send_xmit+0x2099/0x2910 net/rds/send.c:480
 rds_send_worker+0x7d/0x2e0 net/rds/threads.c:200
 process_one_work kernel/workqueue.c:3275 [inline]
 process_scheduled_works+0xb02/0x1830 kernel/workqueue.c:3358
 worker_thread+0xa50/0xfc0 kernel/workqueue.c:3439
 kthread+0x388/0x470 kernel/kthread.c:467
 ret_from_fork+0x51e/0xb90 arch/x86/kernel/process.c:158
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245
 </TASK>
BUG: sleeping function called from invalid context at net/core/sock.c:3782
in_atomic(): 0, irqs_disabled(): 0, non_block: 0, pid: 11880, name: kworker/u8:24
preempt_count: 0, expected: 0
RCU nest depth: 8, expected: 0
INFO: lockdep is turned off.
CPU: 0 UID: 0 PID: 11880 Comm: kworker/u8:24 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
Tainted: [L]=SOFTLOCKUP
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
Workqueue: krds_cp_wq#1/0 rds_send_worker
Call Trace:
 <TASK>
 dump_stack_lvl+0xe8/0x150 lib/dump_stack.c:120
 __might_resched+0x329/0x480 kernel/sched/core.c:8884
 lock_sock_nested+0x53/0x130 net/core/sock.c:3782
 lock_sock include/net/sock.h:1709 [inline]
 inet6_getname+0x15d/0x650 net/ipv6/af_inet6.c:533
 rds_tcp_get_peer_sport net/rds/tcp_listen.c:70 [inline]
 rds_tcp_conn_slots_available+0x288/0x470 net/rds/tcp_listen.c:149
 rds_recv_hs_exthdrs+0x64f/0x800 net/rds/recv.c:265
 rds_recv_incoming+0x9f6/0x12e0 net/rds/recv.c:389
 rds_tcp_data_recv+0x816/0xa40 net/rds/tcp_recv.c:243
 __tcp_read_sock+0x196/0x970 net/ipv4/tcp.c:1702
 rds_tcp_read_sock net/rds/tcp_recv.c:277 [inline]
 rds_tcp_data_ready+0x32d/0x8e0 net/rds/tcp_recv.c:331
 tcp_data_queue+0x1e2e/0x5e50 net/ipv4/tcp_input.c:5719
 tcp_rcv_established+0xf45/0x2740 net/ipv4/tcp_input.c:6710
 tcp_v6_do_rcv+0x88b/0x1ac0 net/ipv6/tcp_ipv6.c:1609
 tcp_v6_rcv+0x2653/0x2f60 net/ipv6/tcp_ipv6.c:1879
 ip6_protocol_deliver_rcu+0xa73/0x1600 net/ipv6/ip6_input.c:438
 ip6_input_finish+0x191/0x370 net/ipv6/ip6_input.c:489
 NF_HOOK+0x336/0x3c0 include/linux/netfilter.h:318
 ip6_input+0x16a/0x270 net/ipv6/ip6_input.c:500
 NF_HOOK+0x336/0x3c0 include/linux/netfilter.h:318
 __netif_receive_skb_one_core net/core/dev.c:6156 [inline]
 __netif_receive_skb net/core/dev.c:6269 [inline]
 process_backlog+0x3ce/0xc60 net/core/dev.c:6621
 __napi_poll+0xaf/0x580 net/core/dev.c:7685
 napi_poll net/core/dev.c:7748 [inline]
 net_rx_action+0x696/0xe00 net/core/dev.c:7900
 handle_softirqs+0x1de/0x6f0 kernel/softirq.c:622
 __do_softirq kernel/softirq.c:656 [inline]
 __local_bh_enable_ip+0x170/0x2b0 kernel/softirq.c:302
 local_bh_enable include/linux/bottom_half.h:33 [inline]
 rcu_read_unlock_bh include/linux/rcupdate.h:924 [inline]
 __dev_queue_xmit+0x1eba/0x39e0 net/core/dev.c:4863
 NF_HOOK_COND include/linux/netfilter.h:307 [inline]
 ip6_output+0x340/0x550 net/ipv6/ip6_output.c:246
 NF_HOOK include/linux/netfilter.h:318 [inline]
 ip6_xmit+0x1149/0x1980 net/ipv6/ip6_output.c:358
 inet6_csk_xmit+0x3bd/0x6c0 net/ipv6/inet6_connection_sock.c:115
 __tcp_transmit_skb+0x249b/0x43e0 net/ipv4/tcp_output.c:1693
 tcp_transmit_skb net/ipv4/tcp_output.c:1711 [inline]
 tcp_write_xmit+0x16e8/0x6980 net/ipv4/tcp_output.c:3064
 __tcp_push_pending_frames+0x97/0x380 net/ipv4/tcp_output.c:3247
 tcp_push_pending_frames include/net/tcp.h:2282 [inline]
 __tcp_sock_set_cork net/ipv4/tcp.c:3688 [inline]
 tcp_sock_set_cork+0x186/0x2e0 net/ipv4/tcp.c:3695
 rds_send_xmit+0x2099/0x2910 net/rds/send.c:480
 rds_send_worker+0x7d/0x2e0 net/rds/threads.c:200
 process_one_work kernel/workqueue.c:3275 [inline]
 process_scheduled_works+0xb02/0x1830 kernel/workqueue.c:3358
 worker_thread+0xa50/0xfc0 kernel/workqueue.c:3439
 kthread+0x388/0x470 kernel/kthread.c:467
 ret_from_fork+0x51e/0xb90 arch/x86/kernel/process.c:158
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245
 </TASK>