syzbot

============================================
WARNING: possible recursive locking detected
syzkaller #0 Not tainted
--------------------------------------------
syz.5.4004/22178 is trying to acquire lock:
ffffe8ffffd3bd38 (&pd_list->lock){+...}-{3:3}, at: spin_lock include/linux/spinlock.h:351 [inline]
ffffe8ffffd3bd38 (&pd_list->lock){+...}-{3:3}, at: padata_find_next kernel/padata.c:256 [inline]
ffffe8ffffd3bd38 (&pd_list->lock){+...}-{3:3}, at: padata_reorder kernel/padata.c:309 [inline]
ffffe8ffffd3bd38 (&pd_list->lock){+...}-{3:3}, at: padata_do_serial+0x73e/0xb80 kernel/padata.c:379

but task is already holding lock:
ffffe8ffffc3e938 (&pd_list->lock){+...}-{3:3}, at: spin_lock include/linux/spinlock.h:351 [inline]
ffffe8ffffc3e938 (&pd_list->lock){+...}-{3:3}, at: padata_reorder kernel/padata.c:300 [inline]
ffffe8ffffc3e938 (&pd_list->lock){+...}-{3:3}, at: padata_do_serial+0x5b5/0xb80 kernel/padata.c:379

other info that might help us debug this:
 Possible unsafe locking scenario:

       CPU0
       ----
  lock(&pd_list->lock);
  lock(&pd_list->lock);

 *** DEADLOCK ***

 May be due to missing lock nesting notation

12 locks held by syz.5.4004/22178:
 #0: ffff888043d0acf0 (&ctx->tx_lock){+.+.}-{4:4}, at: tls_sw_sendmsg+0x139/0x23d0 net/tls/tls_sw.c:1260
 #1: ffff88807e7faad8 (sk_lock-AF_INET6){+.+.}-{0:0}, at: lock_sock include/net/sock.h:1667 [inline]
 #1: ffff88807e7faad8 (sk_lock-AF_INET6){+.+.}-{0:0}, at: tls_sw_sendmsg+0x165/0x23d0 net/tls/tls_sw.c:1263
 #2: ffffffff8e139f40 (rcu_read_lock_bh){....}-{1:3}, at: local_bh_disable include/linux/bottom_half.h:20 [inline]
 #2: ffffffff8e139f40 (rcu_read_lock_bh){....}-{1:3}, at: rcu_read_lock_bh include/linux/rcupdate.h:892 [inline]
 #2: ffffffff8e139f40 (rcu_read_lock_bh){....}-{1:3}, at: padata_do_parallel+0x4b/0xab0 kernel/padata.c:188
 #3: ffffffff8e139f40 (rcu_read_lock_bh){....}-{1:3}, at: local_bh_disable include/linux/bottom_half.h:20 [inline]
 #3: ffffffff8e139f40 (rcu_read_lock_bh){....}-{1:3}, at: rcu_read_lock_bh include/linux/rcupdate.h:892 [inline]
 #3: ffffffff8e139f40 (rcu_read_lock_bh){....}-{1:3}, at: padata_do_parallel+0x4b/0xab0 kernel/padata.c:188
 #4: ffffffff8e139f40 (rcu_read_lock_bh){....}-{1:3}, at: local_bh_disable include/linux/bottom_half.h:20 [inline]
 #4: ffffffff8e139f40 (rcu_read_lock_bh){....}-{1:3}, at: rcu_read_lock_bh include/linux/rcupdate.h:892 [inline]
 #4: ffffffff8e139f40 (rcu_read_lock_bh){....}-{1:3}, at: padata_do_parallel+0x4b/0xab0 kernel/padata.c:188
 #5: ffffffff8e139f40 (rcu_read_lock_bh){....}-{1:3}, at: local_bh_disable include/linux/bottom_half.h:20 [inline]
 #5: ffffffff8e139f40 (rcu_read_lock_bh){....}-{1:3}, at: rcu_read_lock_bh include/linux/rcupdate.h:892 [inline]
 #5: ffffffff8e139f40 (rcu_read_lock_bh){....}-{1:3}, at: padata_do_parallel+0x4b/0xab0 kernel/padata.c:188
 #6: ffffffff8e139f40 (rcu_read_lock_bh){....}-{1:3}, at: local_bh_disable include/linux/bottom_half.h:20 [inline]
 #6: ffffffff8e139f40 (rcu_read_lock_bh){....}-{1:3}, at: rcu_read_lock_bh include/linux/rcupdate.h:892 [inline]
 #6: ffffffff8e139f40 (rcu_read_lock_bh){....}-{1:3}, at: padata_do_parallel+0x4b/0xab0 kernel/padata.c:188
 #7: ffffffff8e139f40 (rcu_read_lock_bh){....}-{1:3}, at: local_bh_disable include/linux/bottom_half.h:20 [inline]
 #7: ffffffff8e139f40 (rcu_read_lock_bh){....}-{1:3}, at: rcu_read_lock_bh include/linux/rcupdate.h:892 [inline]
 #7: ffffffff8e139f40 (rcu_read_lock_bh){....}-{1:3}, at: padata_do_parallel+0x4b/0xab0 kernel/padata.c:188
 #8: ffffffff8e139f40 (rcu_read_lock_bh){....}-{1:3}, at: local_bh_disable include/linux/bottom_half.h:20 [inline]
 #8: ffffffff8e139f40 (rcu_read_lock_bh){....}-{1:3}, at: rcu_read_lock_bh include/linux/rcupdate.h:892 [inline]
 #8: ffffffff8e139f40 (rcu_read_lock_bh){....}-{1:3}, at: padata_do_parallel+0x4b/0xab0 kernel/padata.c:188
 #9: ffffffff8e139f40 (rcu_read_lock_bh){....}-{1:3}, at: local_bh_disable include/linux/bottom_half.h:20 [inline]
 #9: ffffffff8e139f40 (rcu_read_lock_bh){....}-{1:3}, at: rcu_read_lock_bh include/linux/rcupdate.h:892 [inline]
 #9: ffffffff8e139f40 (rcu_read_lock_bh){....}-{1:3}, at: padata_do_parallel+0x4b/0xab0 kernel/padata.c:188
 #10: ffffffff8e139f40 (rcu_read_lock_bh){....}-{1:3}, at: local_bh_disable include/linux/bottom_half.h:20 [inline]
 #10: ffffffff8e139f40 (rcu_read_lock_bh){....}-{1:3}, at: rcu_read_lock_bh include/linux/rcupdate.h:892 [inline]
 #10: ffffffff8e139f40 (rcu_read_lock_bh){....}-{1:3}, at: padata_do_parallel+0x4b/0xab0 kernel/padata.c:188
 #11: ffffe8ffffc3e938 (&pd_list->lock){+...}-{3:3}, at: spin_lock include/linux/spinlock.h:351 [inline]
 #11: ffffe8ffffc3e938 (&pd_list->lock){+...}-{3:3}, at: padata_reorder kernel/padata.c:300 [inline]
 #11: ffffe8ffffc3e938 (&pd_list->lock){+...}-{3:3}, at: padata_do_serial+0x5b5/0xb80 kernel/padata.c:379

stack backtrace:
CPU: 1 UID: 0 PID: 22178 Comm: syz.5.4004 Not tainted syzkaller #0 PREEMPT(full) 
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
Call Trace:
 <TASK>
 dump_stack_lvl+0x189/0x250 lib/dump_stack.c:120
 print_deadlock_bug+0x28b/0x2a0 kernel/locking/lockdep.c:3041
 check_deadlock kernel/locking/lockdep.c:3093 [inline]
 validate_chain+0x1a3f/0x2140 kernel/locking/lockdep.c:3895
 __lock_acquire+0xab9/0xd20 kernel/locking/lockdep.c:5237
 lock_acquire+0x120/0x360 kernel/locking/lockdep.c:5868
 __raw_spin_lock include/linux/spinlock_api_smp.h:133 [inline]
 _raw_spin_lock+0x2e/0x40 kernel/locking/spinlock.c:154
 spin_lock include/linux/spinlock.h:351 [inline]
 padata_find_next kernel/padata.c:256 [inline]
 padata_reorder kernel/padata.c:309 [inline]
 padata_do_serial+0x73e/0xb80 kernel/padata.c:379
 padata_do_parallel+0x7ba/0xab0 kernel/padata.c:220
 pcrypt_aead_encrypt+0x2f1/0x400 crypto/pcrypt.c:117
 pcrypt_aead_enc+0x17/0x80 crypto/pcrypt.c:83
 padata_do_parallel+0x7ba/0xab0 kernel/padata.c:220
 pcrypt_aead_encrypt+0x2f1/0x400 crypto/pcrypt.c:117
 pcrypt_aead_enc+0x17/0x80 crypto/pcrypt.c:83
 padata_do_parallel+0x7ba/0xab0 kernel/padata.c:220
 pcrypt_aead_encrypt+0x2f1/0x400 crypto/pcrypt.c:117
 pcrypt_aead_enc+0x17/0x80 crypto/pcrypt.c:83
 padata_do_parallel+0x7ba/0xab0 kernel/padata.c:220
 pcrypt_aead_encrypt+0x2f1/0x400 crypto/pcrypt.c:117
 pcrypt_aead_enc+0x17/0x80 crypto/pcrypt.c:83
 padata_do_parallel+0x7ba/0xab0 kernel/padata.c:220
 pcrypt_aead_encrypt+0x2f1/0x400 crypto/pcrypt.c:117
 pcrypt_aead_enc+0x17/0x80 crypto/pcrypt.c:83
 padata_do_parallel+0x7ba/0xab0 kernel/padata.c:220
 pcrypt_aead_encrypt+0x2f1/0x400 crypto/pcrypt.c:117
 pcrypt_aead_enc+0x17/0x80 crypto/pcrypt.c:83
 padata_do_parallel+0x7ba/0xab0 kernel/padata.c:220
 pcrypt_aead_encrypt+0x2f1/0x400 crypto/pcrypt.c:117
 pcrypt_aead_enc+0x17/0x80 crypto/pcrypt.c:83
 padata_do_parallel+0x7ba/0xab0 kernel/padata.c:220
 pcrypt_aead_encrypt+0x2f1/0x400 crypto/pcrypt.c:117
 pcrypt_aead_enc+0x17/0x80 crypto/pcrypt.c:83
 padata_do_parallel+0x7ba/0xab0 kernel/padata.c:220
 pcrypt_aead_encrypt+0x2f1/0x400 crypto/pcrypt.c:117
 tls_do_encryption net/tls/tls_sw.c:582 [inline]
 tls_push_record+0x19c5/0x3770 net/tls/tls_sw.c:819
 bpf_exec_tx_verdict+0xefb/0x15e0 net/tls/tls_sw.c:859
 tls_sw_sendmsg_locked net/tls/tls_sw.c:1135 [inline]
 tls_sw_sendmsg+0x18db/0x23d0 net/tls/tls_sw.c:1264
 sock_sendmsg_nosec net/socket.c:714 [inline]
 __sock_sendmsg+0xe5/0x270 net/socket.c:729
 __sys_sendto+0x3bd/0x520 net/socket.c:2228
 __do_sys_sendto net/socket.c:2235 [inline]
 __se_sys_sendto net/socket.c:2231 [inline]
 __x64_sys_sendto+0xde/0x100 net/socket.c:2231
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0xfa/0x3b0 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7fe35d38ebe9
Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007fe35e205038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
RAX: ffffffffffffffda RBX: 00007fe35d5b6180 RCX: 00007fe35d38ebe9
RDX: ffffffffffffff13 RSI: 00002000000001c0 RDI: 0000000000000006
RBP: 00007fe35d411e19 R08: 0000000000000000 R09: 0000000003000137
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 00007fe35d5b6218 R14: 00007fe35d5b6180 R15: 00007fe35d6dfa28
 </TASK>