WARNING: CPU: 0 PID: 9 at net/ipv4/tcp_input.c:2474 tcp_cwnd_reduction+0x30e/0x370 net/ipv4/tcp_input.c:2474 Kernel panic - not syncing: panic_on_warn set ... CPU: 0 PID: 9 Comm: ksoftirqd/0 Not tainted 4.19.211-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x1fc/0x2ef lib/dump_stack.c:118 panic+0x26a/0x50e kernel/panic.c:186 __warn.cold+0x20/0x5a kernel/panic.c:541 report_bug+0x262/0x2b0 lib/bug.c:183 fixup_bug arch/x86/kernel/traps.c:178 [inline] fixup_bug arch/x86/kernel/traps.c:173 [inline] do_error_trap+0x1d7/0x310 arch/x86/kernel/traps.c:296 invalid_op+0x14/0x20 arch/x86/entry/entry_64.S:1038 RIP: 0010:tcp_cwnd_reduction+0x30e/0x370 net/ipv4/tcp_input.c:2474 Code: 29 eb e9 6f ff ff ff e8 90 38 88 fa 8b 44 24 14 44 29 e8 39 e8 0f 4d e8 83 c5 01 39 dd 0f 4e dd e9 51 ff ff ff e8 72 38 88 fa <0f> 0b eb a1 e8 c9 14 be fa e9 47 fd ff ff e8 bf 14 be fa e9 ea fe RSP: 0018:ffff8880b5a5f3d0 EFLAGS: 00010206 RAX: ffff8880b5a4c240 RBX: ffffffff8b287200 RCX: ffffffff86da4a64 RDX: 0000000000000100 RSI: ffffffff86da4cfe RDI: 0000000000000005 RBP: 0000000000000006 R08: ffff8880b5a5f5d0 R09: 0000000000000000 R10: 0000000000000005 R11: 0000000000000000 R12: 0000000000000000 R13: 0000000000005526 R14: ffff8880b315e280 R15: ffff8880b315e280 tcp_cong_control net/ipv4/tcp_input.c:3326 [inline] tcp_ack+0x3e8a/0x51d0 net/ipv4/tcp_input.c:3719 tcp_rcv_established+0x66b/0x1ef0 net/ipv4/tcp_input.c:5670 tcp_v6_do_rcv+0xe1e/0x1370 net/ipv6/tcp_ipv6.c:1348 tcp_v6_rcv+0x26b8/0x3990 net/ipv6/tcp_ipv6.c:1577 ip6_input_finish+0x46a/0x17a0 net/ipv6/ip6_input.c:385 NF_HOOK include/linux/netfilter.h:289 [inline] ip6_input+0xcf/0x3c0 net/ipv6/ip6_input.c:428 dst_input include/net/dst.h:461 [inline] ip6_rcv_finish+0x1d9/0x2f0 net/ipv6/ip6_input.c:76 NF_HOOK include/linux/netfilter.h:289 [inline] ipv6_rcv+0xf2/0x3f0 net/ipv6/ip6_input.c:273 __netif_receive_skb_one_core+0x114/0x180 net/core/dev.c:4954 __netif_receive_skb+0x27/0x1c0 net/core/dev.c:5066 process_backlog+0x241/0x700 net/core/dev.c:5849 napi_poll net/core/dev.c:6280 [inline] net_rx_action+0x4ac/0xfb0 net/core/dev.c:6346 __do_softirq+0x265/0x980 kernel/softirq.c:292 run_ksoftirqd+0x57/0x110 kernel/softirq.c:653 smpboot_thread_fn+0x655/0x9e0 kernel/smpboot.c:164 kthread+0x33f/0x460 kernel/kthread.c:259 ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:415 Kernel Offset: disabled ================================ WARNING: inconsistent lock state 4.19.211-syzkaller #0 Not tainted -------------------------------- inconsistent {SOFTIRQ-ON-W} -> {IN-SOFTIRQ-R} usage. ksoftirqd/0/9 [HC0[0]:SC1[1]:HE0:SE0] takes: 00000000702bdba8 ((fb_notifier_list).rwsem){+++?}, at: __blocking_notifier_call_chain kernel/notifier.c:316 [inline] 00000000702bdba8 ((fb_notifier_list).rwsem){+++?}, at: __blocking_notifier_call_chain kernel/notifier.c:304 [inline] 00000000702bdba8 ((fb_notifier_list).rwsem){+++?}, at: blocking_notifier_call_chain kernel/notifier.c:328 [inline] 00000000702bdba8 ((fb_notifier_list).rwsem){+++?}, at: blocking_notifier_call_chain+0x6f/0xa0 kernel/notifier.c:325 {SOFTIRQ-ON-W} state was registered at: down_write+0x34/0x90 kernel/locking/rwsem.c:70 blocking_notifier_chain_register+0x78/0x350 kernel/notifier.c:226 fb_console_init+0x1c/0x305 drivers/video/fbdev/core/fbcon.c:3432 fbmem_init+0x105/0x126 drivers/video/fbdev/core/fbmem.c:1932 do_one_initcall+0xf1/0x740 init/main.c:884 do_initcall_level init/main.c:952 [inline] do_initcalls init/main.c:960 [inline] do_basic_setup init/main.c:978 [inline] kernel_init_freeable+0x9c5/0xab7 init/main.c:1145 kernel_init+0xd/0x1ba init/main.c:1062 ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:415 irq event stamp: 10512835 hardirqs last enabled at (10512834): [] __raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:160 [inline] hardirqs last enabled at (10512834): [] _raw_spin_unlock_irqrestore+0x79/0xe0 kernel/locking/spinlock.c:184 hardirqs last disabled at (10512835): [] trace_hardirqs_off_thunk+0x1a/0x1c softirqs last enabled at (10512236): [] __do_softirq+0x678/0x980 kernel/softirq.c:318 softirqs last disabled at (10512241): [] run_ksoftirqd+0x57/0x110 kernel/softirq.c:653 other info that might help us debug this: Possible unsafe locking scenario: CPU0 ---- lock((fb_notifier_list).rwsem); lock((fb_notifier_list).rwsem); *** DEADLOCK *** 3 locks held by ksoftirqd/0/9: #0: 00000000677ea4f7 (rcu_read_lock){....}, at: __write_once_size include/linux/compiler.h:290 [inline] #0: 00000000677ea4f7 (rcu_read_lock){....}, at: __skb_unlink include/linux/skbuff.h:1920 [inline] #0: 00000000677ea4f7 (rcu_read_lock){....}, at: __skb_dequeue include/linux/skbuff.h:1936 [inline] #0: 00000000677ea4f7 (rcu_read_lock){....}, at: process_backlog+0x1d0/0x700 net/core/dev.c:5847 #1: 00000000677ea4f7 (rcu_read_lock){....}, at: ip6_input_finish+0x0/0x17a0 include/linux/skbuff.h:898 #2: 00000000157a3872 (slock-AF_INET6/1){+.-.}, at: tcp_v6_rcv+0x246b/0x3990 net/ipv6/tcp_ipv6.c:1573 stack backtrace: CPU: 0 PID: 9 Comm: ksoftirqd/0 Not tainted 4.19.211-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x1fc/0x2ef lib/dump_stack.c:118 print_usage_bug.cold+0x42e/0x570 kernel/locking/lockdep.c:2545 valid_state kernel/locking/lockdep.c:2558 [inline] mark_lock_irq kernel/locking/lockdep.c:2752 [inline] mark_lock+0xc70/0x1160 kernel/locking/lockdep.c:3132 mark_irqflags kernel/locking/lockdep.c:3002 [inline] __lock_acquire+0x10ed/0x3ff0 kernel/locking/lockdep.c:3373 lock_acquire+0x170/0x3c0 kernel/locking/lockdep.c:3908 down_read+0x36/0x80 kernel/locking/rwsem.c:24 __blocking_notifier_call_chain kernel/notifier.c:316 [inline] __blocking_notifier_call_chain kernel/notifier.c:304 [inline] blocking_notifier_call_chain kernel/notifier.c:328 [inline] blocking_notifier_call_chain+0x6f/0xa0 kernel/notifier.c:325 fb_blank+0xb5/0x1d0 drivers/video/fbdev/core/fbmem.c:1074 fbcon_blank+0x932/0xec0 drivers/video/fbdev/core/fbcon.c:2221 do_unblank_screen+0x241/0x610 drivers/tty/vt/vt.c:4294 panic+0x313/0x50e kernel/panic.c:239 __warn.cold+0x20/0x5a kernel/panic.c:541 report_bug+0x262/0x2b0 lib/bug.c:183 fixup_bug arch/x86/kernel/traps.c:178 [inline] fixup_bug arch/x86/kernel/traps.c:173 [inline] do_error_trap+0x1d7/0x310 arch/x86/kernel/traps.c:296 invalid_op+0x14/0x20 arch/x86/entry/entry_64.S:1038 RIP: 0010:tcp_cwnd_reduction+0x30e/0x370 net/ipv4/tcp_input.c:2474 Code: 29 eb e9 6f ff ff ff e8 90 38 88 fa 8b 44 24 14 44 29 e8 39 e8 0f 4d e8 83 c5 01 39 dd 0f 4e dd e9 51 ff ff ff e8 72 38 88 fa <0f> 0b eb a1 e8 c9 14 be fa e9 47 fd ff ff e8 bf 14 be fa e9 ea fe RSP: 0018:ffff8880b5a5f3d0 EFLAGS: 00010206 RAX: ffff8880b5a4c240 RBX: ffffffff8b287200 RCX: ffffffff86da4a64 RDX: 0000000000000100 RSI: ffffffff86da4cfe RDI: 0000000000000005 RBP: 0000000000000006 R08: ffff8880b5a5f5d0 R09: 0000000000000000 R10: 0000000000000005 R11: 0000000000000000 R12: 0000000000000000 R13: 0000000000005526 R14: ffff8880b315e280 R15: ffff8880b315e280 tcp_cong_control net/ipv4/tcp_input.c:3326 [inline] tcp_ack+0x3e8a/0x51d0 net/ipv4/tcp_input.c:3719 tcp_rcv_established+0x66b/0x1ef0 net/ipv4/tcp_input.c:5670 tcp_v6_do_rcv+0xe1e/0x1370 net/ipv6/tcp_ipv6.c:1348 tcp_v6_rcv+0x26b8/0x3990 net/ipv6/tcp_ipv6.c:1577 ip6_input_finish+0x46a/0x17a0 net/ipv6/ip6_input.c:385 NF_HOOK include/linux/netfilter.h:289 [inline] ip6_input+0xcf/0x3c0 net/ipv6/ip6_input.c:428 dst_input include/net/dst.h:461 [inline] ip6_rcv_finish+0x1d9/0x2f0 net/ipv6/ip6_input.c:76 NF_HOOK include/linux/netfilter.h:289 [inline] ipv6_rcv+0xf2/0x3f0 net/ipv6/ip6_input.c:273 __netif_receive_skb_one_core+0x114/0x180 net/core/dev.c:4954 __netif_receive_skb+0x27/0x1c0 net/core/dev.c:5066 process_backlog+0x241/0x700 net/core/dev.c:5849 napi_poll net/core/dev.c:6280 [inline] net_rx_action+0x4ac/0xfb0 net/core/dev.c:6346 __do_softirq+0x265/0x980 kernel/softirq.c:292 run_ksoftirqd+0x57/0x110 kernel/softirq.c:653 smpboot_thread_fn+0x655/0x9e0 kernel/smpboot.c:164 kthread+0x33f/0x460 kernel/kthread.c:259 ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:415 Rebooting in 86400 seconds..