sd 0:0:1:0: [sg0] tag#237 CDB[40]: 2a 2d cf bd 89 4e 2c 00 b9 71 38 33 c4 31 91 3b
sd 0:0:1:0: [sg0] tag#237 CDB[50]: 1c 31 8f 54 39 65 bb d2 e7 2a 7f b0 63 fd da 36
sd 0:0:1:0: [sg0] tag#237 CDB[60]: b4 50 14 b0 40 f5 dd 73
============================================
WARNING: possible recursive locking detected
4.14.214-syzkaller #0 Not tainted
--------------------------------------------
syz-executor.0/22677 is trying to acquire lock:
 ((fb_notifier_list).rwsem){++++}, at: [<ffffffff8138ba23>] __blocking_notifier_call_chain kernel/notifier.c:316 [inline]
 ((fb_notifier_list).rwsem){++++}, at: [<ffffffff8138ba23>] __blocking_notifier_call_chain kernel/notifier.c:304 [inline]
 ((fb_notifier_list).rwsem){++++}, at: [<ffffffff8138ba23>] blocking_notifier_call_chain kernel/notifier.c:328 [inline]
 ((fb_notifier_list).rwsem){++++}, at: [<ffffffff8138ba23>] blocking_notifier_call_chain+0x63/0x90 kernel/notifier.c:325

but task is already holding lock:
 ((fb_notifier_list).rwsem){++++}, at: [<ffffffff8138ba23>] __blocking_notifier_call_chain kernel/notifier.c:316 [inline]
 ((fb_notifier_list).rwsem){++++}, at: [<ffffffff8138ba23>] __blocking_notifier_call_chain kernel/notifier.c:304 [inline]
 ((fb_notifier_list).rwsem){++++}, at: [<ffffffff8138ba23>] blocking_notifier_call_chain kernel/notifier.c:328 [inline]
 ((fb_notifier_list).rwsem){++++}, at: [<ffffffff8138ba23>] blocking_notifier_call_chain+0x63/0x90 kernel/notifier.c:325

other info that might help us debug this:
 Possible unsafe locking scenario:

       CPU0
       ----
  lock((fb_notifier_list).rwsem);
  lock((fb_notifier_list).rwsem);

 *** DEADLOCK ***

 May be due to missing lock nesting notation

3 locks held by syz-executor.0/22677:
 #0:  (console_lock){+.+.}, at: [<ffffffff833e67ca>] do_fb_ioctl+0x81a/0xa70 drivers/video/fbdev/core/fbmem.c:1212
 #1:  (&fb_info->lock){+.+.}, at: [<ffffffff833e67d4>] lock_fb_info drivers/video/fbdev/core/fbmem.c:81 [inline]
 #1:  (&fb_info->lock){+.+.}, at: [<ffffffff833e67d4>] do_fb_ioctl+0x824/0xa70 drivers/video/fbdev/core/fbmem.c:1213
 #2:  ((fb_notifier_list).rwsem){++++}, at: [<ffffffff8138ba23>] __blocking_notifier_call_chain kernel/notifier.c:316 [inline]
 #2:  ((fb_notifier_list).rwsem){++++}, at: [<ffffffff8138ba23>] __blocking_notifier_call_chain kernel/notifier.c:304 [inline]
 #2:  ((fb_notifier_list).rwsem){++++}, at: [<ffffffff8138ba23>] blocking_notifier_call_chain kernel/notifier.c:328 [inline]
 #2:  ((fb_notifier_list).rwsem){++++}, at: [<ffffffff8138ba23>] blocking_notifier_call_chain+0x63/0x90 kernel/notifier.c:325

stack backtrace:
CPU: 1 PID: 22677 Comm: syz-executor.0 Not tainted 4.14.214-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
 __dump_stack lib/dump_stack.c:17 [inline]
 dump_stack+0x1b2/0x283 lib/dump_stack.c:58
 print_deadlock_bug kernel/locking/lockdep.c:1800 [inline]
 check_deadlock kernel/locking/lockdep.c:1847 [inline]
 validate_chain kernel/locking/lockdep.c:2448 [inline]
 __lock_acquire.cold+0x180/0x97c kernel/locking/lockdep.c:3491
 lock_acquire+0x170/0x3f0 kernel/locking/lockdep.c:3998
 down_read+0x36/0x80 kernel/locking/rwsem.c:24
 __blocking_notifier_call_chain kernel/notifier.c:316 [inline]
 __blocking_notifier_call_chain kernel/notifier.c:304 [inline]
 blocking_notifier_call_chain kernel/notifier.c:328 [inline]
 blocking_notifier_call_chain+0x63/0x90 kernel/notifier.c:325
 fb_set_var+0xac5/0xc90 drivers/video/fbdev/core/fbmem.c:1054
 fbcon_switch+0x3d9/0x19d8 drivers/video/fbdev/core/fbcon.c:2063
 redraw_screen+0x32c/0x790 drivers/tty/vt/vt.c:689
 fbcon_blank+0x986/0xd50 drivers/video/fbdev/core/fbcon.c:2201
 do_unblank_screen+0x1fd/0x4e0 drivers/tty/vt/vt.c:3937
 fbcon_fb_blanked drivers/video/fbdev/core/fbcon.c:2925 [inline]
 fbcon_event_notify+0x1445/0x1760 drivers/video/fbdev/core/fbcon.c:3043
 notifier_call_chain+0x108/0x1a0 kernel/notifier.c:93
 __blocking_notifier_call_chain kernel/notifier.c:317 [inline]
 __blocking_notifier_call_chain kernel/notifier.c:304 [inline]
 blocking_notifier_call_chain kernel/notifier.c:328 [inline]
 blocking_notifier_call_chain+0x79/0x90 kernel/notifier.c:325
 fb_blank+0x14c/0x190 drivers/video/fbdev/core/fbmem.c:1082
 do_fb_ioctl+0x894/0xa70 drivers/video/fbdev/core/fbmem.c:1218
 fb_ioctl+0xdd/0x130 drivers/video/fbdev/core/fbmem.c:1242
 vfs_ioctl fs/ioctl.c:46 [inline]
 file_ioctl fs/ioctl.c:500 [inline]
 do_vfs_ioctl+0x75a/0xff0 fs/ioctl.c:684
 SYSC_ioctl fs/ioctl.c:701 [inline]
 SyS_ioctl+0x7f/0xb0 fs/ioctl.c:692
 do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292
 entry_SYSCALL_64_after_hwframe+0x46/0xbb
RIP: 0033:0x45e219
RSP: 002b:00007fa4c3508c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000000045e219
RDX: 0000000000000000 RSI: 0000000000004611 RDI: 0000000000000003
RBP: 000000000119bfc0 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 000000000119bf8c
R13: 00007fff3a8dd4df R14: 00007fa4c35099c0 R15: 000000000119bf8c
sd 0:0:1:0: [sg0] tag#236 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK
sd 0:0:1:0: [sg0] tag#236 CDB: Write Buffer
sd 0:0:1:0: [sg0] tag#236 CDB[00]: 3b 21 e4 70 64 5e 04 bb c0 16 fa 38 42 64 0a af
sd 0:0:1:0: [sg0] tag#236 CDB[10]: 93 a9 b9 35 76 2b 1c 5b fb 52 57 b5 2c 80 1f 8f
sd 0:0:1:0: [sg0] tag#236 CDB[20]: d5 8c 63 72 bd 18 68 fd e6 fc 39 95 58 ac 5f 63
sd 0:0:1:0: [sg0] tag#236 CDB[30]: 7a db 87 53 2d ac 28 80 c6 a6 5e 47 32 dc 89 12
sd 0:0:1:0: [sg0] tag#236 CDB[40]: 86 15 5f 81 bc 2e be 84 fc 00 6d a0 1a 1f 4e 60
sd 0:0:1:0: [sg0] tag#236 CDB[50]: d8 43 57 40 a8 13 28 d9 20 e9 52 c2 d1
base_sock_release(ffff88805f339580) sk=ffff88809e4b6400
base_sock_release(ffff88805f3885c0) sk=ffff8880aa7a4c00
base_sock_release(ffff88805f339100) sk=ffff88809d485440
uinput: write device info first
sd 0:0:1:0: [sg_rq_end_io] Sense Key : Illegal Request [current] 
sd 0:0:1:0: [sg_rq_end_io] Add. Sense: Invalid command operation code
PM: Marking nosave pages: [mem 0x00000000-0x00000fff]
PM: Marking nosave pages: [mem 0x0009f000-0x000fffff]
PM: Marking nosave pages: [mem 0xbfffd000-0xffffffff]
PM: Basic memory bitmaps created
PM: Basic memory bitmaps freed
PM: Marking nosave pages: [mem 0x00000000-0x00000fff]
PM: Marking nosave pages: [mem 0x0009f000-0x000fffff]
PM: Marking nosave pages: [mem 0xbfffd000-0xffffffff]
PM: Basic memory bitmaps created
PM: Basic memory bitmaps freed
base_sock_release(ffff888068aac040) sk=ffff8880aac975c0
base_sock_release(ffff88806715ca00) sk=ffff8880aa9e0480
base_sock_release(ffff888068a11640) sk=ffff8880abbe0280
base_sock_release(ffff8880682f51c0) sk=ffff8880a3826440