IPv6: ADDRCONF(NETDEV_UP): batadv_slave_1: link is not ready batman_adv: batadv0: Interface activated: batadv_slave_1 IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready BUG: sleeping function called from invalid context at drivers/tty/vt/vt.c:2245 in_atomic(): 1, irqs_disabled(): 1, pid: 9561, name: syz-executor.2 3 locks held by syz-executor.2/9561: #0: (&tty->ldisc_sem){++++}, at: [] tty_ldisc_ref_wait+0x22/0x80 drivers/tty/tty_ldisc.c:284 #1: (&(&gsm->control_lock)->rlock){....}, at: [] gsm_control_send+0xf6/0x480 drivers/tty/n_gsm.c:1434 #2: (&(&gsm->tx_lock)->rlock){....}, at: [] gsm_data_queue drivers/tty/n_gsm.c:845 [inline] #2: (&(&gsm->tx_lock)->rlock){....}, at: [] gsm_control_transmit+0x1f1/0x2d0 drivers/tty/n_gsm.c:1375 irq event stamp: 24 hardirqs last enabled at (23): [] __raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:160 [inline] hardirqs last enabled at (23): [] _raw_spin_unlock_irqrestore+0x79/0xe0 kernel/locking/spinlock.c:192 hardirqs last disabled at (24): [] __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:108 [inline] hardirqs last disabled at (24): [] _raw_spin_lock_irqsave+0x66/0xc0 kernel/locking/spinlock.c:160 softirqs last enabled at (0): [] copy_process.part.0+0x12d0/0x71c0 kernel/fork.c:1734 softirqs last disabled at (0): [< (null)>] (null) Preemption disabled at: [< (null)>] (null) CPU: 1 PID: 9561 Comm: syz-executor.2 Not tainted 4.14.305-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x1b2/0x281 lib/dump_stack.c:58 ___might_sleep.cold+0x235/0x250 kernel/sched/core.c:6040 do_con_write+0xd0/0x19b0 drivers/tty/vt/vt.c:2245 con_write+0x21/0xa0 drivers/tty/vt/vt.c:2822 gsmld_output+0xc3/0x190 drivers/tty/n_gsm.c:2312 gsm_data_kick+0x266/0x9b0 drivers/tty/n_gsm.c:761 gsm_data_queue drivers/tty/n_gsm.c:846 [inline] gsm_control_transmit+0x1ff/0x2d0 drivers/tty/n_gsm.c:1375 gsm_control_send+0x38a/0x480 drivers/tty/n_gsm.c:1451 gsm_disconnect drivers/tty/n_gsm.c:2110 [inline] gsmld_config.constprop.0+0x568/0xf90 drivers/tty/n_gsm.c:2636 gsmld_ioctl+0x375/0x410 drivers/tty/n_gsm.c:2700 tty_ioctl+0x5af/0x1430 drivers/tty/tty_io.c:2670 vfs_ioctl fs/ioctl.c:46 [inline] file_ioctl fs/ioctl.c:500 [inline] do_vfs_ioctl+0x75a/0xff0 fs/ioctl.c:684 SYSC_ioctl fs/ioctl.c:701 [inline] SyS_ioctl+0x7f/0xb0 fs/ioctl.c:692 do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292 entry_SYSCALL_64_after_hwframe+0x5e/0xd3 RIP: 0033:0x7f2545cfb0f9 RSP: 002b:00007f254424c168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 RAX: ffffffffffffffda RBX: 00007f2545e1b050 RCX: 00007f2545cfb0f9 RDX: 0000000020000040 RSI: 00000000404c4701 RDI: 0000000000000003 RBP: 00007f2545d56ae9 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 R13: 00007ffd3cc8204f R14: 00007f254424c300 R15: 0000000000022000 ======================================================== WARNING: possible irq lock inversion dependency detected 4.14.305-syzkaller #0 Tainted: G W -------------------------------------------------------- syz-executor.2/9561 just changed the state of lock: (&(&gsm->control_lock)->rlock){..-.}, at: [] gsm_control_retransmit+0x25/0x2c0 drivers/tty/n_gsm.c:1394 but this lock took another, SOFTIRQ-unsafe lock in the past: (console_lock){+.+.} and interrupts could create inverse lock ordering between them. other info that might help us debug this: Chain exists of: &(&gsm->control_lock)->rlock --> &(&gsm->tx_lock)->rlock --> console_lock Possible interrupt unsafe locking scenario: CPU0 CPU1 ---- ---- lock(console_lock); local_irq_disable(); lock(&(&gsm->control_lock)->rlock); lock(&(&gsm->tx_lock)->rlock); lock(&(&gsm->control_lock)->rlock); *** DEADLOCK *** 2 locks held by syz-executor.2/9561: #0: (&tty->ldisc_sem){++++}, at: [] tty_ldisc_ref_wait+0x22/0x80 drivers/tty/tty_ldisc.c:284 #1: (((&gsm->t2_timer))){+.-.}, at: [] lockdep_copy_map include/linux/lockdep.h:174 [inline] #1: (((&gsm->t2_timer))){+.-.}, at: [] call_timer_fn+0xb8/0x650 kernel/time/timer.c:1270 the shortest dependencies between 2nd lock and 1st lock: -> (console_lock){+.+.} ops: 5133 { HARDIRQ-ON-W at: lock_acquire+0x170/0x3f0 kernel/locking/lockdep.c:3998 console_lock+0x42/0x70 kernel/printk/printk.c:2228 con_init+0x12/0x5d6 drivers/tty/vt/vt.c:3022 console_init+0x46/0x53 kernel/printk/printk.c:2809 start_kernel+0x521/0x763 init/main.c:638 secondary_startup_64+0xa5/0xb0 arch/x86/kernel/head_64.S:240 SOFTIRQ-ON-W at: lock_acquire+0x170/0x3f0 kernel/locking/lockdep.c:3998 console_lock+0x42/0x70 kernel/printk/printk.c:2228 con_init+0x12/0x5d6 drivers/tty/vt/vt.c:3022 console_init+0x46/0x53 kernel/printk/printk.c:2809 start_kernel+0x521/0x763 init/main.c:638 secondary_startup_64+0xa5/0xb0 arch/x86/kernel/head_64.S:240 INITIAL USE at: } ... key at: [] console_lock_dep_map+0x0/0x40 ... acquired at: console_lock+0x42/0x70 kernel/printk/printk.c:2228 do_con_write+0xd5/0x19b0 drivers/tty/vt/vt.c:2247 con_write+0x21/0xa0 drivers/tty/vt/vt.c:2822 gsmld_output+0xc3/0x190 drivers/tty/n_gsm.c:2312 gsm_data_kick+0x266/0x9b0 drivers/tty/n_gsm.c:761 gsm_data_queue drivers/tty/n_gsm.c:846 [inline] gsm_control_transmit+0x1ff/0x2d0 drivers/tty/n_gsm.c:1375 gsm_control_send+0x38a/0x480 drivers/tty/n_gsm.c:1451 gsm_disconnect drivers/tty/n_gsm.c:2110 [inline] gsmld_config.constprop.0+0x568/0xf90 drivers/tty/n_gsm.c:2636 gsmld_ioctl+0x375/0x410 drivers/tty/n_gsm.c:2700 tty_ioctl+0x5af/0x1430 drivers/tty/tty_io.c:2670 vfs_ioctl fs/ioctl.c:46 [inline] file_ioctl fs/ioctl.c:500 [inline] do_vfs_ioctl+0x75a/0xff0 fs/ioctl.c:684 SYSC_ioctl fs/ioctl.c:701 [inline] SyS_ioctl+0x7f/0xb0 fs/ioctl.c:692 do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292 entry_SYSCALL_64_after_hwframe+0x5e/0xd3 -> (&(&gsm->tx_lock)->rlock){....} ops: 1 { INITIAL USE at: lock_acquire+0x170/0x3f0 kernel/locking/lockdep.c:3998 __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:110 [inline] _raw_spin_lock_irqsave+0x8c/0xc0 kernel/locking/spinlock.c:160 gsm_data_queue drivers/tty/n_gsm.c:845 [inline] gsm_control_transmit+0x1f1/0x2d0 drivers/tty/n_gsm.c:1375 gsm_control_send+0x38a/0x480 drivers/tty/n_gsm.c:1451 gsm_disconnect drivers/tty/n_gsm.c:2110 [inline] gsmld_config.constprop.0+0x568/0xf90 drivers/tty/n_gsm.c:2636 gsmld_ioctl+0x375/0x410 drivers/tty/n_gsm.c:2700 tty_ioctl+0x5af/0x1430 drivers/tty/tty_io.c:2670 vfs_ioctl fs/ioctl.c:46 [inline] file_ioctl fs/ioctl.c:500 [inline] do_vfs_ioctl+0x75a/0xff0 fs/ioctl.c:684 SYSC_ioctl fs/ioctl.c:701 [inline] SyS_ioctl+0x7f/0xb0 fs/ioctl.c:692 do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292 entry_SYSCALL_64_after_hwframe+0x5e/0xd3 } ... key at: [] __key.4+0x0/0x40 ... acquired at: __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:110 [inline] _raw_spin_lock_irqsave+0x8c/0xc0 kernel/locking/spinlock.c:160 gsm_data_queue drivers/tty/n_gsm.c:845 [inline] gsm_control_transmit+0x1f1/0x2d0 drivers/tty/n_gsm.c:1375 gsm_control_send+0x38a/0x480 drivers/tty/n_gsm.c:1451 gsm_disconnect drivers/tty/n_gsm.c:2110 [inline] gsmld_config.constprop.0+0x568/0xf90 drivers/tty/n_gsm.c:2636 gsmld_ioctl+0x375/0x410 drivers/tty/n_gsm.c:2700 tty_ioctl+0x5af/0x1430 drivers/tty/tty_io.c:2670 vfs_ioctl fs/ioctl.c:46 [inline] file_ioctl fs/ioctl.c:500 [inline] do_vfs_ioctl+0x75a/0xff0 fs/ioctl.c:684 SYSC_ioctl fs/ioctl.c:701 [inline] SyS_ioctl+0x7f/0xb0 fs/ioctl.c:692 do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292 entry_SYSCALL_64_after_hwframe+0x5e/0xd3 -> (&(&gsm->control_lock)->rlock){..-.} ops: 2 { IN-SOFTIRQ-W at: lock_acquire+0x170/0x3f0 kernel/locking/lockdep.c:3998 __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:110 [inline] _raw_spin_lock_irqsave+0x8c/0xc0 kernel/locking/spinlock.c:160 gsm_control_retransmit+0x25/0x2c0 drivers/tty/n_gsm.c:1394 call_timer_fn+0x14a/0x650 kernel/time/timer.c:1280 expire_timers+0x232/0x4d0 kernel/time/timer.c:1319 __run_timers kernel/time/timer.c:1637 [inline] run_timer_softirq+0x1d5/0x5a0 kernel/time/timer.c:1650 __do_softirq+0x24d/0x9ff kernel/softirq.c:288 invoke_softirq kernel/softirq.c:368 [inline] irq_exit+0x193/0x240 kernel/softirq.c:409 exiting_irq arch/x86/include/asm/apic.h:638 [inline] smp_apic_timer_interrupt+0x141/0x5e0 arch/x86/kernel/apic/apic.c:1106 apic_timer_interrupt+0x93/0xa0 arch/x86/entry/entry_64.S:796 arch_local_irq_restore arch/x86/include/asm/paravirt.h:779 [inline] __raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:160 [inline] _raw_spin_unlock_irqrestore+0xa3/0xe0 kernel/locking/spinlock.c:192 spin_unlock_irqrestore include/linux/spinlock.h:372 [inline] prepare_to_wait_event+0x12d/0x6a0 kernel/sched/wait.c:303 gsm_control_wait+0x16a/0x1c0 drivers/tty/n_gsm.c:1469 gsm_disconnect drivers/tty/n_gsm.c:2112 [inline] gsmld_config.constprop.0+0x580/0xf90 drivers/tty/n_gsm.c:2636 gsmld_ioctl+0x375/0x410 drivers/tty/n_gsm.c:2700 tty_ioctl+0x5af/0x1430 drivers/tty/tty_io.c:2670 vfs_ioctl fs/ioctl.c:46 [inline] file_ioctl fs/ioctl.c:500 [inline] do_vfs_ioctl+0x75a/0xff0 fs/ioctl.c:684 SYSC_ioctl fs/ioctl.c:701 [inline] SyS_ioctl+0x7f/0xb0 fs/ioctl.c:692 do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292 entry_SYSCALL_64_after_hwframe+0x5e/0xd3 INITIAL USE at: lock_acquire+0x170/0x3f0 kernel/locking/lockdep.c:3998 __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:110 [inline] _raw_spin_lock_irqsave+0x8c/0xc0 kernel/locking/spinlock.c:160 gsm_control_send+0xf6/0x480 drivers/tty/n_gsm.c:1434 gsm_disconnect drivers/tty/n_gsm.c:2110 [inline] gsmld_config.constprop.0+0x568/0xf90 drivers/tty/n_gsm.c:2636 gsmld_ioctl+0x375/0x410 drivers/tty/n_gsm.c:2700 tty_ioctl+0x5af/0x1430 drivers/tty/tty_io.c:2670 vfs_ioctl fs/ioctl.c:46 [inline] file_ioctl fs/ioctl.c:500 [inline] do_vfs_ioctl+0x75a/0xff0 fs/ioctl.c:684 SYSC_ioctl fs/ioctl.c:701 [inline] SyS_ioctl+0x7f/0xb0 fs/ioctl.c:692 do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292 entry_SYSCALL_64_after_hwframe+0x5e/0xd3 } ... key at: [] __key.5+0x0/0x40 ... acquired at: mark_lock_irq kernel/locking/lockdep.c:2804 [inline] mark_lock+0x3c7/0x1050 kernel/locking/lockdep.c:3194 mark_irqflags kernel/locking/lockdep.c:3072 [inline] __lock_acquire+0xc81/0x3f20 kernel/locking/lockdep.c:3448 lock_acquire+0x170/0x3f0 kernel/locking/lockdep.c:3998 __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:110 [inline] _raw_spin_lock_irqsave+0x8c/0xc0 kernel/locking/spinlock.c:160 gsm_control_retransmit+0x25/0x2c0 drivers/tty/n_gsm.c:1394 call_timer_fn+0x14a/0x650 kernel/time/timer.c:1280 expire_timers+0x232/0x4d0 kernel/time/timer.c:1319 __run_timers kernel/time/timer.c:1637 [inline] run_timer_softirq+0x1d5/0x5a0 kernel/time/timer.c:1650 __do_softirq+0x24d/0x9ff kernel/softirq.c:288 invoke_softirq kernel/softirq.c:368 [inline] irq_exit+0x193/0x240 kernel/softirq.c:409 exiting_irq arch/x86/include/asm/apic.h:638 [inline] smp_apic_timer_interrupt+0x141/0x5e0 arch/x86/kernel/apic/apic.c:1106 apic_timer_interrupt+0x93/0xa0 arch/x86/entry/entry_64.S:796 arch_local_irq_restore arch/x86/include/asm/paravirt.h:779 [inline] __raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:160 [inline] _raw_spin_unlock_irqrestore+0xa3/0xe0 kernel/locking/spinlock.c:192 spin_unlock_irqrestore include/linux/spinlock.h:372 [inline] prepare_to_wait_event+0x12d/0x6a0 kernel/sched/wait.c:303 gsm_control_wait+0x16a/0x1c0 drivers/tty/n_gsm.c:1469 gsm_disconnect drivers/tty/n_gsm.c:2112 [inline] gsmld_config.constprop.0+0x580/0xf90 drivers/tty/n_gsm.c:2636 gsmld_ioctl+0x375/0x410 drivers/tty/n_gsm.c:2700 tty_ioctl+0x5af/0x1430 drivers/tty/tty_io.c:2670 vfs_ioctl fs/ioctl.c:46 [inline] file_ioctl fs/ioctl.c:500 [inline] do_vfs_ioctl+0x75a/0xff0 fs/ioctl.c:684 SYSC_ioctl fs/ioctl.c:701 [inline] SyS_ioctl+0x7f/0xb0 fs/ioctl.c:692 do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292 entry_SYSCALL_64_after_hwframe+0x5e/0xd3 stack backtrace: CPU: 1 PID: 9561 Comm: syz-executor.2 Tainted: G W 4.14.305-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x1b2/0x281 lib/dump_stack.c:58 print_irq_inversion_bug.cold+0x313/0x346 kernel/locking/lockdep.c:2670 check_usage_forwards+0x18f/0x2d0 kernel/locking/lockdep.c:2695 mark_lock_irq kernel/locking/lockdep.c:2804 [inline] mark_lock+0x3c7/0x1050 kernel/locking/lockdep.c:3194 mark_irqflags kernel/locking/lockdep.c:3072 [inline] __lock_acquire+0xc81/0x3f20 kernel/locking/lockdep.c:3448 lock_acquire+0x170/0x3f0 kernel/locking/lockdep.c:3998 __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:110 [inline] _raw_spin_lock_irqsave+0x8c/0xc0 kernel/locking/spinlock.c:160 gsm_control_retransmit+0x25/0x2c0 drivers/tty/n_gsm.c:1394 call_timer_fn+0x14a/0x650 kernel/time/timer.c:1280 expire_timers+0x232/0x4d0 kernel/time/timer.c:1319 __run_timers kernel/time/timer.c:1637 [inline] run_timer_softirq+0x1d5/0x5a0 kernel/time/timer.c:1650 __do_softirq+0x24d/0x9ff kernel/softirq.c:288 invoke_softirq kernel/softirq.c:368 [inline] irq_exit+0x193/0x240 kernel/softirq.c:409 exiting_irq arch/x86/include/asm/apic.h:638 [inline] smp_apic_timer_interrupt+0x141/0x5e0 arch/x86/kernel/apic/apic.c:1106 apic_timer_interrupt+0x93/0xa0 arch/x86/entry/entry_64.S:796 RIP: 0010:arch_local_irq_restore arch/x86/include/asm/paravirt.h:779 [inline] RIP: 0010:__raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:160 [inline] RIP: 0010:_raw_spin_unlock_irqrestore+0xa3/0xe0 kernel/locking/spinlock.c:192 RSP: 0018:ffff88804f1978c8 EFLAGS: 00000286 ORIG_RAX: ffffffffffffff10 RAX: 1ffffffff11e13d9 RBX: 0000000000000286 RCX: 1ffff1101251d9dd RDX: dffffc0000000000 RSI: ffff8880928ecec8 RDI: 0000000000000286 RBP: ffff88804ff881c8 R08: ffff88804ff88200 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000000 R12: ffff88804ff881c8 R13: 1ffff11009e32f20 R14: 0000000000000286 R15: 0000000000000000 spin_unlock_irqrestore include/linux/spinlock.h:372 [inline] prepare_to_wait_event+0x12d/0x6a0 kernel/sched/wait.c:303 gsm_control_wait+0x16a/0x1c0 drivers/tty/n_gsm.c:1469 gsm_disconnect drivers/tty/n_gsm.c:2112 [inline] gsmld_config.constprop.0+0x580/0xf90 drivers/tty/n_gsm.c:2636 gsmld_ioctl+0x375/0x410 drivers/tty/n_gsm.c:2700 tty_ioctl+0x5af/0x1430 drivers/tty/tty_io.c:2670 vfs_ioctl fs/ioctl.c:46 [inline] file_ioctl fs/ioctl.c:500 [inline] do_vfs_ioctl+0x75a/0xff0 fs/ioctl.c:684 SYSC_ioctl fs/ioctl.c:701 [inline] SyS_ioctl+0x7f/0xb0 fs/ioctl.c:692 do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292 entry_SYSCALL_64_after_hwframe+0x5e/0xd3 RIP: 0033:0x7f2545cfb0f9 RSP: 002b:00007f254424c168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 RAX: ffffffffffffffda RBX: 00007f2545e1b050 RCX: 00007f2545cfb0f9 RDX: 0000000020000040 RSI: 00000000404c4701 RDI: 0000000000000003 RBP: 00007f2545d56ae9 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 R13: 00007ffd3cc8204f R14: 00007f254424c300 R15: 0000000000022000 batman_adv: batadv0: Adding interface: gretap1 batman_adv: batadv0: The MTU of interface gretap1 is too small (1438) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. batman_adv: batadv0: Not using interface gretap1 (retrying later): interface not active kvm: vcpu 0: requested 128 ns lapic timer period limited to 500000 ns BUG: sleeping function called from invalid context at drivers/tty/vt/vt.c:2245 batman_adv: batadv0: Adding interface: gretap2 in_atomic(): 1, irqs_disabled(): 1, pid: 9759, name: syz-executor.2 INFO: lockdep is turned off. irq event stamp: 0 hardirqs last enabled at (0): [< (null)>] (null) hardirqs last disabled at (0): [] copy_process.part.0+0x1229/0x71c0 kernel/fork.c:1731 softirqs last enabled at (0): [] copy_process.part.0+0x12d0/0x71c0 kernel/fork.c:1734 softirqs last disabled at (0): [< (null)>] (null) Preemption disabled at: [< (null)>] (null) CPU: 1 PID: 9759 Comm: syz-executor.2 Tainted: G W 4.14.305-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x1b2/0x281 lib/dump_stack.c:58 ___might_sleep.cold+0x235/0x250 kernel/sched/core.c:6040 do_con_write+0xd0/0x19b0 drivers/tty/vt/vt.c:2245 con_write+0x21/0xa0 drivers/tty/vt/vt.c:2822 gsmld_output+0xc3/0x190 drivers/tty/n_gsm.c:2312 gsm_data_kick+0x266/0x9b0 drivers/tty/n_gsm.c:761 gsm_data_queue drivers/tty/n_gsm.c:846 [inline] gsm_control_transmit+0x1ff/0x2d0 drivers/tty/n_gsm.c:1375 gsm_control_send+0x38a/0x480 drivers/tty/n_gsm.c:1451 gsm_disconnect drivers/tty/n_gsm.c:2110 [inline] gsmld_config.constprop.0+0x568/0xf90 drivers/tty/n_gsm.c:2636 gsmld_ioctl+0x375/0x410 drivers/tty/n_gsm.c:2700 tty_ioctl+0x5af/0x1430 drivers/tty/tty_io.c:2670 vfs_ioctl fs/ioctl.c:46 [inline] file_ioctl fs/ioctl.c:500 [inline] do_vfs_ioctl+0x75a/0xff0 fs/ioctl.c:684 SYSC_ioctl fs/ioctl.c:701 [inline] SyS_ioctl+0x7f/0xb0 fs/ioctl.c:692 do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292 entry_SYSCALL_64_after_hwframe+0x5e/0xd3 RIP: 0033:0x7f2545cfb0f9 RSP: 002b:00007f254424c168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 RAX: ffffffffffffffda RBX: 00007f2545e1b050 RCX: 00007f2545cfb0f9 RDX: 0000000020000040 RSI: 00000000404c4701 RDI: 0000000000000003 RBP: 00007f2545d56ae9 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 R13: 00007ffd3cc8204f R14: 00007f254424c300 R15: 0000000000022000 batman_adv: batadv0: The MTU of interface gretap2 is too small (1412) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. ISO 9660 Extensions: Microsoft Joliet Level 3 ISOFS: changing to secondary root batman_adv: batadv0: Not using interface gretap2 (retrying later): interface not active batman_adv: batadv0: Adding interface: gretap1 batman_adv: batadv0: The MTU of interface gretap1 is too small (1462) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. batman_adv: batadv0: Not using interface gretap1 (retrying later): interface not active kvm: vcpu 0: requested 128 ns lapic timer period limited to 500000 ns batman_adv: batadv0: Adding interface: gretap2 batman_adv: batadv0: The MTU of interface gretap2 is too small (1462) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. BUG: sleeping function called from invalid context at drivers/tty/vt/vt.c:2245 in_atomic(): 1, irqs_disabled(): 1, pid: 9961, name: syz-executor.2 INFO: lockdep is turned off. irq event stamp: 0 hardirqs last enabled at (0): [< (null)>] (null) hardirqs last disabled at (0): [] copy_process.part.0+0x1229/0x71c0 kernel/fork.c:1731 softirqs last enabled at (0): [] copy_process.part.0+0x12d0/0x71c0 kernel/fork.c:1734 softirqs last disabled at (0): [< (null)>] (null) Preemption disabled at: [< (null)>] (null) CPU: 0 PID: 9961 Comm: syz-executor.2 Tainted: G W 4.14.305-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x1b2/0x281 lib/dump_stack.c:58 ___might_sleep.cold+0x235/0x250 kernel/sched/core.c:6040 do_con_write+0xd0/0x19b0 drivers/tty/vt/vt.c:2245 con_write+0x21/0xa0 drivers/tty/vt/vt.c:2822 gsmld_output+0xc3/0x190 drivers/tty/n_gsm.c:2312 gsm_data_kick+0x266/0x9b0 drivers/tty/n_gsm.c:761 gsm_data_queue drivers/tty/n_gsm.c:846 [inline] gsm_control_transmit+0x1ff/0x2d0 drivers/tty/n_gsm.c:1375 gsm_control_send+0x38a/0x480 drivers/tty/n_gsm.c:1451 gsm_disconnect drivers/tty/n_gsm.c:2110 [inline] gsmld_config.constprop.0+0x568/0xf90 drivers/tty/n_gsm.c:2636 gsmld_ioctl+0x375/0x410 drivers/tty/n_gsm.c:2700 ISO 9660 Extensions: Microsoft Joliet Level 3 tty_ioctl+0x5af/0x1430 drivers/tty/tty_io.c:2670 vfs_ioctl fs/ioctl.c:46 [inline] file_ioctl fs/ioctl.c:500 [inline] do_vfs_ioctl+0x75a/0xff0 fs/ioctl.c:684 SYSC_ioctl fs/ioctl.c:701 [inline] SyS_ioctl+0x7f/0xb0 fs/ioctl.c:692 do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292 entry_SYSCALL_64_after_hwframe+0x5e/0xd3 RIP: 0033:0x7f2545cfb0f9 RSP: 002b:00007f254424c168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 RAX: ffffffffffffffda RBX: 00007f2545e1b050 RCX: 00007f2545cfb0f9 RDX: 0000000020000040 RSI: 00000000404c4701 RDI: 0000000000000003 RBP: 00007f2545d56ae9 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 R13: 00007ffd3cc8204f R14: 00007f254424c300 R15: 0000000000022000 batman_adv: batadv0: Not using interface gretap2 (retrying later): interface not active ISOFS: changing to secondary root batman_adv: batadv0: Adding interface: gretap3 batman_adv: batadv0: The MTU of interface gretap3 is too small (1462) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. batman_adv: batadv0: Not using interface gretap3 (retrying later): interface not active batman_adv: batadv0: Adding interface: gretap4 batman_adv: batadv0: The MTU of interface gretap4 is too small (1414) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. ISO 9660 Extensions: Microsoft Joliet Level 3 BUG: sleeping function called from invalid context at drivers/tty/vt/vt.c:2245 in_atomic(): 1, irqs_disabled(): 1, pid: 10163, name: syz-executor.2 INFO: lockdep is turned off. irq event stamp: 0 hardirqs last enabled at (0): [< (null)>] (null) batman_adv: batadv0: Not using interface gretap4 (retrying later): interface not active hardirqs last disabled at (0): [] copy_process.part.0+0x1229/0x71c0 kernel/fork.c:1731 softirqs last enabled at (0): [] copy_process.part.0+0x12d0/0x71c0 kernel/fork.c:1734 softirqs last disabled at (0): [< (null)>] (null) Preemption disabled at: [< (null)>] (null) CPU: 1 PID: 10163 Comm: syz-executor.2 Tainted: G W 4.14.305-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x1b2/0x281 lib/dump_stack.c:58 ___might_sleep.cold+0x235/0x250 kernel/sched/core.c:6040 do_con_write+0xd0/0x19b0 drivers/tty/vt/vt.c:2245 batman_adv: batadv0: Adding interface: gretap3 batman_adv: batadv0: The MTU of interface gretap3 is too small (1462) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. batman_adv: batadv0: Not using interface gretap3 (retrying later): interface not active con_write+0x21/0xa0 drivers/tty/vt/vt.c:2822 gsmld_output+0xc3/0x190 drivers/tty/n_gsm.c:2312 gsm_data_kick+0x266/0x9b0 drivers/tty/n_gsm.c:761 gsm_data_queue drivers/tty/n_gsm.c:846 [inline] gsm_control_transmit+0x1ff/0x2d0 drivers/tty/n_gsm.c:1375 gsm_control_send+0x38a/0x480 drivers/tty/n_gsm.c:1451 gsm_disconnect drivers/tty/n_gsm.c:2110 [inline] gsmld_config.constprop.0+0x568/0xf90 drivers/tty/n_gsm.c:2636 gsmld_ioctl+0x375/0x410 drivers/tty/n_gsm.c:2700 tty_ioctl+0x5af/0x1430 drivers/tty/tty_io.c:2670 vfs_ioctl fs/ioctl.c:46 [inline] file_ioctl fs/ioctl.c:500 [inline] do_vfs_ioctl+0x75a/0xff0 fs/ioctl.c:684 SYSC_ioctl fs/ioctl.c:701 [inline] SyS_ioctl+0x7f/0xb0 fs/ioctl.c:692 do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292 entry_SYSCALL_64_after_hwframe+0x5e/0xd3 RIP: 0033:0x7f2545cfb0f9 RSP: 002b:00007f254424c168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 RAX: ffffffffffffffda RBX: 00007f2545e1b050 RCX: 00007f2545cfb0f9 RDX: 0000000020000040 RSI: 00000000404c4701 RDI: 0000000000000003 RBP: 00007f2545d56ae9 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 R13: 00007ffd3cc8204f R14: 00007f254424c300 R15: 0000000000022000 ISOFS: changing to secondary root ====================================================== WARNING: the mand mount option is being deprecated and will be removed in v5.15! ====================================================== IPVS: ftp: loaded support on port[0] = 21 UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)