ip6_tunnel: ip6tnl1 xmit: Local address not yet configured! ip6_tunnel: ip6tnl1 xmit: Local address not yet configured! INFO: task syz-executor1:8901 blocked for more than 140 seconds. Not tainted 4.9.135+ #11 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. syz-executor1 D28392 8901 2084 0xa0020002 ffff8801cbb65f00 0000000000000000 ffff8801c6a31b80 ffff8801cbbd2f80 ffff8801db721018 ffff8801d2dcf7f8 ffffffff827f3192 0000000000000000 ffff8801cbb667b0 ffffed003976ccf5 00ff8801cbb65f00 ffff8801db7218f0 Call Trace: [] schedule+0x7f/0x1b0 kernel/sched/core.c:3553 [] schedule_preempt_disabled+0x13/0x20 kernel/sched/core.c:3586 [] __mutex_lock_common kernel/locking/mutex.c:582 [inline] [] mutex_lock_nested+0x38d/0x900 kernel/locking/mutex.c:621 [] evdev_flush+0x72/0x120 drivers/input/evdev.c:350 [] filp_close+0xa7/0x140 fs/open.c:1129 [] close_files fs/file.c:406 [inline] [] put_files_struct+0x151/0x250 fs/file.c:434 [] exit_files+0x83/0xb0 fs/file.c:463 [] do_exit+0x75f/0x29d0 kernel/exit.c:828 [] do_group_exit+0x111/0x300 kernel/exit.c:937 [] get_signal+0x4e1/0x1460 kernel/signal.c:2321 [] do_signal+0x95/0x1b00 arch/x86/kernel/signal.c:807 [] exit_to_usermode_loop+0x10e/0x150 arch/x86/entry/common.c:158 [] prepare_exit_to_usermode arch/x86/entry/common.c:194 [inline] [] syscall_return_slowpath arch/x86/entry/common.c:263 [inline] [] do_syscall_32_irqs_on arch/x86/entry/common.c:334 [inline] [] do_fast_syscall_32+0x6dc/0xa10 arch/x86/entry/common.c:390 [] entry_SYSENTER_compat+0x90/0xa2 arch/x86/entry/entry_64_compat.S:137 Showing all locks held in the system: 2 locks held by khungtaskd/24: #0: (rcu_read_lock){......}, at: [] check_hung_uninterruptible_tasks kernel/hung_task.c:168 [inline] #0: (rcu_read_lock){......}, at: [] watchdog+0x11c/0xa20 kernel/hung_task.c:239 #1: (tasklist_lock){.+.+..}, at: [] debug_show_all_locks+0x79/0x218 kernel/locking/lockdep.c:4336 2 locks held by getty/2022: #0: (&tty->ldisc_sem){++++++}, at: [] ldsem_down_read+0x32/0x40 drivers/tty/tty_ldsem.c:367 #1: (&ldata->atomic_read_lock){+.+...}, at: [] n_tty_read+0x202/0x16e0 drivers/tty/n_tty.c:2142 1 lock held by syz-executor1/8901: #0: (&evdev->mutex){+.+.+.}, at: [] evdev_flush+0x72/0x120 drivers/input/evdev.c:350 1 lock held by syz-executor1/8925: #0: (&evdev->mutex){+.+.+.}, at: [] evdev_flush+0x72/0x120 drivers/input/evdev.c:350 1 lock held by syz-executor1/19692: #0: (&evdev->mutex){+.+.+.}, at: [] evdev_flush+0x72/0x120 drivers/input/evdev.c:350 1 lock held by syz-executor1/19707: #0: (&evdev->mutex){+.+.+.}, at: [] evdev_flush+0x72/0x120 drivers/input/evdev.c:350 1 lock held by syz-executor1/19755: #0: (&evdev->mutex){+.+.+.}, at: [] evdev_flush+0x72/0x120 drivers/input/evdev.c:350 ============================================= NMI backtrace for cpu 1 CPU: 1 PID: 24 Comm: khungtaskd Not tainted 4.9.135+ #11 ffff8801d9907d08 ffffffff81b36bf9 0000000000000000 0000000000000001 0000000000000001 0000000000000001 ffffffff81098330 ffff8801d9907d40 ffffffff81b41d09 0000000000000001 0000000000000000 0000000000000003 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xc1/0x128 lib/dump_stack.c:51 [] nmi_cpu_backtrace.cold.0+0x48/0x87 lib/nmi_backtrace.c:99 [] nmi_trigger_cpumask_backtrace+0x12c/0x151 lib/nmi_backtrace.c:60 [] arch_trigger_cpumask_backtrace+0x14/0x20 arch/x86/kernel/apic/hw_nmi.c:37 [] trigger_all_cpu_backtrace include/linux/nmi.h:58 [inline] [] check_hung_task kernel/hung_task.c:125 [inline] [] check_hung_uninterruptible_tasks kernel/hung_task.c:182 [inline] [] watchdog+0x6ad/0xa20 kernel/hung_task.c:239 [] kthread+0x26d/0x300 kernel/kthread.c:211 [] ret_from_fork+0x5c/0x70 arch/x86/entry/entry_64.S:373 Sending NMI from CPU 1 to CPUs 0: NMI backtrace for cpu 0 CPU: 0 PID: 15900 Comm: syz-executor0 Not tainted 4.9.135+ #11 task: ffff8801d24117c0 task.stack: ffff8801a1738000 RIP: 0010:[] c [] task_irq_context kernel/locking/lockdep.c:2968 [inline] RIP: 0010:[] c [] __lock_acquire+0x3dd/0x4a10 kernel/locking/lockdep.c:3290 RSP: 0018:ffff8801a173f490 EFLAGS: 00000046 RAX: 0000000000000000 RBX: ffff8801d24120c0 RCX: 0000000000000002 RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff8801d24120e4 RBP: ffff8801a173f638 R08: 0000000000000001 R09: 0000000000000001 R10: ffff8801d24117c0 R11: 1ffff1003a482417 R12: 0000000000000028 R13: 0000000000000002 R14: ffff8801d241205c R15: 0000000000000000 FS: 0000000000000000(0000) GS:ffff8801db600000(0063) knlGS:00000000f5783b40 CS: 0010 DS: 002b ES: 002b CR0: 0000000080050033 CR2: 0000000020408000 CR3: 00000001d1074000 CR4: 00000000001606b0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Stack: ffff8801d241205cc 0000000000000000c ffff8801a173f660c ffffffff81207714c ffffffff81167805c ffff8801d1ba7290c ffff8801a173f688c ffffffff81430461c ffffea0006007f80c ffff8801d2412098c 0000000000000028c 0000000000000001c Call Trace: [] lock_acquire+0x130/0x3e0 kernel/locking/lockdep.c:3756 [] seqcount_lockdep_reader_access include/linux/seqlock.h:80 [inline] [] read_seqcount_begin include/linux/seqlock.h:163 [inline] [] current_kernel_time64+0xa5/0x120 kernel/time/timekeeping.c:2222 [] current_kernel_time include/linux/timekeeping.h:43 [inline] [] current_time+0x16/0xd0 fs/inode.c:2122 [] file_update_time+0x100/0x390 fs/inode.c:1847 [] __generic_file_write_iter+0x1ca/0x540 mm/filemap.c:2828 [] generic_file_write_iter+0x37a/0x620 mm/filemap.c:2906 [] vfs_iter_write+0x2d7/0x450 fs/read_write.c:390 [] iter_file_splice_write+0x5fb/0xb30 fs/splice.c:768 [] do_splice_from fs/splice.c:870 [inline] [] direct_splice_actor+0x128/0x190 fs/splice.c:1037 [] splice_direct_to_actor+0x2c1/0x7e0 fs/splice.c:992 [] do_splice_direct+0x1a3/0x270 fs/splice.c:1080 [] do_sendfile+0x4f0/0xc30 fs/read_write.c:1393 [] C_SYSC_sendfile fs/read_write.c:1469 [inline] [] compat_SyS_sendfile+0xd1/0x160 fs/read_write.c:1458 [] do_syscall_32_irqs_on arch/x86/entry/common.c:328 [inline] [] do_fast_syscall_32+0x2f1/0xa10 arch/x86/entry/common.c:390 [] entry_SYSENTER_compat+0x90/0xa2 arch/x86/entry/entry_64_compat.S:137 Code: cdf c0f cb6 c34 c16 c4c c89 cf2 c83 ce2 c07 c83 cc2 c03 c40 c38 cf2 c7c c09 c40 c84 cf6 c0f c85 ca5 c11 c00 c00 c41 c8b cb2 c9c c08 c00 c00 c48 c8d c7b c24 c31 cd2 c85 cf6 c<44> c89 cfe c0f c95 cc2 cc1 ce6 c07 c01 cc2 c0f cb6 c43 c21 c83 ce2 c03 cc1 ce2 c05 c