ip6_tunnel: ip6tnl51 xmit: Local address not yet configured! ip6_tunnel: ip6tnl34 xmit: Local address not yet configured! ip6_tunnel: ip6tnl42 xmit: Local address not yet configured! ip6_tunnel: ip6tnl8 xmit: Local address not yet configured! ip6_tunnel: ip6tnl3 xmit: Local address not yet configured! INFO: task syz-executor4:21438 blocked for more than 140 seconds. Not tainted 4.9.142+ #73 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. syz-executor4 D28136 21438 2124 0x00000004 ffff8801d084df00 ffff8801d273ee00 ffff8801a1886880 ffff8801cea9c740 ffff8801db721018 ffff8801ca3cfa40 ffffffff82808912 ffff8801ca3cfa18 ffffffff81206e77 0000000000000000 00ff8801d084e7a8 ffff8801db7218f0 Call Trace: [] schedule+0x7f/0x1b0 kernel/sched/core.c:3553 [] __rwsem_down_write_failed_common kernel/locking/rwsem-xadd.c:526 [inline] [] rwsem_down_write_failed+0x39a/0x730 kernel/locking/rwsem-xadd.c:555 [] call_rwsem_down_write_failed+0x17/0x30 arch/x86/lib/rwsem.S:105 [] __down_write arch/x86/include/asm/rwsem.h:125 [inline] [] down_write+0x5c/0xa0 kernel/locking/rwsem.c:54 [] inode_lock include/linux/fs.h:768 [inline] [] lock_mount+0x8c/0x2c0 fs/namespace.c:2113 [] do_add_mount+0x27/0x330 fs/namespace.c:2496 [] do_new_mount fs/namespace.c:2563 [inline] [] do_mount+0x1330/0x28a0 fs/namespace.c:2871 [] SYSC_mount fs/namespace.c:3087 [inline] [] SyS_mount+0xea/0x100 fs/namespace.c:3064 [] do_syscall_64+0x19f/0x550 arch/x86/entry/common.c:285 [] entry_SYSCALL_64_after_swapgs+0x5d/0xdb Showing all locks held in the system: 2 locks held by khungtaskd/24: #0: (rcu_read_lock){......}, at: [] check_hung_uninterruptible_tasks kernel/hung_task.c:168 [inline] #0: (rcu_read_lock){......}, at: [] watchdog+0x11c/0xa20 kernel/hung_task.c:239 #1: (tasklist_lock){.+.+..}, at: [] debug_show_all_locks+0x79/0x218 kernel/locking/lockdep.c:4336 2 locks held by getty/2028: #0: (&tty->ldisc_sem){++++++}, at: [] ldsem_down_read+0x32/0x40 drivers/tty/tty_ldsem.c:367 #1: (&ldata->atomic_read_lock){+.+...}, at: [] n_tty_read+0x202/0x1830 drivers/tty/n_tty.c:2156 1 lock held by syz-executor4/21438: #0: (&type->i_mutex_dir_key#8){++++++}, at: [] inode_lock include/linux/fs.h:768 [inline] #0: (&type->i_mutex_dir_key#8){++++++}, at: [] lock_mount+0x8c/0x2c0 fs/namespace.c:2113 2 locks held by syz-executor4/21444: #0: (sb_writers#13){.+.+.+}, at: [] sb_start_write include/linux/fs.h:1575 [inline] #0: (sb_writers#13){.+.+.+}, at: [] mnt_want_write+0x3f/0xb0 fs/namespace.c:391 #1: (&type->i_mutex_dir_key#7/1){+.+.+.}, at: [] inode_lock_nested include/linux/fs.h:803 [inline] #1: (&type->i_mutex_dir_key#7/1){+.+.+.}, at: [] filename_create+0x17a/0x480 fs/namei.c:3686 ============================================= NMI backtrace for cpu 1 CPU: 1 PID: 24 Comm: khungtaskd Not tainted 4.9.142+ #73 ffff8801d9907d08 ffffffff81b43969 0000000000000000 0000000000000001 0000000000000001 0000000000000001 ffffffff810983b0 ffff8801d9907d40 ffffffff81b4ea79 0000000000000001 0000000000000000 0000000000000003 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xc1/0x128 lib/dump_stack.c:51 [] nmi_cpu_backtrace.cold.0+0x48/0x87 lib/nmi_backtrace.c:99 [] nmi_trigger_cpumask_backtrace+0x12c/0x151 lib/nmi_backtrace.c:60 [] arch_trigger_cpumask_backtrace+0x14/0x20 arch/x86/kernel/apic/hw_nmi.c:37 [] trigger_all_cpu_backtrace include/linux/nmi.h:58 [inline] [] check_hung_task kernel/hung_task.c:125 [inline] [] check_hung_uninterruptible_tasks kernel/hung_task.c:182 [inline] [] watchdog+0x6ad/0xa20 kernel/hung_task.c:239 [] kthread+0x26d/0x300 kernel/kthread.c:211 [] ret_from_fork+0x5c/0x70 arch/x86/entry/entry_64.S:373 Sending NMI from CPU 1 to CPUs 0: NMI backtrace for cpu 0 CPU: 0 PID: 21429 Comm: syz-executor4 Not tainted 4.9.142+ #73 task: ffff8801d38d2f80 task.stack: ffff88012bd30000 RIP: 0010:[] c [] ___might_sleep+0x42/0x260 kernel/sched/core.c:7954 RSP: 0018:ffff88012bd37880 EFLAGS: 00000246 RAX: 0000000000000000 RBX: ffff8801d38d2f80 RCX: ffffed003a71a705 RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000246 RBP: ffff88012bd378a8 R08: ffff8801d38d3830 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 R13: ffffffff82afce40 R14: 00000000000001de R15: ffff8801cae4a708 FS: 00007f81ae4f0700(0000) GS:ffff8801db600000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000000000000401 CR3: 00000001a41e5000 CR4: 00000000001606b0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Stack: ffff8801d38d2f80c ffffffff82afce40c 00000000000001dec 0000000000000000c ffff8801cae4a708c ffff88012bd378e8c ffffffff81167c85c ffffffff81167c00c ffff8801cae4a6d8c ffff8801cae4a6d8c ffffed00395c94e1c dffffc0000000000c Call Trace: [] __might_sleep+0x95/0x1a0 kernel/sched/core.c:7945 [] request_wait_answer+0x124/0x820 fs/fuse/dev.c:477 [] __fuse_request_send+0x109/0x1b0 fs/fuse/dev.c:498 [] fuse_request_send+0x5d/0x70 fs/fuse/dev.c:511 [] fuse_simple_request+0x2f4/0x660 fs/fuse/dev.c:569 [] fuse_lookup_name+0x253/0x5d0 fs/fuse/dir.c:369 [] fuse_lookup+0xf3/0x3b0 fs/fuse/dir.c:407 [] lookup_real fs/namei.c:1563 [inline] [] __lookup_hash+0x11c/0x190 fs/namei.c:1583 [] filename_create+0x1a6/0x480 fs/namei.c:3687 [] user_path_create fs/namei.c:3744 [inline] [] SYSC_mkdirat fs/namei.c:3888 [inline] [] SyS_mkdirat+0xbb/0x240 fs/namei.c:3880 [] do_syscall_64+0x19f/0x550 arch/x86/entry/common.c:285 [] entry_SYSCALL_64_after_swapgs+0x5d/0xdb Code: c35 cc3 c0d c00 c85 cc0 c74 c0d c80 c3d c6a c4c c27 c02 c00 c0f c84 cc7 c01 c00 c00 ce8 c1f cc3 c0d c00 c85 cc0 c74 c0d c80 c3d c53 c4c c27 c02 c00 c0f c84 c79 c01 c00 c00 c<65> c8b c1d cb7 c03 ceb c7e c65 c4c c8b c3c c25 c00 c7e c01 c00 c49 c8d cbf cd8 c03 c