ip6_tunnel: ip6tnl1 xmit: Local address not yet configured! ip6_tunnel: ip6tnl1 xmit: Local address not yet configured! INFO: task syz-executor1:10408 blocked for more than 140 seconds. Not tainted 4.9.146+ #84 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. syz-executor1 D28816 10408 2111 0x90000004 ffff8801a2472f80 ffff8801a0b66880 ffff8801a0d3ee00 ffff8801d98c97c0 ffff8801db721018 ffff8801a1587840 ffffffff8280a0f2 ffff8801a1587818 ffffffff81206f07 0000000000000000 00ff8801a2473828 ffff8801db7218f0 Call Trace: [] schedule+0x7f/0x1b0 kernel/sched/core.c:3553 [] rwsem_down_read_failed+0x26c/0x400 kernel/locking/rwsem-xadd.c:260 [] call_rwsem_down_read_failed+0x18/0x30 arch/x86/lib/rwsem.S:94 [] __down_read arch/x86/include/asm/rwsem.h:65 [inline] [] down_read+0x52/0xb0 kernel/locking/rwsem.c:24 [] exit_mm kernel/exit.c:480 [inline] [] do_exit+0x3c6/0x2a50 kernel/exit.c:820 [] do_group_exit+0x111/0x300 kernel/exit.c:937 [] get_signal+0x4e1/0x1460 kernel/signal.c:2321 [] do_signal+0x95/0x1b00 arch/x86/kernel/signal.c:807 [] exit_to_usermode_loop+0x10e/0x150 arch/x86/entry/common.c:158 [] prepare_exit_to_usermode arch/x86/entry/common.c:194 [inline] [] syscall_return_slowpath arch/x86/entry/common.c:263 [inline] [] do_syscall_64+0x3e2/0x550 arch/x86/entry/common.c:290 [] entry_SYSCALL_64_after_swapgs+0x5d/0xdb Showing all locks held in the system: 2 locks held by khungtaskd/24: #0: (rcu_read_lock){......}, at: [] check_hung_uninterruptible_tasks kernel/hung_task.c:168 [inline] #0: (rcu_read_lock){......}, at: [] watchdog+0x11c/0xa20 kernel/hung_task.c:239 #1: (tasklist_lock){.+.+..}, at: [] debug_show_all_locks+0x79/0x218 kernel/locking/lockdep.c:4336 2 locks held by getty/2023: #0: (&tty->ldisc_sem){++++++}, at: [] ldsem_down_read+0x32/0x40 drivers/tty/tty_ldsem.c:367 #1: (&ldata->atomic_read_lock){+.+...}, at: [] n_tty_read+0x202/0x1830 drivers/tty/n_tty.c:2156 1 lock held by syz-executor1/10408: #0: (&mm->mmap_sem){++++++}, at: [] exit_mm kernel/exit.c:480 [inline] #0: (&mm->mmap_sem){++++++}, at: [] do_exit+0x3c6/0x2a50 kernel/exit.c:820 1 lock held by syz-executor1/10411: #0: (&mm->mmap_sem){++++++}, at: [] exit_mm kernel/exit.c:480 [inline] #0: (&mm->mmap_sem){++++++}, at: [] do_exit+0x3c6/0x2a50 kernel/exit.c:820 1 lock held by syz-executor1/10414: #0: (&mm->mmap_sem){++++++}, at: [] exit_mm kernel/exit.c:480 [inline] #0: (&mm->mmap_sem){++++++}, at: [] do_exit+0x3c6/0x2a50 kernel/exit.c:820 1 lock held by syz-executor1/10418: #0: (&mm->mmap_sem){++++++}, at: [] exit_mm kernel/exit.c:480 [inline] #0: (&mm->mmap_sem){++++++}, at: [] do_exit+0x3c6/0x2a50 kernel/exit.c:820 ============================================= NMI backtrace for cpu 0 CPU: 0 PID: 24 Comm: khungtaskd Not tainted 4.9.146+ #84 ffff8801d9907d08 ffffffff81b43aa9 0000000000000000 0000000000000000 0000000000000000 0000000000000001 ffffffff81098440 ffff8801d9907d40 ffffffff81b4ebb9 0000000000000000 0000000000000000 0000000000000003 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xc1/0x128 lib/dump_stack.c:51 [] nmi_cpu_backtrace.cold.0+0x48/0x87 lib/nmi_backtrace.c:99 [] nmi_trigger_cpumask_backtrace+0x12c/0x151 lib/nmi_backtrace.c:60 [] arch_trigger_cpumask_backtrace+0x14/0x20 arch/x86/kernel/apic/hw_nmi.c:37 [] trigger_all_cpu_backtrace include/linux/nmi.h:58 [inline] [] check_hung_task kernel/hung_task.c:125 [inline] [] check_hung_uninterruptible_tasks kernel/hung_task.c:182 [inline] [] watchdog+0x6ad/0xa20 kernel/hung_task.c:239 [] kthread+0x26d/0x300 kernel/kthread.c:211 [] ret_from_fork+0x5c/0x70 arch/x86/entry/entry_64.S:373 Sending NMI from CPU 0 to CPUs 1: NMI backtrace for cpu 1 CPU: 1 PID: 10431 Comm: syz-executor1 Not tainted 4.9.146+ #84 task: ffff8801a20f97c0 task.stack: ffff8801da5d0000 RIP: 0010:[] c [] strlen+0x23/0xa0 lib/string.c:481 RSP: 0000:ffff8801da5d7990 EFLAGS: 00000086 RAX: 0000000000000000 RBX: ffff8801cbedc740 RCX: 0000000000000000 RDX: 1ffffffff05526c0 RSI: ffff8801cbedc740 RDI: ffffffff82a93600 RBP: ffff8801da5d79a8 R08: ffff8801a20fa0b8 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000000 R12: ffffffff82a93600 R13: ffffffff830bdb80 R14: ffff8801da5d7a98 R15: ffff8801cbedc740 FS: 00007f9d9e067700(0000) GS:ffff8801db700000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007f14bdd93000 CR3: 00000001c691b000 CR4: 00000000001606b0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000600 Stack: 1ffff1003b4baf34c ffff8801cbedc740c 1ffff1003b4baf3fc ffff8801da5d7ac0c ffffffff811ff47dc 000000008100226ac 0013001800000000c ffff8801cbedc758c 0000000000000012c 1ffff1003b4baf3dc ffff8801cbedc758c 0000000041b58ab3c Call Trace: [] trace_event_get_offsets_lock include/trace/events/lock.h:38 [inline] [] perf_trace_lock+0xdd/0x520 include/trace/events/lock.h:38 [] trace_lock_release include/trace/events/lock.h:57 [inline] [] lock_release+0x935/0xc20 kernel/locking/lockdep.c:3774 [] __mutex_unlock_common_slowpath kernel/locking/mutex.c:740 [inline] [] __mutex_unlock_slowpath+0x160/0x3c0 kernel/locking/mutex.c:765 [] mutex_unlock+0x9/0x10 kernel/locking/mutex.c:437 [] perf_mmap+0x64a/0x1430 kernel/events/core.c:5283 [] mmap_region+0x80c/0xf90 mm/mmap.c:1726 [] do_mmap+0x53d/0xbb0 mm/mmap.c:1505 [] do_mmap_pgoff include/linux/mm.h:2032 [inline] [] vm_mmap_pgoff+0x168/0x1b0 mm/util.c:329 [] SYSC_mmap_pgoff mm/mmap.c:1555 [inline] [] SyS_mmap_pgoff+0xfe/0x1b0 mm/mmap.c:1513 [] SYSC_mmap arch/x86/kernel/sys_x86_64.c:96 [inline] [] SyS_mmap+0x16/0x20 arch/x86/kernel/sys_x86_64.c:87 [] do_syscall_64+0x19f/0x550 arch/x86/entry/common.c:285 [] entry_SYSCALL_64_after_swapgs+0x5d/0xdb Code: c0f c1f c84 c00 c00 c00 c00 c00 c48 cb8 c00 c00 c00 c00 c00 cfc cff cdf c55 c48 c89 cfa c48 c89 ce5 c48 cc1 cea c03 c41 c54 c49 c89 cfc c53 c48 c83 cec c08 c0f cb6 c04 c02 c<48> c89 cfa c83 ce2 c07 c38 cd0 c7f c04 c84 cc0 c75 c4d c41 c80 c3c c24 c00 c74 c3b c