ip6_tunnel: ip6tnl5 xmit: Local address not yet configured! ip6_tunnel: ip6tnl3 xmit: Local address not yet configured! ip6_tunnel: ip6tnl1 xmit: Local address not yet configured! ip6_tunnel: ip6tnl4 xmit: Local address not yet configured! ip6_tunnel:  xmit: Local address not yet configured! INFO: task syz-executor3:1846 blocked for more than 140 seconds. Not tainted 4.14.85+ #15 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. syz-executor3 D28120 1846 1787 0x80000004 Call Trace: schedule+0x7f/0x1b0 kernel/sched/core.c:3490 __rwsem_down_write_failed_common kernel/locking/rwsem-xadd.c:565 [inline] rwsem_down_write_failed+0x390/0x730 kernel/locking/rwsem-xadd.c:594 call_rwsem_down_write_failed+0x13/0x20 arch/x86/lib/rwsem.S:105 __down_write arch/x86/include/asm/rwsem.h:126 [inline] down_write+0x4f/0x90 kernel/locking/rwsem.c:56 i_mmap_lock_write include/linux/fs.h:470 [inline] unlink_file_vma+0x6e/0xa0 mm/mmap.c:157 free_pgtables+0x7c/0x220 mm/memory.c:630 exit_mmap+0x208/0x420 mm/mmap.c:3069 __mmput kernel/fork.c:929 [inline] mmput+0xc8/0x350 kernel/fork.c:950 exit_mm kernel/exit.c:544 [inline] do_exit+0x843/0x28c0 kernel/exit.c:852 do_group_exit+0x100/0x2e0 kernel/exit.c:968 get_signal+0x4e5/0x1470 kernel/signal.c:2348 do_signal+0x8f/0x1660 arch/x86/kernel/signal.c:809 exit_to_usermode_loop+0x116/0x150 arch/x86/entry/common.c:159 prepare_exit_to_usermode arch/x86/entry/common.c:198 [inline] syscall_return_slowpath arch/x86/entry/common.c:267 [inline] do_syscall_64+0x35d/0x4b0 arch/x86/entry/common.c:294 entry_SYSCALL_64_after_hwframe+0x42/0xb7 RIP: 0033:0x41124a RSP: 002b:00007ffc7c5dde58 EFLAGS: 00000246 ORIG_RAX: 000000000000003d RAX: fffffffffffffe00 RBX: 000000000000073b RCX: 000000000041124a RDX: 0000000040000000 RSI: 00007ffc7c5dde64 RDI: ffffffffffffffff RBP: 000000000072c988 R08: 0000000000000736 R09: 0000000002016940 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000010 R13: 0000000000412e50 R14: 0000000000000000 R15: 0000000000000000 Showing all locks held in the system: 1 lock held by khungtaskd/23: #0: (tasklist_lock){.+.?}, at: [] debug_show_all_locks+0x74/0x20f kernel/locking/lockdep.c:4541 1 lock held by rsyslogd/1633: #0: (&f->f_pos_lock){+.+.}, at: [] __fdget_pos+0xa2/0xc0 fs/file.c:768 2 locks held by getty/1761: #0: (&tty->ldisc_sem){++++}, at: [] tty_ldisc_ref_wait+0x20/0x80 drivers/tty/tty_ldisc.c:275 #1: (&ldata->atomic_read_lock){+.+.}, at: [] n_tty_read+0x1ff/0x1700 drivers/tty/n_tty.c:2156 1 lock held by syz-executor3/1846: #0: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:470 [inline] #0: (&mapping->i_mmap_rwsem){++++}, at: [] unlink_file_vma+0x6e/0xa0 mm/mmap.c:157 ============================================= NMI backtrace for cpu 1 CPU: 1 PID: 23 Comm: khungtaskd Not tainted 4.14.85+ #15 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0xb9/0x11b lib/dump_stack.c:53 nmi_cpu_backtrace.cold.0+0x47/0x85 lib/nmi_backtrace.c:101 nmi_trigger_cpumask_backtrace+0x121/0x146 lib/nmi_backtrace.c:62 trigger_all_cpu_backtrace include/linux/nmi.h:140 [inline] check_hung_uninterruptible_tasks kernel/hung_task.c:196 [inline] watchdog+0x574/0xa70 kernel/hung_task.c:252 kthread+0x348/0x420 kernel/kthread.c:232 ret_from_fork+0x3a/0x50 arch/x86/entry/entry_64.S:402 Sending NMI from CPU 1 to CPUs 0: NMI backtrace for cpu 0 CPU: 0 PID: 0 Comm: swapper/0 Not tainted 4.14.85+ #15 task: ffffffff9302d200 task.stack: ffffffff93000000 RIP: 0010:inb arch/x86/include/asm/io.h:309 [inline] RIP: 0010:io_serial_in+0x60/0x80 drivers/tty/serial/8250/8250_port.c:450 RSP: 0018:ffff8881dba06f70 EFLAGS: 00000002 RAX: dffffc0000000000 RBX: 00000000000003fd RCX: 0000000000000000 RDX: 00000000000003fd RSI: 0000000000000005 RDI: ffffffff94f21b58 RBP: ffffffff94f21b20 R08: 0000000000001d0b R09: ffffffff940d4f38 R10: ffffffff9302db20 R11: 0000000000000001 R12: 0000000000000020 R13: fffffbfff29e43aa R14: fffffbfff29e436d R15: ffffffff94f21d52 FS: 0000000000000000(0000) GS:ffff8881dba00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00000000007d0000 CR3: 0000000173822002 CR4: 00000000001606b0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000600 Call Trace: serial_in drivers/tty/serial/8250/8250.h:115 [inline] wait_for_xmitr+0x90/0x1e0 drivers/tty/serial/8250/8250_port.c:2032 serial8250_console_putchar+0x19/0x50 drivers/tty/serial/8250/8250_port.c:3184 uart_console_write+0x4b/0xd0 drivers/tty/serial/serial_core.c:1883 serial8250_console_write+0x51b/0x800 drivers/tty/serial/8250/8250_port.c:3250 call_console_drivers kernel/printk/printk.c:1579 [inline] console_unlock+0x5b9/0xb50 kernel/printk/printk.c:2241 vprintk_emit+0x142/0x180 kernel/printk/printk.c:1777 vprintk_func+0x58/0x159 kernel/printk/printk_safe.c:401 printk+0xa7/0xcf kernel/printk/printk.c:1850 ip6_tnl_xmit_ctl.cold.3+0x32/0x37 net/ipv6/ip6_tunnel.c:1003 ip6_tnl_xmit+0x308/0x2dc0 net/ipv6/ip6_tunnel.c:1099 ip6ip6_tnl_xmit net/ipv6/ip6_tunnel.c:1381 [inline] ip6_tnl_start_xmit+0x732/0x1aa0 net/ipv6/ip6_tunnel.c:1404 __netdev_start_xmit include/linux/netdevice.h:4030 [inline] netdev_start_xmit include/linux/netdevice.h:4039 [inline] xmit_one net/core/dev.c:3009 [inline] dev_hard_start_xmit+0x191/0x890 net/core/dev.c:3025 __dev_queue_xmit+0x13d9/0x1f40 net/core/dev.c:3525 neigh_output include/net/neighbour.h:482 [inline] ip6_finish_output2+0xbd0/0x1e70 net/ipv6/ip6_output.c:120 ip6_finish_output+0x62e/0xb10 net/ipv6/ip6_output.c:154 NF_HOOK_COND include/linux/netfilter.h:239 [inline] ip6_output+0x1dd/0x680 net/ipv6/ip6_output.c:171 dst_output include/net/dst.h:459 [inline] NF_HOOK include/linux/netfilter.h:250 [inline] ndisc_send_skb+0xe1e/0x13b0 net/ipv6/ndisc.c:483 ndisc_send_rs+0x123/0x650 net/ipv6/ndisc.c:677 addrconf_rs_timer+0x27e/0x5a0 net/ipv6/addrconf.c:3783 call_timer_fn+0x163/0x6d0 kernel/time/timer.c:1279 expire_timers+0x1f3/0x4a0 kernel/time/timer.c:1318 __run_timers kernel/time/timer.c:1634 [inline] run_timer_softirq+0x1da/0x560 kernel/time/timer.c:1647 __do_softirq+0x20d/0x9bd kernel/softirq.c:288 invoke_softirq kernel/softirq.c:368 [inline] irq_exit+0x117/0x150 kernel/softirq.c:409 exiting_irq arch/x86/include/asm/apic.h:648 [inline] smp_apic_timer_interrupt+0x18c/0x600 arch/x86/kernel/apic/apic.c:1064 apic_timer_interrupt+0x84/0x90 arch/x86/entry/entry_64.S:787 RIP: 0010:native_safe_halt+0x2/0x10 arch/x86/include/asm/irqflags.h:57 RSP: 0018:ffffffff93007d28 EFLAGS: 00000246 ORIG_RAX: ffffffffffffff10 RAX: 0000000000000007 RBX: ffffffff9342b3e8 RCX: 0000000000000000 RDX: 0000000000000000 RSI: 0000000000000001 RDI: ffffffff9302da2c RBP: ffffffff93435828 R08: 0000000000000001 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 R13: 1ffffffff2600fae R14: 0000000000000000 R15: ffffffff934358e4 arch_safe_halt arch/x86/include/asm/paravirt.h:94 [inline] default_idle+0x50/0x380 arch/x86/kernel/process.c:501 cpuidle_idle_call kernel/sched/idle.c:159 [inline] do_idle+0x2da/0x3b0 kernel/sched/idle.c:268 cpu_startup_entry+0xc9/0xe0 kernel/sched/idle.c:374 start_kernel+0x6fb/0x739 init/main.c:710 secondary_startup_64+0xa5/0xb0 arch/x86/kernel/head_64.S:240 Code: 30 0f b6 8d d1 00 00 00 48 8d 7d 38 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 d3 e3 80 3c 02 00 75 13 03 5d 38 89 da ec <0f> b6 c0 5b 5d c3 e8 65 53 7c ff eb c9 e8 8e 53 7c ff eb e6 66