INFO: task syz-executor:6305 blocked for more than 143 seconds.
      Not tainted syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz-executor    state:D stack:21672 pid:6305  tgid:6305  ppid:1      task_flags:0x400140 flags:0x00080002
Call Trace:
 <TASK>
 __schedule+0x1798/0x4cc0
 schedule+0x165/0x360
 wb_wait_for_completion+0x15f/0x260
 sync_inodes_sb+0x1bb/0xa10
 sync_filesystem+0x17a/0x230
 generic_shutdown_super+0x6f/0x2c0
 kill_block_super+0x44/0x90
 xfs_kill_sb+0x15/0x50
 deactivate_locked_super+0xbc/0x130
 cleanup_mnt+0x425/0x4c0
 task_work_run+0x1d4/0x260
 exit_to_user_mode_loop+0xe9/0x130
 do_syscall_64+0x2bd/0xfa0
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f4604d90a77
RSP: 002b:00007ffc99c268c8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
RAX: 0000000000000000 RBX: 00007f4604e13d7d RCX: 00007f4604d90a77
RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffc99c26980
RBP: 00007ffc99c26980 R08: 0000000000000000 R09: 0000000000000000
R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffc99c27a10
R13: 00007f4604e13d7d R14: 000000000001d857 R15: 00007ffc99c27a50
 </TASK>

Showing all locks held in the system:
1 lock held by pool_workqueue_/3:
4 locks held by kworker/u8:0/12:
 #0: ffff888100ef7948 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
 #1: ffffc90000117ba0 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
 #2: ffffffff8f2bf9f0 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xf7/0x820
 #3: ffffffff8df43000 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570
1 lock held by khungtaskd/35:
 #0: ffffffff8df3d6a0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180
4 locks held by kworker/u9:2/53:
4 locks held by kworker/u10:3/66:
3 locks held by kworker/u9:3/729:
 #0: ffff888100089948 ((wq_completion)events_unbound#2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
 #1: ffffc90005137ba0 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
 #2: ffffffff8f2cc888 (rtnl_mutex){+.+.}-{4:4}, at: linkwatch_event+0xe/0x60
3 locks held by kworker/1:2/794:
 #0: ffff888100075948 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
 #1: ffffc90005097ba0 (deferred_process_work){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
 #2: ffffffff8f2cc888 (rtnl_mutex){+.+.}-{4:4}, at: switchdev_deferred_process_work+0xe/0x20
7 locks held by kworker/u9:5/3584:
2 locks held by getty/5643:
 #0: ffff88816c9660a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
 #1: ffffc9000356e2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x43e/0x1400
2 locks held by syz-executor/5809:
 #0: ffff8881a849e0e0 (&type->s_umount_key#66){++++}-{4:4}, at: deactivate_super+0xa9/0xe0
 #1: ffff888109552820 (&bdi->wb_switch_rwsem){+.+.}-{4:4}, at: sync_inodes_sb+0x19f/0xa10
4 locks held by kworker/0:3/5860:
 #0: ffff888174c6f148 ((wq_completion)xfs-sync/loop6){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
 #1: ffffc900040a7ba0 ((work_completion)(&mp->m_flush_inodes_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
 #2: ffff8881bb2da0e0 (&type->s_umount_key#66
){++++}-{4:4}
, at: xfs_flush_inodes_worker+0x45/0x80
 #3: 
ffff88816b1e8820
 (
&bdi->wb_switch_rwsem
){+.+.}-{4:4}
, at: sync_inodes_sb+0x19f/0xa10
2 locks held by syz-executor/6305:
 #0: 
ffff88810aa340e0
 (
&type->s_umount_key
#66
){++++}-{4:4}
, at: deactivate_super+0xa9/0xe0
 #1: 
ffff8881095e6820
 (
&bdi->wb_switch_rwsem){+.+.}-{4:4}, at: sync_inodes_sb+0x19f/0xa10
2 locks held by syz.6.455/7710:
 #0: 
ffff8881bb2da420 (
sb_writers
#17
){.+.+}-{0:0}
, at: direct_splice_actor+0x49/0x160
 #1: 
ffff888117d41230
 (
&sb->s_type->i_mutex_key#22
){++++}-{4:4}
, at: xfs_ilock+0xfe/0x390
8 locks held by syz-executor/8529:
 #0: 
ffff888174a06420 (sb_writers#7){.+.+}-{0:0}, at: vfs_write+0x211/0xb30
 #1: 
ffff88816d691488 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x1de/0x540
 #2: ffff88810a4305a8 (kn->active#48){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x231/0x540
 #3: ffffffff8eb64408 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x360
 #4: ffff8881a96840e8 (
&dev->mutex
){....}-{4:4}
, at: device_release_driver_internal+0xb6/0x800
 #5: 
ffff8881a9685250 (&devlink->lock_key#4){+.+.}-{4:4}, at: nsim_drv_remove+0x50/0x160
 #6: ffffffff8f2cc888 (rtnl_mutex){+.+.}-{4:4}
, at: nsim_destroy+0xed/0x680
 #7: 
ffff88816c650d38
 (
&dev_instance_lock_key
#20
){+.+.}-{4:4}
, at: unregister_netdevice_many_notify+0x564/0x2390
2 locks held by syz-executor/8546:
 #0: 
ffffffff8ea5df20
 (&ops->srcu
#2){.+.+}-{0:0}, at: rtnl_link_ops_get+0x23/0x250
 #1: ffffffff8f2cc888 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0x8e9/0x1c80
2 locks held by syz.8.591/8625:
 #0: ffffffff8f7edd98 (&ops->srcu#2){.+.+}-{0:0}, at: rtnl_link_ops_get+0x23/0x250
 #1: ffffffff8f2cc888 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0x8e9/0x1c80
1 lock held by syz.8.591/8626:
 #0: ffffffff8f2cc888 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0
1 lock held by syz.8.591/8627:
 #0: ffffffff8f2cc888 (rtnl_mutex){+.+.}-{4:4}, at: do_ip_setsockopt+0xeee/0x2d00
1 lock held by syz.8.591/8628:
 #0: ffffffff8f2cc888 (rtnl_mutex
){+.+.}-{4:4}
, at: rtnl_dellink+0x346/0x700

=============================================

NMI backtrace for cpu 0
CPU: 0 UID: 0 PID: 35 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT(full) 
Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
Call Trace:
 <TASK>
 dump_stack_lvl+0x189/0x250
 nmi_cpu_backtrace+0x39e/0x3d0
 nmi_trigger_cpumask_backtrace+0x17a/0x300
 watchdog+0xf60/0xfa0
 kthread+0x711/0x8a0
 ret_from_fork+0x4bc/0x870
 ret_from_fork_asm+0x1a/0x30
 </TASK>
Sending NMI from CPU 0 to CPUs 1:
NMI backtrace for cpu 1
CPU: 1 UID: 0 PID: 3584 Comm: kworker/u9:5 Not tainted syzkaller #0 PREEMPT(full) 
Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
Workqueue: writeback wb_workfn (flush-7:6)
RIP: 0010:memset_orig+0x15/0xb0
Code: 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 49 89 fa 40 0f b6 ce 48 b8 01 01 01 01 01 01 01 01 48 0f af c1 <41> 89 f9 41 83 e1 07 75 74 48 89 d1 48 c1 e9 06 74 39 66 0f 1f 84
RSP: 0018:ffffc90020b8d778 EFLAGS: 00000206
RAX: 0000000000000000 RBX: ffffc90020b8d7c0 RCX: 0000000000000000
RDX: 000000000000000c RSI: 0000000000000000 RDI: ffffc90020b8d7c0
RBP: ffffc90020b8d830 R08: 0000000000000003 R09: 0000000000000004
R10: ffffc90020b8d7c0 R11: fffff52004171af9 R12: 0000000000000e00
R13: ffffc90020b8d8c0 R14: ffffc90020b8d8ce R15: 000000000000000e
FS:  0000000000000000(0000) GS:ffff8882a9f36000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007f77bdfd5440 CR3: 000000000dd38000 CR4: 00000000000006f0
Call Trace:
 <TASK>
 info_print_prefix+0x1a6/0x310
 record_print_text+0x154/0x420
 printk_get_next_message+0x26d/0x7b0
 console_flush_all+0x4ca/0xb10
 console_unlock+0xbb/0x190
 vprintk_emit+0x4c5/0x590
 _printk+0xcf/0x120
 xfs_printk_level+0x18b/0x280
 xfs_buf_verifier_error+0x1c0/0x2a0
 xfs_agfl_read_verify+0x165/0x1f0
 __xfs_buf_ioend+0x342/0x6f0
 xfs_buf_iowait+0x167/0x480
 xfs_buf_read_map+0x335/0xa50
 xfs_trans_read_buf_map+0x1d7/0x8e0
 xfs_alloc_read_agfl+0x202/0x410
 xfs_alloc_fix_freelist+0xb93/0x1300
 xfs_alloc_vextent_prepare_ag+0xdb/0x610
 xfs_alloc_vextent_iterate_ags+0x140/0x940
 xfs_alloc_vextent_start_ag+0x388/0x850
 xfs_bmapi_allocate+0x188e/0x2e00
 xfs_bmapi_convert_delalloc+0x7e2/0x1430
 xfs_writeback_range+0x674/0xf70
 iomap_writeback_folio+0xe75/0x1c80
 iomap_writepages+0x162/0x2d0
 xfs_vm_writepages+0x296/0x310
 do_writepages+0x32e/0x550
 __writeback_single_inode+0x145/0xff0
 writeback_sb_inodes+0x6c7/0x1010
 wb_writeback+0x43b/0xaf0
 wb_workfn+0x409/0xef0
 process_scheduled_works+0xae1/0x17b0
 worker_thread+0x8a0/0xda0
 kthread+0x711/0x8a0
 ret_from_fork+0x4bc/0x870
 ret_from_fork_asm+0x1a/0x30
 </TASK>
