INFO: task syz.8.1172:10989 blocked for more than 143 seconds.
      Not tainted syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz.8.1172      state:D stack:22720 pid:10989 tgid:10988 ppid:8117   task_flags:0x400140 flags:0x00080002
Call Trace:
 <TASK>
 __schedule+0x153c/0x4fe0
 schedule+0x164/0x360
 io_schedule+0x7f/0xd0
 lock_metapage+0x1ff/0x400
 __get_metapage+0x49a/0xde0
 xtSplitPage+0x281/0x2150
 xtSplitUp+0x33c/0x1fc0
 xtInsert+0x452/0xf20
 extAlloc+0xad9/0x1020
 jfs_get_block+0x358/0xad0
 __blockdev_direct_IO+0x15d7/0x32f0
 jfs_direct_IO+0x119/0x220
 generic_file_direct_write+0x1db/0x3e0
 __generic_file_write_iter+0x11d/0x230
 generic_file_write_iter+0x14a/0x680
 iter_file_splice_write+0x99b/0x1100
 direct_splice_actor+0x101/0x160
 splice_direct_to_actor+0x53a/0xc70
 do_splice_direct+0x195/0x290
 do_sendfile+0x535/0x7c0
 __se_sys_sendfile64+0x144/0x1a0
 do_syscall_64+0xe2/0xf80
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f7c2499acb9
RSP: 002b:00007f7c25819028 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
RAX: ffffffffffffffda RBX: 00007f7c24c15fa0 RCX: 00007f7c2499acb9
RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004
RBP: 00007f7c24a08bf7 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000020fffe82 R11: 0000000000000246 R12: 0000000000000000
R13: 00007f7c24c16038 R14: 00007f7c24c15fa0 R15: 00007ffe84615798
 </TASK>

Showing all locks held in the system:
4 locks held by kworker/u8:0/12:
 #0: ffff888100eef948 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x855/0x15a0
 #1: ffffc90000117c40 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x87c/0x15a0
 #2: ffffffff8e344500 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x580
 #3: ffff88812103ab98 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x2a/0x140
1 lock held by khungtaskd/34:
 #0: ffffffff8e33f020 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180
4 locks held by kworker/u9:11/4898:
 #0: ffff888103aed948 ((wq_completion)writeback){+.+.}-{0:0}, at: process_one_work+0x855/0x15a0
 #1: ffffc9002301fc40 ((work_completion)(&(&wb->dwork)->work)){+.+.}-{0:0}, at: process_one_work+0x87c/0x15a0
 #2: ffff8881178820e0 (&type->s_umount_key#75){++++}-{4:4}, at: super_trylock_shared+0x20/0xf0
 #3: ffff888115f2af90 (&jfs_ip->commit_mutex){+.+.}-{4:4}, at: jfs_commit_inode+0x1ca/0x530
2 locks held by getty/5637:
 #0: ffff88817747c0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
 #1: ffffc9000356b2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x45c/0x13c0
4 locks held by syz.8.1172/10989:
 #0: ffff888117882420 (sb_writers#21){.+.+}-{0:0}, at: direct_splice_actor+0x49/0x160
 #1: ffff888115f2b340 (&sb->s_type->i_mutex_key#32){+.+.}-{4:4}, at: generic_file_write_iter+0x11e/0x680
 #2: ffff888115f2af00 (&jfs_ip->rdwrlock#3){++++}-{4:4}, at: jfs_get_block+0x153/0xad0
 #3: ffff888115f2af90 (&jfs_ip->commit_mutex){+.+.}-{4:4}, at: extAlloc+0x130/0x1020
8 locks held by syz-executor/15790:
 #0: ffff8881703ec420 (sb_writers#7){.+.+}-{0:0}, at: vfs_write+0x227/0xb90
 #1: ffff8881ade7c088 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x1de/0x540
 #2: ffff888109b03878 (kn->active#48){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x231/0x540
 #3: ffffffff8efa2e68 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd7/0x370
 #4: ffff88816ad530e8 (&dev->mutex){....}-{4:4}, at: device_release_driver_internal+0xb6/0x800
 #5: ffff88816ad57250 (&devlink->lock_key#12){+.+.}-{4:4}, at: nsim_drv_remove+0x50/0x160
 #6: ffffffff8f717a48 (rtnl_mutex){+.+.}-{4:4}, at: nsim_destroy+0x10b/0x730
 #7: ffff8881b9cc0d48 (&dev_instance_lock_key#20){+.+.}-{4:4}, at: unregister_netdevice_many_notify+0x583/0x2380
2 locks held by dhcpcd/15907:
 #0: ffff8881767ac260 (sk_lock-AF_PACKET){+.+.}-{0:0}, at: packet_do_bind+0x33/0xd30
 #1: ffffffff8e344638 (rcu_state.exp_mutex){+.+.}-{4:4}, at: synchronize_rcu_expedited+0x2d0/0x770
2 locks held by dhcpcd/15908:
 #0: ffff888113372260 (sk_lock-AF_PACKET){+.+.}-{0:0}, at: packet_do_bind+0x33/0xd30
 #1: ffffffff8e344638 (rcu_state.exp_mutex){+.+.}-{4:4}, at: synchronize_rcu_expedited+0x38d/0x770
1 lock held by rm/15912:

=============================================

NMI backtrace for cpu 1
CPU: 1 UID: 0 PID: 34 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT(full) 
Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
Call Trace:
 <TASK>
 dump_stack_lvl+0xe8/0x150
 nmi_cpu_backtrace+0x274/0x2d0
 nmi_trigger_cpumask_backtrace+0x17a/0x300
 sys_info+0x135/0x170
 watchdog+0xe83/0xed0
 kthread+0x388/0x470
 ret_from_fork+0x51b/0xa40
 ret_from_fork_asm+0x1a/0x30
 </TASK>
Sending NMI from CPU 1 to CPUs 0:
NMI backtrace for cpu 0
CPU: 0 UID: 0 PID: 15913 Comm: dhcpcd-run-hook Not tainted syzkaller #0 PREEMPT(full) 
Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
RIP: 0010:unwind_next_frame+0xd83/0x23c0
Code: 83 3e 00 0f 95 c0 49 39 df 0f 96 c1 20 c1 49 39 dc 0f 97 c0 20 c8 3c 01 75 18 48 8d 43 08 4c 39 f8 0f 97 c1 4c 39 e0 0f 96 c0 <84> c1 0f 85 bf 00 00 00 49 8d 7e 28 48 89 f8 48 c1 e8 03 48 b9 00
RSP: 0018:ffffc90007e2f238 EFLAGS: 00000287
RAX: ffffc90007e2f601 RBX: ffffc90007e2f680 RCX: 1ffff92000fc5e01
RDX: ffffffff906465bc RSI: 0000000000000002 RDI: ffffffff8be09780
RBP: 1ffff92000fc5e62 R08: 0000000000000015 R09: ffffffff8e33f020
R10: ffffc90007e2f358 R11: ffffffff81adf2a0 R12: ffffc90007e30000
R13: 1ffff92000fc5e63 R14: ffffc90007e2f308 R15: ffffc90007e28000
FS:  0000000000000000(0000) GS:ffff88818e3f4000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007fe5c9e385e8 CR3: 0000000116bff000 CR4: 0000000000352ef0
Call Trace:
 <TASK>
 arch_stack_walk+0x11b/0x150
 stack_trace_save+0xa9/0x100
 kasan_save_stack+0x3e/0x60
 kasan_record_aux_stack+0xbd/0xd0
 kmem_cache_free+0x46e/0x610
 exit_mmap+0x572/0xb60
 __mmput+0x118/0x430
 exec_mmap+0x3b4/0x440
 begin_new_exec+0x134a/0x2460
 load_elf_binary+0xa47/0x2980
 bprm_execve+0x93d/0x1410
 do_execveat_common+0x50f/0x690
 __x64_sys_execve+0x94/0xb0
 do_syscall_64+0xe2/0xf80
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7fe5c9d85ef7
Code: Unable to access opcode bytes at 0x7fe5c9d85ecd.
RSP: 002b:00007fffdd84be88 EFLAGS: 00000246 ORIG_RAX: 000000000000003b
RAX: ffffffffffffffda RBX: 00005641f52aff50 RCX: 00007fe5c9d85ef7
RDX: 00005641f52afff8 RSI: 00005641f52aff50 RDI: 00005641f52b00a8
RBP: 00005641f52b00a8 R08: 00005641f52b00ad R09: 00007fffdd850d84
R10: 0000000000000008 R11: 0000000000000246 R12: 00005641f52afff8
R13: 00007fe5c9f33904 R14: 00005641f52afff8 R15: 0000000000000000
 </TASK>
