INFO: task kworker/u8:3:55 blocked for more than 143 seconds.
      Not tainted syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:kworker/u8:3    state:D stack:21504 pid:55    tgid:55    ppid:2      task_flags:0x4208060 flags:0x00080000
Workqueue: writeback wb_workfn (flush-7:0)
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5387 [inline]
 __schedule+0x1681/0x54c0 kernel/sched/core.c:7188
 __schedule_loop kernel/sched/core.c:7267 [inline]
 rt_mutex_schedule+0x76/0xf0 kernel/sched/core.c:7563
 rt_mutex_slowlock_block kernel/locking/rtmutex.c:1662 [inline]
 __rt_mutex_slowlock kernel/locking/rtmutex.c:1739 [inline]
 __rt_mutex_slowlock_locked+0x1f28/0x2550 kernel/locking/rtmutex.c:1779
 rt_mutex_slowlock+0xbd/0x170 kernel/locking/rtmutex.c:1819
 __rt_mutex_lock kernel/locking/rtmutex.c:1834 [inline]
 rwbase_write_lock+0x14d/0x730 kernel/locking/rwbase_rt.c:245
 f2fs_down_write fs/f2fs/f2fs.h:2411 [inline]
 f2fs_down_write_trace+0x3e/0x1d0 fs/f2fs/checkpoint.c:180
 f2fs_balance_fs+0x612/0x840 fs/f2fs/segment.c:465
 f2fs_write_inode+0x3fb/0x5f0 fs/f2fs/inode.c:830
 write_inode fs/fs-writeback.c:1584 [inline]
 __writeback_single_inode+0x75d/0x10e0 fs/fs-writeback.c:1827
 writeback_sb_inodes+0x97f/0x1980 fs/fs-writeback.c:2056
 __writeback_inodes_wb+0x111/0x240 fs/fs-writeback.c:2132
 wb_writeback+0x459/0xb00 fs/fs-writeback.c:2243
 wb_check_old_data_flush fs/fs-writeback.c:2347 [inline]
 wb_do_writeback fs/fs-writeback.c:2400 [inline]
 wb_workfn+0xb17/0xf20 fs/fs-writeback.c:2428
 process_one_work kernel/workqueue.c:3302 [inline]
 process_scheduled_works+0xb5d/0x1860 kernel/workqueue.c:3385
 worker_thread+0xa53/0xfc0 kernel/workqueue.c:3466
 kthread+0x388/0x470 kernel/kthread.c:436
 ret_from_fork+0x514/0xb70 arch/x86/kernel/process.c:158
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245
 </TASK>

Showing all locks held in the system:
3 locks held by kworker/0:1/10:
 #0: ffff88801a037938 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3277 [inline]
 #0: ffff88801a037938 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0xa35/0x1860 kernel/workqueue.c:3385
 #1: ffffc900000f7c40 (rx_mode_work){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3278 [inline]
 #1: ffffc900000f7c40 (rx_mode_work){+.+.}-{0:0}, at: process_scheduled_works+0xa70/0x1860 kernel/workqueue.c:3385
 #2: ffffffff8f355e78 (rtnl_mutex){+.+.}-{4:4}, at: netdev_rx_mode_work+0x1c/0x450 net/core/dev_addr_lists.c:1312
4 locks held by kworker/u8:0/12:
 #0: ffff88801f2b6138 ((wq_completion)writeback){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3277 [inline]
 #0: ffff88801f2b6138 ((wq_completion)writeback){+.+.}-{0:0}, at: process_scheduled_works+0xa35/0x1860 kernel/workqueue.c:3385
 #1: ffffc90000117c40 ((work_completion)(&(&wb->dwork)->work)){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3278 [inline]
 #1: ffffc90000117c40 ((work_completion)(&(&wb->dwork)->work)){+.+.}-{0:0}, at: process_scheduled_works+0xa70/0x1860 kernel/workqueue.c:3385
 #2: ffff8880258e40d0 (&type->s_umount_key#56){++++}-{4:4}, at: super_trylock_shared+0x20/0xf0 fs/super.c:565
 #3: ffff888032335a98 (&sbi->gc_lock){+.+.}-{4:4}, at: f2fs_down_write fs/f2fs/f2fs.h:2411 [inline]
 #3: ffff888032335a98 (&sbi->gc_lock){+.+.}-{4:4}, at: f2fs_down_write_trace+0x3e/0x1d0 fs/f2fs/checkpoint.c:180
4 locks held by rcuc/1/28:
1 lock held by khungtaskd/38:
 #0: ffffffff8dfc8140 (rcu_read_lock){....}-{1:3}, at: rcu_lock_acquire include/linux/rcupdate.h:300 [inline]
 #0: ffffffff8dfc8140 (rcu_read_lock){....}-{1:3}, at: rcu_read_lock include/linux/rcupdate.h:838 [inline]
 #0: ffffffff8dfc8140 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180 kernel/locking/lockdep.c:6775
4 locks held by kworker/u8:3/55:
 #0: ffff88801f2b6138 ((wq_completion)writeback){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3277 [inline]
 #0: ffff88801f2b6138 ((wq_completion)writeback){+.+.}-{0:0}, at: process_scheduled_works+0xa35/0x1860 kernel/workqueue.c:3385
 #1: ffffc9000121fc40 ((work_completion)(&(&wb->dwork)->work)){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3278 [inline]
 #1: ffffc9000121fc40 ((work_completion)(&(&wb->dwork)->work)){+.+.}-{0:0}, at: process_scheduled_works+0xa70/0x1860 kernel/workqueue.c:3385
 #2: ffff888035f080d0 (&type->s_umount_key#56){++++}-{4:4}, at: super_trylock_shared+0x20/0xf0 fs/super.c:565
 #3: ffff8880403a5a98 (&sbi->gc_lock){+.+.}-{4:4}, at: f2fs_down_write fs/f2fs/f2fs.h:2411 [inline]
 #3: ffff8880403a5a98 (&sbi->gc_lock){+.+.}-{4:4}, at: f2fs_down_write_trace+0x3e/0x1d0 fs/f2fs/checkpoint.c:180
4 locks held by kworker/u8:9/1119:
 #0: ffff88801f2b6138 ((wq_completion)writeback){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3277 [inline]
 #0: ffff88801f2b6138 ((wq_completion)writeback){+.+.}-{0:0}, at: process_scheduled_works+0xa35/0x1860 kernel/workqueue.c:3385
 #1: ffffc900062ffc40 ((work_completion)(&(&wb->dwork)->work)){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3278 [inline]
 #1: ffffc900062ffc40 ((work_completion)(&(&wb->dwork)->work)){+.+.}-{0:0}, at: process_scheduled_works+0xa70/0x1860 kernel/workqueue.c:3385
 #2: ffff88805dec80d0 (&type->s_umount_key#56){++++}-{4:4}, at: super_trylock_shared+0x20/0xf0 fs/super.c:565
 #3: ffff888033c15a98 (&sbi->gc_lock){+.+.}-{4:4}, at: f2fs_down_write fs/f2fs/f2fs.h:2411 [inline]
 #3: ffff888033c15a98 (&sbi->gc_lock){+.+.}-{4:4}, at: f2fs_down_write_trace+0x3e/0x1d0 fs/f2fs/checkpoint.c:180
4 locks held by kworker/u8:11/1398:
 #0: ffff88801f2b6138 ((wq_completion)writeback){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3277 [inline]
 #0: ffff88801f2b6138 ((wq_completion)writeback){+.+.}-{0:0}, at: process_scheduled_works+0xa35/0x1860 kernel/workqueue.c:3385
 #1: ffffc90006c2fc40 ((work_completion)(&(&wb->dwork)->work)){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3278 [inline]
 #1: ffffc90006c2fc40 ((work_completion)(&(&wb->dwork)->work)){+.+.}-{0:0}, at: process_scheduled_works+0xa70/0x1860 kernel/workqueue.c:3385
 #2: ffff888036a680d0 (&type->s_umount_key#56){++++}-{4:4}, at: super_trylock_shared+0x20/0xf0 fs/super.c:565
 #3: ffff88803e379a98 (&sbi->gc_lock){+.+.}-{4:4}, at: f2fs_down_write fs/f2fs/f2fs.h:2411 [inline]
 #3: ffff88803e379a98 (&sbi->gc_lock){+.+.}-{4:4}, at: f2fs_down_write_trace+0x3e/0x1d0 fs/f2fs/checkpoint.c:180
4 locks held by kworker/u8:13/1641:
 #0: ffff88801f2b6138 ((wq_completion)writeback){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3277 [inline]
 #0: ffff88801f2b6138 ((wq_completion)writeback){+.+.}-{0:0}, at: process_scheduled_works+0xa35/0x1860 kernel/workqueue.c:3385
 #1: ffffc9000712fc40 ((work_completion)(&(&wb->dwork)->work)){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3278 [inline]
 #1: ffffc9000712fc40 ((work_completion)(&(&wb->dwork)->work)){+.+.}-{0:0}, at: process_scheduled_works+0xa70/0x1860 kernel/workqueue.c:3385
 #2: ffff88803b7e40d0 (&type->s_umount_key#56){++++}-{4:4}, at: super_trylock_shared+0x20/0xf0 fs/super.c:565
 #3: ffff88803548da98 (&sbi->gc_lock){+.+.}-{4:4}, at: f2fs_down_write fs/f2fs/f2fs.h:2411 [inline]
 #3: ffff88803548da98 (&sbi->gc_lock){+.+.}-{4:4}, at: f2fs_down_write_trace+0x3e/0x1d0 fs/f2fs/checkpoint.c:180
2 locks held by getty/5349:
 #0: ffff88803727c0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 drivers/tty/tty_ldisc.c:243
 #1: ffffc90003cbe2e0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x462/0x13a0 drivers/tty/n_tty.c:2211
7 locks held by syz.0.17/5804:
6 locks held by syz.1.18/5845:
6 locks held by syz.2.19/5893:
5 locks held by syz.3.20/5935:
6 locks held by syz.4.22/5996:
6 locks held by kworker/u8:10/6051:
4 locks held by syz.5.26/6061:
3 locks held by syz-executor/6074:

=============================================

NMI backtrace for cpu 0
CPU: 0 UID: 0 PID: 38 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
Call Trace:
 <TASK>
 dump_stack_lvl+0xe8/0x150 lib/dump_stack.c:120
 nmi_cpu_backtrace+0x274/0x2d0 lib/nmi_backtrace.c:113
 nmi_trigger_cpumask_backtrace+0x17a/0x300 lib/nmi_backtrace.c:62
 trigger_all_cpu_backtrace include/linux/nmi.h:162 [inline]
 __sys_info lib/sys_info.c:157 [inline]
 sys_info+0x135/0x170 lib/sys_info.c:165
 check_hung_uninterruptible_tasks kernel/hung_task.c:353 [inline]
 watchdog+0xfd3/0x1030 kernel/hung_task.c:561
 kthread+0x388/0x470 kernel/kthread.c:436
 ret_from_fork+0x514/0xb70 arch/x86/kernel/process.c:158
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245
 </TASK>
Sending NMI from CPU 0 to CPUs 1:
NMI backtrace for cpu 1
CPU: 1 UID: 0 PID: 5893 Comm: syz.2.19 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
RIP: 0010:native_save_fl arch/x86/include/asm/irqflags.h:26 [inline]
RIP: 0010:arch_local_save_flags arch/x86/include/asm/irqflags.h:109 [inline]
RIP: 0010:check_preemption_disabled+0x29/0xe0 lib/smp_processor_id.c:19
Code: 90 55 41 57 41 56 53 65 8b 05 a7 2f 4e 07 65 8b 0d 9c 2f 4e 07 f7 c1 ff ff ff 7f 74 0c 5b 41 5e 41 5f 5d c3 cc cc cc cc cc 9c <59> f7 c1 00 02 00 00 74 ea 65 4c 8b 3d 4e 2f 4e 07 41 f6 47 2f 04
RSP: 0018:ffffc90002fd65e0 EFLAGS: 00000046
RAX: 0000000000000001 RBX: 0000000000000202 RCX: 0000000080000000
RDX: ffffc90002fd6701 RSI: ffffffff8d61b12f RDI: ffffffff8ba74b60
RBP: dffffc0000000000 R08: ffffc90002fd6798 R09: 0000000000000000
R10: ffffc90002fd67f8 R11: fffff520005fad01 R12: ffffc90002fd67a8
R13: ffffffff8176d226 R14: ffffffff8dfc8140 R15: ffff888033169ec0
FS:  0000555585dda500(0000) GS:ffff88812627d000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007f3b5d8b35c0 CR3: 000000002a4c8000 CR4: 00000000003526f0
Call Trace:
 <TASK>
 lockdep_recursion_inc kernel/locking/lockdep.c:465 [inline]
 lock_release+0xa1/0x3c0 kernel/locking/lockdep.c:5888
 rcu_lock_release include/linux/rcupdate.h:310 [inline]
 rcu_read_unlock include/linux/rcupdate.h:869 [inline]
 class_rcu_destructor include/linux/rcupdate.h:1181 [inline]
 unwind_next_frame+0x1bba/0x2550 arch/x86/kernel/unwind_orc.c:709
 __unwind_start+0x5b8/0x760 arch/x86/kernel/unwind_orc.c:787
 unwind_start arch/x86/include/asm/unwind.h:64 [inline]
 arch_stack_walk+0xe3/0x150 arch/x86/kernel/stacktrace.c:24
 stack_trace_save+0xa9/0x100 kernel/stacktrace.c:122
 kasan_save_stack mm/kasan/common.c:57 [inline]
 kasan_save_track+0x3e/0x80 mm/kasan/common.c:78
 unpoison_slab_object mm/kasan/common.c:340 [inline]
 __kasan_slab_alloc+0x6c/0x80 mm/kasan/common.c:366
 kasan_slab_alloc include/linux/kasan.h:253 [inline]
 slab_post_alloc_hook mm/slub.c:4569 [inline]
 slab_alloc_node mm/slub.c:4898 [inline]
 kmem_cache_alloc_noprof+0x33b/0x680 mm/slub.c:4905
 bio_alloc_bioset+0x1c7/0xc90 block/bio.c:558
 f2fs_grab_read_bio+0x248/0x640 fs/f2fs/data.c:1115
 f2fs_submit_page_read+0xa9/0x120 fs/f2fs/data.c:1159
 f2fs_get_read_data_folio+0x9b9/0xb40 fs/f2fs/data.c:1345
 gc_data_segment fs/f2fs/gc.c:1666 [inline]
 do_garbage_collect+0x4784/0x6d90 fs/f2fs/gc.c:1881
 f2fs_gc+0xcca/0x24d0 fs/f2fs/gc.c:1998
 f2fs_balance_fs+0x65b/0x840 fs/f2fs/segment.c:467
 f2fs_map_blocks+0x3842/0x4690 fs/f2fs/data.c:1897
 f2fs_expand_inode_data+0x6c7/0xb20 fs/f2fs/file.c:1953
 f2fs_fallocate+0x4e8/0x980 fs/f2fs/file.c:2056
 vfs_fallocate+0x672/0x7f0 fs/open.c:338
 ksys_fallocate fs/open.c:362 [inline]
 __do_sys_fallocate fs/open.c:367 [inline]
 __se_sys_fallocate fs/open.c:365 [inline]
 __x64_sys_fallocate+0xc0/0x110 fs/open.c:365
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0x15f/0xf80 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f976c78cdd9
Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007fff8276ff98 EFLAGS: 00000246 ORIG_RAX: 000000000000011d
RAX: ffffffffffffffda RBX: 00007f976ca05fa0 RCX: 00007f976c78cdd9
RDX: 0000000000000001 RSI: 0000000000000000 RDI: 0000000000000004
RBP: 00007f976c822d69 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000002000402 R11: 0000000000000246 R12: 0000000000000000
R13: 00007f976ca05fac R14: 00007f976ca05fa0 R15: 00007f976ca05fa0
 </TASK>