INFO: task kworker/u8:7:3492 blocked for more than 143 seconds.
      Not tainted 6.14.0-rc7-syzkaller-00069-g81e4f8d68c66 #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:kworker/u8:7    state:D stack:19632 pid:3492  tgid:3492  ppid:2      task_flags:0x4208060 flags:0x00004000
Workqueue: writeback wb_workfn (flush-bcachefs-62)
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5378 [inline]
 __schedule+0x18bc/0x4c40 kernel/sched/core.c:6765
 __schedule_loop kernel/sched/core.c:6842 [inline]
 schedule+0x14b/0x320 kernel/sched/core.c:6857
 schedule_preempt_disabled+0x13/0x30 kernel/sched/core.c:6914
 __mutex_lock_common kernel/locking/mutex.c:662 [inline]
 __mutex_lock+0x817/0x1010 kernel/locking/mutex.c:730
 bch2_vfs_write_inode+0x69/0xc0 fs/bcachefs/fs.c:1834
 write_inode fs/fs-writeback.c:1525 [inline]
 __writeback_single_inode+0x708/0x10d0 fs/fs-writeback.c:1745
 writeback_sb_inodes+0x820/0x1360 fs/fs-writeback.c:1976
 __writeback_inodes_wb+0x11b/0x260 fs/fs-writeback.c:2047
 wb_writeback+0x427/0xb80 fs/fs-writeback.c:2158
 wb_check_old_data_flush fs/fs-writeback.c:2262 [inline]
 wb_do_writeback fs/fs-writeback.c:2315 [inline]
 wb_workfn+0xb94/0x1080 fs/fs-writeback.c:2343
 process_one_work kernel/workqueue.c:3238 [inline]
 process_scheduled_works+0xabe/0x18e0 kernel/workqueue.c:3319
 worker_thread+0x870/0xd30 kernel/workqueue.c:3400
 kthread+0x7a9/0x920 kernel/kthread.c:464
 ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:148
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244
 </TASK>
INFO: task syz.9.639:11557 blocked for more than 144 seconds.
      Not tainted 6.14.0-rc7-syzkaller-00069-g81e4f8d68c66 #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz.9.639       state:D stack:18736 pid:11557 tgid:11552 ppid:8485   task_flags:0x400140 flags:0x00004006
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5378 [inline]
 __schedule+0x18bc/0x4c40 kernel/sched/core.c:6765
 __schedule_loop kernel/sched/core.c:6842 [inline]
 schedule+0x14b/0x320 kernel/sched/core.c:6857
 __closure_sync+0x259/0x2f0 lib/closure.c:146
 bch2_wait_on_allocator fs/bcachefs/alloc_foreground.h:237 [inline]
 bch2_btree_update_start+0x1200/0x1540 fs/bcachefs/btree_update_interior.c:1254
 bch2_btree_split_leaf+0x121/0x880 fs/bcachefs/btree_update_interior.c:1853
 bch2_trans_commit_error+0x212/0x1380 fs/bcachefs/btree_trans_commit.c:908
 __bch2_trans_commit+0x8105/0x9790 fs/bcachefs/btree_trans_commit.c:1089
 bch2_trans_commit fs/bcachefs/btree_update.h:191 [inline]
 __bch2_create+0xa75/0xf40 fs/bcachefs/fs.c:576
 bch2_mknod+0xe7/0x1b0 fs/bcachefs/fs.c:709
 vfs_mknod+0x36d/0x3b0 fs/namei.c:4191
 do_mknodat+0x3ec/0x5b0
 __do_sys_mknod fs/namei.c:4274 [inline]
 __se_sys_mknod fs/namei.c:4272 [inline]
 __x64_sys_mknod+0x8c/0xa0 fs/namei.c:4272
 do_syscall_x64 arch/x86/entry/common.c:52 [inline]
 do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7fa4ba38d169
RSP: 002b:00007fa4bb2d0038 EFLAGS: 00000246
 ORIG_RAX: 0000000000000085
RAX: ffffffffffffffda RBX: 00007fa4ba5a5fa0 RCX: 00007fa4ba38d169
RDX: 0000000000000000 RSI: 0000000000001000 RDI: 0000400000000080
RBP: 00007fa4ba40e2a0 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 0000000000000000 R14: 00007fa4ba5a5fa0 R15: 00007fffc2c07598
 </TASK>
INFO: task syz.9.639:11606 blocked for more than 145 seconds.
      Not tainted 6.14.0-rc7-syzkaller-00069-g81e4f8d68c66 #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz.9.639       state:D stack:26616 pid:11606 tgid:11552 ppid:8485   task_flags:0x400040 flags:0x00000004
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5378 [inline]
 __schedule+0x18bc/0x4c40 kernel/sched/core.c:6765
 __schedule_loop kernel/sched/core.c:6842 [inline]
 schedule+0x14b/0x320 kernel/sched/core.c:6857
 schedule_preempt_disabled+0x13/0x30 kernel/sched/core.c:6914
 rwsem_down_write_slowpath+0xeee/0x13b0 kernel/locking/rwsem.c:1176
 __down_write_common kernel/locking/rwsem.c:1304 [inline]
 __down_write kernel/locking/rwsem.c:1313 [inline]
 down_write+0x1d7/0x220 kernel/locking/rwsem.c:1578
 inode_lock include/linux/fs.h:877 [inline]
 open_last_lookups fs/namei.c:3747 [inline]
 path_openat+0x89a/0x3590 fs/namei.c:3986
 do_filp_open+0x27f/0x4e0 fs/namei.c:4016
 do_sys_openat2+0x13e/0x1d0 fs/open.c:1428
 do_sys_open fs/open.c:1443 [inline]
 __do_sys_open fs/open.c:1451 [inline]
 __se_sys_open fs/open.c:1447 [inline]
 __x64_sys_open+0x225/0x270 fs/open.c:1447
 do_syscall_x64 arch/x86/entry/common.c:52 [inline]
 do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7fa4ba38d169
RSP: 002b:00007fa4bb2af038 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
RAX: ffffffffffffffda RBX: 00007fa4ba5a6080 RCX: 00007fa4ba38d169
RDX: 00000000000000a2 RSI: 0000000000143142 RDI: 0000400000000100
RBP: 00007fa4ba40e2a0 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 0000000000000001 R14: 00007fa4ba5a6080 R15: 00007fffc2c07598
 </TASK>
INFO: task bch-copygc/loop:11603 blocked for more than 145 seconds.
      Not tainted 6.14.0-rc7-syzkaller-00069-g81e4f8d68c66 #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:bch-copygc/loop state:D stack:18128 pid:11603 tgid:11603 ppid:2      task_flags:0x240040 flags:0x00004000
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5378 [inline]
 __schedule+0x18bc/0x4c40 kernel/sched/core.c:6765
 __schedule_loop kernel/sched/core.c:6842 [inline]
 schedule+0x14b/0x320 kernel/sched/core.c:6857
 __closure_sync+0x259/0x2f0 lib/closure.c:146
 bch2_wait_on_allocator fs/bcachefs/alloc_foreground.h:237 [inline]
 __bch2_write+0x5376/0x5a80 fs/bcachefs/io_write.c:1530
 bch2_write+0x865/0x1660 fs/bcachefs/io_write.c:1659
 closure_queue include/linux/closure.h:270 [inline]
 closure_call include/linux/closure.h:432 [inline]
 bch2_data_update_read_done+0x22e/0x330 fs/bcachefs/data_update.c:439
 move_write fs/bcachefs/move.c:135 [inline]
 bch2_moving_ctxt_do_pending_writes+0x44c/0x8d0 fs/bcachefs/move.c:166
 bch2_move_ratelimit+0x76c/0xeb0 fs/bcachefs/move.c:512
 bch2_evacuate_bucket+0xfe9/0x3280 fs/bcachefs/move.c:747
 bch2_copygc+0x415d/0x4fa0 fs/bcachefs/movinggc.c:240
 bch2_copygc_thread+0x6ef/0xba0 fs/bcachefs/movinggc.c:383
 kthread+0x7a9/0x920 kernel/kthread.c:464
 ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:148
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244
 </TASK>

Showing all locks held in the system:
1 lock held by khungtaskd/31:
 #0: ffffffff8eb393e0 (rcu_read_lock){....}-{1:3}, at: rcu_lock_acquire include/linux/rcupdate.h:337 [inline]
 #0: ffffffff8eb393e0 (rcu_read_lock){....}-{1:3}, at: rcu_read_lock include/linux/rcupdate.h:849 [inline]
 #0: ffffffff8eb393e0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x55/0x2a0 kernel/locking/lockdep.c:6746
2 locks held by kworker/u8:5/965:
4 locks held by kworker/u8:7/3492:
 #0: ffff8881412eb148 ((wq_completion)writeback){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3213 [inline]
 #0: ffff8881412eb148 ((wq_completion)writeback){+.+.}-{0:0}, at: process_scheduled_works+0x98b/0x18e0 kernel/workqueue.c:3319
 #1: ffffc9000c4bfc60 ((work_completion)(&(&wb->dwork)->work)){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3214 [inline]
 #1: ffffc9000c4bfc60 ((work_completion)(&(&wb->dwork)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9c6/0x18e0 kernel/workqueue.c:3319
 #2: ffff88805d3440e0 (&type->s_umount_key#72){++++}-{4:4}, at: super_trylock_shared+0x22/0xf0 fs/super.c:562
 #3: ffff88805459c988 (&inode->ei_update_lock){+.+.}-{4:4}, at: bch2_vfs_write_inode+0x69/0xc0 fs/bcachefs/fs.c:1834
5 locks held by kworker/u8:8/3577:
 #0: ffff8880b873e7d8 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x2a/0x140 kernel/sched/core.c:598
 #1: ffff8880b8728948 (&per_cpu_ptr(group->pcpu, cpu)->seq){-.-.}-{0:0}, at: psi_task_switch+0x41d/0x7a0 kernel/sched/psi.c:987
 #2: ffffffff9a8090f0 (&obj_hash[i].lock){-.-.}-{2:2}, at: __debug_check_no_obj_freed lib/debugobjects.c:1088 [inline]
 #2: ffffffff9a8090f0 (&obj_hash[i].lock){-.-.}-{2:2}, at: debug_check_no_obj_freed+0x234/0x580 lib/debugobjects.c:1129
 #3: ffffffff9a8d10b8 (&obj_hash[i].lock){-.-.}-{2:2}, at: __debug_check_no_obj_freed lib/debugobjects.c:1088 [inline]
 #3: ffffffff9a8d10b8 (&obj_hash[i].lock){-.-.}-{2:2}, at: debug_check_no_obj_freed+0x234/0x580 lib/debugobjects.c:1129
 #4: ffff888032bd80c8 (&app->lock){+.-.}-{3:3}, at: spin_lock include/linux/spinlock.h:351 [inline]
 #4: ffff888032bd80c8 (&app->lock){+.-.}-{3:3}, at: mrp_join_timer+0xce/0x180 net/802/mrp.c:610
2 locks held by getty/5579:
 #0: ffff888032db80a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 drivers/tty/tty_ldisc.c:243
 #1: ffffc900033232f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x616/0x1770 drivers/tty/n_tty.c:2211
5 locks held by syz.9.639/11557:
 #0: ffff88805d344420 (sb_writers#21){.+.+}-{0:0}, at: mnt_want_write+0x3f/0x90 fs/namespace.c:547
 #1: ffff88805459c5a0 (&sb->s_type->i_mutex_key#25/1){+.+.}-{4:4}, at: inode_lock_nested include/linux/fs.h:912 [inline]
 #1: ffff88805459c5a0 (&sb->s_type->i_mutex_key#25/1){+.+.}-{4:4}, at: filename_create+0x260/0x540 fs/namei.c:4082
 #2: ffff88805459c988 (&inode->ei_update_lock){+.+.}-{4:4}, at: __bch2_create+0x355/0xf40 fs/bcachefs/fs.c:550
 #3: ffff888066c84378 (&c->btree_trans_barrier){.+.+}-{0:0}, at: srcu_lock_acquire include/linux/srcu.h:164 [inline]
 #3: ffff888066c84378 (&c->btree_trans_barrier){.+.+}-{0:0}, at: srcu_read_lock include/linux/srcu.h:256 [inline]
 #3: ffff888066c84378 (&c->btree_trans_barrier){.+.+}-{0:0}, at: __bch2_trans_get+0x7e4/0xd30 fs/bcachefs/btree_iter.c:3408
 #4: ffff888066ca66d0 (&c->gc_lock){++++}-{4:4}, at: bch2_btree_update_start+0x680/0x1540 fs/bcachefs/btree_update_interior.c:1182
2 locks held by syz.9.639/11606:
 #0: ffff88805d344420 (sb_writers#21){.+.+}-{0:0}, at: mnt_want_write+0x3f/0x90 fs/namespace.c:547
 #1: ffff88805459c5a0 (&sb->s_type->i_mutex_key#25){++++}-{4:4}, at: inode_lock include/linux/fs.h:877 [inline]
 #1: ffff88805459c5a0 (&sb->s_type->i_mutex_key#25){++++}-{4:4}, at: open_last_lookups fs/namei.c:3747 [inline]
 #1: ffff88805459c5a0 (&sb->s_type->i_mutex_key#25){++++}-{4:4}, at: path_openat+0x89a/0x3590 fs/namei.c:3986
2 locks held by syz.5.718/12328:
 #0: ffff88805d3440e0 (&type->s_umount_key#72){++++}-{4:4}, at: __super_lock fs/super.c:58 [inline]
 #0: ffff88805d3440e0 (&type->s_umount_key#72){++++}-{4:4}, at: super_lock+0x27c/0x400 fs/super.c:120
 #1: ffff8880551e07d0 (&bdi->wb_switch_rwsem){+.+.}-{4:4}, at: bdi_down_write_wb_switch_rwsem fs/fs-writeback.c:387 [inline]
 #1: ffff8880551e07d0 (&bdi->wb_switch_rwsem){+.+.}-{4:4}, at: sync_inodes_sb+0x26e/0xb50 fs/fs-writeback.c:2819
2 locks held by syz.3.724/12346:
 #0: ffff88805d3440e0 (&type->s_umount_key#72){++++}-{4:4}, at: __super_lock fs/super.c:58 [inline]
 #0: ffff88805d3440e0 (&type->s_umount_key#72){++++}-{4:4}, at: super_lock+0x27c/0x400 fs/super.c:120
 #1: ffff8880551e07d0 (&bdi->wb_switch_rwsem){+.+.}-{4:4}, at: bdi_down_write_wb_switch_rwsem fs/fs-writeback.c:387 [inline]
 #1: ffff8880551e07d0 (&bdi->wb_switch_rwsem){+.+.}-{4:4}, at: sync_inodes_sb+0x26e/0xb50 fs/fs-writeback.c:2819
2 locks held by syz.9.955/14361:
 #0: ffff88805d3440e0 (&type->s_umount_key#72){++++}-{4:4}, at: __super_lock fs/super.c:58 [inline]
 #0: ffff88805d3440e0 (&type->s_umount_key#72){++++}-{4:4}, at: super_lock+0x27c/0x400 fs/super.c:120
 #1: ffff8880551e07d0 (&bdi->wb_switch_rwsem){+.+.}-{4:4}, at: bdi_down_write_wb_switch_rwsem fs/fs-writeback.c:387 [inline]
 #1: ffff8880551e07d0 (&bdi->wb_switch_rwsem){+.+.}-{4:4}, at: sync_inodes_sb+0x26e/0xb50 fs/fs-writeback.c:2819
2 locks held by dhcpcd-run-hook/14615:

=============================================

NMI backtrace for cpu 0
CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.14.0-rc7-syzkaller-00069-g81e4f8d68c66 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
Call Trace:
 <TASK>
 __dump_stack lib/dump_stack.c:94 [inline]
 dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120
 nmi_cpu_backtrace+0x49c/0x4d0 lib/nmi_backtrace.c:113
 nmi_trigger_cpumask_backtrace+0x198/0x320 lib/nmi_backtrace.c:62
 trigger_all_cpu_backtrace include/linux/nmi.h:162 [inline]
 check_hung_uninterruptible_tasks kernel/hung_task.c:236 [inline]
 watchdog+0x1058/0x10a0 kernel/hung_task.c:399
 kthread+0x7a9/0x920 kernel/kthread.c:464
 ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:148
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244
 </TASK>
Sending NMI from CPU 0 to CPUs 1:
NMI backtrace for cpu 1
CPU: 1 UID: 0 PID: 14616 Comm: dhcpcd-run-hook Not tainted 6.14.0-rc7-syzkaller-00069-g81e4f8d68c66 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
RIP: 0010:format_decode+0x5b/0xca0 lib/vsprintf.c:2588
Code: 12 23 90 e8 17 cf c4 f5 80 fb 02 4c 89 6c 24 08 48 89 6c 24 10 0f 84 8e 05 00 00 40 0f b6 c5 83 f8 03 0f 84 d0 05 00 00 31 db <4d> 8d 3c 1e 4c 89 f8 48 c1 e8 03 42 0f b6 04 20 84 c0 75 27 41 0f
RSP: 0018:ffffc9000347f0c0 EFLAGS: 00000207
RAX: ffffffff8bfd16e1 RBX: 0000000000000005 RCX: ffff888030739e00
RDX: 0000000000000000 RSI: ffffffff90231250 RDI: 000000000000003d
RBP: 000000000000003d R08: 0000000000000001 R09: ffffffff8bfd16d3
R10: 0000000000000002 R11: ffff888030739e00 R12: dffffc0000000000
R13: ffffc9000347f1c0 R14: ffffffff8c7a5ca0 R15: ffffffff8c7a5ca4
FS:  00007fcd6e6f3380(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007ffd9841180c CR3: 0000000045a70000 CR4: 00000000003526f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 <NMI>
 </NMI>
 <TASK>
 vsnprintf+0x177/0x1220 lib/vsprintf.c:2786
 audit_log_vformat+0x35c/0x9e0 kernel/audit.c:1978
 audit_log_format+0xdb/0x130 kernel/audit.c:2012
 dump_common_audit_data security/lsm_audit.c:209 [inline]
 common_lsm_audit+0x171/0x1de0 security/lsm_audit.c:461
 smack_log+0x469/0x5c0 security/smack/smack_access.c:389
 smk_tskacc+0x300/0x370 security/smack/smack_access.c:253
 smack_inode_permission+0x2db/0x380 security/smack/smack_lsm.c:1218
 security_inode_permission+0x101/0x320 security/security.c:2324
 may_lookup fs/namei.c:1821 [inline]
 link_path_walk+0x204/0xea0 fs/namei.c:2427
 path_openat+0x266/0x3590 fs/namei.c:3985
 do_filp_open+0x27f/0x4e0 fs/namei.c:4016
 do_sys_openat2+0x13e/0x1d0 fs/open.c:1428
 do_sys_open fs/open.c:1443 [inline]
 __do_sys_openat fs/open.c:1459 [inline]
 __se_sys_openat fs/open.c:1454 [inline]
 __x64_sys_openat+0x247/0x2a0 fs/open.c:1454
 do_syscall_x64 arch/x86/entry/common.c:52 [inline]
 do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7fcd6e84b477
Code: 10 00 00 00 44 8b 54 24 e0 48 89 44 24 c0 48 8d 44 24 d0 48 89 44 24 c8 44 89 c2 4c 89 ce bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 76 10 48 8b 15 82 69 0d 00 f7 d8 64 89 02 48 83
RSP: 002b:00007ffd98412ec8 EFLAGS: 00000287 ORIG_RAX: 0000000000000101
RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fcd6e84b477
RDX: 0000000000090800 RSI: 000055a7df344160 RDI: 00000000ffffff9c
RBP: 000055a7df33f2c0 R08: 0000000000090800 R09: 000055a7df344160
R10: 0000000000000000 R11: 0000000000000287 R12: 00007ffd98413028
R13: 000055a7df33f2b8 R14: 000055a7df344187 R15: 0000000000000030
 </TASK>