INFO: task kworker/1:9:3696 blocked for more than 144 seconds.
      Not tainted 5.15.164-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:kworker/1:9     state:D
 stack:22392 pid: 3696 ppid:     2 flags:0x00004000
Workqueue: events_long flush_old_commits

Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5030 [inline]
 __schedule+0x12c4/0x45b0 kernel/sched/core.c:6376
 schedule+0x11b/0x1f0 kernel/sched/core.c:6459
 schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:6518
 __mutex_lock_common+0xe34/0x25a0 kernel/locking/mutex.c:669
 __mutex_lock kernel/locking/mutex.c:729 [inline]
 mutex_lock_nested+0x17/0x20 kernel/locking/mutex.c:743
 reiserfs_write_lock+0x76/0xd0 fs/reiserfs/lock.c:27
 reiserfs_sync_fs fs/reiserfs/super.c:76 [inline]
 flush_old_commits+0x1df/0x2e0 fs/reiserfs/super.c:111
 process_one_work+0x8a1/0x10c0 kernel/workqueue.c:2310
 worker_thread+0xaca/0x1280 kernel/workqueue.c:2457
 kthread+0x3f6/0x4f0 kernel/kthread.c:334
 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:287
 </TASK>

Showing all locks held in the system:
2 locks held by kworker/0:0/7:
 #0: 
ffff888011c70938
 (
(wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x78a/0x10c0 kernel/workqueue.c:2283
 #1: 
ffffc90000cc7d20
 (
(work_completion)(&pwq->unbound_release_work)
){+.+.}-{0:0}
, at: process_one_work+0x7d0/0x10c0 kernel/workqueue.c:2285
1 lock held by khungtaskd/27:
 #0: 
ffffffff8c91fb20
 (
rcu_read_lock
){....}-{1:2}
, at: rcu_lock_acquire+0x0/0x30
1 lock held by dhcpcd/3238:
 #0: 
ffffffff8da308c8
 (
rtnl_mutex
){+.+.}-{3:3}
, at: netlink_dump+0xd0/0xc40 net/netlink/af_netlink.c:2225
2 locks held by getty/3321:
 #0: 
ffff88802505a098
 (
&tty->ldisc_sem
){++++}-{0:0}
, at: tty_ldisc_ref_wait+0x21/0x70 drivers/tty/tty_ldisc.c:252
 #1: 
ffffc900024b32e8
 (
&ldata->atomic_read_lock
){+.+.}-{3:3}
, at: n_tty_read+0x6af/0x1db0 drivers/tty/n_tty.c:2158
3 locks held by kworker/u5:1/3572:
 #0: 
ffff888078e11138
 (
(wq_completion)hci6
){+.+.}-{0:0}
, at: process_one_work+0x78a/0x10c0 kernel/workqueue.c:2283
 #1: 
ffffc90002d97d20
 (
(work_completion)(&hdev->error_reset)
){+.+.}-{0:0}
, at: psi_task_switch+0x53d/0x810 kernel/sched/psi.c:891
 #2: 
ffff8880774c4ff0
 (
&hdev->req_lock
){+.+.}-{3:3}
, at: hci_dev_do_open+0xa4/0x1330 net/bluetooth/hci_core.c:1446
2 locks held by kworker/1:8/3625:
 #0: 
ffff888011c72138
 (
(wq_completion)rcu_gp
){+.+.}-{0:0}
, at: process_one_work+0x78a/0x10c0 kernel/workqueue.c:2283
 #1: 
ffffc900042cfd20
 (
(work_completion)(&rew.rew_work)
){+.+.}-{0:0}
, at: process_one_work+0x7d0/0x10c0 kernel/workqueue.c:2285
4 locks held by kworker/1:9/3696:
 #0: ffff888011c71138 ((wq_completion)events_long){+.+.}-{0:0}, at: process_one_work+0x78a/0x10c0 kernel/workqueue.c:2283
 #1: ffffc900030afd20 ((work_completion)(&(&sbi->old_work)->work)){+.+.}-{0:0}, at: process_one_work+0x7d0/0x10c0 kernel/workqueue.c:2285
 #2: ffff888019f040e0 (&type->s_umount_key#56){++++}-{3:3}, at: flush_old_commits+0xc7/0x2e0 fs/reiserfs/super.c:97
 #3: 
ffff88801a3e6090
 (
&sbi->lock
){+.+.}-{3:3}
, at: reiserfs_write_lock+0x76/0xd0 fs/reiserfs/lock.c:27
4 locks held by syz.2.185/4171:
4 locks held by kworker/u4:13/4772:
 #0: 
ffff888011dd5138
 (
(wq_completion)netns
){+.+.}-{0:0}
, at: process_one_work+0x78a/0x10c0 kernel/workqueue.c:2283
 #1: 
ffffc90002fa7d20
 (
net_cleanup_work
){+.+.}-{0:0}
, at: process_one_work+0x7d0/0x10c0 kernel/workqueue.c:2285
 #2: 
ffffffff8da24d10
 (
pernet_ops_rwsem
){++++}-{3:3}
, at: cleanup_net+0xf1/0xb60 net/core/net_namespace.c:561
 #3: 
ffffffff8da308c8
 (
rtnl_mutex
){+.+.}-{3:3}
, at: netdev_run_todo+0xa4f/0xc40 net/core/dev.c:10656
2 locks held by syz.0.342/4849:
 #0: 
ffff888019f040e0
 (
&type->s_umount_key
#56
){++++}-{3:3}
, at: iterate_supers+0xac/0x1e0 fs/super.c:703
 #1: 
ffff88801a3e6090
 (
&sbi->lock
){+.+.}-{3:3}
, at: reiserfs_write_lock+0x76/0xd0 fs/reiserfs/lock.c:27
3 locks held by kworker/0:18/5336:
 #0: 
ffff888011c70938
 (
(wq_completion)events
){+.+.}-{0:0}
, at: process_one_work+0x78a/0x10c0 kernel/workqueue.c:2283
 #1: 
ffffc900037d7d20
 (
xfrm_state_gc_work
){+.+.}-{0:0}
, at: process_one_work+0x7d0/0x10c0 kernel/workqueue.c:2285
 #2: 
ffffffff8c9240e8
 (
rcu_state.exp_mutex
){+.+.}-{3:3}
, at: exp_funnel_lock kernel/rcu/tree_exp.h:322 [inline]
, at: synchronize_rcu_expedited+0x350/0x740 kernel/rcu/tree_exp.h:845
3 locks held by kworker/0:19/5337:
 #0: 
ffff888011c70938
 (
(wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x78a/0x10c0 kernel/workqueue.c:2283
 #1: 
ffffc9000157fd20
 (
(work_completion)(&(&nsim_dev->trap_data->trap_report_dw)->work)
){+.+.}-{0:0}
, at: process_one_work+0x7d0/0x10c0 kernel/workqueue.c:2285
 #2: 
ffff8880633c2400
 (
&nsim_dev->port_list_lock
#2
){+.+.}-{3:3}
, at: nsim_dev_trap_report_work+0x56/0xab0 drivers/net/netdevsim/dev.c:757
4 locks held by kworker/u4:14/5636:
 #0: 
ffff8881429a9938
 (
(wq_completion)writeback
){+.+.}-{0:0}
, at: process_one_work+0x78a/0x10c0 kernel/workqueue.c:2283
 #1: 
ffffc9000343fd20
 (
(work_completion)(&(&wb->dwork)->work)
){+.+.}-{0:0}
, at: process_one_work+0x7d0/0x10c0 kernel/workqueue.c:2285
 #2: 
ffff88806775a650
 (
sb_internal
#5
){.+.+}-{0:0}
, at: xfs_bmapi_convert_delalloc+0x20f/0x1180 fs/xfs/libxfs/xfs_bmap.c:4573
 #3: 
ffff888062021ee8
 (
&xfs_nondir_ilock_class
){++++}-{3:3}
, at: xfs_bmapi_convert_delalloc+0x23c/0x1180 fs/xfs/libxfs/xfs_bmap.c:4578
2 locks held by syz-executor/5838:
 #0: 
ffff88806775a0e0
 (
&type->s_umount_key
#99
){++++}-{3:3}
, at: deactivate_super+0xa9/0xe0 fs/super.c:365
 #1: 
ffff8881475867d8 (&bdi->wb_switch_rwsem){+.+.}-{3:3}, at: bdi_down_write_wb_switch_rwsem fs/fs-writeback.c:362 [inline]
ffff8881475867d8 (&bdi->wb_switch_rwsem){+.+.}-{3:3}, at: sync_inodes_sb+0x274/0xab0 fs/fs-writeback.c:2768
8 locks held by syz-executor/6451:
 #0: 
ffff888025286460
 (
sb_writers
#8
){.+.+}-{0:0}
, at: vfs_write+0x29a/0xe50 fs/read_write.c:590
 #1: 
ffff888061b04888
 (
&of->mutex
){+.+.}-{3:3}
, at: kernfs_fop_write_iter+0x1e7/0x4f0 fs/kernfs/file.c:287
 #2: 
ffff888147ef3578
 (
kn->active
#232
){.+.+}-{0:0}
, at: kernfs_fop_write_iter+0x20b/0x4f0 fs/kernfs/file.c:288
 #3: 
ffffffff8d372948
 (
nsim_bus_dev_list_lock
){+.+.}-{3:3}
, at: del_device_store+0xf1/0x470 drivers/net/netdevsim/bus.c:344
 #4: 
ffff8880633c7178
 (
&dev->mutex
){....}-{3:3}
, at: device_lock include/linux/device.h:760 [inline]
, at: __device_driver_lock drivers/base/dd.c:1044 [inline]
, at: device_release_driver_internal+0xc2/0x7f0 drivers/base/dd.c:1259
 #5: 
ffff8880633c2400
 (
&nsim_dev->port_list_lock
#2
){+.+.}-{3:3}
, at: nsim_dev_port_del_all drivers/net/netdevsim/dev.c:1359 [inline]
, at: nsim_dev_reload_destroy+0x118/0x240 drivers/net/netdevsim/dev.c:1561
 #6: 
ffffffff8da308c8
 (
rtnl_mutex
){+.+.}-{3:3}
, at: nsim_destroy+0x3a/0x140 drivers/net/netdevsim/netdev.c:381
 #7: 
ffffffff8c9240e8
 (
rcu_state.exp_mutex
){+.+.}-{3:3}
, at: exp_funnel_lock kernel/rcu/tree_exp.h:322 [inline]
, at: synchronize_rcu_expedited+0x350/0x740 kernel/rcu/tree_exp.h:845
1 lock held by syz.0.888/6708:
 #0: 
ffffffff8cfe0108
 (
tty_mutex){+.+.}-{3:3}, at: tty_release_struct+0xad/0xd0 drivers/tty/tty_io.c:1718
2 locks held by syz.1.891/6723:
 #0: ffffffff8da8e0d0 (cb_lock){++++}-{3:3}, at: genl_rcv+0x15/0x40 net/netlink/genetlink.c:802
 #1: 
ffffffff8da308c8
 (
rtnl_mutex
){+.+.}-{3:3}
, at: nl80211_pre_doit+0x28/0x540 net/wireless/nl80211.c:14965
1 lock held by syz.3.893/6732:
 #0: ffffffff8da308c8 (rtnl_mutex){+.+.}-{3:3}, at: rtnl_lock net/core/rtnetlink.c:72 [inline]
 #0: ffffffff8da308c8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x94c/0xee0 net/core/rtnetlink.c:5626
1 lock held by syz.3.893/6733:
 #0: ffffffff8da308c8 (rtnl_mutex){+.+.}-{3:3}, at: rtnl_lock net/core/rtnetlink.c:72 [inline]
 #0: ffffffff8da308c8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x94c/0xee0 net/core/rtnetlink.c:5626
1 lock held by syz.2.896/6747:
 #0: ffff888078573c68 (&pipe->mutex/1){+.+.}-{3:3}, at: __pipe_lock fs/pipe.c:102 [inline]
 #0: ffff888078573c68 (&pipe->mutex/1){+.+.}-{3:3}, at: pipe_write+0xf0d/0x1b90 fs/pipe.c:576
2 locks held by syz.2.896/6748:
 #0: ffff888078573c68 (&pipe->mutex/1){+.+.}-{3:3}, at: splice_from_pipe fs/splice.c:596 [inline]
 #0: ffff888078573c68 (&pipe->mutex/1){+.+.}-{3:3}, at: generic_splice_sendpage+0x183/0x220 fs/splice.c:746
 #1: ffffffff8da308c8 (rtnl_mutex){+.+.}-{3:3}, at: rtnl_lock net/core/rtnetlink.c:72 [inline]
 #1: ffffffff8da308c8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x94c/0xee0 net/core/rtnetlink.c:5626
1 lock held by syz-executor/6750:
 #0: ffffffff8da308c8 (rtnl_mutex){+.+.}-{3:3}, at: rtnl_lock net/core/rtnetlink.c:72 [inline]
 #0: ffffffff8da308c8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x94c/0xee0 net/core/rtnetlink.c:5626
1 lock held by syz-executor/6753:
 #0: ffffffff8da308c8 (rtnl_mutex){+.+.}-{3:3}, at: rtnl_lock net/core/rtnetlink.c:72 [inline]
 #0: ffffffff8da308c8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x94c/0xee0 net/core/rtnetlink.c:5626
1 lock held by syz-executor/6756:
 #0: ffffffff8da308c8 (rtnl_mutex){+.+.}-{3:3}, at: rtnl_lock net/core/rtnetlink.c:72 [inline]
 #0: ffffffff8da308c8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x94c/0xee0 net/core/rtnetlink.c:5626

=============================================

NMI backtrace for cpu 1
CPU: 1 PID: 27 Comm: khungtaskd Not tainted 5.15.164-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
Call Trace:
 <TASK>
 __dump_stack lib/dump_stack.c:88 [inline]
 dump_stack_lvl+0x1e3/0x2d0 lib/dump_stack.c:106
 nmi_cpu_backtrace+0x46a/0x4a0 lib/nmi_backtrace.c:111
 nmi_trigger_cpumask_backtrace+0x181/0x2a0 lib/nmi_backtrace.c:62
 trigger_all_cpu_backtrace include/linux/nmi.h:148 [inline]
 check_hung_uninterruptible_tasks kernel/hung_task.c:210 [inline]
 watchdog+0xe72/0xeb0 kernel/hung_task.c:295
 kthread+0x3f6/0x4f0 kernel/kthread.c:334
 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:287
 </TASK>
Sending NMI from CPU 1 to CPUs 0:
NMI backtrace for cpu 0
CPU: 0 PID: 3571 Comm: kworker/0:3 Not tainted 5.15.164-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
Workqueue: xfs-buf/loop3 xfs_buf_ioend_work
RIP: 0010:io_serial_in+0x72/0xb0 drivers/tty/serial/8250/8250_port.c:461
Code: 24 16 05 fd 89 e9 41 d3 e6 48 83 c3 40 48 89 d8 48 c1 e8 03 42 80 3c 38 00 74 08 48 89 df e8 e5 e9 4e fd 44 03 33 44 89 f2 ec <0f> b6 c0 5b 41 5e 41 5f 5d c3 89 e9 80 e1 07 38 c1 7c ad 48 89 ef
RSP: 0018:ffffc90002d87418 EFLAGS: 00000006
RAX: 1ffffffff22f2005 RBX: ffffffff917907e0 RCX: 0000000000000000
RDX: 00000000000003f9 RSI: 0000000000000000 RDI: 0000000000000020
RBP: 0000000000000000 R08: ffffffff847b4b32 R09: 0000000000000003
R10: ffffffffffffffff R11: dffffc0000000001 R12: ffffffff917907a0
R13: 1ffffffff22f20fe R14: 00000000000003f9 R15: dffffc0000000000
FS:  0000000000000000(0000) GS:ffff8880b9a00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000562dcfecf048 CR3: 00000000757b2000 CR4: 00000000003506f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 <NMI>
 </NMI>
 <TASK>
 serial_port_in include/linux/serial_core.h:344 [inline]
 serial8250_console_write+0x29d/0x1180 drivers/tty/serial/8250/8250_port.c:3359
 console_unlock+0xced/0x12b0 kernel/printk/printk.c:2744
 vprintk_emit+0xbf/0x150 kernel/printk/printk.c:2274
 _printk+0xd1/0x120 kernel/printk/printk.c:2299
 print_hex_dump+0x1a2/0x250 lib/hexdump.c:285
 xfs_hex_dump+0x39/0x50 fs/xfs/xfs_message.c:118
 xfs_buf_verifier_error+0x1bc/0x290 fs/xfs/xfs_error.c:418
 xfs_allocbt_read_verify+0x52/0xc0
 xfs_buf_ioend+0x26a/0x6e0 fs/xfs/xfs_buf.c:1263
 process_one_work+0x8a1/0x10c0 kernel/workqueue.c:2310
 worker_thread+0xaca/0x1280 kernel/workqueue.c:2457
 kthread+0x3f6/0x4f0 kernel/kthread.c:334
 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:287
 </TASK>