INFO: task kworker/u8:8:610 blocked for more than 143 seconds.
      Not tainted 6.11.0-rc7-syzkaller-g5f5673607153 #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:kworker/u8:8    state:D stack:0     pid:610   tgid:610   ppid:2      flags:0x00000008
Workqueue: writeback wb_workfn (flush-btrfs-6)
Call trace:
 __switch_to+0x420/0x6dc arch/arm64/kernel/process.c:603
 context_switch kernel/sched/core.c:5188 [inline]
 __schedule+0x13d4/0x2418 kernel/sched/core.c:6529
 __schedule_loop kernel/sched/core.c:6606 [inline]
 schedule+0xbc/0x238 kernel/sched/core.c:6621
 wait_extent_bit fs/btrfs/extent-io-tree.c:823 [inline]
 lock_extent+0x5e4/0x794 fs/btrfs/extent-io-tree.c:1872
 find_lock_delalloc_range+0x428/0x7d4 fs/btrfs/extent_io.c:379
 writepage_delalloc+0x1f0/0x858 fs/btrfs/extent_io.c:1231
 __extent_writepage fs/btrfs/extent_io.c:1572 [inline]
 extent_write_cache_pages fs/btrfs/extent_io.c:2251 [inline]
 btrfs_writepages+0x10f8/0x2000 fs/btrfs/extent_io.c:2373
 do_writepages+0x304/0x7cc mm/page-writeback.c:2683
 __writeback_single_inode+0x158/0x14e4 fs/fs-writeback.c:1651
 writeback_sb_inodes+0x7dc/0x1190 fs/fs-writeback.c:1947
 wb_writeback+0x418/0x1040 fs/fs-writeback.c:2127
 wb_do_writeback fs/fs-writeback.c:2274 [inline]
 wb_workfn+0x38c/0x104c fs/fs-writeback.c:2314
 process_one_work+0x79c/0x15b8 kernel/workqueue.c:3231
 process_scheduled_works kernel/workqueue.c:3312 [inline]
 worker_thread+0x978/0xec4 kernel/workqueue.c:3389
 kthread+0x288/0x310 kernel/kthread.c:389
 ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:860
INFO: task syz.0.54:6706 blocked for more than 144 seconds.
      Not tainted 6.11.0-rc7-syzkaller-g5f5673607153 #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz.0.54        state:D stack:0     pid:6706  tgid:6705  ppid:6429   flags:0x00000009
Call trace:
 __switch_to+0x420/0x6dc arch/arm64/kernel/process.c:603
 context_switch kernel/sched/core.c:5188 [inline]
 __schedule+0x13d4/0x2418 kernel/sched/core.c:6529
 __schedule_loop kernel/sched/core.c:6606 [inline]
 schedule+0xbc/0x238 kernel/sched/core.c:6621
 io_schedule+0x8c/0x124 kernel/sched/core.c:7401
 folio_wait_bit_common+0x65c/0xb90 mm/filemap.c:1307
 __folio_lock+0x2c/0x3c mm/filemap.c:1645
 folio_lock include/linux/pagemap.h:1050 [inline]
 extent_write_cache_pages fs/btrfs/extent_io.c:2225 [inline]
 btrfs_writepages+0x9c0/0x2000 fs/btrfs/extent_io.c:2373
 do_writepages+0x304/0x7cc mm/page-writeback.c:2683
 filemap_fdatawrite_wbc+0x124/0x174 mm/filemap.c:397
 __filemap_fdatawrite_range mm/filemap.c:430 [inline]
 filemap_fdatawrite_range+0x10c/0x174 mm/filemap.c:448
 btrfs_fdatawrite_range fs/btrfs/file.c:3799 [inline]
 start_ordered_ops fs/btrfs/file.c:1563 [inline]
 btrfs_sync_file+0x320/0x1008 fs/btrfs/file.c:1645
 btrfs_remap_file_range+0x7bc/0xeb0 fs/btrfs/reflink.c:909
 vfs_copy_file_range+0xdf8/0x1248 fs/read_write.c:1522
 __do_sys_copy_file_range fs/read_write.c:1612 [inline]
 __se_sys_copy_file_range fs/read_write.c:1575 [inline]
 __arm64_sys_copy_file_range+0x578/0x914 fs/read_write.c:1575
 __invoke_syscall arch/arm64/kernel/syscall.c:35 [inline]
 invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:49
 el0_svc_common+0x130/0x23c arch/arm64/kernel/syscall.c:132
 do_el0_svc+0x48/0x58 arch/arm64/kernel/syscall.c:151
 el0_svc+0x54/0x168 arch/arm64/kernel/entry-common.c:712
 el0t_64_sync_handler+0x84/0xfc arch/arm64/kernel/entry-common.c:730
 el0t_64_sync+0x190/0x194 arch/arm64/kernel/entry.S:598
INFO: task syz.0.54:6750 blocked for more than 144 seconds.
      Not tainted 6.11.0-rc7-syzkaller-g5f5673607153 #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz.0.54        state:D stack:0     pid:6750  tgid:6705  ppid:6429   flags:0x00000009
Call trace:
 __switch_to+0x420/0x6dc arch/arm64/kernel/process.c:603
 context_switch kernel/sched/core.c:5188 [inline]
 __schedule+0x13d4/0x2418 kernel/sched/core.c:6529
 __schedule_loop kernel/sched/core.c:6606 [inline]
 schedule+0xbc/0x238 kernel/sched/core.c:6621
 wb_wait_for_completion+0x154/0x29c fs/fs-writeback.c:216
 __writeback_inodes_sb_nr+0x244/0x2d8 fs/fs-writeback.c:2706
 try_to_writeback_inodes_sb+0xa0/0xc4 fs/fs-writeback.c:2754
 btrfs_start_delalloc_flush fs/btrfs/transaction.c:2125 [inline]
 btrfs_commit_transaction+0x90c/0x2ba4 fs/btrfs/transaction.c:2310
 create_snapshot+0x58c/0x83c fs/btrfs/ioctl.c:876
 btrfs_mksubvol+0x4f8/0x600 fs/btrfs/ioctl.c:1030
 btrfs_mksnapshot+0xc4/0x154 fs/btrfs/ioctl.c:1076
 __btrfs_ioctl_snap_create+0x314/0x3fc fs/btrfs/ioctl.c:1341
 btrfs_ioctl_snap_create_v2+0x1b0/0x30c fs/btrfs/ioctl.c:1423
 btrfs_ioctl+0x994/0xaec
 vfs_ioctl fs/ioctl.c:51 [inline]
 __do_sys_ioctl fs/ioctl.c:907 [inline]
 __se_sys_ioctl fs/ioctl.c:893 [inline]
 __arm64_sys_ioctl+0x14c/0x1c8 fs/ioctl.c:893
 __invoke_syscall arch/arm64/kernel/syscall.c:35 [inline]
 invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:49
 el0_svc_common+0x130/0x23c arch/arm64/kernel/syscall.c:132
 do_el0_svc+0x48/0x58 arch/arm64/kernel/syscall.c:151
 el0_svc+0x54/0x168 arch/arm64/kernel/entry-common.c:712
 el0t_64_sync_handler+0x84/0xfc arch/arm64/kernel/entry-common.c:730
 el0t_64_sync+0x190/0x194 arch/arm64/kernel/entry.S:598
INFO: task syz.0.54:6751 blocked for more than 144 seconds.
      Not tainted 6.11.0-rc7-syzkaller-g5f5673607153 #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz.0.54        state:D stack:0     pid:6751  tgid:6705  ppid:6429   flags:0x00000005
Call trace:
 __switch_to+0x420/0x6dc arch/arm64/kernel/process.c:603
 context_switch kernel/sched/core.c:5188 [inline]
 __schedule+0x13d4/0x2418 kernel/sched/core.c:6529
 __schedule_loop kernel/sched/core.c:6606 [inline]
 schedule+0xbc/0x238 kernel/sched/core.c:6621
 wait_current_trans+0x300/0x450 fs/btrfs/transaction.c:527
 start_transaction+0x86c/0x1608 fs/btrfs/transaction.c:697
 btrfs_start_transaction+0x34/0x44 fs/btrfs/transaction.c:811
 clone_copy_inline_extent fs/btrfs/reflink.c:294 [inline]
 btrfs_clone+0x14cc/0x21cc fs/btrfs/reflink.c:528
 btrfs_clone_files+0x240/0x348 fs/btrfs/reflink.c:750
 btrfs_remap_file_range+0x4dc/0xeb0 fs/btrfs/reflink.c:888
 vfs_copy_file_range+0xdf8/0x1248 fs/read_write.c:1522
 __do_sys_copy_file_range fs/read_write.c:1612 [inline]
 __se_sys_copy_file_range fs/read_write.c:1575 [inline]
 __arm64_sys_copy_file_range+0x578/0x914 fs/read_write.c:1575
 __invoke_syscall arch/arm64/kernel/syscall.c:35 [inline]
 invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:49
 el0_svc_common+0x130/0x23c arch/arm64/kernel/syscall.c:132
 do_el0_svc+0x48/0x58 arch/arm64/kernel/syscall.c:151
 el0_svc+0x54/0x168 arch/arm64/kernel/entry-common.c:712
 el0t_64_sync_handler+0x84/0xfc arch/arm64/kernel/entry-common.c:730
 el0t_64_sync+0x190/0x194 arch/arm64/kernel/entry.S:598
INFO: task btrfs-transacti:6742 blocked for more than 144 seconds.
      Not tainted 6.11.0-rc7-syzkaller-g5f5673607153 #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:btrfs-transacti state:D stack:0     pid:6742  tgid:6742  ppid:2      flags:0x00000008
Call trace:
 __switch_to+0x420/0x6dc arch/arm64/kernel/process.c:603
 context_switch kernel/sched/core.c:5188 [inline]
 __schedule+0x13d4/0x2418 kernel/sched/core.c:6529
 __schedule_loop kernel/sched/core.c:6606 [inline]
 schedule+0xbc/0x238 kernel/sched/core.c:6621
 wait_current_trans+0x300/0x450 fs/btrfs/transaction.c:527
 start_transaction+0x8a4/0x1608 fs/btrfs/transaction.c:702
 btrfs_attach_transaction+0x30/0x40 fs/btrfs/transaction.c:863
 transaction_kthread+0x1c8/0x468 fs/btrfs/disk-io.c:1596
 kthread+0x288/0x310 kernel/kthread.c:389
 ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:860

Showing all locks held in the system:
2 locks held by kworker/u8:1/13:
3 locks held by kworker/1:0/25:
 #0: ffff0000c0028948 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x624/0x15b8 kernel/workqueue.c:3205
 #1: ffff8000976a7c20 (deferred_process_work){+.+.}-{0:0}, at: process_one_work+0x6a0/0x15b8 kernel/workqueue.c:3205
 #2: ffff800092437ee8 (rtnl_mutex){+.+.}-{3:3}, at: rtnl_lock+0x20/0x2c net/core/rtnetlink.c:79
1 lock held by khungtaskd/31:
 #0: ffff80008f74dfa0 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire+0xc/0x44 include/linux/rcupdate.h:325
3 locks held by kworker/u8:2/43:
 #0: ffff0000c0031148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x624/0x15b8 kernel/workqueue.c:3205
 #1: ffff800097cb7c20 ((linkwatch_work).work){+.+.}-{0:0}, at: process_one_work+0x6a0/0x15b8 kernel/workqueue.c:3205
 #2: ffff800092437ee8 (rtnl_mutex){+.+.}-{3:3}, at: rtnl_lock+0x20/0x2c net/core/rtnetlink.c:79
2 locks held by kworker/u8:8/610:
 #0: ffff0000c20e6148 ((wq_completion)writeback){+.+.}-{0:0}, at: process_one_work+0x624/0x15b8 kernel/workqueue.c:3205
 #1: ffff80009ca47c20 ((work_completion)(&(&wb->dwork)->work)){+.+.}-{0:0}, at: process_one_work+0x6a0/0x15b8 kernel/workqueue.c:3205
4 locks held by kworker/u8:9/636:
 #0: ffff0000c1869948 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x624/0x15b8 kernel/workqueue.c:3205
 #1: ffff80009ce97c20 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x6a0/0x15b8 kernel/workqueue.c:3205
 #2: ffff80009242b950 (pernet_ops_rwsem){++++}-{3:3}, at: cleanup_net+0x13c/0x9b4 net/core/net_namespace.c:594
 #3: ffff800092437ee8 (rtnl_mutex){+.+.}-{3:3}, at: rtnl_lock+0x20/0x2c net/core/rtnetlink.c:79
3 locks held by kworker/u8:10/650:
 #0: ffff0000d1ab7948 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_one_work+0x624/0x15b8 kernel/workqueue.c:3205
 #1: ffff80009cde7c20 ((work_completion)(&(&ifa->dad_work)->work)){+.+.}-{0:0}, at: process_one_work+0x6a0/0x15b8 kernel/workqueue.c:3205
 #2: ffff800092437ee8 (rtnl_mutex){+.+.}-{3:3}, at: rtnl_lock+0x20/0x2c net/core/rtnetlink.c:79
2 locks held by dhcpcd/6082:
 #0: ffff0000fcd3d678 (nlk_cb_mutex-ROUTE){+.+.}-{3:3}, at: netlink_dump+0xc0/0xafc net/netlink/af_netlink.c:2271
 #1: ffff800092437ee8 (rtnl_mutex){+.+.}-{3:3}, at: rtnl_lock net/core/rtnetlink.c:79 [inline]
 #1: ffff800092437ee8 (rtnl_mutex){+.+.}-{3:3}, at: rtnl_dumpit+0x8c/0x1d0 net/core/rtnetlink.c:6506
2 locks held by getty/6183:
 #0: ffff0000d292a0a0 (&tty->ldisc_sem){++++}-{0:0}, at: ldsem_down_read+0x3c/0x4c drivers/tty/tty_ldsem.c:340
 #1: ffff80009b52e2f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x41c/0x1228 drivers/tty/n_tty.c:2211
1 lock held by syz-executor/6406:
1 lock held by syz.0.54/6706:
 #0: ffff0000d0524420 (sb_writers#19){.+.+}-{0:0}, at: file_start_write include/linux/fs.h:2882 [inline]
 #0: ffff0000d0524420 (sb_writers#19){.+.+}-{0:0}, at: vfs_copy_file_range+0x880/0x1248 fs/read_write.c:1510
7 locks held by syz.0.54/6750:
 #0: ffff0000d0524420 (sb_writers#19){.+.+}-{0:0}, at: mnt_want_write_file+0x64/0x1e8 fs/namespace.c:559
 #1: ffff0000ee628d90 (&type->i_mutex_dir_key#11/1){+.+.}-{3:3}, at: btrfs_mksubvol+0x15c/0x600 fs/btrfs/ioctl.c:1002
 #2: ffff0000cbd3cbd0 (&fs_info->subvol_sem){.+.+}-{3:3}, at: btrfs_mksubvol+0x484/0x600 fs/btrfs/ioctl.c:1024
 #3: ffff0000d0524610 (sb_internal#2){.+.+}-{0:0}, at: btrfs_start_transaction+0x34/0x44 fs/btrfs/transaction.c:811
 #4: ffff0000cbd3e458 (btrfs_trans_num_writers){++++}-{0:0}, at: spin_unlock include/linux/spinlock.h:391 [inline]
 #4: ffff0000cbd3e458 (btrfs_trans_num_writers){++++}-{0:0}, at: join_transaction+0x37c/0xb54 fs/btrfs/transaction.c:289
 #5: ffff0000cbd3e480 (btrfs_trans_num_extwriters){++++}-{0:0}, at: join_transaction+0x3a4/0xb54 fs/btrfs/transaction.c:290
 #6: ffff0000d05240e0 (&type->s_umount_key#69){++++}-{3:3}, at: try_to_writeback_inodes_sb+0x2c/0xc4 fs/fs-writeback.c:2751
4 locks held by syz.0.54/6751:
 #0: ffff0000d0524420 (sb_writers#19){.+.+}-{0:0}, at: file_start_write include/linux/fs.h:2882 [inline]
 #0: ffff0000d0524420 (sb_writers#19){.+.+}-{0:0}, at: vfs_copy_file_range+0x880/0x1248 fs/read_write.c:1510
 #1: ffff0000ee629638 (&sb->s_type->i_mutex_key#25){+.+.}-{3:3}, at: inode_lock include/linux/fs.h:800 [inline]
 #1: ffff0000ee629638 (&sb->s_type->i_mutex_key#25){+.+.}-{3:3}, at: btrfs_inode_lock+0x54/0xe0 fs/btrfs/inode.c:362
 #2: ffff0000ee6294c8 (&ei->i_mmap_lock){+.+.}-{3:3}, at: btrfs_inode_lock+0xc8/0xe0 fs/btrfs/inode.c:365
 #3: ffff0000d0524610 (sb_internal#2){.+.+}-{0:0}, at: btrfs_start_transaction+0x34/0x44 fs/btrfs/transaction.c:811
1 lock held by btrfs-transacti/6742:
 #0: ffff0000cbd3c7c0 (&fs_info->transaction_kthread_mutex){+.+.}-{3:3}, at: transaction_kthread+0xd4/0x468 fs/btrfs/disk-io.c:1573
2 locks held by syz.2.190/7342:
 #0: ffff0000d05240e0 (&type->s_umount_key#69){++++}-{3:3}, at: __super_lock fs/super.c:58 [inline]
 #0: ffff0000d05240e0 (&type->s_umount_key#69){++++}-{3:3}, at: super_lock+0x244/0x33c fs/super.c:120
 #1: ffff0000d05267d0 (&bdi->wb_switch_rwsem){+.+.}-{3:3}, at: bdi_down_write_wb_switch_rwsem fs/fs-writeback.c:388 [inline]
 #1: ffff0000d05267d0 (&bdi->wb_switch_rwsem){+.+.}-{3:3}, at: sync_inodes_sb+0x208/0x944 fs/fs-writeback.c:2790
1 lock held by syz-executor/8161:
 #0: ffff800092437ee8 (rtnl_mutex){+.+.}-{3:3}, at: rtnl_lock net/core/rtnetlink.c:79 [inline]
 #0: ffff800092437ee8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x5e8/0xa9c net/core/rtnetlink.c:6644
1 lock held by syz-executor/8331:
 #0: ffff800092437ee8 (rtnl_mutex){+.+.}-{3:3}, at: rtnl_lock net/core/rtnetlink.c:79 [inline]
 #0: ffff800092437ee8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x5e8/0xa9c net/core/rtnetlink.c:6644
7 locks held by syz-executor/8410:
 #0: ffff0000d821e420 (sb_writers#7){.+.+}-{0:0}, at: file_start_write include/linux/fs.h:2882 [inline]
 #0: ffff0000d821e420 (sb_writers#7){.+.+}-{0:0}, at: vfs_write+0x368/0xc80 fs/read_write.c:586
 #1: ffff0000c1fdac88 (&of->mutex){+.+.}-{3:3}, at: kernfs_fop_write_iter+0x1c8/0x48c fs/kernfs/file.c:325
 #2: ffff0000cae9d4b8 (kn->active#45){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x1e4/0x48c fs/kernfs/file.c:326
 #3: ffff800091592148 (nsim_bus_dev_list_lock){+.+.}-{3:3}, at: del_device_store+0xec/0x39c drivers/net/netdevsim/bus.c:216
 #4: ffff0000d1e890e8 (&dev->mutex){....}-{3:3}, at: device_lock include/linux/device.h:1009 [inline]
 #4: ffff0000d1e890e8 (&dev->mutex){....}-{3:3}, at: __device_driver_lock drivers/base/dd.c:1094 [inline]
 #4: ffff0000d1e890e8 (&dev->mutex){....}-{3:3}, at: device_release_driver_internal+0xbc/0x698 drivers/base/dd.c:1292
 #5: ffff0000d1e8a250 (&devlink->lock_key#11){+.+.}-{3:3}, at: devl_lock+0x24/0x34 net/devlink/core.c:276
 #6: ffff800092437ee8 (rtnl_mutex){+.+.}-{3:3}, at: rtnl_lock+0x20/0x2c net/core/rtnetlink.c:79
1 lock held by syz.0.385/8514:
 #0: ffff800092437ee8 (rtnl_mutex){+.+.}-{3:3}, at: rtnl_lock net/core/rtnetlink.c:79 [inline]
 #0: ffff800092437ee8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x5e8/0xa9c net/core/rtnetlink.c:6644

=============================================