INFO: task syz-executor.0:9865 blocked for more than 143 seconds.
      Not tainted 6.8.0-rc7-syzkaller-g707081b61156 #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz-executor.0  state:D stack:0     pid:9865  tgid:9860  ppid:6193   flags:0x00000005
Call trace:
 __switch_to+0x314/0x560 arch/arm64/kernel/process.c:553
 context_switch kernel/sched/core.c:5400 [inline]
 __schedule+0x1498/0x24b4 kernel/sched/core.c:6727
 __schedule_loop kernel/sched/core.c:6802 [inline]
 schedule+0xb8/0x19c kernel/sched/core.c:6817
 schedule_preempt_disabled+0x18/0x2c kernel/sched/core.c:6874
 rwsem_down_write_slowpath+0xcfc/0x1aa0 kernel/locking/rwsem.c:1178
 __down_write_common kernel/locking/rwsem.c:1306 [inline]
 __down_write kernel/locking/rwsem.c:1315 [inline]
 down_write+0xb4/0xc0 kernel/locking/rwsem.c:1580
 filemap_invalidate_lock include/linux/fs.h:849 [inline]
 blk_ioctl_zeroout block/ioctl.c:185 [inline]
 blkdev_common_ioctl+0x19dc/0x2878 block/ioctl.c:514
 blkdev_ioctl+0x35c/0xae4 block/ioctl.c:628
 vfs_ioctl fs/ioctl.c:51 [inline]
 __do_sys_ioctl fs/ioctl.c:871 [inline]
 __se_sys_ioctl fs/ioctl.c:857 [inline]
 __arm64_sys_ioctl+0x14c/0x1c8 fs/ioctl.c:857
 __invoke_syscall arch/arm64/kernel/syscall.c:34 [inline]
 invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:48
 el0_svc_common+0x130/0x23c arch/arm64/kernel/syscall.c:133
 do_el0_svc+0x48/0x58 arch/arm64/kernel/syscall.c:152
 el0_svc+0x54/0x168 arch/arm64/kernel/entry-common.c:712
 el0t_64_sync_handler+0x84/0xfc arch/arm64/kernel/entry-common.c:730
 el0t_64_sync+0x190/0x194 arch/arm64/kernel/entry.S:598
INFO: task syz-executor.3:9903 blocked for more than 143 seconds.
      Not tainted 6.8.0-rc7-syzkaller-g707081b61156 #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz-executor.3  state:D stack:0     pid:9903  tgid:9900  ppid:6210   flags:0x00000005
Call trace:
 __switch_to+0x314/0x560 arch/arm64/kernel/process.c:553
 context_switch kernel/sched/core.c:5400 [inline]
 __schedule+0x1498/0x24b4 kernel/sched/core.c:6727
 __schedule_loop kernel/sched/core.c:6802 [inline]
 schedule+0xb8/0x19c kernel/sched/core.c:6817
 schedule_preempt_disabled+0x18/0x2c kernel/sched/core.c:6874
 rwsem_down_read_slowpath+0x57c/0xe58 kernel/locking/rwsem.c:1086
 __down_read_common kernel/locking/rwsem.c:1250 [inline]
 __down_read kernel/locking/rwsem.c:1263 [inline]
 down_read+0xa0/0x2fc kernel/locking/rwsem.c:1528
 filemap_invalidate_lock_shared include/linux/fs.h:859 [inline]
 page_cache_ra_unbounded+0xc8/0x58c mm/readahead.c:225
 do_page_cache_ra mm/readahead.c:299 [inline]
 page_cache_ra_order+0x7c0/0x950 mm/readahead.c:544
 ondemand_readahead+0x600/0xaf4 mm/readahead.c:666
 page_cache_async_ra+0x1b0/0x1cc mm/readahead.c:715
 do_async_mmap_readahead mm/filemap.c:3181 [inline]
 filemap_fault+0x4a4/0xff4 mm/filemap.c:3235
 __do_fault+0x11c/0x374 mm/memory.c:4396
 do_read_fault mm/memory.c:4758 [inline]
 do_fault mm/memory.c:4888 [inline]
 do_pte_missing mm/memory.c:3745 [inline]
 handle_pte_fault mm/memory.c:5164 [inline]
 __handle_mm_fault mm/memory.c:5305 [inline]
 handle_mm_fault+0x3a80/0x546c mm/memory.c:5470
 faultin_page mm/gup.c:958 [inline]
 __get_user_pages+0x3e0/0xa24 mm/gup.c:1241
 populate_vma_page_range+0x254/0x328 mm/gup.c:1679
 __mm_populate+0x240/0x3d8 mm/gup.c:1788
 mm_populate include/linux/mm.h:3391 [inline]
 vm_mmap_pgoff+0x2bc/0x3d4 mm/util.c:561
 ksys_mmap_pgoff+0x3c8/0x5b0 mm/mmap.c:1428
 __do_sys_mmap arch/arm64/kernel/sys.c:28 [inline]
 __se_sys_mmap arch/arm64/kernel/sys.c:21 [inline]
 __arm64_sys_mmap+0xf8/0x110 arch/arm64/kernel/sys.c:21
 __invoke_syscall arch/arm64/kernel/syscall.c:34 [inline]
 invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:48
 el0_svc_common+0x130/0x23c arch/arm64/kernel/syscall.c:133
 do_el0_svc+0x48/0x58 arch/arm64/kernel/syscall.c:152
 el0_svc+0x54/0x168 arch/arm64/kernel/entry-common.c:712
 el0t_64_sync_handler+0x84/0xfc arch/arm64/kernel/entry-common.c:730
 el0t_64_sync+0x190/0x194 arch/arm64/kernel/entry.S:598

Showing all locks held in the system:
2 locks held by kworker/0:0/8:
 #0: ffff0000c0022538 ((wq_completion)rcu_gp){+.+.}-{0:0}, at: process_one_work+0x560/0x1204 kernel/workqueue.c:2606
 #1: ffff800093967c20 ((work_completion)(&rew->rew_work)){+.+.}-{0:0}, at: process_one_work+0x5a0/0x1204 kernel/workqueue.c:2608
2 locks held by kworker/u4:1/13:
1 lock held by khungtaskd/29:
 #0: ffff80008ee74ac0 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire+0xc/0x44 include/linux/rcupdate.h:297
5 locks held by kworker/u4:6/671:
 #0: ffff0000c0023d38 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x560/0x1204 kernel/workqueue.c:2606
 #1: ffff800099167c20 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x5a0/0x1204 kernel/workqueue.c:2608
 #2: ffff800091943350 (pernet_ops_rwsem){++++}-{3:3}, at: cleanup_net+0xf4/0x8d0 net/core/net_namespace.c:580
 #3: ffff80009194f2e8 (rtnl_mutex){+.+.}-{3:3}, at: rtnl_lock+0x20/0x2c net/core/rtnetlink.c:79
 #4: ffff80008ee7a3f8 (rcu_state.exp_mutex){+.+.}-{3:3}, at: exp_funnel_lock kernel/rcu/tree_exp.h:292 [inline]
 #4: ffff80008ee7a3f8 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x3ac/0x728 kernel/rcu/tree_exp.h:995
3 locks held by kworker/1:2/1882:
 #0: ffff0000c0020938 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x560/0x1204 kernel/workqueue.c:2606
 #1: ffff80009b3f7c20 ((linkwatch_work).work){+.+.}-{0:0}, at: process_one_work+0x5a0/0x1204 kernel/workqueue.c:2608
 #2: ffff80009194f2e8 (rtnl_mutex){+.+.}-{3:3}, at: rtnl_lock+0x20/0x2c net/core/rtnetlink.c:79
1 lock held by dhcpcd/5837:
 #0: ffff80009194f2e8 (rtnl_mutex){+.+.}-{3:3}, at: __netlink_dump_start+0x10c/0x704 net/netlink/af_netlink.c:2333
2 locks held by getty/5922:
 #0: ffff0000d6dea0a0 (&tty->ldisc_sem){++++}-{0:0}, at: ldsem_down_read+0x3c/0x4c drivers/tty/tty_ldsem.c:340
 #1: ffff800094f722f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x41c/0x1228 drivers/tty/n_tty.c:2201
3 locks held by kworker/0:4/6167:
 #0: ffff0000c0020938 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x560/0x1204 kernel/workqueue.c:2606
 #1: ffff800097877c20 ((work_completion)(&data->fib_event_work)){+.+.}-{0:0}, at: process_one_work+0x5a0/0x1204 kernel/workqueue.c:2608
 #2: ffff0000c7f18240 (&data->fib_lock){+.+.}-{3:3}, at: nsim_fib_event_work+0x270/0x32bc drivers/net/netdevsim/fib.c:1489
3 locks held by kworker/u5:3/6202:
 #0: ffff0000ce2ea938 ((wq_completion)hci6){+.+.}-{0:0}, at: process_one_work+0x560/0x1204 kernel/workqueue.c:2606
 #1: ffff800097bc7c20 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_one_work+0x5a0/0x1204 kernel/workqueue.c:2608
 #2: ffff00017913d060 (&hdev->req_lock){+.+.}-{3:3}, at: hci_cmd_sync_work+0x194/0x34c net/bluetooth/hci_sync.c:305
2 locks held by syz-executor.4/8960:
1 lock held by syz-executor.0/9865:
 #0: ffff0000c1563758 (mapping.invalidate_lock#2){++++}-{3:3}, at: filemap_invalidate_lock include/linux/fs.h:849 [inline]
 #0: ffff0000c1563758 (mapping.invalidate_lock#2){++++}-{3:3}, at: blk_ioctl_zeroout block/ioctl.c:185 [inline]
 #0: ffff0000c1563758 (mapping.invalidate_lock#2){++++}-{3:3}, at: blkdev_common_ioctl+0x19dc/0x2878 block/ioctl.c:514
1 lock held by syz-executor.3/9903:
 #0: ffff0000c1563758 (mapping.invalidate_lock#2){++++}-{3:3}, at: filemap_invalidate_lock_shared include/linux/fs.h:859 [inline]
 #0: ffff0000c1563758 (mapping.invalidate_lock#2){++++}-{3:3}, at: page_cache_ra_unbounded+0xc8/0x58c mm/readahead.c:225
1 lock held by syz-executor.2/10022:
 #0: ffff0000c1563758 (mapping.invalidate_lock#2){++++}-{3:3}, at: filemap_invalidate_lock_shared include/linux/fs.h:859 [inline]
 #0: ffff0000c1563758 (mapping.invalidate_lock#2){++++}-{3:3}, at: page_cache_ra_unbounded+0xc8/0x58c mm/readahead.c:225
1 lock held by syz-executor.0/10322:
 #0: ffff0000c1563758 (mapping.invalidate_lock#2){++++}-{3:3}, at: filemap_invalidate_lock_shared include/linux/fs.h:859 [inline]
 #0: ffff0000c1563758 (mapping.invalidate_lock#2){++++}-{3:3}, at: page_cache_ra_unbounded+0xc8/0x58c mm/readahead.c:225
3 locks held by syz-executor.4/12822:
7 locks held by syz-executor.0/13792:
 #0: ffff0000d82bc420 (sb_writers#7){.+.+}-{0:0}, at: file_start_write include/linux/fs.h:2794 [inline]
 #0: ffff0000d82bc420 (sb_writers#7){.+.+}-{0:0}, at: vfs_write+0x368/0xc3c fs/read_write.c:586
 #1: ffff000183dff088 (&of->mutex){+.+.}-{3:3}, at: kernfs_fop_write_iter+0x1c8/0x48c fs/kernfs/file.c:325
 #2: ffff0000cbf98bd0 (kn->active#46){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x1e4/0x48c fs/kernfs/file.c:326
 #3: ffff800090b8f668 (nsim_bus_dev_list_lock){+.+.}-{3:3}, at: del_device_store+0xec/0x39c drivers/net/netdevsim/bus.c:216
 #4: ffff0000d9cb70e8 (&dev->mutex){....}-{3:3}, at: device_lock include/linux/device.h:990 [inline]
 #4: ffff0000d9cb70e8 (&dev->mutex){....}-{3:3}, at: __device_driver_lock drivers/base/dd.c:1095 [inline]
 #4: ffff0000d9cb70e8 (&dev->mutex){....}-{3:3}, at: device_release_driver_internal+0xbc/0x6a0 drivers/base/dd.c:1292
 #5: ffff0000d9cb6250 (&devlink->lock_key#13){+.+.}-{3:3}, at: devl_lock+0x24/0x34 net/devlink/core.c:276
 #6: ffff80009194f2e8 (rtnl_mutex){+.+.}-{3:3}, at: rtnl_lock+0x20/0x2c net/core/rtnetlink.c:79
1 lock held by syz-executor.2/14004:
 #0: ffff0001b4013f58 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested kernel/sched/core.c:559 [inline]
 #0: ffff0001b4013f58 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock kernel/sched/sched.h:1385 [inline]
 #0: ffff0001b4013f58 (&rq->__lock){-.-.}-{2:2}, at: rq_lock kernel/sched/sched.h:1699 [inline]
 #0: ffff0001b4013f58 (&rq->__lock){-.-.}-{2:2}, at: __schedule+0x2e0/0x24b4 kernel/sched/core.c:6643
1 lock held by syz-executor.2/14007:
 #0: ffff80008ee7a3f8 (rcu_state.exp_mutex){+.+.}-{3:3}, at: exp_funnel_lock kernel/rcu/tree_exp.h:324 [inline]
 #0: ffff80008ee7a3f8 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x37c/0x728 kernel/rcu/tree_exp.h:995

=============================================