INFO: task kworker/0:0:5965 blocked for more than 430 seconds.
      Not tainted 5.12.0-rc2-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:kworker/0:0     state:D stack:    0 pid: 5965 ppid:     2 flags:0x00000000
Workqueue: usb_hub_wq hub_event
Backtrace: 
[<821376f0>] (__schedule) from [<82138414>] (schedule+0x5c/0x108 kernel/sched/core.c:5154)
 r10:00000100 r9:00000000 r8:847d5ca8 r7:847d5d10 r6:839d1ad4 r5:847d4000
 r4:889ba080
[<821383b8>] (schedule) from [<8103b1d0>] (usb_kill_urb drivers/usb/core/urb.c:711 [inline])
[<821383b8>] (schedule) from [<8103b1d0>] (usb_kill_urb+0xf4/0x12c drivers/usb/core/urb.c:703)
 r5:88aad790 r4:88aad780
[<8103b0dc>] (usb_kill_urb) from [<8103b974>] (usb_start_wait_urb+0xdc/0x16c drivers/usb/core/message.c:64)
 r6:00001388 r5:00000000 r4:88aad780
[<8103b898>] (usb_start_wait_urb) from [<8103bacc>] (usb_internal_control_msg drivers/usb/core/message.c:102 [inline])
[<8103b898>] (usb_start_wait_urb) from [<8103bacc>] (usb_control_msg+0xc8/0x12c drivers/usb/core/message.c:153)
 r8:00000008 r7:890f7c80 r6:00000080 r5:00000006 r4:88e82800
[<8103ba04>] (usb_control_msg) from [<8103c49c>] (usb_get_descriptor+0x80/0xcc drivers/usb/core/message.c:790)
 r10:80000080 r9:00000003 r8:00000001 r7:00000008 r6:88e82800 r5:890f7400
 r4:00000100
[<8103c41c>] (usb_get_descriptor) from [<8103d3ec>] (usb_get_device_descriptor+0x58/0x94 drivers/usb/core/message.c:1065)
 r10:00000000 r9:84628000 r8:85ffd000 r7:88e82800 r6:85979000 r5:00000008
 r4:890f7400
[<8103d394>] (usb_get_device_descriptor) from [<810313e0>] (hub_port_init+0x2a0/0xc2c drivers/usb/core/hub.c:4799)
 r7:00000002 r6:85979000 r5:00000000 r4:88e82800
[<81031140>] (hub_port_init) from [<81034b24>] (hub_port_connect drivers/usb/core/hub.c:5155 [inline])
[<81031140>] (hub_port_init) from [<81034b24>] (hub_port_connect_change drivers/usb/core/hub.c:5363 [inline])
[<81031140>] (hub_port_init) from [<81034b24>] (port_event drivers/usb/core/hub.c:5509 [inline])
[<81031140>] (hub_port_init) from [<81034b24>] (hub_event+0x698/0x1848 drivers/usb/core/hub.c:5591)
 r10:859791bc r9:00000002 r8:88e82800 r7:85979b04 r6:00000404 r5:84628000
 r4:85ffd000
[<8103448c>] (hub_event) from [<802696b4>] (process_one_work+0x2d4/0x998 kernel/workqueue.c:2275)
 r10:00000008 r9:83822c98 r8:83ac76b2 r7:ddfd3e00 r6:ddfccd40 r5:88f07100
 r4:859791bc
[<802693e0>] (process_one_work) from [<80269ddc>] (worker_thread+0x64/0x54c kernel/workqueue.c:2421)
 r10:00000008 r9:847d4000 r8:83806d00 r7:ddfccd78 r6:88f07114 r5:ddfccd40
 r4:88f07100
[<80269d78>] (worker_thread) from [<80271f50>] (kthread+0x184/0x1a4 kernel/kthread.c:292)
 r10:88e65e64 r9:88f07100 r8:80269d78 r7:00000000 r6:847d4000 r5:88e3eac0
 r4:890d7480
[<80271dcc>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:158)
Exception stack(0x847d5fb0 to 0x847d5ff8)
5fa0:                                     00000000 00000000 00000000 00000000
5fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
5fe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80271dcc
 r4:88e3eac0

Showing all locks held in the system:
1 lock held by kworker/u4:3/56:
 #0: 8390e91c (rcu_read_lock){....}-{1:2}, at: srcu_init_notifier_head kernel/notifier.c:526 [inline]
 #0: 8390e91c (rcu_read_lock){....}-{1:2}, at: atomic_notifier_call_chain+0x0/0x130 kernel/notifier.c:522
1 lock held by khungtaskd/1525:
 #0: 8390e91c (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x34/0x1dc kernel/locking/lockdep.c:6329
2 locks held by getty/4305:
 #0: 86efc454 (&tty->ldisc_sem){++++}-{0:0}, at: ldsem_down_read+0x38/0x3c drivers/tty/tty_ldsem.c:340
 #1: e45f8290 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x4a4/0x56c drivers/tty/n_tty.c:2178
2 locks held by sshd/4366:
2 locks held by syz-executor.0/4380:
5 locks held by kworker/0:0/5965:
 #0: 846cd2a8 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: set_work_data kernel/workqueue.c:615 [inline]
 #0: 846cd2a8 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: set_work_pool_and_clear_pending kernel/workqueue.c:643 [inline]
 #0: 846cd2a8 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: process_one_work+0x214/0x998 kernel/workqueue.c:2246
 #1: 847d5ef8 ((work_completion)(&hub->events)){+.+.}-{0:0}, at: set_work_data kernel/workqueue.c:615 [inline]
 #1: 847d5ef8 ((work_completion)(&hub->events)){+.+.}-{0:0}, at: set_work_pool_and_clear_pending kernel/workqueue.c:643 [inline]
 #1: 847d5ef8 ((work_completion)(&hub->events)){+.+.}-{0:0}, at: process_one_work+0x214/0x998 kernel/workqueue.c:2246
 #2: 85ffd140 (&dev->mutex){....}-{3:3}, at: device_lock include/linux/device.h:740 [inline]
 #2: 85ffd140 (&dev->mutex){....}-{3:3}, at: hub_event+0x60/0x1848 drivers/usb/core/hub.c:5537
 #3: 85979b3c (&port_dev->status_lock){+.+.}-{3:3}, at: usb_lock_port drivers/usb/core/hub.c:3030 [inline]
 #3: 85979b3c (&port_dev->status_lock){+.+.}-{3:3}, at: hub_port_connect drivers/usb/core/hub.c:5154 [inline]
 #3: 85979b3c (&port_dev->status_lock){+.+.}-{3:3}, at: hub_port_connect_change drivers/usb/core/hub.c:5363 [inline]
 #3: 85979b3c (&port_dev->status_lock){+.+.}-{3:3}, at: port_event drivers/usb/core/hub.c:5509 [inline]
 #3: 85979b3c (&port_dev->status_lock){+.+.}-{3:3}, at: hub_event+0x684/0x1848 drivers/usb/core/hub.c:5591
 #4: 8699b5b8 (hcd->address0_mutex){+.+.}-{3:3}, at: hub_port_init+0x6c/0xc2c drivers/usb/core/hub.c:4582
5 locks held by kworker/0:2/7762:
 #0: 846cd2a8 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: set_work_data kernel/workqueue.c:615 [inline]
 #0: 846cd2a8 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: set_work_pool_and_clear_pending kernel/workqueue.c:643 [inline]
 #0: 846cd2a8 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: process_one_work+0x214/0x998 kernel/workqueue.c:2246
 #1: 88ef7ef8 ((work_completion)(&hub->events)){+.+.}-{0:0}, at: set_work_data kernel/workqueue.c:615 [inline]
 #1: 88ef7ef8 ((work_completion)(&hub->events)){+.+.}-{0:0}, at: set_work_pool_and_clear_pending kernel/workqueue.c:643 [inline]
 #1: 88ef7ef8 ((work_completion)(&hub->events)){+.+.}-{0:0}, at: process_one_work+0x214/0x998 kernel/workqueue.c:2246
 #2: 85ffc940 (&dev->mutex){....}-{3:3}, at: device_lock include/linux/device.h:740 [inline]
 #2: 85ffc940 (&dev->mutex){....}-{3:3}, at: hub_event+0x60/0x1848 drivers/usb/core/hub.c:5537
 #3: 86a7e33c (&port_dev->status_lock){+.+.}-{3:3}, at: usb_lock_port drivers/usb/core/hub.c:3030 [inline]
 #3: 86a7e33c (&port_dev->status_lock){+.+.}-{3:3}, at: hub_port_connect drivers/usb/core/hub.c:5154 [inline]
 #3: 86a7e33c (&port_dev->status_lock){+.+.}-{3:3}, at: hub_port_connect_change drivers/usb/core/hub.c:5363 [inline]
 #3: 86a7e33c (&port_dev->status_lock){+.+.}-{3:3}, at: port_event drivers/usb/core/hub.c:5509 [inline]
 #3: 86a7e33c (&port_dev->status_lock){+.+.}-{3:3}, at: hub_event+0x684/0x1848 drivers/usb/core/hub.c:5591
 #4: 8699b5b8 (hcd->address0_mutex){+.+.}-{3:3}, at: hub_port_init+0x6c/0xc2c drivers/usb/core/hub.c:4582
2 locks held by kworker/u4:1/7997:
2 locks held by kworker/0:4/11236:
 #0: 8440f4a8 ((wq_completion)rcu_gp){+.+.}-{0:0}, at: set_work_data kernel/workqueue.c:615 [inline]
 #0: 8440f4a8 ((wq_completion)rcu_gp){+.+.}-{0:0}, at: set_work_pool_and_clear_pending kernel/workqueue.c:643 [inline]
 #0: 8440f4a8 ((wq_completion)rcu_gp){+.+.}-{0:0}, at: process_one_work+0x214/0x998 kernel/workqueue.c:2246
 #1: 89205ef8 ((work_completion)(&rew.rew_work)){+.+.}-{0:0}, at: set_work_data kernel/workqueue.c:615 [inline]
 #1: 89205ef8 ((work_completion)(&rew.rew_work)){+.+.}-{0:0}, at: set_work_pool_and_clear_pending kernel/workqueue.c:643 [inline]
 #1: 89205ef8 ((work_completion)(&rew.rew_work)){+.+.}-{0:0}, at: process_one_work+0x214/0x998 kernel/workqueue.c:2246
2 locks held by udevd/11530:
2 locks held by syz-executor.1/11593:

=============================================

NMI backtrace for cpu 1
CPU: 1 PID: 1525 Comm: khungtaskd Not tainted 5.12.0-rc2-syzkaller #0
Hardware name: ARM-Versatile Express
Backtrace: 
[<8210a388>] (dump_backtrace) from [<8210a5fc>] (show_stack+0x18/0x1c arch/arm/kernel/traps.c:252)
 r7:00000000 r6:60000013 r5:00000000 r4:83966184
[<8210a5e4>] (show_stack) from [<821135d0>] (__dump_stack lib/dump_stack.c:79 [inline])
[<8210a5e4>] (show_stack) from [<821135d0>] (dump_stack+0xb8/0xe8 lib/dump_stack.c:120)
[<82113518>] (dump_stack) from [<8091da60>] (nmi_cpu_backtrace+0xfc/0x160 lib/nmi_backtrace.c:105)
 r7:00000000 r6:80210934 r5:00000000 r4:00000001
[<8091d964>] (nmi_cpu_backtrace) from [<8091dc00>] (nmi_trigger_cpumask_backtrace+0x13c/0x224 lib/nmi_backtrace.c:62)
 r5:83823424 r4:00000001
[<8091dac4>] (nmi_trigger_cpumask_backtrace) from [<80211dec>] (arch_trigger_cpumask_backtrace+0x18/0x1c arch/arm/kernel/smp.c:857)
 r9:83822dd8 r8:83806d00 r7:00007f52 r6:83835150 r5:000279cd r4:83ac77d9
[<80211dd4>] (arch_trigger_cpumask_backtrace) from [<803665cc>] (trigger_all_cpu_backtrace include/linux/nmi.h:146 [inline])
[<80211dd4>] (arch_trigger_cpumask_backtrace) from [<803665cc>] (check_hung_uninterruptible_tasks kernel/hung_task.c:209 [inline])
[<80211dd4>] (arch_trigger_cpumask_backtrace) from [<803665cc>] (watchdog+0x6d0/0x88c kernel/hung_task.c:294)
[<80365efc>] (watchdog) from [<80271f50>] (kthread+0x184/0x1a4 kernel/kthread.c:292)
 r10:84505e2c r9:00000000 r8:80365efc r7:00000000 r6:846d8000 r5:847391c0
 r4:84724180
[<80271dcc>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:158)
Exception stack(0x846d9fb0 to 0x846d9ff8)
9fa0:                                     00000000 00000000 00000000 00000000
9fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
9fe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80271dcc
 r4:847391c0
Sending NMI from CPU 1 to CPUs 0:
NMI backtrace for cpu 0
CPU: 0 PID: 4143 Comm: klogd Not tainted 5.12.0-rc2-syzkaller #0
Hardware name: ARM-Versatile Express
PC is at lock_is_held_type+0x150/0x1d8 kernel/locking/lockdep.c:5554
LR is at __this_cpu_preempt_check+0x1c/0x20 lib/smp_processor_id.c:70
pc : [<82134cb8>]    lr : [<82135db4>]    psr: 20000013
sp : 86f37d70  ip : 86f37d60  fp : 86f37d9c
r10: 86d22080  r9 : 60000013  r8 : 00000000
r7 : 836bb680  r6 : 8390e944  r5 : 00000001  r4 : 86d22728
r3 : 60000093  r2 : 836bb680  r1 : 5a905000  r0 : 00000000
Flags: nzCv  IRQs on  FIQs on  Mode SVC_32  ISA ARM  Segment user
Control: 30c5387d  Table: 86f55100  DAC: fffffffd
CPU: 0 PID: 4143 Comm: klogd Not tainted 5.12.0-rc2-syzkaller #0
Hardware name: ARM-Versatile Express
Backtrace: 
[<8210a388>] (dump_backtrace) from [<8210a5fc>] (show_stack+0x18/0x1c arch/arm/kernel/traps.c:252)
 r7:00000080 r6:60000193 r5:00000000 r4:83966184
[<8210a5e4>] (show_stack) from [<821135d0>] (__dump_stack lib/dump_stack.c:79 [inline])
[<8210a5e4>] (show_stack) from [<821135d0>] (dump_stack+0xb8/0xe8 lib/dump_stack.c:120)
[<82113518>] (dump_stack) from [<802096bc>] (show_regs+0x14/0x18 arch/arm/kernel/process.c:191)
 r7:8440cd80 r6:00000000 r5:86f37d20 r4:00000000
[<802096a8>] (show_regs) from [<8091da48>] (nmi_cpu_backtrace+0xe4/0x160 lib/nmi_backtrace.c:103)
[<8091d964>] (nmi_cpu_backtrace) from [<80210e34>] (do_handle_IPI+0x4c/0x440 arch/arm/kernel/smp.c:672)
 r5:00000017 r4:00000007
[<80210de8>] (do_handle_IPI) from [<80211248>] (ipi_handler+0x20/0x28 arch/arm/kernel/smp.c:700)
 r9:86f37d20 r8:86f37c88 r7:8440cd80 r6:8382343c r5:00000017 r4:844a4600
[<80211228>] (ipi_handler) from [<802dfc14>] (handle_percpu_devid_irq+0xa4/0x19c kernel/irq/chip.c:930)
[<802dfb70>] (handle_percpu_devid_irq) from [<802d8a40>] (generic_handle_irq_desc include/linux/irqdesc.h:158 [inline])
[<802dfb70>] (handle_percpu_devid_irq) from [<802d8a40>] (generic_handle_irq kernel/irq/irqdesc.c:652 [inline])
[<802dfb70>] (handle_percpu_devid_irq) from [<802d8a40>] (__handle_domain_irq+0xb0/0x120 kernel/irq/irqdesc.c:689)
 r10:86f37cb8 r9:86f37d20 r8:00000001 r7:00000000 r6:836c6498 r5:00000000
 r4:836c6498 r3:00010001
[<802d8990>] (__handle_domain_irq) from [<80932490>] (handle_domain_irq include/linux/irqdesc.h:176 [inline])
[<802d8990>] (__handle_domain_irq) from [<80932490>] (gic_handle_irq+0x84/0xac drivers/irqchip/irq-gic.c:370)
 r10:86d22080 r9:40000193 r8:e000200c r7:836c64bc r6:e0002000 r5:86f37d20
 r4:8382343c
[<8093240c>] (gic_handle_irq) from [<80200abc>] (__irq_svc+0x5c/0x94 arch/arm/kernel/entry-armv.S:205)
Exception stack(0x86f37d20 to 0x86f37d68)
7d20: 00000000 5a905000 836bb680 60000093 86d22728 00000001 8390e944 836bb680
7d40: 00000000 60000013 86d22080 86f37d9c 86f37d60 86f37d70 82135db4 82134cb8
7d60: 20000013 ffffffff
 r9:86f36000 r8:00000000 r7:86f37d54 r6:ffffffff r5:20000013 r4:82134cb8
[<82134b68>] (lock_is_held_type) from [<802e8124>] (lock_is_held include/linux/lockdep.h:278 [inline])
[<82134b68>] (lock_is_held_type) from [<802e8124>] (rcu_read_lock_sched_held+0x44/0x7c kernel/rcu/update.c:125)
 r10:0000005d r9:000d6aa1 r8:8416fa28 r7:83822c98 r6:8046db3c r5:84645138
 r4:83ac773a r3:86f36000
[<802e80e0>] (rcu_read_lock_sched_held) from [<802bfd3c>] (trace_lock_release include/trace/events/lock.h:58 [inline])
[<802e80e0>] (rcu_read_lock_sched_held) from [<802bfd3c>] (lock_release+0x4c0/0x534 kernel/locking/lockdep.c:5521)
[<802bf87c>] (lock_release) from [<8046db7c>] (__might_fault mm/memory.c:5019 [inline])
[<802bf87c>] (lock_release) from [<8046db7c>] (__might_fault+0xa4/0xb4 mm/memory.c:5004)
 r10:0000005d r9:000d6aa1 r8:8416fa28 r7:00000221 r6:000001de r5:00000000
 r4:86f36000
[<8046dad8>] (__might_fault) from [<802d3324>] (_copy_to_user include/linux/uaccess.h:174 [inline])
[<8046dad8>] (__might_fault) from [<802d3324>] (copy_to_user include/linux/uaccess.h:200 [inline])
[<8046dad8>] (__might_fault) from [<802d3324>] (syslog_print+0x190/0x290 kernel/printk/printk.c:1477)
 r5:88fbf400 r4:8416fb48
[<802d3194>] (syslog_print) from [<802d3a4c>] (do_syslog.part.0+0x1cc/0x428 kernel/printk/printk.c:1588)
 r10:83845e84 r9:8416fb48 r8:86f37ee4 r7:83845da0 r6:000d6880 r5:00000000
 r4:000003ff
[<802d3880>] (do_syslog.part.0) from [<802d52ec>] (do_syslog kernel/printk/printk.c:1569 [inline])
[<802d3880>] (do_syslog.part.0) from [<802d52ec>] (__do_sys_syslog kernel/printk/printk.c:1680 [inline])
[<802d3880>] (do_syslog.part.0) from [<802d52ec>] (sys_syslog+0x3c/0x40 kernel/printk/printk.c:1678)
 r10:00000067 r9:86f36000 r8:80200224 r7:00000067 r6:000003ff r5:000d6880
 r4:00000002
[<802d52b0>] (sys_syslog) from [<80200060>] (ret_fast_syscall+0x0/0x2c arch/arm/mm/proc-v7.S:64)
Exception stack(0x86f37fa8 to 0x86f37ff0)
7fa0:                   000d6880 000d69de 00000002 000d6880 000003ff 000003fe
7fc0: 000d6880 000d69de 00000000 00000067 000d6880 000d6c90 000d6c90 00000000
7fe0: 000d6354 7e8ddc94 00057234 76e7870c
 r7:00000067 r6:00000000 r5:000d69de r4:000d6880