syzbot

INFO: task syz-executor865:1721 blocked for more than 143 seconds.
      Not tainted 5.3.0-rc5+ #27
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor865 D28344  1721   1719 0x00000000
Call Trace:
 schedule+0x9a/0x250 kernel/sched/core.c:3944
 schedule_timeout+0x440/0xb20 kernel/time/timer.c:1807
 do_wait_for_common kernel/sched/completion.c:83 [inline]
 __wait_for_common kernel/sched/completion.c:104 [inline]
 wait_for_common kernel/sched/completion.c:115 [inline]
 wait_for_completion_timeout+0x282/0x3e0 kernel/sched/completion.c:155
 usb_start_wait_urb+0x14b/0x2b0 drivers/usb/core/message.c:62
 usb_internal_control_msg drivers/usb/core/message.c:101 [inline]
 usb_control_msg+0x31c/0x4a0 drivers/usb/core/message.c:152
 ld_usb_write+0x856/0xa10 drivers/usb/misc/ldusb.c:577
 __vfs_write+0x76/0x100 fs/read_write.c:494
 vfs_write+0x262/0x5c0 fs/read_write.c:558
 ksys_write+0x1e8/0x250 fs/read_write.c:611
 do_syscall_64+0xb7/0x580 arch/x86/entry/common.c:296
 entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x4407e9
Code: Bad RIP value.
RSP: 002b:00007ffeb5a0a2c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 00000000004407e9
RDX: 000000000000004f RSI: 0000000020001bc0 RDI: 0000000000000004
RBP: 00000000006cb018 R08: 000000000000000f R09: 00000000004002c8
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000402070
R13: 0000000000402100 R14: 0000000000000000 R15: 0000000000000000

Showing all locks held in the system:
1 lock held by khungtaskd/23:
 #0: 00000000fd563b60 (rcu_read_lock){....}, at: debug_show_all_locks+0x53/0x269 kernel/locking/lockdep.c:5254
1 lock held by rsyslogd/1600:
 #0: 00000000c20a41d9 (&f->f_pos_lock){+.+.}, at: __fdget_pos+0xe3/0x100 fs/file.c:801
2 locks held by getty/1690:
 #0: 000000001154fd1d (&tty->ldisc_sem){++++}, at: tty_ldisc_ref_wait+0x22/0x80 drivers/tty/tty_ldisc.c:272
 #1: 000000002f4c05ee (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x223/0x1ae0 drivers/tty/n_tty.c:2156
2 locks held by getty/1691:
 #0: 00000000a911f389 (&tty->ldisc_sem){++++}, at: tty_ldisc_ref_wait+0x22/0x80 drivers/tty/tty_ldisc.c:272
 #1: 00000000bba4c828 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x223/0x1ae0 drivers/tty/n_tty.c:2156
2 locks held by getty/1692:
 #0: 0000000081f06ffe (&tty->ldisc_sem){++++}, at: tty_ldisc_ref_wait+0x22/0x80 drivers/tty/tty_ldisc.c:272
 #1: 0000000062b1cd97 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x223/0x1ae0 drivers/tty/n_tty.c:2156
2 locks held by getty/1693:
 #0: 00000000188b899f (&tty->ldisc_sem){++++}, at: tty_ldisc_ref_wait+0x22/0x80 drivers/tty/tty_ldisc.c:272
 #1: 00000000ee216f65 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x223/0x1ae0 drivers/tty/n_tty.c:2156
2 locks held by getty/1694:
 #0: 00000000cd50b032 (&tty->ldisc_sem){++++}, at: tty_ldisc_ref_wait+0x22/0x80 drivers/tty/tty_ldisc.c:272
 #1: 00000000c3aad320 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x223/0x1ae0 drivers/tty/n_tty.c:2156
2 locks held by getty/1695:
 #0: 00000000464bb3bf (&tty->ldisc_sem){++++}, at: tty_ldisc_ref_wait+0x22/0x80 drivers/tty/tty_ldisc.c:272
 #1: 000000000fa65af6 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x223/0x1ae0 drivers/tty/n_tty.c:2156
2 locks held by getty/1696:
 #0: 0000000076992f0e (&tty->ldisc_sem){++++}, at: tty_ldisc_ref_wait+0x22/0x80 drivers/tty/tty_ldisc.c:272
 #1: 00000000324b1de8 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x223/0x1ae0 drivers/tty/n_tty.c:2156
1 lock held by syz-executor865/1721:
 #0: 00000000f3f16e64 (&dev->mutex#3){+.+.}, at: ld_usb_write+0x111/0xa10 drivers/usb/misc/ldusb.c:539

=============================================

NMI backtrace for cpu 1
CPU: 1 PID: 23 Comm: khungtaskd Not tainted 5.3.0-rc5+ #27
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
 __dump_stack lib/dump_stack.c:77 [inline]
 dump_stack+0xca/0x13e lib/dump_stack.c:113
 nmi_cpu_backtrace.cold+0x55/0x96 lib/nmi_backtrace.c:101
 nmi_trigger_cpumask_backtrace+0x1b0/0x1c7 lib/nmi_backtrace.c:62
 trigger_all_cpu_backtrace include/linux/nmi.h:146 [inline]
 check_hung_uninterruptible_tasks kernel/hung_task.c:205 [inline]
 watchdog+0x9a4/0xe50 kernel/hung_task.c:289
 kthread+0x318/0x420 kernel/kthread.c:255
 ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:352
Sending NMI from CPU 1 to CPUs 0:
NMI backtrace for cpu 0 skipped: idling at native_safe_halt arch/x86/include/asm/irqflags.h:60 [inline]
NMI backtrace for cpu 0 skipped: idling at arch_safe_halt arch/x86/include/asm/irqflags.h:103 [inline]
NMI backtrace for cpu 0 skipped: idling at default_idle+0x28/0x2e0 arch/x86/kernel/process.c:580