syzbot

INFO: task kworker/1:1:23 blocked for more than 143 seconds.
      Not tainted 6.0.0-rc7-syzkaller-18095-gbbed346d5a96 #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:kworker/1:1     state:D stack:    0 pid:   23 ppid:     2 flags:0x00000008
Workqueue: usb_hub_wq hub_event
Call trace:
 __switch_to+0x180/0x298 arch/arm64/kernel/process.c:557
 context_switch kernel/sched/core.c:5182 [inline]
 __schedule+0x414/0x5a0 kernel/sched/core.c:6494
 schedule+0x64/0xa4 kernel/sched/core.c:6570
 usb_kill_urb+0xe0/0x1c8 drivers/usb/core/urb.c:726
 usb_start_wait_urb+0xf8/0x1ec drivers/usb/core/message.c:64
 usb_internal_control_msg drivers/usb/core/message.c:102 [inline]
 usb_control_msg+0xd8/0x17c drivers/usb/core/message.c:153
 hub_port_init+0x534/0x1064 drivers/usb/core/hub.c:4825
 hub_port_connect+0x528/0xe30 drivers/usb/core/hub.c:5282
 hub_port_connect_change+0x3d8/0x70c drivers/usb/core/hub.c:5497
 port_event+0x780/0x930 drivers/usb/core/hub.c:5653
 hub_event+0x2f0/0x658 drivers/usb/core/hub.c:5735
 process_one_work+0x2d8/0x504 kernel/workqueue.c:2289
 worker_thread+0x340/0x610 kernel/workqueue.c:2436
 kthread+0x12c/0x158 kernel/kthread.c:376
 ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:860
INFO: task kworker/0:2:917 blocked for more than 143 seconds.
      Not tainted 6.0.0-rc7-syzkaller-18095-gbbed346d5a96 #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:kworker/0:2     state:D stack:    0 pid:  917 ppid:     2 flags:0x00000008
Workqueue: usb_hub_wq hub_event
Call trace:
 __switch_to+0x180/0x298 arch/arm64/kernel/process.c:557
 context_switch kernel/sched/core.c:5182 [inline]
 __schedule+0x414/0x5a0 kernel/sched/core.c:6494
 schedule+0x64/0xa4 kernel/sched/core.c:6570
 usb_kill_urb+0xe0/0x1c8 drivers/usb/core/urb.c:726
 usb_start_wait_urb+0xf8/0x1ec drivers/usb/core/message.c:64
 usb_internal_control_msg drivers/usb/core/message.c:102 [inline]
 usb_control_msg+0xd8/0x17c drivers/usb/core/message.c:153
 hub_port_init+0x534/0x1064 drivers/usb/core/hub.c:4825
 hub_port_connect+0x528/0xe30 drivers/usb/core/hub.c:5282
 hub_port_connect_change+0x3d8/0x70c drivers/usb/core/hub.c:5497
 port_event+0x780/0x930 drivers/usb/core/hub.c:5653
 hub_event+0x2f0/0x658 drivers/usb/core/hub.c:5735
 process_one_work+0x2d8/0x504 kernel/workqueue.c:2289
 worker_thread+0x340/0x610 kernel/workqueue.c:2436
 kthread+0x12c/0x158 kernel/kthread.c:376
 ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:860
INFO: task kworker/0:0:3088 blocked for more than 143 seconds.
      Not tainted 6.0.0-rc7-syzkaller-18095-gbbed346d5a96 #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:kworker/0:0     state:D stack:    0 pid: 3088 ppid:     2 flags:0x00000008
Workqueue: usb_hub_wq hub_event
Call trace:
 __switch_to+0x180/0x298 arch/arm64/kernel/process.c:557
 context_switch kernel/sched/core.c:5182 [inline]
 __schedule+0x414/0x5a0 kernel/sched/core.c:6494
 schedule+0x64/0xa4 kernel/sched/core.c:6570
 usb_kill_urb+0xe0/0x1c8 drivers/usb/core/urb.c:726
 usb_start_wait_urb+0xf8/0x1ec drivers/usb/core/message.c:64
 usb_internal_control_msg drivers/usb/core/message.c:102 [inline]
 usb_control_msg+0xd8/0x17c drivers/usb/core/message.c:153
 hub_port_init+0x534/0x1064 drivers/usb/core/hub.c:4825
 hub_port_connect+0x528/0xe30 drivers/usb/core/hub.c:5282
 hub_port_connect_change+0x3d8/0x70c drivers/usb/core/hub.c:5497
 port_event+0x780/0x930 drivers/usb/core/hub.c:5653
 hub_event+0x2f0/0x658 drivers/usb/core/hub.c:5735
 process_one_work+0x2d8/0x504 kernel/workqueue.c:2289
 worker_thread+0x340/0x610 kernel/workqueue.c:2436
 kthread+0x12c/0x158 kernel/kthread.c:376
 ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:860
INFO: task kworker/1:0:3090 blocked for more than 143 seconds.
      Not tainted 6.0.0-rc7-syzkaller-18095-gbbed346d5a96 #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:kworker/1:0     state:D stack:    0 pid: 3090 ppid:     2 flags:0x00000008
Workqueue: usb_hub_wq hub_event
Call trace:
 __switch_to+0x180/0x298 arch/arm64/kernel/process.c:557
 context_switch kernel/sched/core.c:5182 [inline]
 __schedule+0x414/0x5a0 kernel/sched/core.c:6494
 schedule+0x64/0xa4 kernel/sched/core.c:6570
 usb_kill_urb+0xe0/0x1c8 drivers/usb/core/urb.c:726
 usb_start_wait_urb+0xf8/0x1ec drivers/usb/core/message.c:64
 usb_internal_control_msg drivers/usb/core/message.c:102 [inline]
 usb_control_msg+0xd8/0x17c drivers/usb/core/message.c:153
 hub_port_init+0x534/0x1064 drivers/usb/core/hub.c:4825
 hub_port_connect+0x528/0xe30 drivers/usb/core/hub.c:5282
 hub_port_connect_change+0x3d8/0x70c drivers/usb/core/hub.c:5497
 port_event+0x780/0x930 drivers/usb/core/hub.c:5653
 hub_event+0x2f0/0x658 drivers/usb/core/hub.c:5735
 process_one_work+0x2d8/0x504 kernel/workqueue.c:2289
 worker_thread+0x340/0x610 kernel/workqueue.c:2436
 kthread+0x12c/0x158 kernel/kthread.c:376
 ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:860
INFO: task syz-executor102:3093 blocked for more than 143 seconds.
      Not tainted 6.0.0-rc7-syzkaller-18095-gbbed346d5a96 #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz-executor102 state:D stack:    0 pid: 3093 ppid:  3084 flags:0x00000001
Call trace:
 __switch_to+0x180/0x298 arch/arm64/kernel/process.c:557
 context_switch kernel/sched/core.c:5182 [inline]
 __schedule+0x414/0x5a0 kernel/sched/core.c:6494
 schedule+0x64/0xa4 kernel/sched/core.c:6570
 schedule_preempt_disabled+0x18/0x2c kernel/sched/core.c:6629
 __mutex_lock_common+0x788/0xca8 kernel/locking/mutex.c:679
 __mutex_lock kernel/locking/mutex.c:747 [inline]
 mutex_lock_nested+0x38/0x44 kernel/locking/mutex.c:799
 device_lock include/linux/device.h:835 [inline]
 usbdev_release+0x40/0x3b8 drivers/usb/core/devio.c:1087
 __fput+0x198/0x3dc fs/file_table.c:320
 ____fput+0x20/0x30 fs/file_table.c:353
 task_work_run+0xc4/0x14c kernel/task_work.c:177
 resume_user_mode_work include/linux/resume_user_mode.h:49 [inline]
 do_notify_resume+0x174/0x1f0 arch/arm64/kernel/signal.c:1127
 prepare_exit_to_user_mode arch/arm64/kernel/entry-common.c:137 [inline]
 exit_to_user_mode arch/arm64/kernel/entry-common.c:142 [inline]
 el0_svc+0x9c/0x150 arch/arm64/kernel/entry-common.c:637
 el0t_64_sync_handler+0x84/0xf0 arch/arm64/kernel/entry-common.c:654
 el0t_64_sync+0x18c/0x190 arch/arm64/kernel/entry.S:581
INFO: task syz-executor102:3102 blocked for more than 143 seconds.
      Not tainted 6.0.0-rc7-syzkaller-18095-gbbed346d5a96 #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz-executor102 state:D stack:    0 pid: 3102 ppid:  3079 flags:0x00000001
Call trace:
 __switch_to+0x180/0x298 arch/arm64/kernel/process.c:557
 context_switch kernel/sched/core.c:5182 [inline]
 __schedule+0x414/0x5a0 kernel/sched/core.c:6494
 schedule+0x64/0xa4 kernel/sched/core.c:6570
 schedule_preempt_disabled+0x18/0x2c kernel/sched/core.c:6629
 __mutex_lock_common+0x788/0xca8 kernel/locking/mutex.c:679
 __mutex_lock kernel/locking/mutex.c:747 [inline]
 mutex_lock_nested+0x38/0x44 kernel/locking/mutex.c:799
 device_lock include/linux/device.h:835 [inline]
 usbdev_release+0x40/0x3b8 drivers/usb/core/devio.c:1087
 __fput+0x198/0x3dc fs/file_table.c:320
 ____fput+0x20/0x30 fs/file_table.c:353
 task_work_run+0xc4/0x14c kernel/task_work.c:177
 resume_user_mode_work include/linux/resume_user_mode.h:49 [inline]
 do_notify_resume+0x174/0x1f0 arch/arm64/kernel/signal.c:1127
 prepare_exit_to_user_mode arch/arm64/kernel/entry-common.c:137 [inline]
 exit_to_user_mode arch/arm64/kernel/entry-common.c:142 [inline]
 el0_svc+0x9c/0x150 arch/arm64/kernel/entry-common.c:637
 el0t_64_sync_handler+0x84/0xf0 arch/arm64/kernel/entry-common.c:654
 el0t_64_sync+0x18c/0x190 arch/arm64/kernel/entry.S:581
INFO: task syz-executor102:3105 blocked for more than 143 seconds.
      Not tainted 6.0.0-rc7-syzkaller-18095-gbbed346d5a96 #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz-executor102 state:D stack:    0 pid: 3105 ppid:  3083 flags:0x00000001
Call trace:
 __switch_to+0x180/0x298 arch/arm64/kernel/process.c:557
 context_switch kernel/sched/core.c:5182 [inline]
 __schedule+0x414/0x5a0 kernel/sched/core.c:6494
 schedule+0x64/0xa4 kernel/sched/core.c:6570
 schedule_preempt_disabled+0x18/0x2c kernel/sched/core.c:6629
 __mutex_lock_common+0x788/0xca8 kernel/locking/mutex.c:679
 __mutex_lock kernel/locking/mutex.c:747 [inline]
 mutex_lock_nested+0x38/0x44 kernel/locking/mutex.c:799
 device_lock include/linux/device.h:835 [inline]
 usbdev_release+0x40/0x3b8 drivers/usb/core/devio.c:1087
 __fput+0x198/0x3dc fs/file_table.c:320
 ____fput+0x20/0x30 fs/file_table.c:353
 task_work_run+0xc4/0x14c kernel/task_work.c:177
 resume_user_mode_work include/linux/resume_user_mode.h:49 [inline]
 do_notify_resume+0x174/0x1f0 arch/arm64/kernel/signal.c:1127
 prepare_exit_to_user_mode arch/arm64/kernel/entry-common.c:137 [inline]
 exit_to_user_mode arch/arm64/kernel/entry-common.c:142 [inline]
 el0_svc+0x9c/0x150 arch/arm64/kernel/entry-common.c:637
 el0t_64_sync_handler+0x84/0xf0 arch/arm64/kernel/entry-common.c:654
 el0t_64_sync+0x18c/0x190 arch/arm64/kernel/entry.S:581
INFO: task syz-executor102:3107 blocked for more than 143 seconds.
      Not tainted 6.0.0-rc7-syzkaller-18095-gbbed346d5a96 #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz-executor102 state:D stack:    0 pid: 3107 ppid:  3076 flags:0x00000001
Call trace:
 __switch_to+0x180/0x298 arch/arm64/kernel/process.c:557
 context_switch kernel/sched/core.c:5182 [inline]
 __schedule+0x414/0x5a0 kernel/sched/core.c:6494
 schedule+0x64/0xa4 kernel/sched/core.c:6570
 schedule_preempt_disabled+0x18/0x2c kernel/sched/core.c:6629
 __mutex_lock_common+0x788/0xca8 kernel/locking/mutex.c:679
 __mutex_lock kernel/locking/mutex.c:747 [inline]
 mutex_lock_nested+0x38/0x44 kernel/locking/mutex.c:799
 device_lock include/linux/device.h:835 [inline]
 usbdev_release+0x40/0x3b8 drivers/usb/core/devio.c:1087
 __fput+0x198/0x3dc fs/file_table.c:320
 ____fput+0x20/0x30 fs/file_table.c:353
 task_work_run+0xc4/0x14c kernel/task_work.c:177
 resume_user_mode_work include/linux/resume_user_mode.h:49 [inline]
 do_notify_resume+0x174/0x1f0 arch/arm64/kernel/signal.c:1127
 prepare_exit_to_user_mode arch/arm64/kernel/entry-common.c:137 [inline]
 exit_to_user_mode arch/arm64/kernel/entry-common.c:142 [inline]
 el0_svc+0x9c/0x150 arch/arm64/kernel/entry-common.c:637
 el0t_64_sync_handler+0x84/0xf0 arch/arm64/kernel/entry-common.c:654
 el0t_64_sync+0x18c/0x190 arch/arm64/kernel/entry.S:581
INFO: task syz-executor102:3111 blocked for more than 143 seconds.
      Not tainted 6.0.0-rc7-syzkaller-18095-gbbed346d5a96 #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz-executor102 state:D stack:    0 pid: 3111 ppid:  3082 flags:0x00000001
Call trace:
 __switch_to+0x180/0x298 arch/arm64/kernel/process.c:557
 context_switch kernel/sched/core.c:5182 [inline]
 __schedule+0x414/0x5a0 kernel/sched/core.c:6494
 schedule+0x64/0xa4 kernel/sched/core.c:6570
 schedule_preempt_disabled+0x18/0x2c kernel/sched/core.c:6629
 __mutex_lock_common+0x788/0xca8 kernel/locking/mutex.c:679
 __mutex_lock kernel/locking/mutex.c:747 [inline]
 mutex_lock_nested+0x38/0x44 kernel/locking/mutex.c:799
 device_lock include/linux/device.h:835 [inline]
 usbdev_open+0xb0/0x370 drivers/usb/core/devio.c:1042
 chrdev_open+0x2b4/0x2e8 fs/char_dev.c:414
 do_dentry_open+0x330/0x6d0 fs/open.c:880
 vfs_open+0x38/0x48 fs/open.c:1016
 do_open fs/namei.c:3557 [inline]
 path_openat+0xe34/0x11c4 fs/namei.c:3691
 do_filp_open+0xdc/0x1b8 fs/namei.c:3718
 do_sys_openat2+0xb8/0x22c fs/open.c:1313
 do_sys_open fs/open.c:1329 [inline]
 __do_sys_openat fs/open.c:1345 [inline]
 __se_sys_openat fs/open.c:1340 [inline]
 __arm64_sys_openat+0xb0/0xe0 fs/open.c:1340
 __invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
 invoke_syscall arch/arm64/kernel/syscall.c:52 [inline]
 el0_svc_common+0x138/0x220 arch/arm64/kernel/syscall.c:142
 do_el0_svc+0x48/0x164 arch/arm64/kernel/syscall.c:206
 el0_svc+0x58/0x150 arch/arm64/kernel/entry-common.c:636
 el0t_64_sync_handler+0x84/0xf0 arch/arm64/kernel/entry-common.c:654
 el0t_64_sync+0x18c/0x190 arch/arm64/kernel/entry.S:581
INFO: task syz-executor102:3112 blocked for more than 143 seconds.
      Not tainted 6.0.0-rc7-syzkaller-18095-gbbed346d5a96 #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz-executor102 state:D stack:    0 pid: 3112 ppid:  3081 flags:0x00000001
Call trace:
 __switch_to+0x180/0x298 arch/arm64/kernel/process.c:557
 context_switch kernel/sched/core.c:5182 [inline]
 __schedule+0x414/0x5a0 kernel/sched/core.c:6494
 schedule+0x64/0xa4 kernel/sched/core.c:6570
 schedule_preempt_disabled+0x18/0x2c kernel/sched/core.c:6629
 __mutex_lock_common+0x788/0xca8 kernel/locking/mutex.c:679
 __mutex_lock kernel/locking/mutex.c:747 [inline]
 mutex_lock_nested+0x38/0x44 kernel/locking/mutex.c:799
 device_lock include/linux/device.h:835 [inline]
 usbdev_open+0xb0/0x370 drivers/usb/core/devio.c:1042
 chrdev_open+0x2b4/0x2e8 fs/char_dev.c:414
 do_dentry_open+0x330/0x6d0 fs/open.c:880
 vfs_open+0x38/0x48 fs/open.c:1016
 do_open fs/namei.c:3557 [inline]
 path_openat+0xe34/0x11c4 fs/namei.c:3691
 do_filp_open+0xdc/0x1b8 fs/namei.c:3718
 do_sys_openat2+0xb8/0x22c fs/open.c:1313
 do_sys_open fs/open.c:1329 [inline]
 __do_sys_openat fs/open.c:1345 [inline]
 __se_sys_openat fs/open.c:1340 [inline]
 __arm64_sys_openat+0xb0/0xe0 fs/open.c:1340
 __invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
 invoke_syscall arch/arm64/kernel/syscall.c:52 [inline]
 el0_svc_common+0x138/0x220 arch/arm64/kernel/syscall.c:142
 do_el0_svc+0x48/0x164 arch/arm64/kernel/syscall.c:206
 el0_svc+0x58/0x150 arch/arm64/kernel/entry-common.c:636
 el0t_64_sync_handler+0x84/0xf0 arch/arm64/kernel/entry-common.c:654
 el0t_64_sync+0x18c/0x190 arch/arm64/kernel/entry.S:581

Showing all locks held in the system:
1 lock held by rcu_tasks_kthre/11:
 #0: ffff80000d433568 (rcu_tasks.tasks_gp_mutex){+.+.}-{3:3}, at: rcu_tasks_one_gp+0x3c/0x450 kernel/rcu/tasks.h:507
1 lock held by rcu_tasks_trace/12:
 #0: ffff80000d433bb8 (rcu_tasks_trace.tasks_gp_mutex){+.+.}-{3:3}, at: rcu_tasks_one_gp+0x3c/0x450 kernel/rcu/tasks.h:507
5 locks held by kworker/1:1/23:
 #0: ffff0000c0c12138 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: process_one_work+0x270/0x504 kernel/workqueue.c:2262
 #1: ffff80000f27bd80 ((work_completion)(&hub->events)){+.+.}-{0:0}, at: process_one_work+0x29c/0x504 kernel/workqueue.c:2264
 #2: ffff0000c6a1f990 (&dev->mutex){....}-{3:3}, at: device_lock include/linux/device.h:835 [inline]
 #2: ffff0000c6a1f990 (&dev->mutex){....}-{3:3}, at: hub_event+0x8c/0x658 drivers/usb/core/hub.c:5681
 #3: ffff0000c6a01508 (&port_dev->status_lock){+.+.}-{3:3}, at: usb_lock_port drivers/usb/core/hub.c:3103 [inline]
 #3: ffff0000c6a01508 (&port_dev->status_lock){+.+.}-{3:3}, at: hub_port_connect+0x33c/0xe30 drivers/usb/core/hub.c:5249
 #4: ffff0000c6663768 (hcd->address0_mutex){+.+.}-{3:3}, at: hub_port_connect+0x348/0xe30 drivers/usb/core/hub.c:5250
1 lock held by khungtaskd/27:
 #0: ffff80000d433440 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire+0x4/0x48 include/linux/rcupdate.h:279
5 locks held by kworker/0:2/917:
 #0: ffff0000c0c12138 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: process_one_work+0x270/0x504 kernel/workqueue.c:2262
 #1: ffff800013c9bd80 ((work_completion)(&hub->events)){+.+.}-{0:0}, at: process_one_work+0x29c/0x504 kernel/workqueue.c:2264
 #2: ffff0000c6441190 (&dev->mutex){....}-{3:3}, at: device_lock include/linux/device.h:835 [inline]
 #2: ffff0000c6441190 (&dev->mutex){....}-{3:3}, at: hub_event+0x8c/0x658 drivers/usb/core/hub.c:5681
 #3: ffff0000c6443508 (&port_dev->status_lock){+.+.}-{3:3}, at: usb_lock_port drivers/usb/core/hub.c:3103 [inline]
 #3: ffff0000c6443508 (&port_dev->status_lock){+.+.}-{3:3}, at: hub_port_connect+0x33c/0xe30 drivers/usb/core/hub.c:5249
 #4: ffff0000c6675e68 (hcd->address0_mutex){+.+.}-{3:3}, at: hub_port_connect+0x348/0xe30 drivers/usb/core/hub.c:5250
1 lock held by klogd/2550:
 #0: ffff0001fefeec58 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x2c/0x44 kernel/sched/core.c:544
2 locks held by getty/2711:
 #0: ffff0000c794c098 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x28/0x58 drivers/tty/tty_ldisc.c:244
 #1: ffff80000f6162f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x19c/0x89c drivers/tty/n_tty.c:2177
5 locks held by kworker/0:0/3088:
 #0: ffff0000c0c12138 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: process_one_work+0x270/0x504 kernel/workqueue.c:2262
 #1: ffff800012763d80 ((work_completion)(&hub->events)){+.+.}-{0:0}, at: process_one_work+0x29c/0x504 kernel/workqueue.c:2264
 #2: ffff0000c695b990 (&dev->mutex){....}-{3:3}, at: device_lock include/linux/device.h:835 [inline]
 #2: ffff0000c695b990 (&dev->mutex){....}-{3:3}, at: hub_event+0x8c/0x658 drivers/usb/core/hub.c:5681
 #3: ffff0000c695d508 (&port_dev->status_lock){+.+.}-{3:3}, at: usb_lock_port drivers/usb/core/hub.c:3103 [inline]
 #3: ffff0000c695d508 (&port_dev->status_lock){+.+.}-{3:3}, at: hub_port_connect+0x33c/0xe30 drivers/usb/core/hub.c:5249
 #4: ffff0000c6618768 (hcd->address0_mutex){+.+.}-{3:3}, at: hub_port_connect+0x348/0xe30 drivers/usb/core/hub.c:5250
5 locks held by kworker/1:0/3090:
 #0: ffff0000c0c12138 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: process_one_work+0x270/0x504 kernel/workqueue.c:2262
 #1: ffff800012783d80 ((work_completion)(&hub->events)){+.+.}-{0:0}, at: process_one_work+0x29c/0x504 kernel/workqueue.c:2264
 #2: ffff0000c69fd990 (&dev->mutex){....}-{3:3}, at: device_lock include/linux/device.h:835 [inline]
 #2: ffff0000c69fd990 (&dev->mutex){....}-{3:3}, at: hub_event+0x8c/0x658 drivers/usb/core/hub.c:5681
 #3: ffff0000c69ff508 (&port_dev->status_lock){+.+.}-{3:3}, at: usb_lock_port drivers/usb/core/hub.c:3103 [inline]
 #3: ffff0000c69ff508 (&port_dev->status_lock){+.+.}-{3:3}, at: hub_port_connect+0x33c/0xe30 drivers/usb/core/hub.c:5249
 #4: ffff0000c6663168 (hcd->address0_mutex){+.+.}-{3:3}, at: hub_port_connect+0x348/0xe30 drivers/usb/core/hub.c:5250
1 lock held by syz-executor102/3093:
 #0: ffff0000c6a1f990 (&dev->mutex){....}-{3:3}, at: device_lock include/linux/device.h:835 [inline]
 #0: ffff0000c6a1f990 (&dev->mutex){....}-{3:3}, at: usbdev_release+0x40/0x3b8 drivers/usb/core/devio.c:1087
1 lock held by syz-executor102/3102:
 #0: ffff0000c6a1f990 (&dev->mutex){....}-{3:3}, at: device_lock include/linux/device.h:835 [inline]
 #0: ffff0000c6a1f990 (&dev->mutex){....}-{3:3}, at: usbdev_release+0x40/0x3b8 drivers/usb/core/devio.c:1087
1 lock held by syz-executor102/3105:
 #0: ffff0000c6a1f990 (&dev->mutex){....}-{3:3}, at: device_lock include/linux/device.h:835 [inline]
 #0: ffff0000c6a1f990 (&dev->mutex){....}-{3:3}, at: usbdev_release+0x40/0x3b8 drivers/usb/core/devio.c:1087
1 lock held by syz-executor102/3107:
 #0: ffff0000c6a1f990 (&dev->mutex){....}-{3:3}, at: device_lock include/linux/device.h:835 [inline]
 #0: ffff0000c6a1f990 (&dev->mutex){....}-{3:3}, at: usbdev_release+0x40/0x3b8 drivers/usb/core/devio.c:1087
1 lock held by syz-executor102/3111:
 #0: ffff0000c6a1f990 (&dev->mutex){....}-{3:3}, at: device_lock include/linux/device.h:835 [inline]
 #0: ffff0000c6a1f990 (&dev->mutex){....}-{3:3}, at: usbdev_open+0xb0/0x370 drivers/usb/core/devio.c:1042
1 lock held by syz-executor102/3112:
 #0: ffff0000c6a1f990 (&dev->mutex){....}-{3:3}, at: device_lock include/linux/device.h:835 [inline]
 #0: ffff0000c6a1f990 (&dev->mutex){....}-{3:3}, at: usbdev_open+0xb0/0x370 drivers/usb/core/devio.c:1042

=============================================