program:
r0 = syz_usb_connect$hid(0x2, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x28de, 0x1102, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0xd0, 0x0, [{{0x9, 0x4, 0x0, 0x4, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x1, 0xf9, 0x1, {0x22, 0x5}}, {{{0x9, 0x5, 0x81, 0x3, 0x0, 0x0, 0x0, 0x50}}}}}]}}]}}, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f0000000040)={0x2c, &(0x7f0000000200)=ANY=[@ANYBLOB="200b4000000028b1"], 0x0, 0x0, 0x0, 0x0}, 0x0)
syz_usb_control_io$cdc_ecm(0xffffffffffffffff, &(0x7f00000005c0)={0x14, &(0x7f00000001c0)={0x0, 0x0, 0xe, {0xe, 0x0, "6c46936e41c5838bf3d423ab"}}, 0x0}, 0x0)
write$char_usb(0xffffffffffffffff, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(0xffffffffffffffff, 0x0, 0x0)
r1 = syz_open_dev$hidraw(&(0x7f0000002300), 0x1, 0x14a042)
ioctl$HIDIOCGRDESC(r1, 0x541b, 0x0)
syz_usb_connect(0x3, 0x24, &(0x7f0000000180)=ANY=[], 0x0)

[   77.955272][ T4665] Bluetooth: hci0: command tx timeout
[   77.959518][ T1310] ieee802154 phy0 wpan0: encryption failed: -22
[   77.962518][ T1310] ieee802154 phy1 wpan1: encryption failed: -22
[   78.322186][ T5312] usb 5-1: new full-speed USB device number 2 using dummy_hcd
[   78.476565][ T5312] usb 5-1: config 0 interface 0 altsetting 4 endpoint 0x81 has an invalid bInterval 0, changing to 10
[   78.481118][ T5312] usb 5-1: config 0 interface 0 altsetting 4 endpoint 0x81 has invalid wMaxPacketSize 0
[   78.493893][ T5312] usb 5-1: config 0 interface 0 has no altsetting 0
[   78.496656][ T5312] usb 5-1: New USB device found, idVendor=28de, idProduct=1102, bcdDevice= 0.00
[   78.500278][ T5312] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   78.516637][ T5312] usb 5-1: config 0 descriptor??
[   78.937102][ T5312] hid-steam 0003:28DE:1102.0002: unknown main item tag 0x0
[   78.940253][ T5312] hid-steam 0003:28DE:1102.0002: unknown main item tag 0x0
[   78.946169][ T5312] hid-steam 0003:28DE:1102.0002: : USB HID v0.01 Device [HID 28de:1102] on usb-dummy_hcd.0-1/input0
[   79.002332][ T5312] hid-steam 0003:28DE:1102.0002: Steam Controller 'XXXXXXXXXX' connected
[   79.009413][ T5312] input: Steam Controller as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/0003:28DE:1102.0002/input/input5
[   79.034382][ T5312] hid-steam 0003:28DE:1102.0003: unknown main item tag 0x0
[   79.036748][ T5312] hid-steam 0003:28DE:1102.0003: unknown main item tag 0x0
[   79.045459][ T5312] hid-steam 0003:28DE:1102.0003: hidraw1: USB HID v0.01 Device [HID 28de:1102] on usb-dummy_hcd.0-1/input0
[   79.129224][ T5320] 
[   79.130129][ T5320] ======================================================
[   79.132514][ T5320] WARNING: possible circular locking dependency detected
[   79.135050][ T5320] 6.14.0-rc2-syzkaller #0 Not tainted
[   79.136940][ T5320] ------------------------------------------------------
[   79.139508][ T5320] syz.0.0/5320 is trying to acquire lock:
[   79.141836][ T5320] ffff8880408222c0 (&dev->mutex#2){+.+.}-{4:4}, at: __input_unregister_device+0x31/0x620
[   79.145745][ T5320] 
[   79.145745][ T5320] but task is already holding lock:
[   79.148426][ T5320] ffff88805260de20 (&hdev->ll_open_lock){+.+.}-{4:4}, at: hid_hw_open+0x28/0x170
[   79.151531][ T5320] 
[   79.151531][ T5320] which lock already depends on the new lock.
[   79.151531][ T5320] 
[   79.155098][ T5320] 
[   79.155098][ T5320] the existing dependency chain (in reverse order) is:
[   79.158393][ T5320] 
[   79.158393][ T5320] -> #1 (&hdev->ll_open_lock){+.+.}-{4:4}:
[   79.161407][ T5320]        lock_acquire+0x1ed/0x550
[   79.163654][ T5320]        __mutex_lock+0x19c/0x1010
[   79.166034][ T5320]        hid_hw_open+0x28/0x170
[   79.168004][ T5320]        input_open_device+0x1eb/0x360
[   79.170150][ T5320]        evdev_open+0x3e0/0x5f0
[   79.172024][ T5320]        chrdev_open+0x521/0x600
[   79.173904][ T5320]        do_dentry_open+0xdec/0x1960
[   79.175904][ T5320]        vfs_open+0x3b/0x370
[   79.177663][ T5320]        path_openat+0x2c81/0x3590
[   79.179716][ T5320]        do_filp_open+0x27f/0x4e0
[   79.181753][ T5320]        do_sys_openat2+0x13e/0x1d0
[   79.183971][ T5320]        __x64_sys_openat+0x247/0x2a0
[   79.186246][ T5320]        do_syscall_64+0xf3/0x230
[   79.188387][ T5320]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   79.190786][ T5320] 
[   79.190786][ T5320] -> #0 (&dev->mutex#2){+.+.}-{4:4}:
[   79.193545][ T5320]        validate_chain+0x18ef/0x5920
[   79.195444][ T5320]        __lock_acquire+0x1397/0x2100
[   79.197538][ T5320]        lock_acquire+0x1ed/0x550
[   79.199519][ T5320]        __mutex_lock+0x19c/0x1010
[   79.201564][ T5320]        __input_unregister_device+0x31/0x620
[   79.204133][ T5320]        input_unregister_device+0xa3/0x100
[   79.206780][ T5320]        steam_client_ll_open+0x88/0xa0
[   79.209151][ T5320]        hid_hw_open+0xe3/0x170
[   79.211099][ T5320]        hidraw_open+0x298/0x8e0
[   79.213082][ T5320]        chrdev_open+0x521/0x600
[   79.215007][ T5320]        do_dentry_open+0xdec/0x1960
[   79.217140][ T5320]        vfs_open+0x3b/0x370
[   79.218981][ T5320]        path_openat+0x2c81/0x3590
[   79.220908][ T5320]        do_filp_open+0x27f/0x4e0
[   79.222838][ T5320]        do_sys_openat2+0x13e/0x1d0
[   79.224908][ T5320]        __x64_sys_openat+0x247/0x2a0
[   79.227334][ T5320]        do_syscall_64+0xf3/0x230
[   79.229821][ T5320]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   79.232162][ T5320] 
[   79.232162][ T5320] other info that might help us debug this:
[   79.232162][ T5320] 
[   79.235778][ T5320]  Possible unsafe locking scenario:
[   79.235778][ T5320] 
[   79.238681][ T5320]        CPU0                    CPU1
[   79.240708][ T5320]        ----                    ----
[   79.242804][ T5320]   lock(&hdev->ll_open_lock);
[   79.245249][ T5320]                                lock(&dev->mutex#2);
[   79.248165][ T5320]                                lock(&hdev->ll_open_lock);
[   79.250739][ T5320]   lock(&dev->mutex#2);
[   79.252341][ T5320] 
[   79.252341][ T5320]  *** DEADLOCK ***
[   79.252341][ T5320] 
[   79.255467][ T5320] 2 locks held by syz.0.0/5320:
[   79.257277][ T5320]  #0: ffffffff8fb0b8f0 (minors_rwsem){+.+.}-{4:4}, at: hidraw_open+0x93/0x8e0
[   79.260623][ T5320]  #1: ffff88805260de20 (&hdev->ll_open_lock){+.+.}-{4:4}, at: hid_hw_open+0x28/0x170
[   79.264611][ T5320] 
[   79.264611][ T5320] stack backtrace:
[   79.267172][ T5320] CPU: 0 UID: 0 PID: 5320 Comm: syz.0.0 Not tainted 6.14.0-rc2-syzkaller #0
[   79.267191][ T5320] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   79.267201][ T5320] Call Trace:
[   79.267209][ T5320]  <TASK>
[   79.267216][ T5320]  dump_stack_lvl+0x241/0x360
[   79.267236][ T5320]  ? __pfx_dump_stack_lvl+0x10/0x10
[   79.267251][ T5320]  ? __pfx__printk+0x10/0x10
[   79.267275][ T5320]  print_circular_bug+0x13a/0x1b0
[   79.267291][ T5320]  check_noncircular+0x36a/0x4a0
[   79.267305][ T5320]  ? __pfx_check_noncircular+0x10/0x10
[   79.267317][ T5320]  ? lockdep_lock+0x123/0x2b0
[   79.267332][ T5320]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[   79.267349][ T5320]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   79.267367][ T5320]  validate_chain+0x18ef/0x5920
[   79.267378][ T5320]  ? finish_task_switch+0x1e5/0x870
[   79.267403][ T5320]  ? __schedule+0x1916/0x4c90
[   79.267421][ T5320]  ? __pfx_validate_chain+0x10/0x10
[   79.267434][ T5320]  ? __pfx___schedule+0x10/0x10
[   79.267454][ T5320]  ? synchronize_rcu_expedited+0x6a3/0x830
[   79.267467][ T5320]  ? __pfx_lock_release+0x10/0x10
[   79.267484][ T5320]  ? mark_lock+0x9a/0x360
[   79.267503][ T5320]  __lock_acquire+0x1397/0x2100
[   79.267525][ T5320]  lock_acquire+0x1ed/0x550
[   79.267542][ T5320]  ? __input_unregister_device+0x31/0x620
[   79.267558][ T5320]  ? __pfx_lock_acquire+0x10/0x10
[   79.267575][ T5320]  ? __pfx___might_resched+0x10/0x10
[   79.267589][ T5320]  ? synchronize_rcu_expedited+0x6a3/0x830
[   79.267601][ T5320]  ? mark_lock+0x9a/0x360
[   79.267619][ T5320]  ? __pfx_synchronize_rcu_expedited+0x10/0x10
[   79.267635][ T5320]  __mutex_lock+0x19c/0x1010
[   79.267651][ T5320]  ? __input_unregister_device+0x31/0x620
[   79.267665][ T5320]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[   79.267683][ T5320]  ? __pfx___might_resched+0x10/0x10
[   79.267698][ T5320]  ? __input_unregister_device+0x31/0x620
[   79.267710][ T5320]  ? __pfx___mutex_lock+0x10/0x10
[   79.267724][ T5320]  ? synchronize_rcu+0x11b/0x360
[   79.267734][ T5320]  ? __pfx_synchronize_rcu+0x10/0x10
[   79.267745][ T5320]  __input_unregister_device+0x31/0x620
[   79.267757][ T5320]  input_unregister_device+0xa3/0x100
[   79.267768][ T5320]  steam_client_ll_open+0x88/0xa0
[   79.267784][ T5320]  hid_hw_open+0xe3/0x170
[   79.267795][ T5320]  hidraw_open+0x298/0x8e0
[   79.267816][ T5320]  chrdev_open+0x521/0x600
[   79.267831][ T5320]  ? __pfx_chrdev_open+0x10/0x10
[   79.267853][ T5320]  ? file_set_fsnotify_mode_from_watchers+0x123/0x640
[   79.267875][ T5320]  ? __pfx_chrdev_open+0x10/0x10
[   79.267886][ T5320]  do_dentry_open+0xdec/0x1960
[   79.267901][ T5320]  ? vfs_open+0x31/0x370
[   79.267914][ T5320]  vfs_open+0x3b/0x370
[   79.267927][ T5320]  path_openat+0x2c81/0x3590
[   79.267949][ T5320]  ? __pfx_path_openat+0x10/0x10
[   79.267967][ T5320]  do_filp_open+0x27f/0x4e0
[   79.267981][ T5320]  ? __pfx_do_filp_open+0x10/0x10
[   79.267995][ T5320]  ? do_raw_spin_lock+0x14f/0x370
[   79.268013][ T5320]  do_sys_openat2+0x13e/0x1d0
[   79.268024][ T5320]  ? __might_fault+0xaa/0x120
[   79.268040][ T5320]  ? __pfx_do_sys_openat2+0x10/0x10
[   79.268053][ T5320]  ? rcu_is_watching+0x15/0xb0
[   79.268064][ T5320]  ? __rseq_handle_notify_resume+0x34d/0x14e0
[   79.268078][ T5320]  ? __fget_files+0x395/0x410
[   79.268090][ T5320]  __x64_sys_openat+0x247/0x2a0
[   79.268102][ T5320]  ? __pfx___x64_sys_openat+0x10/0x10
[   79.268114][ T5320]  ? do_syscall_64+0x100/0x230
[   79.268128][ T5320]  ? do_syscall_64+0xb6/0x230
[   79.268142][ T5320]  do_syscall_64+0xf3/0x230
[   79.268155][ T5320]  ? clear_bhb_loop+0x35/0x90
[   79.268170][ T5320]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   79.268185][ T5320] RIP: 0033:0x7f7888f8b750
[   79.268196][ T5320] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 49 94 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 9c 94 02 00 8b 44
[   79.268207][ T5320] RSP: 002b:00007f7889dd5b70 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[   79.268220][ T5320] RAX: ffffffffffffffda RBX: 000000000014a042 RCX: 00007f7888f8b750
[   79.268228][ T5320] RDX: 000000000014a042 RSI: 00007f7889dd5c10 RDI: 00000000ffffff9c
[   79.268235][ T5320] RBP: 00007f7889dd5c10 R08: 0000000000000000 R09: 0023776172646968
[   79.268245][ T5320] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   79.268252][ T5320] R13: 0000000000000000 R14: 00007f78891a5fa0 R15: 00007fff50664be8
[   79.268264][ T5320]  </TASK>
[   79.419479][ T5321] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   79.426262][ T5321] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   79.438989][ T5319] input: Steam Controller as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/0003:28DE:1102.0002/input/input6
[   79.452997][    T8] usb 5-1: USB disconnect, device number 2
[   79.470295][    T8] hid-steam 0003:28DE:1102.0002: Steam Controller 'XXXXXXXXXX' disconnected