3 locks held by udevd/4236:
 #0: ffff888069082c88 (&of->mutex){+.+.}-{3:3}, at: kernfs_file_read_iter fs/kernfs/file.c:203 [inline]
 #0: ffff888069082c88 (&of->mutex){+.+.}-{3:3}, at: kernfs_fop_read_iter+0x15f/0x550 fs/kernfs/file.c:242
 #1: ffff88806bc66e88 (kn->active#86){++++}-{0:0}, at: kernfs_file_read_iter fs/kernfs/file.c:204 [inline]
 #1: ffff88806bc66e88 (kn->active#86){++++}-{0:0}, at: kernfs_fop_read_iter+0x182/0x550 fs/kernfs/file.c:242
 #2: ffff8880145c0220 (&dev->mutex){....}-{3:3}, at: device_lock_interruptible include/linux/device.h:765 [inline]
 #2: ffff8880145c0220 (&dev->mutex){....}-{3:3}, at: read_descriptors+0x36/0x310 drivers/usb/core/sysfs.c:873
=============================================
rcu: INFO: rcu_preempt self-detected stall on CPU
rcu: 	1-...!: (1 GPs behind) idle=a31/0/0x3 softirq=7801/7803 fqs=0 
	(t=12434 jiffies g=6593 q=433)
rcu: rcu_preempt kthread starved for 12434 jiffies! g6593 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=0
rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
rcu: RCU grace-period kthread stack dump:
task:rcu_preempt     state:R  running task     stack:28760 pid:   14 ppid:     2 flags:0x00004000
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:4969 [inline]
 __schedule+0xa5a/0x48f0 kernel/sched/core.c:6250
 schedule+0xd2/0x260 kernel/sched/core.c:6323
 schedule_timeout+0x11d/0x250 kernel/time/timer.c:1881
 rcu_gp_fqs_loop+0x186/0x810 kernel/rcu/tree.c:1955
 rcu_gp_kthread+0x1de/0x320 kernel/rcu/tree.c:2128
 kthread+0x3ab/0x480 kernel/kthread.c:327
 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:295
 </TASK>
rcu: Stack dump where RCU GP kthread last ran:
Sending NMI from CPU 1 to CPUs 0:
NMI backtrace for cpu 0
CPU: 0 PID: 45 Comm: kworker/u4:2 Not tainted 5.15.0-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/22/2022
Workqueue: events_unbound toggle_allocation_gate
RIP: 0010:csd_lock_wait kernel/smp.c:411 [inline]
RIP: 0010:smp_call_function_many_cond+0x2b7/0xcd0 kernel/smp.c:969
Code: c0 03 38 d0 7c 08 84 d2 0f 85 bc 09 00 00 8b 45 08 a8 01 74 2d 4d 89 f4 4c 89 f2 49 c1 ec 03 83 e2 07 49 01 dc 83 c2 03 f3 90 <41> 0f b6 04 24 38 c2 7c 08 84 c0 0f 85 c4 07 00 00 8b 45 08 a8 01
RSP: 0018:ffffc9000115f9d0 EFLAGS: 00000202
RAX: 0000000000000011 RBX: dffffc0000000000 RCX: 0000000000000000
RDX: 0000000000000003 RSI: ffff8880b9c3ab48 RDI: ffffffff8a63a8a8
RBP: ffff8880b9d3e7c0 R08: 0000000000000001 R09: ffffffff8f442a07
R10: 0000000000000001 R11: 0000000000000000 R12: ffffed10173a7cf9
R13: ffff8880b9c3ab48 R14: ffff8880b9d3e7c8 R15: 0000000000000001
FS:  0000000000000000(0000) GS:ffff8880b9c00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 000055915dd51598 CR3: 000000000a88e000 CR4: 0000000000350ef0
Call Trace:
 <TASK>
 on_each_cpu_cond_mask+0x3f/0x70 kernel/smp.c:1135
 on_each_cpu include/linux/smp.h:71 [inline]
 text_poke_sync arch/x86/kernel/alternative.c:1112 [inline]
 text_poke_bp_batch+0x1b3/0x560 arch/x86/kernel/alternative.c:1297
 text_poke_flush arch/x86/kernel/alternative.c:1451 [inline]
 text_poke_flush arch/x86/kernel/alternative.c:1448 [inline]
 text_poke_finish+0x16/0x30 arch/x86/kernel/alternative.c:1458
 arch_jump_label_transform_apply+0x13/0x20 arch/x86/kernel/jump_label.c:146
 static_key_enable_cpuslocked+0x15f/0x220 kernel/jump_label.c:177
 static_key_enable+0x11/0x20 kernel/jump_label.c:190
 toggle_allocation_gate mm/kfence/core.c:732 [inline]
 toggle_allocation_gate+0xe3/0x310 mm/kfence/core.c:724
 process_one_work+0x87f/0x1450 kernel/workqueue.c:2298
 worker_thread+0x598/0x1040 kernel/workqueue.c:2445
 kthread+0x3ab/0x480 kernel/kthread.c:327
 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:295
 </TASK>
NMI backtrace for cpu 1
CPU: 1 PID: 0 Comm: swapper/1 Not tainted 5.15.0-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/22/2022
Call Trace:
 <IRQ>
 __dump_stack lib/dump_stack.c:88 [inline]
 dump_stack_lvl+0x57/0x7d lib/dump_stack.c:106
 nmi_cpu_backtrace.cold+0x30/0xc0 lib/nmi_backtrace.c:105
 nmi_trigger_cpumask_backtrace+0x11a/0x160 lib/nmi_backtrace.c:62
 trigger_single_cpu_backtrace include/linux/nmi.h:164 [inline]
 rcu_dump_cpu_stacks+0x25e/0x3f0 kernel/rcu/tree_stall.h:343
 print_cpu_stall kernel/rcu/tree_stall.h:627 [inline]
 check_cpu_stall kernel/rcu/tree_stall.h:711 [inline]
 rcu_pending kernel/rcu/tree.c:3878 [inline]
 rcu_sched_clock_irq.cold+0x9d/0x746 kernel/rcu/tree.c:2597
 update_process_times+0x13b/0x1c0 kernel/time/timer.c:1785
 tick_sched_handle+0x6f/0x130 kernel/time/tick-sched.c:226
 tick_sched_timer+0x132/0x210 kernel/time/tick-sched.c:1421
 __run_hrtimer kernel/time/hrtimer.c:1685 [inline]
 __hrtimer_run_queues+0x18a/0xb00 kernel/time/hrtimer.c:1749
 hrtimer_interrupt+0x2f5/0x780 kernel/time/hrtimer.c:1811
 local_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1086 [inline]
 __sysvec_apic_timer_interrupt+0x146/0x530 arch/x86/kernel/apic/apic.c:1103
 sysvec_apic_timer_interrupt+0x40/0xc0 arch/x86/kernel/apic/apic.c:1097
 asm_sysvec_apic_timer_interrupt+0x12/0x20 arch/x86/include/asm/idtentry.h:638
RIP: 0010:__raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:152 [inline]
RIP: 0010:_raw_spin_unlock_irqrestore+0x38/0x70 kernel/locking/spinlock.c:194
Code: 74 24 10 e8 9a 9b dd f8 48 89 ef e8 e2 11 de f8 81 e3 00 02 00 00 75 25 9c 58 f6 c4 02 75 2d 48 85 db 74 01 fb bf 01 00 00 00 <e8> b3 e4 d0 f8 65 8b 05 1c c3 8b 77 85 c0 74 0a 5b 5d c3 e8 10 9b
RSP: 0018:ffffc90000dc0b20 EFLAGS: 00000206
RAX: 0000000000000006 RBX: 0000000000000200 RCX: 1ffffffff1e978ce
RDX: 0000000000000000 RSI: ffffffff88cb4100 RDI: 0000000000000001
RBP: ffff888147a00000 R08: 0000000000000001 R09: ffffffff8f442b47
R10: 0000000000000001 R11: ffff8881479ff438 R12: ffff888147a000b8
R13: dffffc0000000000 R14: ffff88806b7ada00 R15: ffff8881479ff438
 spin_unlock_irqrestore include/linux/spinlock.h:404 [inline]
 dummy_timer+0xf93/0x2eb0 drivers/usb/gadget/udc/dummy_hcd.c:2001
 call_timer_fn+0x163/0x4a0 kernel/time/timer.c:1421
 expire_timers kernel/time/timer.c:1466 [inline]
 __run_timers.part.0+0x524/0x890 kernel/time/timer.c:1734
 __run_timers kernel/time/timer.c:1715 [inline]
 run_timer_softirq+0x9c/0x190 kernel/time/timer.c:1747
 __do_softirq+0x29b/0x9c2 kernel/softirq.c:558
 invoke_softirq kernel/softirq.c:432 [inline]
 __irq_exit_rcu+0x123/0x180 kernel/softirq.c:636
 irq_exit_rcu+0x5/0x20 kernel/softirq.c:648
 sysvec_apic_timer_interrupt+0x93/0xc0 arch/x86/kernel/apic/apic.c:1097
 </IRQ>
 <TASK>
 asm_sysvec_apic_timer_interrupt+0x12/0x20 arch/x86/include/asm/idtentry.h:638
RIP: 0010:native_save_fl arch/x86/include/asm/irqflags.h:29 [inline]
RIP: 0010:arch_local_save_flags arch/x86/include/asm/irqflags.h:70 [inline]
RIP: 0010:arch_irqs_disabled arch/x86/include/asm/irqflags.h:132 [inline]
RIP: 0010:acpi_safe_halt drivers/acpi/processor_idle.c:110 [inline]
RIP: 0010:acpi_idle_do_entry+0x15e/0x1c0 drivers/acpi/processor_idle.c:553
Code: 00 00 00 00 00 fc ff df 48 c1 ea 03 80 3c 02 00 75 6a 48 8b 45 00 a8 08 75 c9 e8 2d a1 fa f8 eb 07 0f 00 2d c4 28 b5 00 fb f4 <9c> 58 fa f6 c4 02 74 b1 5d e9 a4 9d fa f8 48 89 ef 5d e9 ab f9 ff
RSP: 0018:ffffc90000d57d30 EFLAGS: 00000202
RAX: 0000000000053361 RBX: ffff888012ffc865 RCX: 1ffffffff1903d89
RDX: 0000000000000000 RSI: ffffffff88cb4100 RDI: ffffffff8921bfa0
RBP: ffff88801067d700 R08: 0000000000000001 R09: 0000000000000001
R10: ffffed10020cfae0 R11: 0000000000000001 R12: 0000000000000001
R13: ffff888012ffc864 R14: ffffffff8b527ba0 R15: ffff888016f24804
 acpi_idle_enter+0x2c0/0x4b0 drivers/acpi/processor_idle.c:688
 cpuidle_enter_state+0x152/0xb40 drivers/cpuidle/cpuidle.c:237
 cpuidle_enter+0x45/0xa0 drivers/cpuidle/cpuidle.c:351
 call_cpuidle kernel/sched/idle.c:158 [inline]
 cpuidle_idle_call kernel/sched/idle.c:239 [inline]
 do_idle+0x3e8/0x590 kernel/sched/idle.c:306
 cpu_startup_entry+0x14/0x20 kernel/sched/idle.c:403
 start_secondary+0x265/0x340 arch/x86/kernel/smpboot.c:272
 secondary_startup_64_no_verify+0xb0/0xbb
 </TASK>