======================================================
WARNING: possible circular locking dependency detected
5.16.0-rc2-next-20211123-syzkaller #0 Not tainted
------------------------------------------------------
kworker/0:3/11155 is trying to acquire lock:
ffff88801cc06968 (hcd->address0_mutex){+.+.}-{3:3}, at: usb_reset_and_verify_device+0x3ee/0xee0 drivers/usb/core/hub.c:5923
but task is already holding lock:
ffff88801d3c75c0 (&port_dev->status_lock){+.+.}-{3:3}, at: usb_lock_port drivers/usb/core/hub.c:3086 [inline]
ffff88801d3c75c0 (&port_dev->status_lock){+.+.}-{3:3}, at: usb_reset_device+0x4b4/0x9a0 drivers/usb/core/hub.c:6107
which lock already depends on the new lock.
the existing dependency chain (in reverse order) is:
-> #1 (&port_dev->status_lock){+.+.}-{3:3}:
__mutex_lock_common kernel/locking/mutex.c:607 [inline]
__mutex_lock+0x12f/0x12f0 kernel/locking/mutex.c:740
usb_lock_port drivers/usb/core/hub.c:3086 [inline]
hub_port_connect drivers/usb/core/hub.c:5279 [inline]
hub_port_connect_change drivers/usb/core/hub.c:5493 [inline]
port_event drivers/usb/core/hub.c:5639 [inline]
hub_event+0x21c1/0x4450 drivers/usb/core/hub.c:5721
process_one_work+0x9b2/0x1690 kernel/workqueue.c:2299
worker_thread+0x658/0x11f0 kernel/workqueue.c:2446
kthread+0x405/0x4f0 kernel/kthread.c:327
ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:295
-> #0 (hcd->address0_mutex){+.+.}-{3:3}:
check_prev_add kernel/locking/lockdep.c:3063 [inline]
check_prevs_add kernel/locking/lockdep.c:3186 [inline]
validate_chain kernel/locking/lockdep.c:3801 [inline]
__lock_acquire+0x2a07/0x54a0 kernel/locking/lockdep.c:5027
lock_acquire kernel/locking/lockdep.c:5637 [inline]
lock_acquire+0x1ab/0x510 kernel/locking/lockdep.c:5602
__mutex_lock_common kernel/locking/mutex.c:607 [inline]
__mutex_lock+0x12f/0x12f0 kernel/locking/mutex.c:740
usb_reset_and_verify_device+0x3ee/0xee0 drivers/usb/core/hub.c:5923
usb_reset_device+0x4bd/0x9a0 drivers/usb/core/hub.c:6108
__usb_queue_reset_device+0x68/0x90 drivers/usb/core/message.c:1904
process_one_work+0x9b2/0x1690 kernel/workqueue.c:2299
worker_thread+0x658/0x11f0 kernel/workqueue.c:2446
kthread+0x405/0x4f0 kernel/kthread.c:327
ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:295
other info that might help us debug this:
Possible unsafe locking scenario:
CPU0 CPU1
---- ----
lock(&port_dev->status_lock);
lock(hcd->address0_mutex);
lock(&port_dev->status_lock);
lock(hcd->address0_mutex);
*** DEADLOCK ***
4 locks held by kworker/0:3/11155:
#0: ffff888010c64d38 ((wq_completion)events){+.+.}-{0:0}, at: arch_atomic64_set arch/x86/include/asm/atomic64_64.h:34 [inline]
#0: ffff888010c64d38 ((wq_completion)events){+.+.}-{0:0}, at: arch_atomic_long_set include/linux/atomic/atomic-long.h:41 [inline]
#0: ffff888010c64d38 ((wq_completion)events){+.+.}-{0:0}, at: atomic_long_set include/linux/atomic/atomic-instrumented.h:1198 [inline]
#0: ffff888010c64d38 ((wq_completion)events){+.+.}-{0:0}, at: set_work_data kernel/workqueue.c:635 [inline]
#0: ffff888010c64d38 ((wq_completion)events){+.+.}-{0:0}, at: set_work_pool_and_clear_pending kernel/workqueue.c:662 [inline]
#0: ffff888010c64d38 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x896/0x1690 kernel/workqueue.c:2270
#1: ffffc90002effdb0 ((work_completion)(&intf->reset_ws)){+.+.}-{0:0}, at: process_one_work+0x8ca/0x1690 kernel/workqueue.c:2274
#2: ffff888039364220 (&dev->mutex){....}-{3:3}, at: device_trylock include/linux/device.h:770 [inline]
#2: ffff888039364220 (&dev->mutex){....}-{3:3}, at: usb_lock_device_for_reset+0x13e/0x2d0 drivers/usb/core/usb.c:872
#3: ffff88801d3c75c0 (&port_dev->status_lock){+.+.}-{3:3}, at: usb_lock_port drivers/usb/core/hub.c:3086 [inline]
#3: ffff88801d3c75c0 (&port_dev->status_lock){+.+.}-{3:3}, at: usb_reset_device+0x4b4/0x9a0 drivers/usb/core/hub.c:6107
stack backtrace:
CPU: 0 PID: 11155 Comm: kworker/0:3 Not tainted 5.16.0-rc2-next-20211123-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Workqueue: events __usb_queue_reset_device
Call Trace:
<TASK>
__dump_stack lib/dump_stack.c:88 [inline]
dump_stack_lvl+0xcd/0x134 lib/dump_stack.c:106
check_noncircular+0x25f/0x2e0 kernel/locking/lockdep.c:2143
check_prev_add kernel/locking/lockdep.c:3063 [inline]
check_prevs_add kernel/locking/lockdep.c:3186 [inline]
validate_chain kernel/locking/lockdep.c:3801 [inline]
__lock_acquire+0x2a07/0x54a0 kernel/locking/lockdep.c:5027
lock_acquire kernel/locking/lockdep.c:5637 [inline]
lock_acquire+0x1ab/0x510 kernel/locking/lockdep.c:5602
__mutex_lock_common kernel/locking/mutex.c:607 [inline]
__mutex_lock+0x12f/0x12f0 kernel/locking/mutex.c:740
usb_reset_and_verify_device+0x3ee/0xee0 drivers/usb/core/hub.c:5923
usb_reset_device+0x4bd/0x9a0 drivers/usb/core/hub.c:6108
__usb_queue_reset_device+0x68/0x90 drivers/usb/core/message.c:1904
process_one_work+0x9b2/0x1690 kernel/workqueue.c:2299
worker_thread+0x658/0x11f0 kernel/workqueue.c:2446
kthread+0x405/0x4f0 kernel/kthread.c:327
ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:295
</TASK>
usb 5-1: reset high-speed USB device number 118 using dummy_hcd
usb 5-1: new high-speed USB device number 119 using dummy_hcd
usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1296, setting to 1024
usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
usb 5-1: config 0 descriptor??
plantronics 0003:047F:FFFF.000F: unknown main item tag 0x2
plantronics 0003:047F:FFFF.000F: No inputs registered, leaving
plantronics 0003:047F:FFFF.000F: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0