INFO: task kworker/1:20:8986 blocked for more than 143 seconds.
      Not tainted 5.15.103-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:kworker/1:20    state:D stack:23224 pid: 8986 ppid:     2 flags:0x00004000
Workqueue: usb_hub_wq hub_event
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5023 [inline]
 __schedule+0x1348/0x4610 kernel/sched/core.c:6369
 schedule+0x11b/0x1f0 kernel/sched/core.c:6452
 schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:6511
 __mutex_lock_common+0xe34/0x25a0 kernel/locking/mutex.c:669
 __mutex_lock kernel/locking/mutex.c:729 [inline]
 mutex_lock_nested+0x17/0x20 kernel/locking/mutex.c:743
 add_early_randomness+0x1d/0x140 drivers/char/hw_random/core.c:70
 hwrng_register+0x3da/0x4c0 drivers/char/hw_random/core.c:518
 chaoskey_probe+0x79d/0xb40 drivers/usb/misc/chaoskey.c:205
 usb_probe_interface+0x5c0/0xaf0 drivers/usb/core/driver.c:396
 really_probe+0x24e/0xb60 drivers/base/dd.c:595
 __driver_probe_device+0x1c3/0x3f0 drivers/base/dd.c:750
 driver_probe_device+0x50/0x420 drivers/base/dd.c:780
 __device_attach_driver+0x2b9/0x500 drivers/base/dd.c:902
 bus_for_each_drv+0x183/0x200 drivers/base/bus.c:427
 __device_attach+0x359/0x570 drivers/base/dd.c:974
 bus_probe_device+0xba/0x1e0 drivers/base/bus.c:487
 device_add+0xb48/0xfd0 drivers/base/core.c:3394
 usb_set_configuration+0x19dd/0x2020 drivers/usb/core/message.c:2170
 usb_generic_driver_probe+0x84/0x140 drivers/usb/core/generic.c:238
 usb_probe_device+0x130/0x260 drivers/usb/core/driver.c:293
 really_probe+0x24e/0xb60 drivers/base/dd.c:595
 __driver_probe_device+0x1c3/0x3f0 drivers/base/dd.c:750
 driver_probe_device+0x50/0x420 drivers/base/dd.c:780
 __device_attach_driver+0x2b9/0x500 drivers/base/dd.c:902
 bus_for_each_drv+0x183/0x200 drivers/base/bus.c:427
 __device_attach+0x359/0x570 drivers/base/dd.c:974
 bus_probe_device+0xba/0x1e0 drivers/base/bus.c:487
 device_add+0xb48/0xfd0 drivers/base/core.c:3394
 usb_new_device+0xc17/0x18d0 drivers/usb/core/hub.c:2568
 hub_port_connect drivers/usb/core/hub.c:5358 [inline]
 hub_port_connect_change drivers/usb/core/hub.c:5502 [inline]
 port_event drivers/usb/core/hub.c:5648 [inline]
 hub_event+0x2dd8/0x56d0 drivers/usb/core/hub.c:5730
 process_one_work+0x90d/0x1270 kernel/workqueue.c:2306
 worker_thread+0xaca/0x1280 kernel/workqueue.c:2453
 kthread+0x3f6/0x4f0 kernel/kthread.c:319
 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:298
 </TASK>

Showing all locks held in the system:
3 locks held by kworker/0:0/7:
1 lock held by khungtaskd/27:
 #0: ffffffff8c91c320 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire+0x0/0x30
1 lock held by hwrng/901:
 #0: ffffffff8cff3568 (reading_mutex){+.+.}-{3:3}, at: hwrng_fillfn+0xdd/0x280 drivers/char/hw_random/core.c:436
2 locks held by getty/3268:
 #0: ffff888025024098 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x21/0x70 drivers/tty/tty_ldisc.c:252
 #1: ffffc90002bb32e8 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6af/0x1da0 drivers/tty/n_tty.c:2147
2 locks held by syz-executor.2/3631:
 #0: ffff88801b4f0918 (&disk->open_mutex){+.+.}-{3:3}, at: blkdev_put+0xfb/0x790 block/bdev.c:912
 #1: ffff8881475b4468 (&lo->lo_mutex){+.+.}-{3:3}, at: __loop_clr_fd+0xa9/0xbe0 drivers/block/loop.c:1348
2 locks held by kworker/u4:7/3906:
3 locks held by kworker/0:17/6463:
 #0: ffff888011c64d38 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x794/0x1270 kernel/workqueue.c:2279
 #1: ffffc900048cfd20 ((work_completion)(&pwq->unbound_release_work)){+.+.}-{0:0}, at: process_one_work+0x7da/0x1270 kernel/workqueue.c:2281
 #2: ffffffff8c920868 (rcu_state.exp_mutex){+.+.}-{3:3}, at: exp_funnel_lock kernel/rcu/tree_exp.h:322 [inline]
 #2: ffffffff8c920868 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x350/0x740 kernel/rcu/tree_exp.h:840
2 locks held by kworker/u4:19/6594:
 #0: ffff888011c69138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x794/0x1270 kernel/workqueue.c:2279
 #1: ffff8880b9a27848 (&per_cpu_ptr(group->pcpu, cpu)->seq){-.-.}-{0:0}, at: psi_task_switch+0x53d/0x810 kernel/sched/psi.c:891
1 lock held by syz-executor.1/8312:
 #0: ffffffff8c920868 (rcu_state.exp_mutex){+.+.}-{3:3}, at: exp_funnel_lock kernel/rcu/tree_exp.h:322 [inline]
 #0: ffffffff8c920868 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x350/0x740 kernel/rcu/tree_exp.h:840
4 locks held by udevd/8797:
 #0: ffff88802362ae80 (&p->lock){+.+.}-{3:3}, at: seq_read_iter+0xae/0xd10 fs/seq_file.c:182
 #1: ffff888023a21c88 (&of->mutex){+.+.}-{3:3}, at: kernfs_seq_start+0x50/0x3b0 fs/kernfs/file.c:112
 #2: ffff88807c00dcb8 (kn->active#86){++++}-{0:0}, at: kernfs_seq_start+0x6f/0x3b0 fs/kernfs/file.c:113
 #3: ffff8880402f9220 (&dev->mutex){....}-{3:3}, at: device_lock_interruptible include/linux/device.h:765 [inline]
 #3: ffff8880402f9220 (&dev->mutex){....}-{3:3}, at: manufacturer_show+0x22/0x90 drivers/usb/core/sysfs.c:141
6 locks held by kworker/1:20/8986:
 #0: ffff888141385938 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: process_one_work+0x794/0x1270 kernel/workqueue.c:2279
 #1: ffffc9000352fd20 ((work_completion)(&hub->events)){+.+.}-{0:0}, at: process_one_work+0x7da/0x1270 kernel/workqueue.c:2281
 #2: ffff88801ea15220 (&dev->mutex){....}-{3:3}, at: device_lock include/linux/device.h:760 [inline]
 #2: ffff88801ea15220 (&dev->mutex){....}-{3:3}, at: hub_event+0x207/0x56d0 drivers/usb/core/hub.c:5676
 #3: ffff8880402f9220 (&dev->mutex){....}-{3:3}, at: device_lock include/linux/device.h:760 [inline]
 #3: ffff8880402f9220 (&dev->mutex){....}-{3:3}, at: __device_attach+0x8a/0x570 drivers/base/dd.c:949
 #4: ffff88801d1e91a8 (&dev->mutex){....}-{3:3}, at: device_lock include/linux/device.h:760 [inline]
 #4: ffff88801d1e91a8 (&dev->mutex){....}-{3:3}, at: __device_attach+0x8a/0x570 drivers/base/dd.c:949
 #5: ffffffff8cff3568 (reading_mutex){+.+.}-{3:3}, at: add_early_randomness+0x1d/0x140 drivers/char/hw_random/core.c:70
1 lock held by syz-executor.4/11596:
 #0: ffffffff8c95c128 (tracepoints_mutex){+.+.}-{3:3}, at: tracepoint_probe_register_prio_may_exist+0xb7/0x190 kernel/tracepoint.c:478
1 lock held by syz-executor.4/11599:
 #0: ffffffff8c95c128 (tracepoints_mutex){+.+.}-{3:3}, at: tracepoint_probe_register_prio_may_exist+0xb7/0x190 kernel/tracepoint.c:478
1 lock held by syz-executor.5/11598:
 #0: ffffffff8c95c128 (tracepoints_mutex){+.+.}-{3:3}, at: tracepoint_probe_register_prio_may_exist+0xb7/0x190 kernel/tracepoint.c:478
1 lock held by syz-executor.5/11601:
 #0: ffffffff8c95c128 (tracepoints_mutex){+.+.}-{3:3}, at: tracepoint_probe_register_prio_may_exist+0xb7/0x190 kernel/tracepoint.c:478
1 lock held by syz-executor.0/11600:
 #0: ffffffff8c95c128 (tracepoints_mutex){+.+.}-{3:3}, at: tracepoint_probe_register_prio_may_exist+0xb7/0x190 kernel/tracepoint.c:478
1 lock held by syz-executor.0/11604:
 #0: ffffffff8c95c128 (tracepoints_mutex){+.+.}-{3:3}, at: tracepoint_probe_register_prio_may_exist+0xb7/0x190 kernel/tracepoint.c:478
1 lock held by syz-executor.3/11612:
 #0: ffff888026132c10 (&sb->s_type->i_mutex_key#11){+.+.}-{3:3}, at: inode_lock include/linux/fs.h:787 [inline]
 #0: ffff888026132c10 (&sb->s_type->i_mutex_key#11){+.+.}-{3:3}, at: __sock_release net/socket.c:648 [inline]
 #0: ffff888026132c10 (&sb->s_type->i_mutex_key#11){+.+.}-{3:3}, at: sock_close+0x98/0x230 net/socket.c:1317

=============================================

NMI backtrace for cpu 1
CPU: 1 PID: 27 Comm: khungtaskd Not tainted 5.15.103-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/02/2023
Call Trace:
 <TASK>
 __dump_stack lib/dump_stack.c:88 [inline]
 dump_stack_lvl+0x1e3/0x2cb lib/dump_stack.c:106
 nmi_cpu_backtrace+0x46a/0x4a0 lib/nmi_backtrace.c:111
 nmi_trigger_cpumask_backtrace+0x181/0x2a0 lib/nmi_backtrace.c:62
 trigger_all_cpu_backtrace include/linux/nmi.h:148 [inline]
 check_hung_uninterruptible_tasks kernel/hung_task.c:210 [inline]
 watchdog+0xf54/0xfa0 kernel/hung_task.c:295
 kthread+0x3f6/0x4f0 kernel/kthread.c:319
 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:298
 </TASK>
Sending NMI from CPU 1 to CPUs 0:
NMI backtrace for cpu 0
CPU: 0 PID: 11618 Comm: syz-executor.2 Not tainted 5.15.103-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/02/2023
RIP: 0010:xas_next_entry+0xb4/0x3d0 include/linux/xarray.h:1632
Code: 00 4c 89 74 24 28 4d 8d 6f 12 4d 89 ec 49 c1 ec 03 41 0f b6 04 2c 84 c0 0f 85 09 03 00 00 45 0f b6 77 12 49 8d 5f 08 48 89 d8 <48> c1 e8 03 48 89 44 24 10 80 3c 28 00 74 08 48 89 df e8 55 43 22
RSP: 0000:ffffc9000347fa18 EFLAGS: 00000246
RAX: ffffc9000347fb68 RBX: ffffc9000347fb68 RCX: ffff88801bdcba00
RDX: ffff88801bdcba00 RSI: 0000000000000000 RDI: 0000000000000000
RBP: dffffc0000000000 R08: ffffffff81a7bea3 R09: fffff940003917d1
R10: 0000000000000000 R11: dffffc0000000001 R12: 1ffff9200068ff6e
R13: ffffc9000347fb72 R14: 0000000000000018 R15: ffffc9000347fb60
FS:  0000555555d75400(0000) GS:ffff8880b9a00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007fc7126a52c2 CR3: 0000000074391000 CR4: 00000000003506f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 <TASK>
 next_map_page mm/filemap.c:3287 [inline]
 filemap_map_pages+0xf3e/0x1560 mm/filemap.c:3343
 do_fault_around mm/memory.c:4186 [inline]
 do_read_fault mm/memory.c:4201 [inline]
 do_fault mm/memory.c:4335 [inline]
 handle_pte_fault mm/memory.c:4594 [inline]
 __handle_mm_fault mm/memory.c:4729 [inline]
 handle_mm_fault+0x341b/0x5950 mm/memory.c:4827
 do_user_addr_fault arch/x86/mm/fault.c:1397 [inline]
 handle_page_fault arch/x86/mm/fault.c:1485 [inline]
 exc_page_fault+0x26e/0x800 arch/x86/mm/fault.c:1541
 asm_exc_page_fault+0x22/0x30 arch/x86/include/asm/idtentry.h:568
RIP: 0033:0x7fc71263918b
Code: b9 cd cc cc cc cc cc cc cc 66 0f 1f 44 00 00 48 89 f8 48 89 f9 49 83 e8 01 49 f7 e1 48 c1 ea 03 48 8d 04 92 48 01 c0 48 29 c1 <0f> b6 04 0e 41 88 00 48 89 f8 48 89 d7 48 83 f8 09 77 d2 4c 89 c0
RSP: 002b:00007ffdcf8581a8 EFLAGS: 00010202
RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000002
RDX: 0000000000000000 RSI: 00007fc7126a52c0 RDI: 0000000000000002
RBP: 00007ffdcf858700 R08: 00007ffdcf8586c7 R09: cccccccccccccccd
R10: 0000000000000000 R11: 0000000000000000 R12: 00007ffdcf858720
R13: 00007fc71267ea5b R14: 00007ffdcf8588a0 R15: 0000000000000075
 </TASK>