======================================================
WARNING: possible circular locking dependency detected
5.16.0-rc1-next-20211118-syzkaller #0 Not tainted
------------------------------------------------------
syz-executor.0/19856 is trying to acquire lock:
ffff88801d15d368 (hcd->address0_mutex){+.+.}-{3:3}, at: usb_reset_and_verify_device+0x3ee/0xee0 drivers/usb/core/hub.c:5923

but task is already holding lock:
ffff88814792a5c0 (&port_dev->status_lock){+.+.}-{3:3}, at: usb_lock_port drivers/usb/core/hub.c:3086 [inline]
ffff88814792a5c0 (&port_dev->status_lock){+.+.}-{3:3}, at: usb_port_resume+0x2a6/0x1950 drivers/usb/core/hub.c:3644

which lock already depends on the new lock.


the existing dependency chain (in reverse order) is:

-> #1 (&port_dev->status_lock){+.+.}-{3:3}:
       __mutex_lock_common kernel/locking/mutex.c:607 [inline]
       __mutex_lock+0x12f/0x12f0 kernel/locking/mutex.c:740
       usb_lock_port drivers/usb/core/hub.c:3086 [inline]
       hub_port_connect drivers/usb/core/hub.c:5279 [inline]
       hub_port_connect_change drivers/usb/core/hub.c:5493 [inline]
       port_event drivers/usb/core/hub.c:5639 [inline]
       hub_event+0x21c1/0x4450 drivers/usb/core/hub.c:5721
       process_one_work+0x9b2/0x1690 kernel/workqueue.c:2298
       worker_thread+0x658/0x11f0 kernel/workqueue.c:2445
       kthread+0x405/0x4f0 kernel/kthread.c:327
       ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:295

-> #0 (hcd->address0_mutex){+.+.}-{3:3}:
       check_prev_add kernel/locking/lockdep.c:3063 [inline]
       check_prevs_add kernel/locking/lockdep.c:3186 [inline]
       validate_chain kernel/locking/lockdep.c:3801 [inline]
       __lock_acquire+0x2a07/0x54a0 kernel/locking/lockdep.c:5027
       lock_acquire kernel/locking/lockdep.c:5637 [inline]
       lock_acquire+0x1ab/0x510 kernel/locking/lockdep.c:5602
       __mutex_lock_common kernel/locking/mutex.c:607 [inline]
       __mutex_lock+0x12f/0x12f0 kernel/locking/mutex.c:740
       usb_reset_and_verify_device+0x3ee/0xee0 drivers/usb/core/hub.c:5923
       finish_port_resume drivers/usb/core/hub.c:3499 [inline]
       usb_port_resume+0x12f7/0x1950 drivers/usb/core/hub.c:3699
       usb_generic_driver_resume+0x40/0xa0 drivers/usb/core/generic.c:305
       usb_resume_device drivers/usb/core/driver.c:1288 [inline]
       usb_resume_both+0x627/0x8d0 drivers/usb/core/driver.c:1512
       __rpm_callback+0xc9/0x330 drivers/base/power/runtime.c:377
       rpm_callback+0x1da/0x220 drivers/base/power/runtime.c:504
       rpm_resume+0xf5d/0x1bd0 drivers/base/power/runtime.c:879
       rpm_resume+0x8c4/0x1bd0 drivers/base/power/runtime.c:858
       __pm_runtime_resume+0xb7/0x170 drivers/base/power/runtime.c:1110
       pm_runtime_get_sync include/linux/pm_runtime.h:393 [inline]
       usb_autopm_get_interface+0x1b/0x50 drivers/usb/core/driver.c:1813
       usblp_open+0x17a/0x450 drivers/usb/class/usblp.c:437
       usb_open+0x204/0x2e0 drivers/usb/core/file.c:48
       chrdev_open+0x266/0x770 fs/char_dev.c:414
       do_dentry_open+0x4c8/0x1250 fs/open.c:822
       do_open fs/namei.c:3426 [inline]
       path_openat+0x1cad/0x2750 fs/namei.c:3559
       do_filp_open+0x1aa/0x400 fs/namei.c:3586
       do_sys_openat2+0x16d/0x4d0 fs/open.c:1212
       do_sys_open fs/open.c:1228 [inline]
       __do_sys_openat fs/open.c:1244 [inline]
       __se_sys_openat fs/open.c:1239 [inline]
       __x64_sys_openat+0x13f/0x1f0 fs/open.c:1239
       do_syscall_x64 arch/x86/entry/common.c:50 [inline]
       do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
       entry_SYSCALL_64_after_hwframe+0x44/0xae

other info that might help us debug this:

 Possible unsafe locking scenario:

       CPU0                    CPU1
       ----                    ----
  lock(&port_dev->status_lock);
                               lock(hcd->address0_mutex);
                               lock(&port_dev->status_lock);
  lock(hcd->address0_mutex);

 *** DEADLOCK ***

3 locks held by syz-executor.0/19856:
 #0: ffffffff8ca3d050 (minor_rwsem#2){++++}-{3:3}, at: usb_open+0x24/0x2e0 drivers/usb/core/file.c:39
 #1: ffffffff8cada368 (usblp_mutex){+.+.}-{3:3}, at: usblp_open+0x58/0x450 drivers/usb/class/usblp.c:417
 #2: ffff88814792a5c0 (&port_dev->status_lock){+.+.}-{3:3}, at: usb_lock_port drivers/usb/core/hub.c:3086 [inline]
 #2: ffff88814792a5c0 (&port_dev->status_lock){+.+.}-{3:3}, at: usb_port_resume+0x2a6/0x1950 drivers/usb/core/hub.c:3644

stack backtrace:
CPU: 1 PID: 19856 Comm: syz-executor.0 Not tainted 5.16.0-rc1-next-20211118-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
 <TASK>
 __dump_stack lib/dump_stack.c:88 [inline]
 dump_stack_lvl+0xcd/0x134 lib/dump_stack.c:106
 check_noncircular+0x25f/0x2e0 kernel/locking/lockdep.c:2143
 check_prev_add kernel/locking/lockdep.c:3063 [inline]
 check_prevs_add kernel/locking/lockdep.c:3186 [inline]
 validate_chain kernel/locking/lockdep.c:3801 [inline]
 __lock_acquire+0x2a07/0x54a0 kernel/locking/lockdep.c:5027
 lock_acquire kernel/locking/lockdep.c:5637 [inline]
 lock_acquire+0x1ab/0x510 kernel/locking/lockdep.c:5602
 __mutex_lock_common kernel/locking/mutex.c:607 [inline]
 __mutex_lock+0x12f/0x12f0 kernel/locking/mutex.c:740
 usb_reset_and_verify_device+0x3ee/0xee0 drivers/usb/core/hub.c:5923
 finish_port_resume drivers/usb/core/hub.c:3499 [inline]
 usb_port_resume+0x12f7/0x1950 drivers/usb/core/hub.c:3699
 usb_generic_driver_resume+0x40/0xa0 drivers/usb/core/generic.c:305
 usb_resume_device drivers/usb/core/driver.c:1288 [inline]
 usb_resume_both+0x627/0x8d0 drivers/usb/core/driver.c:1512
 __rpm_callback+0xc9/0x330 drivers/base/power/runtime.c:377
 rpm_callback+0x1da/0x220 drivers/base/power/runtime.c:504
 rpm_resume+0xf5d/0x1bd0 drivers/base/power/runtime.c:879
 rpm_resume+0x8c4/0x1bd0 drivers/base/power/runtime.c:858
 __pm_runtime_resume+0xb7/0x170 drivers/base/power/runtime.c:1110
 pm_runtime_get_sync include/linux/pm_runtime.h:393 [inline]
 usb_autopm_get_interface+0x1b/0x50 drivers/usb/core/driver.c:1813
 usblp_open+0x17a/0x450 drivers/usb/class/usblp.c:437
 usb_open+0x204/0x2e0 drivers/usb/core/file.c:48
 chrdev_open+0x266/0x770 fs/char_dev.c:414
 do_dentry_open+0x4c8/0x1250 fs/open.c:822
 do_open fs/namei.c:3426 [inline]
 path_openat+0x1cad/0x2750 fs/namei.c:3559
 do_filp_open+0x1aa/0x400 fs/namei.c:3586
 do_sys_openat2+0x16d/0x4d0 fs/open.c:1212
 do_sys_open fs/open.c:1228 [inline]
 __do_sys_openat fs/open.c:1244 [inline]
 __se_sys_openat fs/open.c:1239 [inline]
 __x64_sys_openat+0x13f/0x1f0 fs/open.c:1239
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x44/0xae
RIP: 0033:0x7fb82e07ba04
Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44
RSP: 002b:00007fb82b63dcc0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
RAX: ffffffffffffffda RBX: 00007fb82e1dbf60 RCX: 00007fb82e07ba04
RDX: 0000000000000002 RSI: 00007fb82b63dd60 RDI: 00000000ffffff9c
RBP: 00007fb82b63dd60 R08: 0000000000000000 R09: 000000000000000f
R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002
R13: 00007fff866bd15f R14: 00007fb82b63e300 R15: 0000000000022000
 </TASK>
usb 1-1: reset high-speed USB device number 13 using dummy_hcd
usb 1-1: device descriptor read/64, error -110
usb 1-1: reset high-speed USB device number 13 using dummy_hcd
usb 1-1: device descriptor read/64, error -32
usb 1-1: reset high-speed USB device number 13 using dummy_hcd
usb 1-1: device descriptor read/8, error -32
usb 1-1: reset high-speed USB device number 13 using dummy_hcd
usb 1-1: device descriptor read/8, error -32