INFO: task kworker/0:9:897 blocked for more than 140 seconds.
      Not tainted 4.19.211-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
kworker/0:9     D26208   897      2 0x80000000
Workqueue: usb_hub_wq hub_event
overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
Call Trace:
 context_switch kernel/sched/core.c:2828 [inline]
 __schedule+0x887/0x2040 kernel/sched/core.c:3517
BTRFS info (device loop0): force zlib compression, level 3
overlayfs: overlapping lowerdir path
overlayfs: failed to resolve './bus': -2
BTRFS info (device loop0): disk space caching is enabled
BTRFS info (device loop0): has skinny extents
 schedule+0x8d/0x1b0 kernel/sched/core.c:3561
 usb_kill_urb.part.0+0x197/0x220 drivers/usb/core/urb.c:697
 usb_kill_urb+0x7c/0x90 drivers/usb/core/urb.c:692
 usb_start_wait_urb+0x252/0x4c0 drivers/usb/core/message.c:63
 usb_internal_control_msg drivers/usb/core/message.c:101 [inline]
 usb_control_msg+0x31c/0x4a0 drivers/usb/core/message.c:152
attempt to access beyond end of device
loop0: rw=4096, want=2064, limit=267
BTRFS error (device loop0): failed to read chunk root
 usb_get_descriptor+0xc5/0x1b0 drivers/usb/core/message.c:654
 usb_get_device_descriptor+0x81/0xf0 drivers/usb/core/message.c:926
 hub_port_init+0x74b/0x3120 drivers/usb/core/hub.c:4799
 hub_port_connect drivers/usb/core/hub.c:5070 [inline]
 hub_port_connect_change drivers/usb/core/hub.c:5253 [inline]
 port_event drivers/usb/core/hub.c:5361 [inline]
 hub_event+0x1ccd/0x44a0 drivers/usb/core/hub.c:5441
 process_one_work+0x864/0x1570 kernel/workqueue.c:2153
 worker_thread+0x64c/0x1130 kernel/workqueue.c:2296
 kthread+0x33f/0x460 kernel/kthread.c:259
 ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:415
BTRFS error (device loop0): open_ctree failed

Showing all locks held in the system:
1 lock held by khungtaskd/1571:
 #0: 00000000299f2d0d (rcu_read_lock){....}, at: debug_show_all_locks+0x53/0x265 kernel/locking/lockdep.c:4441
2 locks held by systemd-udevd/4702:
1 lock held by in:imklog/7798:
2 locks held by agetty/7804:
 #0: 0000000003dbfea8 (&tty->ldisc_sem){++++}, at: tty_ldisc_ref_wait+0x22/0x80 drivers/tty/tty_ldisc.c:272
 #1: 000000008c657bd9 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x217/0x1950 drivers/tty/n_tty.c:2154
5 locks held by kworker/0:9/897:
 #0: 000000004fb964d4 ((wq_completion)"usb_hub_wq"){+.+.}, at: process_one_work+0x767/0x1570 kernel/workqueue.c:2124
 #1: 00000000f2eca0c3 ((work_completion)(&hub->events)){+.+.}, at: process_one_work+0x79c/0x1570 kernel/workqueue.c:2128
 #2: 00000000b0ff3d9f (&dev->mutex){....}, at: device_lock include/linux/device.h:1174 [inline]
 #2: 00000000b0ff3d9f (&dev->mutex){....}, at: hub_event+0x11e/0x44a0 drivers/usb/core/hub.c:5387
 #3: 000000001956b224 (&port_dev->status_lock){+.+.}, at: usb_lock_port drivers/usb/core/hub.c:2983 [inline]
 #3: 000000001956b224 (&port_dev->status_lock){+.+.}, at: hub_port_connect drivers/usb/core/hub.c:5069 [inline]
 #3: 000000001956b224 (&port_dev->status_lock){+.+.}, at: hub_port_connect_change drivers/usb/core/hub.c:5253 [inline]
 #3: 000000001956b224 (&port_dev->status_lock){+.+.}, at: port_event drivers/usb/core/hub.c:5361 [inline]
 #3: 000000001956b224 (&port_dev->status_lock){+.+.}, at: hub_event+0x1cb8/0x44a0 drivers/usb/core/hub.c:5441
 #4: 000000008e8d1a73 (hcd->address0_mutex){+.+.}, at: hub_port_init+0x1b9/0x3120 drivers/usb/core/hub.c:4578
1 lock held by syz-executor.0/26081:
BTRFS info (device loop0): force zlib compression, level 3
1 lock held by syz-executor.2/26127:
 #0: 00000000c0faf3eb (&type->s_umount_key#25/1){+.+.}, at: alloc_super fs/super.c:226 [inline]
 #0: 00000000c0faf3eb (&type->s_umount_key#25/1){+.+.}, at: sget_userns+0x20b/0xcd0 fs/super.c:519
4 locks held by systemd-udevd/26129:
BTRFS info (device loop0): disk space caching is enabled

=============================================

EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue
NMI backtrace for cpu 1
CPU: 1 PID: 1571 Comm: khungtaskd Not tainted 4.19.211-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
 __dump_stack lib/dump_stack.c:77 [inline]
 dump_stack+0x1fc/0x2ef lib/dump_stack.c:118
 nmi_cpu_backtrace.cold+0x63/0xa2 lib/nmi_backtrace.c:101
 nmi_trigger_cpumask_backtrace+0x1a6/0x1f0 lib/nmi_backtrace.c:62
 trigger_all_cpu_backtrace include/linux/nmi.h:146 [inline]
 check_hung_uninterruptible_tasks kernel/hung_task.c:203 [inline]
 watchdog+0x991/0xe60 kernel/hung_task.c:287
 kthread+0x33f/0x460 kernel/kthread.c:259
 ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:415
Sending NMI from CPU 1 to CPUs 0:
NMI backtrace for cpu 0
CPU: 0 PID: 20470 Comm: kworker/u4:9 Not tainted 4.19.211-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Workqueue: bat_events batadv_nc_worker
RIP: 0010:__lock_acquire+0x61/0x3ff0 kernel/locking/lockdep.c:3275
Code: 00 b3 8a b5 41 48 c7 84 24 a0 00 00 00 78 29 b7 89 48 c7 84 24 a8 00 00 00 e0 f7 4a 81 65 4c 8b 2c 25 c0 df 01 00 48 89 04 24 <48> 8d 84 24 98 00 00 00 48 c1 e8 03 48 89 44 24 08 48 01 d0 c7 00
RSP: 0018:ffff88805cfdfae8 EFLAGS: 00000096
RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
RDX: dffffc0000000000 RSI: 0000000000000000 RDI: ffff88813bfc2958
RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000001
R10: 0000000000000005 R11: 0000000000000000 R12: 0000000000000001
R13: ffff888055438200 R14: ffff88813bfc2958 R15: 0000000000000001
FS:  0000000000000000(0000) GS:ffff8880ba000000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007ff4d8428000 CR3: 000000005a8bc000 CR4: 00000000003406f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 lock_acquire+0x170/0x3c0 kernel/locking/lockdep.c:3908
 __raw_spin_lock_irq include/linux/spinlock_api_smp.h:128 [inline]
 _raw_spin_lock_irq+0x5b/0x80 kernel/locking/spinlock.c:160
 spin_lock_irq include/linux/spinlock.h:354 [inline]
 process_one_work+0x992/0x1570 kernel/workqueue.c:2181
 worker_thread+0x64c/0x1130 kernel/workqueue.c:2296
 kthread+0x33f/0x460 kernel/kthread.c:259
 ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:415
----------------
Code disassembly (best guess):
   0:	00 b3 8a b5 41 48    	add    %dh,0x4841b58a(%rbx)
   6:	c7 84 24 a0 00 00 00 	movl   $0x89b72978,0xa0(%rsp)
   d:	78 29 b7 89
  11:	48 c7 84 24 a8 00 00 	movq   $0xffffffff814af7e0,0xa8(%rsp)
  18:	00 e0 f7 4a 81
  1d:	65 4c 8b 2c 25 c0 df 	mov    %gs:0x1dfc0,%r13
  24:	01 00
  26:	48 89 04 24          	mov    %rax,(%rsp)
* 2a:	48 8d 84 24 98 00 00 	lea    0x98(%rsp),%rax <-- trapping instruction
  31:	00
  32:	48 c1 e8 03          	shr    $0x3,%rax
  36:	48 89 44 24 08       	mov    %rax,0x8(%rsp)
  3b:	48 01 d0             	add    %rdx,%rax
  3e:	c7                   	.byte 0xc7