======================================================
WARNING: possible circular locking dependency detected
5.7.0-syzkaller #0 Not tainted
------------------------------------------------------
syz-executor.0/7554 is trying to acquire lock:
ffffffff882cc448 (driver_lock){+.+.}-{3:3}, at: display_open+0x21/0x2a0 drivers/media/rc/imon.c:503

but task is already holding lock:
ffffffff87fe6a30 (minor_rwsem){++++}-{3:3}, at: usb_open+0x2a/0x3d0 drivers/usb/core/file.c:39

which lock already depends on the new lock.


the existing dependency chain (in reverse order) is:

-> #2 (minor_rwsem){++++}-{3:3}:
       down_write+0x92/0x150 kernel/locking/rwsem.c:1531
       usb_register_dev+0x19e/0x940 drivers/usb/core/file.c:187
       imon_init_display drivers/media/rc/imon.c:2388 [inline]
       imon_probe+0x24f8/0x3230 drivers/media/rc/imon.c:2472
       usb_probe_interface+0x315/0x970 drivers/usb/core/driver.c:374
       really_probe+0x2b1/0xe00 drivers/base/dd.c:525
       driver_probe_device+0x285/0x3f0 drivers/base/dd.c:701
       __device_attach_driver+0x216/0x2d0 drivers/base/dd.c:807
       bus_for_each_drv+0x14c/0x1e0 drivers/base/bus.c:431
       __device_attach+0x28d/0x450 drivers/base/dd.c:873
       bus_probe_device+0x1e4/0x290 drivers/base/bus.c:491
       device_add+0xb43/0x1ba0 drivers/base/core.c:2680
       usb_set_configuration+0xf86/0x1c70 drivers/usb/core/message.c:2032
       usb_generic_driver_probe+0xba/0xf2 drivers/usb/core/generic.c:241
       usb_probe_device+0xd9/0x250 drivers/usb/core/driver.c:272
       really_probe+0x2b1/0xe00 drivers/base/dd.c:525
       driver_probe_device+0x285/0x3f0 drivers/base/dd.c:701
       __device_attach_driver+0x216/0x2d0 drivers/base/dd.c:807
       bus_for_each_drv+0x14c/0x1e0 drivers/base/bus.c:431
       __device_attach+0x28d/0x450 drivers/base/dd.c:873
       bus_probe_device+0x1e4/0x290 drivers/base/bus.c:491
       device_add+0xb43/0x1ba0 drivers/base/core.c:2680
       usb_new_device+0x96a/0x1680 drivers/usb/core/hub.c:2554
       hub_port_connect drivers/usb/core/hub.c:5208 [inline]
       hub_port_connect_change drivers/usb/core/hub.c:5348 [inline]
       port_event drivers/usb/core/hub.c:5494 [inline]
       hub_event+0x23a9/0x44a0 drivers/usb/core/hub.c:5576
       process_one_work+0x86c/0x1620 kernel/workqueue.c:2269
       worker_thread+0x64c/0x1120 kernel/workqueue.c:2415
       kthread+0x392/0x470 kernel/kthread.c:291
       ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:351

-> #1 (&ictx->lock){+.+.}-{3:3}:
       __mutex_lock_common kernel/locking/mutex.c:956 [inline]
       __mutex_lock+0x134/0x11d0 kernel/locking/mutex.c:1103
       imon_init_intf0 drivers/media/rc/imon.c:2233 [inline]
       imon_probe+0x10a4/0x3230 drivers/media/rc/imon.c:2432
       usb_probe_interface+0x315/0x970 drivers/usb/core/driver.c:374
       really_probe+0x2b1/0xe00 drivers/base/dd.c:525
       driver_probe_device+0x285/0x3f0 drivers/base/dd.c:701
       __device_attach_driver+0x216/0x2d0 drivers/base/dd.c:807
       bus_for_each_drv+0x14c/0x1e0 drivers/base/bus.c:431
       __device_attach+0x28d/0x450 drivers/base/dd.c:873
       bus_probe_device+0x1e4/0x290 drivers/base/bus.c:491
       device_add+0xb43/0x1ba0 drivers/base/core.c:2680
       usb_set_configuration+0xf86/0x1c70 drivers/usb/core/message.c:2032
       usb_generic_driver_probe+0xba/0xf2 drivers/usb/core/generic.c:241
       usb_probe_device+0xd9/0x250 drivers/usb/core/driver.c:272
       really_probe+0x2b1/0xe00 drivers/base/dd.c:525
       driver_probe_device+0x285/0x3f0 drivers/base/dd.c:701
       __device_attach_driver+0x216/0x2d0 drivers/base/dd.c:807
       bus_for_each_drv+0x14c/0x1e0 drivers/base/bus.c:431
       __device_attach+0x28d/0x450 drivers/base/dd.c:873
       bus_probe_device+0x1e4/0x290 drivers/base/bus.c:491
       device_add+0xb43/0x1ba0 drivers/base/core.c:2680
       usb_new_device+0x96a/0x1680 drivers/usb/core/hub.c:2554
       hub_port_connect drivers/usb/core/hub.c:5208 [inline]
       hub_port_connect_change drivers/usb/core/hub.c:5348 [inline]
       port_event drivers/usb/core/hub.c:5494 [inline]
       hub_event+0x23a9/0x44a0 drivers/usb/core/hub.c:5576
       process_one_work+0x86c/0x1620 kernel/workqueue.c:2269
       worker_thread+0x64c/0x1120 kernel/workqueue.c:2415
       kthread+0x392/0x470 kernel/kthread.c:291
       ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:351

-> #0 (driver_lock){+.+.}-{3:3}:
       check_prev_add kernel/locking/lockdep.c:2496 [inline]
       check_prevs_add kernel/locking/lockdep.c:2601 [inline]
       validate_chain kernel/locking/lockdep.c:3218 [inline]
       __lock_acquire+0x2c7b/0x5d60 kernel/locking/lockdep.c:4380
       lock_acquire+0x183/0x9e0 kernel/locking/lockdep.c:4959
       __mutex_lock_common kernel/locking/mutex.c:956 [inline]
       __mutex_lock+0x134/0x11d0 kernel/locking/mutex.c:1103
       display_open+0x21/0x2a0 drivers/media/rc/imon.c:503
       usb_open+0x26d/0x3d0 drivers/usb/core/file.c:48
       chrdev_open+0x266/0x770 fs/char_dev.c:414
       do_dentry_open+0x4ff/0x1170 fs/open.c:828
       do_open fs/namei.c:3243 [inline]
       path_openat+0x1c36/0x27c0 fs/namei.c:3360
       do_filp_open+0x17e/0x3c0 fs/namei.c:3387
       do_sys_openat2+0x16f/0x3b0 fs/open.c:1179
       do_sys_open fs/open.c:1195 [inline]
       __do_sys_openat fs/open.c:1209 [inline]
       __se_sys_openat fs/open.c:1204 [inline]
       __x64_sys_openat+0x13f/0x1f0 fs/open.c:1204
       do_syscall_64+0xd7/0x380 arch/x86/entry/common.c:295
       entry_SYSCALL_64_after_hwframe+0x49/0xb3

other info that might help us debug this:

Chain exists of:
  driver_lock --> &ictx->lock --> minor_rwsem

 Possible unsafe locking scenario:

       CPU0                    CPU1
       ----                    ----
  lock(minor_rwsem);
                               lock(&ictx->lock);
                               lock(minor_rwsem);
  lock(driver_lock);

 *** DEADLOCK ***

1 lock held by syz-executor.0/7554:
 #0: ffffffff87fe6a30 (minor_rwsem){++++}-{3:3}, at: usb_open+0x2a/0x3d0 drivers/usb/core/file.c:39

stack backtrace:
CPU: 0 PID: 7554 Comm: syz-executor.0 Not tainted 5.7.0-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
 __dump_stack lib/dump_stack.c:77 [inline]
 dump_stack+0xf6/0x16e lib/dump_stack.c:118
 check_noncircular+0x324/0x3e0 kernel/locking/lockdep.c:1827
 check_prev_add kernel/locking/lockdep.c:2496 [inline]
 check_prevs_add kernel/locking/lockdep.c:2601 [inline]
 validate_chain kernel/locking/lockdep.c:3218 [inline]
 __lock_acquire+0x2c7b/0x5d60 kernel/locking/lockdep.c:4380
 lock_acquire+0x183/0x9e0 kernel/locking/lockdep.c:4959
 __mutex_lock_common kernel/locking/mutex.c:956 [inline]
 __mutex_lock+0x134/0x11d0 kernel/locking/mutex.c:1103
 display_open+0x21/0x2a0 drivers/media/rc/imon.c:503
 usb_open+0x26d/0x3d0 drivers/usb/core/file.c:48
 chrdev_open+0x266/0x770 fs/char_dev.c:414
 do_dentry_open+0x4ff/0x1170 fs/open.c:828
 do_open fs/namei.c:3243 [inline]
 path_openat+0x1c36/0x27c0 fs/namei.c:3360
 do_filp_open+0x17e/0x3c0 fs/namei.c:3387
 do_sys_openat2+0x16f/0x3b0 fs/open.c:1179
 do_sys_open fs/open.c:1195 [inline]
 __do_sys_openat fs/open.c:1209 [inline]
 __se_sys_openat fs/open.c:1204 [inline]
 __x64_sys_openat+0x13f/0x1f0 fs/open.c:1204
 do_syscall_64+0xd7/0x380 arch/x86/entry/common.c:295
 entry_SYSCALL_64_after_hwframe+0x49/0xb3
RIP: 0033:0x4196e4
Code: Bad RIP value.
RSP: 002b:00007f5f9b0d1cc0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 00000000004196e4
RDX: 0000000000000002 RSI: 00007f5f9b0d1d60 RDI: 00000000ffffff9c
RBP: 00007f5f9b0d1d60 R08: 0000000000000000 R09: 000000000000000f
R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002
R13: 00007ffd3e1110cf R14: 00007f5f9b0d2300 R15: 0000000000022000