I do get get the same backtrace in gdb every time every time when we reproduce the hang:

(gdb) thread apply all bt

Thread 9 (Thread 0x7fd1415ff700 (LWP 3202)):
#0  0x00007fd323d154bf in __GI___poll (fds=0x7fd1415fe6c0, nfds=2, timeout=-1) at ../sysdeps/unix/sysv/linux/poll.c:29
#1  0x00007fd324978bb2 in ?? () from target:/lib/x86_64-linux-gnu/libusb-1.0.so.0
#2  0x00007fd323defea7 in start_thread (arg=<optimized out>) at pthread_create.c:477
#3  0x00007fd323d1feaf in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95

Thread 8 (Thread 0x7fd1437fe700 (LWP 3171)):
#0  0x00007fd323d16d87 in ioctl () at ../sysdeps/unix/syscall-template.S:120
#1  0x000055a5daef74f7 in kvm_vcpu_ioctl ()
#2  0x000055a5daef7631 in kvm_cpu_exec ()
#3  0x000055a5daedaede in ?? ()
#4  0x000055a5db32194b in ?? ()
#5  0x00007fd323defea7 in start_thread (arg=<optimized out>) at pthread_create.c:477
#6  0x00007fd323d1feaf in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95

Thread 7 (Thread 0x7fd143fff700 (LWP 3170)):
#0  0x00007fd323d16d87 in ioctl () at ../sysdeps/unix/syscall-template.S:120
#1  0x000055a5daef74f7 in kvm_vcpu_ioctl ()
#2  0x000055a5daef7631 in kvm_cpu_exec ()
#3  0x000055a5daedaede in ?? ()
#4  0x000055a5db32194b in ?? ()
#5  0x00007fd323defea7 in start_thread (arg=<optimized out>) at pthread_create.c:477
#6  0x00007fd323d1feaf in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95

Thread 6 (Thread 0x7fd150dfd700 (LWP 3169)):
#0  __lll_lock_wait (futex=futex@entry=0x55a5db80a540, private=0) at lowlevellock.c:52
#1  0x00007fd323df2843 in __GI___pthread_mutex_lock (mutex=0x55a5db80a540) at ../nptl/pthread_mutex_lock.c:80
#2  0x000055a5db321b43 in qemu_mutex_lock_impl ()
#3  0x000055a5daedac8e in qemu_mutex_lock_iothread_impl ()
#4  0x000055a5dae92ac9 in ?? ()
#5  0x000055a5dae97de7 in flatview_read_continue ()
#6  0x000055a5dae98023 in ?? ()
#7  0x000055a5dae9813b in address_space_read_full ()
#8  0x000055a5daef78cf in kvm_cpu_exec ()
#9  0x000055a5daedaede in ?? ()
#10 0x000055a5db32194b in ?? ()
#11 0x00007fd323defea7 in start_thread (arg=<optimized out>) at pthread_create.c:477
#12 0x00007fd323d1feaf in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95

Thread 5 (Thread 0x7fd1515fe700 (LWP 3168)):
#0  __lll_lock_wait (futex=futex@entry=0x55a5db80a540, private=0) at lowlevellock.c:52
#1  0x00007fd323df2843 in __GI___pthread_mutex_lock (mutex=0x55a5db80a540) at ../nptl/pthread_mutex_lock.c:80
#2  0x000055a5db321b43 in qemu_mutex_lock_impl ()
#3  0x000055a5daedac8e in qemu_mutex_lock_iothread_impl ()
#4  0x000055a5dae92ac9 in ?? ()
#5  0x000055a5dae97de7 in flatview_read_continue ()
#6  0x000055a5dae98023 in ?? ()
#7  0x000055a5dae9813b in address_space_read_full ()
#8  0x000055a5daef78cf in kvm_cpu_exec ()
#9  0x000055a5daedaede in ?? ()
#10 0x000055a5db32194b in ?? ()
#11 0x00007fd323defea7 in start_thread (arg=<optimized out>) at pthread_create.c:477
#12 0x00007fd323d1feaf in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95

Thread 4 (Thread 0x7fd151dff700 (LWP 3167)):
#0  __lll_lock_wait (futex=futex@entry=0x55a5db80a540, private=0) at lowlevellock.c:52
#1  0x00007fd323df2843 in __GI___pthread_mutex_lock (mutex=0x55a5db80a540) at ../nptl/pthread_mutex_lock.c:80
--Type <RET> for more, q to quit, c to continue without paging--
#2  0x000055a5db321b43 in qemu_mutex_lock_impl ()
#3  0x000055a5daedac8e in qemu_mutex_lock_iothread_impl ()
#4  0x000055a5dae92ac9 in ?? ()
#5  0x000055a5dae97de7 in flatview_read_continue ()
#6  0x000055a5dae98023 in ?? ()
#7  0x000055a5dae9813b in address_space_read_full ()
#8  0x000055a5daef78cf in kvm_cpu_exec ()
#9  0x000055a5daedaede in ?? ()
#10 0x000055a5db32194b in ?? ()
#11 0x00007fd323defea7 in start_thread (arg=<optimized out>) at pthread_create.c:477
#12 0x00007fd323d1feaf in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95

Thread 3 (Thread 0x7fd320d97700 (LWP 3166)):
#0  0x00007fd323d154bf in __GI___poll (fds=0x7fd318003180, nfds=3, timeout=-1) at ../sysdeps/unix/sysv/linux/poll.c:29
#1  0x00007fd324a097ee in ?? () from target:/lib/x86_64-linux-gnu/libglib-2.0.so.0
#2  0x00007fd324a09b53 in g_main_loop_run () from target:/lib/x86_64-linux-gnu/libglib-2.0.so.0
#3  0x000055a5db016c71 in ?? ()
#4  0x000055a5db32194b in ?? ()
#5  0x00007fd323defea7 in start_thread (arg=<optimized out>) at pthread_create.c:477
#6  0x00007fd323d1feaf in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95

Thread 2 (Thread 0x7fd3224de700 (LWP 3156)):
#0  syscall () at ../sysdeps/unix/sysv/linux/x86_64/syscall.S:38
#1  0x000055a5db3226fa in qemu_event_wait ()
#2  0x000055a5db33466a in ?? ()
#3  0x000055a5db32194b in ?? ()
#4  0x00007fd323defea7 in start_thread (arg=<optimized out>) at pthread_create.c:477
#5  0x00007fd323d1feaf in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95

Thread 1 (Thread 0x7fd3224dff40 (LWP 3148)):
#0  0x00007fd323d154bf in __GI___poll (fds=0x55a5dca30150, nfds=3, timeout=3) at ../sysdeps/unix/sysv/linux/poll.c:29
#1  0x00007fd324971f4d in ?? () from target:/lib/x86_64-linux-gnu/libusb-1.0.so.0
#2  0x00007fd32497316c in libusb_handle_events_timeout_completed () from target:/lib/x86_64-linux-gnu/libusb-1.0.so.0
#3  0x000055a5db18edc7 in ?? ()
#4  0x000055a5db18efab in ?? ()
#5  0x000055a5db31abf7 in aio_bh_poll ()
#6  0x000055a5db31e3fe in aio_dispatch ()
#7  0x000055a5db31aace in ?? ()
#8  0x00007fd324a095fd in g_main_context_dispatch () from target:/lib/x86_64-linux-gnu/libglib-2.0.so.0
#9  0x000055a5db31d638 in main_loop_wait ()
#10 0x000055a5dafad309 in qemu_main_loop ()
#11 0x000055a5dae9125e in main ()
(gdb)