Extracting prog: 3m47.768111399s
Minimizing prog: 10m42.161141433s
Simplifying prog options: 0s
Extracting C: 1m55.242797095s
Simplifying C: 6m24.935871263s


30 programs, timeouts [30s 1m40s 6m0s]
extracting reproducer from 30 programs
first checking the prog from the crash report
single: executing 1 programs separately with timeout 30s
testing program (duration=30s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:false NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_usb_connect-syz_open_dev$char_usb-read$char_usb
detailed listing:
executing program 0:
syz_usb_connect(0x0, 0x2d, &(0x7f0000000180)=ANY=[@ANYBLOB="1201fb0019030320d812010079de01ec020109021b0001000003000904000001785ecc00090585020004"], 0x0)
r0 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
read$char_usb(r0, 0x0, 0x0)

program did not crash
single: failed to extract reproducer
bisect: bisecting 30 programs with base timeout 30s
testing program (duration=37s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:false NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): [3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3]
detailed listing:
executing program 2:
r0 = syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f0000000240)={{0x12, 0x1, 0x0, 0x2, 0x0, 0x0, 0x40, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x5c, 0x2, 0x1, 0x0, 0x0, 0x0, {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0x5}, {0x5}, {0xd}, {0x6, 0x24, 0x1a, 0x0, 0x17}}}}}}]}}, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
executing program 0:
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000100)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x79, 0x6, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x40, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x1, 0x0, {0x9, 0x21, 0x0, 0x9, 0x1, {0x22, 0x5}}, {{{0x9, 0x5, 0x81, 0x3, 0x0, 0x5}}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, &(0x7f00000005c0)={0x14, &(0x7f00000001c0)={0x0, 0x22, 0x9, {0x9, 0x7, "6c46936e41c583"}}, 0x0}, 0x0)
executing program 1:
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x8, 0xe8f, 0x12, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x7}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f0000000200)={0x18, &(0x7f0000000040)={0x0, 0x0, 0x7, {0x7, 0x0, "34fe801d5e"}}, 0x0, 0x0, 0x0, 0x0}, 0x0)
executing program 2:
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x8, 0x810, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}}}]}}]}}, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f00000003c0)={0x18, &(0x7f0000000040)={0x0, 0x0, 0x5, {0x5, 0x0, "a7ea31"}}, 0x0, 0x0, 0x0, 0x0}, 0x0)
executing program 0:
r0 = syz_usb_connect(0x0, 0x5d, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100009b6cec20ca08602058c60102030109024b0001000000000904"], 0x0)
syz_usb_disconnect(r0)
syz_usb_connect(0x0, 0x3f, &(0x7f0000000040)=ANY=[], 0x0)
executing program 4:
syz_usb_connect(0x0, 0x2d, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000050cb5340450c10108e492940a8090902"], 0x0)
r0 = syz_open_dev$hidraw(&(0x7f0000002300), 0x0, 0x80040)
ioctl$HIDIOCGRDESC(r0, 0x4030582a, &(0x7f0000000040))
executing program 1:
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x8, 0xc70, 0xf014, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}}}]}}]}}, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f00000001c0)={0x24, 0x0, 0x0, &(0x7f0000000140)={0x0, 0x22, 0x5, {[@global=@item_012={0x1, 0x1, 0x2, "ae"}, @global=@item_012={0x2, 0x1, 0xa, "50d6"}]}}, 0x0}, 0x0)
executing program 2:
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f00000000c0)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1e7d, 0x2db4, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x7}}}}]}}]}}, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f00000003c0)={0x2c, &(0x7f0000000040)={0x0, 0x0, 0x18, {0x18, 0x0, "a7ea3163fdfa964eccac45d3456808f1e3fe0c472c8d"}}, 0x0, 0x0, 0x0, 0x0}, 0x0)
executing program 3:
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x4e7, 0x30, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x7}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f0000000380)={0x2c, &(0x7f00000001c0)={0x0, 0x7, 0x58, {0x58, 0x0, "4047bcd11cbae8e220ce246a2dc1b6f1924ce29e603093c54243fddec1d96a30abdec5ce56c29a27b382719464696e4ae3a20e168cf5fb1c2f39ba875d9d10bd9296e06ac85a26dde3c2d623067e1f137874caa7106a"}}, 0x0, 0x0, 0x0, 0x0}, 0x0)
executing program 4:
r0 = syz_usb_connect(0x0, 0x4a, &(0x7f0000000040)=ANY=[@ANYBLOB="120100005520f010402038b1420104000001090238000100000000090400000371055900090582eb1000000001020009050276"], 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000400)={0x24, &(0x7f0000000180)={0x0, 0xb, 0x91, {0x91, 0x9, "9fee84b64bde36f9962690cf88fe409431d4430ba51d8505c0df1160dc9c1b557cc3839ffd4a0f9c80df570011284d5698f1995b95d4dd344113dd197bc2aabb2c9fbcb8f8a205f638267cc662da98571239aee6e40894b0bde0db41224002f6f79222d0c2660f8d619cb556c4e9b4483b193de415c39c663fd08361b7ab60abd7cc254f04bbca9853709f0600edbf"}}, &(0x7f00000002c0)={0x0, 0x3, 0x2, @string={0x2}}, 0x0, 0x0}, 0x0)
syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0xc38, &(0x7f0000000080)=ANY=[])
executing program 1:
r0 = syz_usb_connect(0x0, 0x36, &(0x7f0000000300)=ANY=[@ANYBLOB="120100009b23fd406d04c1088dee000000410902240001fa0000000904000000ff01000007240100002e000b240201064dbd81"], 0x0)
syz_usb_control_io$cdc_ecm(r0, &(0x7f0000000280)={0x14, 0x0, &(0x7f0000000240)={0x0, 0x3, 0x1a, {0x1a}}}, 0x0)
syz_usb_control_io$printer(r0, &(0x7f00000002c0)={0x14, 0x0, &(0x7f0000000b00)={0x0, 0x3, 0x94, @string={0x94, 0x3, "62745a5df96bf33c9402c17c5e65f5d90490453157158a59261b8d13ba0b2840b3ef402565eb51dde7793dd5d638733ff66442953dde6e308030d07f83735355e032521dd6ed47abc04ab2080fec874b79f4648129fb72938f2cd7a5efbabcb9c3794291bd2802ffd4c43b4d7109f80b30732d37b635aeb2b40fb0dcaef5d568a9ec9f674e9ac832162303989c4a1febacdb"}}}, 0x0)
executing program 3:
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000000000406d0434c500000000000109022400010000000009040800010300000009210000000122050009058103"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000280)={0x24, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x22, 0x5, {[@main=@item_4={0x3, 0x0, 0x0, "a8f46877"}]}}, 0x0}, 0x0)
executing program 2:
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f00000000c0)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0x458, 0x500f, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x9, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}}}]}}]}}, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f0000000040)={0x2c, &(0x7f0000000200)=ANY=[@ANYBLOB="200b4000000028b1"], 0x0, 0x0, 0x0, 0x0}, 0x0)
executing program 0:
r0 = syz_usb_connect_ath9k(0x3, 0x5a, &(0x7f0000000980)={{0x12, 0x1, 0x200, 0xff, 0xff, 0xff, 0x40, 0xcf3, 0x9271, 0x108, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x48}}]}}, 0x0)
syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0x8, &(0x7f0000000040)=ANY=[@ANYBLOB='\x00@\x00N'])
syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0x8, &(0x7f00000003c0)={[{0x2, 0x4e00, "1929"}]})
executing program 4:
r0 = syz_usb_connect$hid(0x2, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000090024206d041cc340000000000109022400010000a00009040000010301010009210008000122010009058103"], 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000240)={0x24, &(0x7f00000002c0)=ANY=[@ANYBLOB="00000c000000070001"], 0x0, 0x0, 0x0}, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000180)={0x84, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB=' '], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
executing program 1:
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000dc0)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0xfc5, 0xb080, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x3}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f0000001500)={0x2c, &(0x7f00000012c0)={0x0, 0x0, 0x6e, {0x6e, 0x0, "6bfb5465e6c35698b047654524c3b165bf661a2a04ceefd572c552aa9eb7717de0701f81f1017c4f77b42f746aa088266a30480623f0134712dc4e12689b9c1f8a26e3fe790f27c98df81f3dbb9d2beae074071cba31fc46027755a65190f7006d4abc4af6055120493a0d0e"}}, 0x0, 0x0, 0x0, 0x0}, 0x0)
executing program 3:
r0 = syz_usb_connect_ath9k(0x3, 0x5a, &(0x7f00000001c0)={{0x12, 0x1, 0x200, 0xff, 0xff, 0xff, 0x40, 0xcf3, 0x9271, 0x108, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x48}}]}}, 0x0)
syz_usb_ep_write$ath9k_ep2(r0, 0x83, 0x10, &(0x7f0000000240)=@ready={0x0, 0x0, 0x8, "b326b0dc", {0x1, 0x8, 0x7, 0x9}})
syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0x10, &(0x7f0000000f40)={[{0xc, 0x4e00, "155038aad51c1e2bedcda6bd"}]})
executing program 2:
r0 = syz_usb_connect(0x3, 0x24, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x64, 0xe, 0xa7, 0x8, 0x3574, 0x6211, 0x719c, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x2, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x56, 0x0, 0x0, 0xff, 0xff, 0xff}}]}}]}}, 0x0)
syz_usb_disconnect(r0)
syz_usb_connect(0x2, 0x36, &(0x7f0000000240)=ANY=[], 0x0)
executing program 4:
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x32, 0xf4, 0x49, 0x10, 0x9c0, 0x201, 0xaa4, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0xe5, 0xa5, 0xc8}}]}}]}}, 0x0)
syz_usb_control_io$hid(r0, 0x0, &(0x7f0000000e80)={0x2c, &(0x7f0000000f00)=ANY=[@ANYBLOB="4013af00000013"], 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ecm(r0, 0x0, &(0x7f0000000340)={0x1c, &(0x7f00000001c0)={0x0, 0x0, 0x1, 'o'}, 0x0, 0x0})
executing program 0:
syz_usb_connect(0x5, 0x2d, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0x24, 0x39, 0xda, 0x20, 0x6cd, 0x112, 0xd2a2, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x1b, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x71, 0x7f, 0xfe, 0x0, [], [{{0x9, 0x5, 0x5, 0x3}}]}}]}}]}}, 0x0)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)
syz_usb_control_io$uac1(0xffffffffffffffff, 0x0, 0x0)
executing program 1:
syz_usb_disconnect(0xffffffffffffffff)
syz_open_dev$evdev(0x0, 0x2, 0x822b01)
syz_usb_connect(0x0, 0x24, &(0x7f00000007c0)=ANY=[@ANYBLOB="12010000ed3ec908cd0cb300ea2d010203010902120001000000000904"], 0x0)
executing program 3:
r0 = syz_open_dev$hidraw(&(0x7f0000002300), 0x243c2917, 0x14a042)
write$hidraw(r0, &(0x7f0000003000)="297860dfde1863c08be8a1b7ad03094335f03542a50ea1e811193af3fb75f07ebb230f0791102fcd36124dd6fe8af416d0cb4bbbebbd8f1396a4772e1e9bc2c9e18ec784a3a99bc0f612d783b6822e8c7d2fd6f3e32710a16907ba29fc540e5f7a84138d2b91d7f7c68a43c4aa95ddd5adda44c7d132c5a51435d891e0804aa2f10e6ac281ec9f9e4538066bb7b9d692f30357780059f3bb86876d2ed600588fbd47a73825e61607fc361a459ee650333870af5d4c828d7f7799f662e7f043292136de6a9c3d928d95ed36f316329fe4a37af00bc0f200045538ba0961168a72ce5a358100d07b9c92c687926dd42b4a85ba8b7b150a99a000f4b3985c277ee70ff96c12c2c5625677f29cbcbf1cf9228c35f3a1bcf71e3a69b959413ce88746fbd18ac526335460496df9afb86c9011482dd00e57cf2898ad963f993d5fd94927aab1321cedc606d52d24c97997a04b5bebcbf2b55be90e35055b4a5d1b6eb70f7a7e5544c44d8a9f0f35755da03f642d385641b7d814d6c4aff7bfa4cf9b20c67633d517cb4fc431a5fc34d758e0bbb4860a05b5044aea1bcc14ff9ecb81e98af787abddff559ad8ea005e8efc5a9588b2dee9028e633e66c6c425f72c7c655b64b1284d21892e332dc53095268ad9a74b033f1cffc462177fae09fa528769fa5c4ed497cfd3119afae90c8a5fe2114a21595275ae10bbbe2aaee8a366a185235670049c5503e570f52087c53ab0c38db6b0b028e635fcb8882d0bb1be1872bd75f937aff57c7026525bfc2414250f8978e156de8bd6f2e15f026ee7333c9cf8892f81e868f9bccf942c77259808a14127df1b7ebee12b25041ba61afb81c9c4bccaaa0b181c74f6d6bc084d665ea4a744bc2364e6ad5fa3da0230ea4d1ffa883c3fe852e7a64ae91185f64a99e56beb11321f92a6dfe668a9d41acf9921c2497c0aaeae50c441fdf34fca82cc58ff1961eb6bd2eea0bea29213fcb39c5bd5199b3f0a7bda8629c9a98b6ebad502293f9f2c835b12c69d630cbea6b0e0c97ce8110d852bbc9e0a9a1eea66c2d0e47a6d51d44e2d8a8a5a980828bf0de3eea059f2597f398cb50cf2d9704dcef49ad9f5d3b4bd8729d57a7e665708780863d1f96c204cedba74cae9ee7b433d50a2bbedad81ba2aaff9d1a8e15bbc13ae86f469bffae227592768b968f27042137ec2568304448b8209f9b1822c899fa47f189aae3aa1e0e115581dc1c1dac3141e0dfeb85e87a12952852d5018f8f0d5ad5975320ae356b847f6cc9c89bb9d7a5e6728584a97b77a8054e129aac35623e30c169d444f0c58adb4148d734eb26fe57dad156ebf0a985ff946583dade5f183687997b7302f207840ced708719df301880d6fddf6e38fb04bd8c069303d55f6c8a07275434eaad6f8435f4096fe909c7e02f317c28975a7bad6ae1d883244ba6e72f5fcb24d832562449866b7bc6878775237dc5c0d9ccb1cd3b6fe67794a5af53ea7fb01de105809a84496ed2f03e20b1dfdab3d4cb21d8b4998f77595c4b99c183c821989fec094cb91ede61bf5c0d116c3116f903715e692675196d7e499a118c788a09a8f687aefd10af1c34f670dce4b5e628715ddcde04acc7299db87db83f8ef0d7c1d9979d7894d3d0d16e536d25789e86f2cab2856cf0b71efd91757f157da3300b1374fe80ea0d05b5ec52434f5b8c20dee83d2b92f338d4a3339aa3a78bf79d8260c55d002618b1444952bad36ba1c17dc801c1ad008f2bebdee89c54d582fdd89da995c5eb7b4c923c1e1d9d29207e92e913fa2187a10302052e6fa0da1c6134db7a4ad2679a0558a43d4d05d60cfa0ee41c7f458951a54173d91139142573794c594c65f25b93d7b7499956a2a5614a5aebc1567ea47cef87fca1d2a82d7f9eabdb7a933ffba467a3e26eeec8ab0a31358589cf451fbc90a9619c470424afc464308bf02b4208a72be8f74cc840fca700ae6e147da83fa27216179ef984c1dfce0c7bb5c8e0ac23b97748905b219bd75ef425a334660ec930b4ef6cc3ab0429794649149404d856d9c6ddaf69c66b60aabe8d214973f74db7760d26f9699a32246a0947a0af6a26841386298ff61a32bac3aa6e8fa5260c19e0b5db71a11d45ed34cb9a48ca56d1d2516e110e510aa5eddbbc207220dd7ac2fd77f1e219e6097e3a5cd15662c80169d00fb69cdac5e7246fdfdead45f91d8f3bc6c878d8ff0182e0f9efdc9330d55a04a01f08825e6e7df9e552f8f630f3344150c0bad7901eb9ef11c56fee9d86a7781bd34ed0c4da0a59366c7bc31fe01e8b01ceb9ed833c9759df103ab0e644282e951a0cc50e6c76217bebe6a2e6be568fc3670ce621f2379b22b77340986dc323e5f252ce4ff3a87295fb2d124ce7cd8afb00c1e3c187d0abbd448196256ac652112073ccae7577d27cbe3df18321e0fb435629737f51e849abadc065b8fdbe846ab31d11eaf80ef27eb60eca3d12944c43152a67c7e3ca484c4f325076846f87063e79f893d7f872a1cc4167b7f8474166ebc43e5c1e1adc6c963d77d6c9dd164cd37e12e8ce4699cd500a3b060bac1d778bbe2a5d36bc816ff5e75e8a32704a0f326a3a46c703549e0a7ef88f0fbde6598591f66aec1813cfc0de35986d0151ee79e1297a8932b400996672f092b50718f5ffb0159044552bae06811bc42d5b90e7cba3fc775916af5861d0025a1d3957a93f704e5ab5c2876e477a8a9df7efe6661c7e208cddf8f1a15bf030206a64f69e2fc26cfbcf1315d5f6d189e0da3c69c3bbcc14f70d6a6b02644e36decc52992545238112b5f3c2a80036a8af0ad8381b97162a7ff0565e2945f0182b13d6235437dee1a8f48aa847a6aafdf699dcec9e46c63f26e7fffb70a54129b7494ee3d9d97e220d2e418735d129be91bf24f0d0b22f9ef6dca7fdb60a34b59e3fda4d364d18451d385fd17dff74519a1f22470781c86d07fa66ffffab1d6aa413362570d38780340bdeeee6d4c5da51512c0757d69cac48c7c44441e1abb06b6a8943c093d732e8b39f85570c3e846a62b4cda5c0c5974a001433c8e3ffae9afff41419c0caa58f6853067bfb92b55c6ecd58503b8deebc44ab258064787dbeef58b0914dbc8cea6bffbe619ff976d7987648457ee49c7744f58f919906c1987bebfb13b14ef8bc40dc7a95c34a825efd517c95fa5380073421efb95ae6e4ff3ece3f4501c918521b230dd169ee6ddb5f09c8762287c28a2b9a75d569f392bb7184edae72084e1fc295347d16caabe0196a7f679687f399dfaaffc537544b9f8cf27b2a44217187308845ce2bb3227412aa9d6a582800540fb715e0483c96f5e66247616f59bc275036b622502191ca3b29749f79675f88a6ad9b304e9cbe21a2c817db9622bac725246a71b9c8659d81b75cc1d37ca5797270ef9f82124a2077ea408bd01dfc53cb701a2b276e322ee4ff268e540781b8d4066d75747aa27342c842ea569679f6d0146bf3c5fcd57f10cdc2a1cab835cf9e6c8924d4808c3beeb16c47f58484d0dc60a38612a4caeef41cc3b6c7adb651c2e024ec75c5a4af98450aac1638ae45c9cb902723d584ecef25345bb33255f65b0cc469c19a1ec84045a7e8388f7391ad31606cb6e3e46cf7eb48996a96ff4b7a2d97a8cb5da97842b28fc48b279ab99da252fffbd0034667c51e12406ea161dd9ea19bbe33ee464a45fed53939d104deb7febc9b362320d2c3008e27ae7094274bb75b7379e8db191ef34e1d9b648dda3de37c59fd2e6d569398c9fb3529976f12ea64a67f66a577ceed99da2899edc953feef13e3ac6952bef1c2443d25e6cabb7fb538920255650a7ffa05d43b9d87c2ed323b4edbf39f5a101986f2ef41cb14565d9f86584008548e6688fda0e95f13c3856368fafee0bc673d0d9cde94e500398785c14fcad3082684817d2d1ea4c96c207f2b12036ce0954639f4e4f2e0ff5bf4af919464359fb67208401cb1e6196e64534871a74e888b16dcc4f6c8872cd2f973788c5048e30ef9d863534017f4c35ae35dbc96d9bf487a181b2edeeb8d5bade6d0df4214a70a1feb58b0bc94eb601b8a2c0f3d4012bc215d0bc3fc9f548d58a02df1a4a5b071829665be43396bc8de262f69f245888699c611354428c9f31ac0a59cbb6fd1cddcfb7cbc5a1fb4d10627d8e37940052945c1da8c9994ef34372baad992cbaa20511c0064762d70edcfd6da5c4d7ed9a9e951656ce24b22f32bdef9707ecbb725b64c31ba0466259600260513d9f7652661d32e77236a4eb35597ad9962d93138374af9e09a14ff3b60f5b7e024b9f9867a9c13260115023ed09b11ae64cbafdafbdca3fbc5075ce311e18510a5220841813a3e0fab2e6f3e42e4ef745058bad080ab61a5c3393ab2e59e3e57707d0ca9c6978eb516204cd1492097fd44dbe46b6ea2c650f8aa7bb48f836bcdbe6748f2cd52314f1bc9594531b598e44f82e80ae4a0d09d713dffc1444c948ae98ffe49ec1985b12870d104942bcfa7aca4c55d01b160cac2f67bc9eeeac3fc04708de40e4b9cee99e8c1409f3a161f3dbf4eda628f92df6b51939bcf6d5edbac55cc28480f9ca49bc1d4dc5139bfb5755c6217b784c5e337102e9f5d290d66c712548110eb65c92927409a4c8f8caa8ba8d50ef09a7d0c4077593dc7394416ec21daf38c7460e0bb5584b463f3080d453f39f39c5ed7a0bdc402447a2f77154dbeebc951fecbe5c6d95daa82a849c52909b06eca7edb175ecef1f4a1bbdfde650ccfe7ee1d79f68ad372b238a6edf93a7893912b33c4ad59ef9c7d4074329b5a35712a956397b941f7f660542127cff35e1dcb0b0d6ef3352537cda87a274022d81e0ed7b9a7a9249e00f934bcc8f4c3dc8ee8225f6cc5d91d343bf7e1d866716bfd3f651ce04fa6504229a0cfba1600ab8a9ddf670c59737558dccabb39436f507b60377e438f7ebfdefc4bed6ef3716cd75ebebdbddfddf79ab2f28093b1fb0de2fbedd8ca1a1c0103396ff2b5b8d698e0317c9da7cfe8de0856c2156305fa90d22ac0cb1706a12fbb80596202d6d286422c1f8ce8e70e2c43449b4e5f457c1ed92354f1bbb9ebd0c72e13639ff5e0f4e4a21593b8c05bec7f6dd097bc23bc8e202241f8f5fe81ad72479c5f4542b79644f722d80e140b8a0ed3a7f09702b3340f0e2d3e69c5c26c1e6d08621297670a006d07496f5cc09edb1841d941ccf1fb9f9ef5391d1a11a4638aa287fe87a8dda89eba495f6ad25f50f69773143961d076558fa10482f615fe8d5c8fdf2d3265c76bd23b7de8ea1204d1ad0c8d787d59ae47e000b61812dcba8a8253af88d6575b6001180bb4bd6e811338d07848737fa6b368447ed640af0c2edec2284056b05ae4bd5e939d0097daf22433eeca39548cee7d197c31b8aa1e9780d834a0c5396b34aa53aa725844cb7afda83dbf3caebe9a2bbc2174a8e2f8a48e4af3d4a1ee3690a81ae4f2ca0a70145720da67083576058d7b6cd1e7ac86bbed5d3247cc918d20bcbf053675dadb3970e06621748299c17b93c8b969904e72d6bffddc31ed279b5cf4df1799c4b0988c8f87505652c3626bc33f26361e496db09bae6ad6b26a6a1dd0506be9139905368256638468b596ac343fea3e5511899d757c4ea1f571a189545e6e6282833ef18f2b2962b3905ccf69f4bfd0e07268f2c4dc80c68b24b9555ef3eb3d4a9a52f4a993c260e4563319a8b13052be67c5dff1d54c250267c912d50a47f384daf400b728a9ac53ffc0019d9e39ed42c17bb1ee49ff65b3f", 0x6bc47488d130961f)
syz_open_dev$hidraw(&(0x7f00000006c0), 0x243c2917, 0xa0602)
executing program 3:
syz_usb_connect$uac1(0x0, 0xb7, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000000000106b1d01014000010203010902a50003010000000904000000010100000a24010600000201020d24060000030000000000000008240800000000500c24020000000000800000001324060006060000000009000000000000000009240300000000050009240605040100000009040100000102000009040101010102000009050109000004000007250100000000090402000001020000090402010101"], 0x0)
syz_usb_control_io$hid(0xffffffffffffffff, 0x0, 0x0)
ioctl$EVIOCGMASK(0xffffffffffffffff, 0x80104592, 0x0)
executing program 0:
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1044, 0x7a4d, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x4}}}}]}}]}}, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f0000000380)={0x2c, &(0x7f0000000800)=ANY=[@ANYBLOB='@1\b'], 0x0, 0x0, 0x0, 0x0}, 0x0)
executing program 4:
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000000000402609333340000000000109022400010000000009040000010301010009210000000122010009058103"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f00000011c0)={0x2c, &(0x7f0000000100)=ANY=[@ANYBLOB="000002"], 0x0, 0x0, 0x0, 0x0}, 0x0)
executing program 2:
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0xe3, 0x8, 0x64, 0x10, 0xbda, 0xf179, 0xcfdf, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0xff, 0xff, 0xff}}]}}]}}, 0x0)
syz_usb_connect$cdc_ncm(0x0, 0x6e, 0x0, 0x0)
syz_usb_control_io$printer(r0, 0x0, &(0x7f00000005c0)={0x34, &(0x7f00000003c0)={0x0, 0x0, 0x3, "b24818"}, 0x0, 0x0, 0x0, 0x0, 0x0})
executing program 1:
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0xc, 0xa3, 0x8f, 0x40, 0x13d8, 0x11, 0xd062, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x20, 0x80, [{{0x9, 0x4, 0xce, 0x0, 0x0, 0xa6, 0x1, 0x56}}]}}]}}, 0x0)
syz_usb_disconnect(r0)
syz_usb_connect(0x0, 0xfffffffffffffffe, &(0x7f0000000100)=ANY=[], 0x0)
executing program 3:
syz_usb_connect(0x0, 0x2d, &(0x7f0000000180)=ANY=[@ANYBLOB="1201fb0019030320d812010079de01ec020109021b0001000003000904000001785ecc00090585020004"], 0x0)
r0 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
read$char_usb(r0, 0x0, 0x0)
executing program 0:
syz_usb_connect$cdc_ncm(0x0, 0x0, 0x0, &(0x7f00000006c0)={0x0, 0x0, 0xc1, &(0x7f0000000180)={0x5, 0xf, 0xc1, 0x4, [@ptm_cap={0x3}, @ss_container_id={0x14, 0x10, 0x4, 0x0, "b712d041d36c2d8515ec26ba5affb8d6"}, @generic={0x9d, 0x10, 0x0, "6a66a17ba6f3dfb30a417a26ff2e4c76046cf4fcbdcab3217b7d513caa2a7bdf813a16cbaeb21d16be222d8b2fc82fdd7c7306e1750ed16af6db7ad5a82e61874f93f90908472dc3a55f7839b7a8a792ca8ad7288d07c59222e0f1084128bc0f7e461141d0cff03ceee9a0a78c6b75375f665646b6539fea8b40743ace635189d1c8892209e0d07db2a52a192efa5fe8187c75382f9a9fd57dfd"}, @generic={0x8, 0x10, 0x0, "668a8cc7c3"}]}})
r0 = syz_open_dev$evdev(&(0x7f0000001540), 0x0, 0x0)
ioctl$EVIOCGLED(r0, 0x5452, &(0x7f0000000240)=""/77)
executing program 4:
r0 = syz_usb_connect(0x0, 0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="12010000c0780a402a1101007f9e0102030109022400010000000009040000020a6bc50009f40522000000000009059232"], 0x0)
syz_usb_disconnect(r0)
syz_usb_connect(0x0, 0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="120100009c147010861246205bb4018203010902240001000000000904000002ff0401000905"], 0x0)

program did not crash
replaying the whole log did not cause a kernel crash
single: executing 1 programs separately with timeout 1m40s
testing program (duration=1m40s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:false NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_usb_connect-syz_open_dev$char_usb-read$char_usb
detailed listing:
executing program 0:
syz_usb_connect(0x0, 0x2d, &(0x7f0000000180)=ANY=[@ANYBLOB="1201fb0019030320d812010079de01ec020109021b0001000003000904000001785ecc00090585020004"], 0x0)
r0 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
read$char_usb(r0, 0x0, 0x0)

program crashed: possible deadlock in chaoskey_release
single: successfully extracted reproducer
found reproducer with 3 syscalls
minimizing guilty program
testing program (duration=1m40s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:false NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_usb_connect-syz_open_dev$char_usb
detailed listing:
executing program 0:
syz_usb_connect(0x0, 0x2d, &(0x7f0000000180)=ANY=[@ANYBLOB="1201fb0019030320d812010079de01ec020109021b0001000003000904000001785ecc00090585020004"], 0x0)
syz_open_dev$char_usb(0xc, 0xb4, 0x0)

program crashed: possible deadlock in chaoskey_release
testing program (duration=1m40s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:false NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_usb_connect
detailed listing:
executing program 0:
syz_usb_connect(0x0, 0x2d, &(0x7f0000000180)=ANY=[@ANYBLOB="1201fb0019030320d812010079de01ec020109021b0001000003000904000001785ecc00090585020004"], 0x0)

program did not crash
testing program (duration=1m40s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:false NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_open_dev$char_usb
detailed listing:
executing program 0:
syz_open_dev$char_usb(0xc, 0xb4, 0x0)

program did not crash
testing program (duration=1m40s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:false NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_usb_connect-syz_open_dev$char_usb
detailed listing:
executing program 0:
syz_usb_connect(0x0, 0x2d, 0x0, 0x0)
syz_open_dev$char_usb(0xc, 0xb4, 0x0)

program did not crash
testing program (duration=1m40s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:false NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_usb_connect-syz_open_dev$char_usb
detailed listing:
executing program 0:
syz_usb_connect(0x0, 0x2d, &(0x7f0000000180)=ANY=[@ANYBLOB], 0x0)
syz_open_dev$char_usb(0xc, 0xb4, 0x0)

program did not crash
extracting C reproducer
testing compiled C program (duration=1m40s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:false NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_usb_connect-syz_open_dev$char_usb
program crashed: possible deadlock in chaoskey_release
simplifying C reproducer
testing compiled C program (duration=1m40s, {Threaded:false Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:false NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_usb_connect-syz_open_dev$char_usb
program crashed: possible deadlock in chaoskey_release
testing compiled C program (duration=1m40s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:false NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_usb_connect-syz_open_dev$char_usb
program crashed: possible deadlock in chaoskey_release
testing compiled C program (duration=1m40s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:false UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_usb_connect-syz_open_dev$char_usb
program crashed: possible deadlock in chaoskey_release
testing compiled C program (duration=1m40s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:false UseTmpDir:false HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_usb_connect-syz_open_dev$char_usb
program crashed: possible deadlock in chaoskey_release
testing compiled C program (duration=1m40s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:false UseTmpDir:false HandleSegv:false Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_usb_connect-syz_open_dev$char_usb
program crashed: possible deadlock in chaoskey_release
testing compiled C program (duration=1m40s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:false Swap:false UseTmpDir:false HandleSegv:false Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_usb_connect-syz_open_dev$char_usb
program crashed: possible deadlock in chaoskey_release
reproducing took 22m50.107939879s
repro crashed as (corrupted=false):
raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
============================================
WARNING: possible recursive locking detected
6.12.0-rc1-syzkaller-00027-g4a9fe2a8ac53 #0 Not tainted
--------------------------------------------
syz-executor110/2649 is trying to acquire lock:
ffffffff89b120e8 (chaoskey_list_lock){+.+.}-{3:3}, at: chaoskey_release+0x15d/0x2c0 drivers/usb/misc/chaoskey.c:322

but task is already holding lock:
ffffffff89b120e8 (chaoskey_list_lock){+.+.}-{3:3}, at: chaoskey_release+0x7f/0x2c0 drivers/usb/misc/chaoskey.c:299

other info that might help us debug this:
 Possible unsafe locking scenario:

       CPU0
       ----
  lock(chaoskey_list_lock);
  lock(chaoskey_list_lock);

 *** DEADLOCK ***

 May be due to missing lock nesting notation

1 lock held by syz-executor110/2649:
 #0: ffffffff89b120e8 (chaoskey_list_lock){+.+.}-{3:3}, at: chaoskey_release+0x7f/0x2c0 drivers/usb/misc/chaoskey.c:299

stack backtrace:
CPU: 1 UID: 0 PID: 2649 Comm: syz-executor110 Not tainted 6.12.0-rc1-syzkaller-00027-g4a9fe2a8ac53 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
Call Trace:
 <TASK>
 __dump_stack lib/dump_stack.c:94 [inline]
 dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:120
 print_deadlock_bug+0x2e3/0x410 kernel/locking/lockdep.c:3037
 check_deadlock kernel/locking/lockdep.c:3089 [inline]
 validate_chain kernel/locking/lockdep.c:3891 [inline]
 __lock_acquire+0x2185/0x3ce0 kernel/locking/lockdep.c:5202
 lock_acquire.part.0+0x11b/0x380 kernel/locking/lockdep.c:5825
 __mutex_lock_common kernel/locking/mutex.c:608 [inline]
 __mutex_lock+0x175/0x9c0 kernel/locking/mutex.c:752
 chaoskey_release+0x15d/0x2c0 drivers/usb/misc/chaoskey.c:322
 __fput+0x3f6/0xb60 fs/file_table.c:431
 task_work_run+0x14e/0x250 kernel/task_work.c:228
 exit_task_work include/linux/task_work.h:40 [inline]
 do_exit+0xadd/0x2ce0 kernel/exit.c:939
 do_group_exit+0xd3/0x2a0 kernel/exit.c:1088
 __do_sys_exit_group kernel/exit.c:1099 [inline]
 __se_sys_exit_group kernel/exit.c:1097 [inline]
 __x64_sys_exit_group+0x3e/0x50 kernel/exit.c:1097
 x64_sys_call+0x14a9/0x16a0 arch/x86/include/generated/asm/syscalls_64.h:232
 do_syscall_x64 arch/x86/entry/common.c:52 [inline]
 do_syscall_64+0xcd/0x250 arch/x86/entry/common.c:83
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7fcc223f1409
Code: Unable to access opcode bytes at 0x7fcc223f13df.
RSP: 002b:00007ffddbca2be8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fcc223f1409
RDX: 000000000000003c RSI: 00000000000000e7 RDI: 0000000000000000
RBP: 00007fcc2246c370 R08: ffffffffffffffb8 R09: 00007ffddbca2957
R10: 0000000000000000 R11: 0000000000000246 R12: 00007fcc2246c370
R13: 0000000000000000 R14: 00007fcc22470080 R15: 00007fcc223bf670
 </TASK>

final repro crashed as (corrupted=false):
raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
============================================
WARNING: possible recursive locking detected
6.12.0-rc1-syzkaller-00027-g4a9fe2a8ac53 #0 Not tainted
--------------------------------------------
syz-executor110/2649 is trying to acquire lock:
ffffffff89b120e8 (chaoskey_list_lock){+.+.}-{3:3}, at: chaoskey_release+0x15d/0x2c0 drivers/usb/misc/chaoskey.c:322

but task is already holding lock:
ffffffff89b120e8 (chaoskey_list_lock){+.+.}-{3:3}, at: chaoskey_release+0x7f/0x2c0 drivers/usb/misc/chaoskey.c:299

other info that might help us debug this:
 Possible unsafe locking scenario:

       CPU0
       ----
  lock(chaoskey_list_lock);
  lock(chaoskey_list_lock);

 *** DEADLOCK ***

 May be due to missing lock nesting notation

1 lock held by syz-executor110/2649:
 #0: ffffffff89b120e8 (chaoskey_list_lock){+.+.}-{3:3}, at: chaoskey_release+0x7f/0x2c0 drivers/usb/misc/chaoskey.c:299

stack backtrace:
CPU: 1 UID: 0 PID: 2649 Comm: syz-executor110 Not tainted 6.12.0-rc1-syzkaller-00027-g4a9fe2a8ac53 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
Call Trace:
 <TASK>
 __dump_stack lib/dump_stack.c:94 [inline]
 dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:120
 print_deadlock_bug+0x2e3/0x410 kernel/locking/lockdep.c:3037
 check_deadlock kernel/locking/lockdep.c:3089 [inline]
 validate_chain kernel/locking/lockdep.c:3891 [inline]
 __lock_acquire+0x2185/0x3ce0 kernel/locking/lockdep.c:5202
 lock_acquire.part.0+0x11b/0x380 kernel/locking/lockdep.c:5825
 __mutex_lock_common kernel/locking/mutex.c:608 [inline]
 __mutex_lock+0x175/0x9c0 kernel/locking/mutex.c:752
 chaoskey_release+0x15d/0x2c0 drivers/usb/misc/chaoskey.c:322
 __fput+0x3f6/0xb60 fs/file_table.c:431
 task_work_run+0x14e/0x250 kernel/task_work.c:228
 exit_task_work include/linux/task_work.h:40 [inline]
 do_exit+0xadd/0x2ce0 kernel/exit.c:939
 do_group_exit+0xd3/0x2a0 kernel/exit.c:1088
 __do_sys_exit_group kernel/exit.c:1099 [inline]
 __se_sys_exit_group kernel/exit.c:1097 [inline]
 __x64_sys_exit_group+0x3e/0x50 kernel/exit.c:1097
 x64_sys_call+0x14a9/0x16a0 arch/x86/include/generated/asm/syscalls_64.h:232
 do_syscall_x64 arch/x86/entry/common.c:52 [inline]
 do_syscall_64+0xcd/0x250 arch/x86/entry/common.c:83
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7fcc223f1409
Code: Unable to access opcode bytes at 0x7fcc223f13df.
RSP: 002b:00007ffddbca2be8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fcc223f1409
RDX: 000000000000003c RSI: 00000000000000e7 RDI: 0000000000000000
RBP: 00007fcc2246c370 R08: ffffffffffffffb8 R09: 00007ffddbca2957
R10: 0000000000000000 R11: 0000000000000246 R12: 00007fcc2246c370
R13: 0000000000000000 R14: 00007fcc22470080 R15: 00007fcc223bf670
 </TASK>