program:
statx(0xffffffffffffffff, 0x0, 0x4000, 0x200, 0x0)
ioctl$SNDRV_RAWMIDI_IOCTL_PARAMS(0xffffffffffffffff, 0xc0305710, 0x0)
syz_usb_connect(0x0, 0x24, &(0x7f0000000200)=ANY=[@ANYBLOB="120100002ec6601037210100352a010203010902120001000000000904"], 0x0)
openat$snapshot(0xffffffffffffff9c, &(0x7f00000000c0), 0x1, 0x0) (fail_nth: 11)

[   79.173300][ T5304] Bluetooth: hci0: command tx timeout
[   79.177953][ T1309] ieee802154 phy0 wpan0: encryption failed: -22
[   79.181899][ T1309] ieee802154 phy1 wpan1: encryption failed: -22
[   79.499840][ T5316] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[   79.649547][ T5316] usb 5-1: Using ep0 maxpacket: 16
[   79.657944][ T5316] usb 5-1: New USB device found, idVendor=2137, idProduct=0001, bcdDevice=2a.35
[   79.662508][ T5316] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   79.665605][ T5316] usb 5-1: Product: syz
[   79.667243][ T5316] usb 5-1: Manufacturer: syz
[   79.668954][ T5316] usb 5-1: SerialNumber: syz
[   79.676205][ T5316] usb 5-1: config 0 descriptor??
[   79.687438][ T5316] as10x_usb: device has been detected
[   79.701561][ T5316] dvbdev: DVB: registering new adapter (Sky IT Digital Key (green led))
[   79.718070][ T5316] usb 5-1: DVB: registering adapter 1 frontend 0 (Sky IT Digital Key (green led))...
[   79.744103][ T5316] as10x_usb: error during firmware upload part1
[   79.747045][ T5316] Registered device Sky IT Digital Key (green led)
[   79.884361][ T5319] random: crng reseeded on system resumption
[   79.893494][ T5319] FAULT_INJECTION: forcing a failure.
[   79.893494][ T5319] name failslab, interval 1, probability 0, space 0, times 1
[   79.898082][ T5319] CPU: 0 UID: 0 PID: 5319 Comm: syz.0.0 Not tainted 6.14.0-rc6-syzkaller-00212-geb88e6bfbc0a #0
[   79.898098][ T5319] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   79.898104][ T5319] Call Trace:
[   79.898109][ T5319]  <TASK>
[   79.898114][ T5319]  dump_stack_lvl+0x241/0x360
[   79.898217][ T5319]  ? __pfx_dump_stack_lvl+0x10/0x10
[   79.898228][ T5319]  ? __pfx__printk+0x10/0x10
[   79.898246][ T5319]  should_fail_ex+0x40a/0x550
[   79.898294][ T5319]  ? __pfx___async_dev_cache_fw_image+0x10/0x10
[   79.898310][ T5319]  should_failslab+0xac/0x100
[   79.898327][ T5319]  __kmalloc_cache_noprof+0x70/0x390
[   79.898342][ T5319]  ? async_schedule_node_domain+0x5c/0x110
[   79.898356][ T5319]  ? __pfx___async_dev_cache_fw_image+0x10/0x10
[   79.898369][ T5319]  async_schedule_node_domain+0x5c/0x110
[   79.898384][ T5319]  dev_cache_fw_image+0x36d/0x3e0
[   79.898400][ T5319]  ? __pfx_dev_cache_fw_image+0x10/0x10
[   79.898412][ T5319]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[   79.898472][ T5319]  ? __pfx_dev_cache_fw_image+0x10/0x10
[   79.898484][ T5319]  dpm_for_each_dev+0x58/0xc0
[   79.898500][ T5319]  fw_pm_notify+0x24a/0x2f0
[   79.898514][ T5319]  ? __pfx_fw_pm_notify+0x10/0x10
[   79.898526][ T5319]  ? rcu_is_watching+0x15/0xb0
[   79.898538][ T5319]  ? __pfx_autoremove_wake_function+0x10/0x10
[   79.898554][ T5319]  ? __mutex_lock+0x397/0x1010
[   79.898577][ T5319]  ? rcu_is_watching+0x15/0xb0
[   79.898593][ T5319]  notifier_call_chain+0x1a5/0x3f0
[   79.898614][ T5319]  blocking_notifier_call_chain_robust+0xe8/0x1e0
[   79.898632][ T5319]  ? __pfx_blocking_notifier_call_chain_robust+0x10/0x10
[   79.898649][ T5319]  ? chrdev_open+0x36e/0x600
[   79.898668][ T5319]  pm_notifier_call_chain_robust+0x2c/0x60
[   79.898687][ T5319]  snapshot_open+0x132/0x280
[   79.898702][ T5319]  ? __pfx_snapshot_open+0x10/0x10
[   79.898719][ T5319]  misc_open+0x2cc/0x340
[   79.898737][ T5319]  chrdev_open+0x521/0x600
[   79.898754][ T5319]  ? __pfx_chrdev_open+0x10/0x10
[   79.898769][ T5319]  ? file_set_fsnotify_mode_from_watchers+0x123/0x640
[   79.898786][ T5319]  ? __pfx_chrdev_open+0x10/0x10
[   79.898799][ T5319]  do_dentry_open+0xdec/0x1960
[   79.898819][ T5319]  ? vfs_open+0x31/0x370
[   79.898836][ T5319]  vfs_open+0x3b/0x370
[   79.898851][ T5319]  path_openat+0x2c81/0x3590
[   79.898893][ T5319]  ? __pfx_path_openat+0x10/0x10
[   79.898917][ T5319]  do_filp_open+0x27f/0x4e0
[   79.898930][ T5319]  ? __pfx_do_filp_open+0x10/0x10
[   79.898939][ T5319]  ? do_raw_spin_lock+0x14f/0x370
[   79.898975][ T5319]  do_sys_openat2+0x13e/0x1d0
[   79.898992][ T5319]  ? __pfx_do_sys_openat2+0x10/0x10
[   79.899005][ T5319]  ? __fget_files+0x2a/0x410
[   79.899022][ T5319]  ? __fget_files+0x2a/0x410
[   79.899041][ T5319]  __x64_sys_openat+0x247/0x2a0
[   79.899058][ T5319]  ? __pfx___x64_sys_openat+0x10/0x10
[   79.899074][ T5319]  ? do_syscall_64+0x100/0x230
[   79.899090][ T5319]  ? do_syscall_64+0xb6/0x230
[   79.899105][ T5319]  do_syscall_64+0xf3/0x230
[   79.899119][ T5319]  ? clear_bhb_loop+0x35/0x90
[   79.899138][ T5319]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   79.899152][ T5319] RIP: 0033:0x7fbce638d169
[   79.899165][ T5319] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   79.899173][ T5319] RSP: 002b:00007fbce7297038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[   79.899186][ T5319] RAX: ffffffffffffffda RBX: 00007fbce65a5fa0 RCX: 00007fbce638d169
[   79.899194][ T5319] RDX: 0000000000000001 RSI: 00004000000000c0 RDI: ffffffffffffff9c
[   79.899200][ T5319] RBP: 00007fbce7297090 R08: 0000000000000000 R09: 0000000000000000
[   79.899206][ T5319] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   79.899212][ T5319] R13: 0000000000000000 R14: 00007fbce65a5fa0 R15: 00007ffeb79942e8
[   79.899229][ T5319]  </TASK>
[   80.051596][ T5319] 
[   80.052642][ T5319] ============================================
[   80.055080][ T5319] WARNING: possible recursive locking detected
[   80.057465][ T5319] 6.14.0-rc6-syzkaller-00212-geb88e6bfbc0a #0 Not tainted
[   80.060090][ T5319] --------------------------------------------
[   80.062474][ T5319] syz.0.0/5319 is trying to acquire lock:
[   80.064454][ T5319] ffffffff8f4e8748 (fw_lock){+.+.}-{4:4}, at: assign_fw+0x56/0x890
[   80.067503][ T5319] 
[   80.067503][ T5319] but task is already holding lock:
[   80.070224][ T5319] ffffffff8f4e8748 (fw_lock){+.+.}-{4:4}, at: fw_pm_notify+0x232/0x2f0
[   80.073212][ T5319] 
[   80.073212][ T5319] other info that might help us debug this:
[   80.076131][ T5319]  Possible unsafe locking scenario:
[   80.076131][ T5319] 
[   80.079057][ T5319]        CPU0
[   80.080349][ T5319]        ----
[   80.081673][ T5319]   lock(fw_lock);
[   80.083145][ T5319]   lock(fw_lock);
[   80.084618][ T5319] 
[   80.084618][ T5319]  *** DEADLOCK ***
[   80.084618][ T5319] 
[   80.087811][ T5319]  May be due to missing lock nesting notation
[   80.087811][ T5319] 
[   80.093779][ T5319] 5 locks held by syz.0.0/5319:
[   80.095634][ T5319]  #0: ffffffff8f39a6c8 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x54/0x340
[   80.098872][ T5319]  #1: ffffffff8e9ed368 (system_transition_mutex){+.+.}-{4:4}, at: lock_system_sleep+0x60/0xa0
[   80.102879][ T5319]  #2: ffffffff8ea0cbf0 ((pm_chain_head).rwsem){++++}-{4:4}, at: blocking_notifier_call_chain_robust+0xac/0x1e0
[   80.107675][ T5319]  #3: ffffffff8f4e8748 (fw_lock){+.+.}-{4:4}, at: fw_pm_notify+0x232/0x2f0
[   80.111084][ T5319]  #4: ffffffff8f4e39c8 (dpm_list_mtx){+.+.}-{4:4}, at: dpm_for_each_dev+0x2b/0xc0
[   80.114654][ T5319] 
[   80.114654][ T5319] stack backtrace:
[   80.116999][ T5319] CPU: 0 UID: 0 PID: 5319 Comm: syz.0.0 Not tainted 6.14.0-rc6-syzkaller-00212-geb88e6bfbc0a #0
[   80.117013][ T5319] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   80.117019][ T5319] Call Trace:
[   80.117028][ T5319]  <TASK>
[   80.117033][ T5319]  dump_stack_lvl+0x241/0x360
[   80.117048][ T5319]  ? __pfx_dump_stack_lvl+0x10/0x10
[   80.117058][ T5319]  ? __pfx__printk+0x10/0x10
[   80.117072][ T5319]  ? lockdep_unlock+0x16a/0x300
[   80.117087][ T5319]  print_deadlock_bug+0x483/0x620
[   80.117098][ T5319]  ? validate_chain+0x11e/0x5920
[   80.117108][ T5319]  validate_chain+0x15e2/0x5920
[   80.117119][ T5319]  ? mark_lock+0x9a/0x360
[   80.117131][ T5319]  ? __pfx_validate_chain+0x10/0x10
[   80.117142][ T5319]  ? __lock_acquire+0x1397/0x2100
[   80.117159][ T5319]  ? mark_lock+0x9a/0x360
[   80.117168][ T5319]  ? mark_lock+0x9a/0x360
[   80.117178][ T5319]  __lock_acquire+0x1397/0x2100
[   80.117195][ T5319]  lock_acquire+0x1ed/0x550
[   80.117208][ T5319]  ? assign_fw+0x56/0x890
[   80.117220][ T5319]  ? __pfx_lock_acquire+0x10/0x10
[   80.117230][ T5319]  ? __pfx___might_resched+0x10/0x10
[   80.117239][ T5319]  ? kasan_save_track+0x51/0x80
[   80.117248][ T5319]  ? kasan_save_track+0x3f/0x80
[   80.117256][ T5319]  ? kasan_save_free_info+0x40/0x50
[   80.117269][ T5319]  ? __kasan_slab_free+0x59/0x70
[   80.117279][ T5319]  ? kmem_cache_free+0x195/0x410
[   80.117291][ T5319]  ? __async_dev_cache_fw_image+0xe7/0x320
[   80.117303][ T5319]  ? async_schedule_node_domain+0xdc/0x110
[   80.117315][ T5319]  ? dev_cache_fw_image+0x36d/0x3e0
[   80.117326][ T5319]  ? fw_pm_notify+0x24a/0x2f0
[   80.117338][ T5319]  __mutex_lock+0x19c/0x1010
[   80.117352][ T5319]  ? assign_fw+0x56/0x890
[   80.117362][ T5319]  ? do_sys_openat2+0x13e/0x1d0
[   80.117399][ T5319]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   80.117415][ T5319]  ? assign_fw+0x56/0x890
[   80.117425][ T5319]  ? __pfx___mutex_lock+0x10/0x10
[   80.117437][ T5319]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[   80.117452][ T5319]  ? kasan_quarantine_put+0xdc/0x230
[   80.117462][ T5319]  ? lockdep_hardirqs_on+0x99/0x150
[   80.117475][ T5319]  assign_fw+0x56/0x890
[   80.117485][ T5319]  ? kmem_cache_free+0x195/0x410
[   80.117497][ T5319]  ? _request_firmware+0xdac/0x1430
[   80.117509][ T5319]  _request_firmware+0xe75/0x1430
[   80.117523][ T5319]  ? __pfx__request_firmware+0x10/0x10
[   80.117535][ T5319]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[   80.117548][ T5319]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   80.117562][ T5319]  __async_dev_cache_fw_image+0xe7/0x320
[   80.117575][ T5319]  ? __pfx___async_dev_cache_fw_image+0x10/0x10
[   80.117587][ T5319]  ? rcu_is_watching+0x15/0xb0
[   80.117598][ T5319]  ? async_schedule_node_domain+0xa3/0x110
[   80.117609][ T5319]  ? kfree+0x4e/0x430
[   80.117620][ T5319]  ? __kmalloc_cache_noprof+0x243/0x390
[   80.117632][ T5319]  ? async_schedule_node_domain+0x5c/0x110
[   80.117644][ T5319]  ? __pfx___async_dev_cache_fw_image+0x10/0x10
[   80.117657][ T5319]  async_schedule_node_domain+0xdc/0x110
[   80.117669][ T5319]  dev_cache_fw_image+0x36d/0x3e0
[   80.117682][ T5319]  ? __pfx_dev_cache_fw_image+0x10/0x10
[   80.117693][ T5319]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[   80.117707][ T5319]  ? __pfx_dev_cache_fw_image+0x10/0x10
[   80.117719][ T5319]  dpm_for_each_dev+0x58/0xc0
[   80.117732][ T5319]  fw_pm_notify+0x24a/0x2f0
[   80.117744][ T5319]  ? __pfx_fw_pm_notify+0x10/0x10
[   80.117754][ T5319]  ? rcu_is_watching+0x15/0xb0
[   80.117764][ T5319]  ? __pfx_autoremove_wake_function+0x10/0x10
[   80.117778][ T5319]  ? __mutex_lock+0x397/0x1010
[   80.117791][ T5319]  ? rcu_is_watching+0x15/0xb0
[   80.117802][ T5319]  notifier_call_chain+0x1a5/0x3f0
[   80.117817][ T5319]  blocking_notifier_call_chain_robust+0xe8/0x1e0
[   80.117831][ T5319]  ? __pfx_blocking_notifier_call_chain_robust+0x10/0x10
[   80.117844][ T5319]  ? chrdev_open+0x36e/0x600
[   80.117857][ T5319]  pm_notifier_call_chain_robust+0x2c/0x60
[   80.117873][ T5319]  snapshot_open+0x132/0x280
[   80.117887][ T5319]  ? __pfx_snapshot_open+0x10/0x10
[   80.117901][ T5319]  misc_open+0x2cc/0x340
[   80.117915][ T5319]  chrdev_open+0x521/0x600
[   80.117927][ T5319]  ? __pfx_chrdev_open+0x10/0x10
[   80.117939][ T5319]  ? file_set_fsnotify_mode_from_watchers+0x123/0x640
[   80.117953][ T5319]  ? __pfx_chrdev_open+0x10/0x10
[   80.117965][ T5319]  do_dentry_open+0xdec/0x1960
[   80.117979][ T5319]  ? vfs_open+0x31/0x370
[   80.117991][ T5319]  vfs_open+0x3b/0x370
[   80.118004][ T5319]  path_openat+0x2c81/0x3590
[   80.118020][ T5319]  ? __pfx_path_openat+0x10/0x10
[   80.118032][ T5319]  do_filp_open+0x27f/0x4e0
[   80.118043][ T5319]  ? __pfx_do_filp_open+0x10/0x10
[   80.118052][ T5319]  ? do_raw_spin_lock+0x14f/0x370
[   80.118076][ T5319]  do_sys_openat2+0x13e/0x1d0
[   80.118089][ T5319]  ? __pfx_do_sys_openat2+0x10/0x10
[   80.118101][ T5319]  ? __fget_files+0x2a/0x410
[   80.118115][ T5319]  ? __fget_files+0x2a/0x410
[   80.118129][ T5319]  __x64_sys_openat+0x247/0x2a0
[   80.118143][ T5319]  ? __pfx___x64_sys_openat+0x10/0x10
[   80.118157][ T5319]  ? do_syscall_64+0x100/0x230
[   80.118170][ T5319]  ? do_syscall_64+0xb6/0x230
[   80.118183][ T5319]  do_syscall_64+0xf3/0x230
[   80.118196][ T5319]  ? clear_bhb_loop+0x35/0x90
[   80.118210][ T5319]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   80.118222][ T5319] RIP: 0033:0x7fbce638d169
[   80.118233][ T5319] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   80.118241][ T5319] RSP: 002b:00007fbce7297038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[   80.118253][ T5319] RAX: ffffffffffffffda RBX: 00007fbce65a5fa0 RCX: 00007fbce638d169
[   80.118260][ T5319] RDX: 0000000000000001 RSI: 00004000000000c0 RDI: ffffffffffffff9c
[   80.118267][ T5319] RBP: 00007fbce7297090 R08: 0000000000000000 R09: 0000000000000000
[   80.118273][ T5319] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   80.118278][ T5319] R13: 0000000000000000 R14: 00007fbce65a5fa0 R15: 00007ffeb79942e8
[   80.118288][ T5319]  </TASK>
[   81.179599][ T4663] Bluetooth: hci0: command tx timeout
[   83.260037][ T4663] Bluetooth: hci0: command tx timeout
[   85.339684][ T4663] Bluetooth: hci0: command tx timeout