program:
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, 0x0)
syz_usb_connect(0x0, 0x24, &(0x7f0000000200)=ANY=[@ANYBLOB="120100002ec6601037210100352a010203010902120001000000000904"], 0x0)
openat$snapshot(0xffffffffffffff9c, &(0x7f00000000c0), 0x1, 0x0) (fail_nth: 8)

[   75.386453][ T4686] Bluetooth: hci0: command tx timeout
[   75.741984][ T5334] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[   75.906590][ T5334] usb 5-1: Using ep0 maxpacket: 16
[   75.915510][ T5334] usb 5-1: New USB device found, idVendor=2137, idProduct=0001, bcdDevice=2a.35
[   75.918851][ T5334] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   75.921596][ T5334] usb 5-1: Product: syz
[   75.924228][ T5334] usb 5-1: Manufacturer: syz
[   75.925917][ T5334] usb 5-1: SerialNumber: syz
[   75.938226][ T5334] usb 5-1: config 0 descriptor??
[   75.949941][ T5334] as10x_usb: device has been detected
[   75.953307][ T5334] dvbdev: DVB: registering new adapter (Sky IT Digital Key (green led))
[   75.973986][ T5334] usb 5-1: DVB: registering adapter 1 frontend 0 (Sky IT Digital Key (green led))...
[   75.999126][ T5334] as10x_usb: error during firmware upload part1
[   76.003512][ T5334] Registered device Sky IT Digital Key (green led)
[   76.144977][ T5341] random: crng reseeded on system resumption
[   76.153774][ T5341] FAULT_INJECTION: forcing a failure.
[   76.153774][ T5341] name failslab, interval 1, probability 0, space 0, times 1
[   76.158475][ T5341] CPU: 0 UID: 0 PID: 5341 Comm: syz.0.0 Not tainted 6.12.0-syzkaller-10296-gaaf20f870da0 #0
[   76.162270][ T5341] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   76.166369][ T5341] Call Trace:
[   76.167678][ T5341]  <TASK>
[   76.168854][ T5341]  dump_stack_lvl+0x241/0x360
[   76.170838][ T5341]  ? __pfx_dump_stack_lvl+0x10/0x10
[   76.172714][ T5341]  ? __pfx__printk+0x10/0x10
[   76.174543][ T5341]  should_fail_ex+0x3b0/0x4e0
[   76.176391][ T5341]  ? __pfx___async_dev_cache_fw_image+0x10/0x10
[   76.178730][ T5341]  should_failslab+0xac/0x100
[   76.180592][ T5341]  __kmalloc_cache_noprof+0x70/0x390
[   76.182703][ T5341]  ? async_schedule_node_domain+0x5c/0x110
[   76.184991][ T5341]  ? __pfx___async_dev_cache_fw_image+0x10/0x10
[   76.187344][ T5341]  async_schedule_node_domain+0x5c/0x110
[   76.189475][ T5341]  dev_cache_fw_image+0x36d/0x3e0
[   76.191430][ T5341]  ? __pfx_dev_cache_fw_image+0x10/0x10
[   76.193470][ T5341]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[   76.195797][ T5341]  ? blake2s_update+0x1a5/0x280
[   76.197725][ T5341]  ? __pfx_dev_cache_fw_image+0x10/0x10
[   76.199835][ T5341]  dpm_for_each_dev+0x58/0xc0
[   76.201713][ T5341]  fw_pm_notify+0x24a/0x2f0
[   76.203418][ T5341]  ? __pfx_fw_pm_notify+0x10/0x10
[   76.205289][ T5341]  ? rcu_is_watching+0x15/0xb0
[   76.207251][ T5341]  ? __pfx_autoremove_wake_function+0x10/0x10
[   76.209514][ T5341]  ? __mutex_lock+0x37f/0xee0
[   76.211159][ T5341]  ? rcu_is_watching+0x15/0xb0
[   76.212880][ T5341]  notifier_call_chain+0x19f/0x3e0
[   76.214792][ T5341]  blocking_notifier_call_chain_robust+0xe8/0x1e0
[   76.217173][ T5341]  ? __pfx_blocking_notifier_call_chain_robust+0x10/0x10
[   76.219670][ T5341]  ? chrdev_open+0x36e/0x600
[   76.221438][ T5341]  pm_notifier_call_chain_robust+0x2c/0x60
[   76.223637][ T5341]  snapshot_open+0x132/0x280
[   76.225388][ T5341]  ? __pfx_snapshot_open+0x10/0x10
[   76.227292][ T5341]  misc_open+0x2cc/0x340
[   76.228925][ T5341]  chrdev_open+0x521/0x600
[   76.230749][ T5341]  ? __pfx_chrdev_open+0x10/0x10
[   76.232685][ T5341]  ? do_raw_spin_unlock+0x58/0x8b0
[   76.234713][ T5341]  ? __pfx_chrdev_open+0x10/0x10
[   76.236575][ T5341]  do_dentry_open+0xbe1/0x1b70
[   76.238397][ T5341]  vfs_open+0x3e/0x330
[   76.239980][ T5341]  path_openat+0x2c84/0x3590
[   76.241691][ T5341]  ? __pfx_path_openat+0x10/0x10
[   76.243523][ T5341]  do_filp_open+0x27f/0x4e0
[   76.245154][ T5341]  ? __pfx_do_filp_open+0x10/0x10
[   76.247000][ T5341]  ? do_raw_spin_lock+0x14f/0x370
[   76.248802][ T5341]  do_sys_openat2+0x13e/0x1d0
[   76.250529][ T5341]  ? __pfx_do_sys_openat2+0x10/0x10
[   76.252291][ T5341]  ? __fget_files+0x2a/0x410
[   76.253957][ T5341]  ? __fget_files+0x2a/0x410
[   76.255721][ T5341]  __x64_sys_openat+0x247/0x2a0
[   76.257650][ T5341]  ? __pfx___x64_sys_openat+0x10/0x10
[   76.259956][ T5341]  ? do_syscall_64+0x100/0x230
[   76.262079][ T5341]  ? do_syscall_64+0xb6/0x230
[   76.264057][ T5341]  do_syscall_64+0xf3/0x230
[   76.265689][ T5341]  ? clear_bhb_loop+0x35/0x90
[   76.267171][ T5341]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   76.269160][ T5341] RIP: 0033:0x7efdc5780809
[   76.270734][ T5341] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   76.277261][ T5341] RSP: 002b:00007efdc6634058 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[   76.280443][ T5341] RAX: ffffffffffffffda RBX: 00007efdc5945fa0 RCX: 00007efdc5780809
[   76.283380][ T5341] RDX: 0000000000000001 RSI: 00000000200000c0 RDI: ffffffffffffff9c
[   76.286208][ T5341] RBP: 00007efdc66340a0 R08: 0000000000000000 R09: 0000000000000000
[   76.289004][ T5341] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   76.291845][ T5341] R13: 0000000000000000 R14: 00007efdc5945fa0 R15: 00007fff0d397148
[   76.294775][ T5341]  </TASK>
[   76.300018][ T1308] ieee802154 phy0 wpan0: encryption failed: -22
[   76.302570][ T1308] ieee802154 phy1 wpan1: encryption failed: -22
[   76.318157][ T5341] 
[   76.319215][ T5341] ============================================
[   76.321451][ T5341] WARNING: possible recursive locking detected
[   76.323782][ T5341] 6.12.0-syzkaller-10296-gaaf20f870da0 #0 Not tainted
[   76.326271][ T5341] --------------------------------------------
[   76.328515][ T5341] syz.0.0/5341 is trying to acquire lock:
[   76.330673][ T5341] ffffffff8f2ef608 (fw_lock){+.+.}-{4:4}, at: assign_fw+0x56/0x890
[   76.333575][ T5341] 
[   76.333575][ T5341] but task is already holding lock:
[   76.336325][ T5341] ffffffff8f2ef608 (fw_lock){+.+.}-{4:4}, at: fw_pm_notify+0x232/0x2f0
[   76.339371][ T5341] 
[   76.339371][ T5341] other info that might help us debug this:
[   76.342196][ T5341]  Possible unsafe locking scenario:
[   76.342196][ T5341] 
[   76.344928][ T5341]        CPU0
[   76.346300][ T5341]        ----
[   76.347612][ T5341]   lock(fw_lock);
[   76.349105][ T5341]   lock(fw_lock);
[   76.350589][ T5341] 
[   76.350589][ T5341]  *** DEADLOCK ***
[   76.350589][ T5341] 
[   76.353540][ T5341]  May be due to missing lock nesting notation
[   76.353540][ T5341] 
[   76.356702][ T5341] 5 locks held by syz.0.0/5341:
[   76.358446][ T5341]  #0: ffffffff8f19f8c8 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x54/0x340
[   76.361488][ T5341]  #1: ffffffff8e7ef588 (system_transition_mutex){+.+.}-{4:4}, at: lock_system_sleep+0x60/0xa0
[   76.365430][ T5341]  #2: ffffffff8e80f810 ((pm_chain_head).rwsem){++++}-{4:4}, at: blocking_notifier_call_chain_robust+0xac/0x1e0
[   76.370748][ T5341]  #3: ffffffff8f2ef608 (fw_lock){+.+.}-{4:4}, at: fw_pm_notify+0x232/0x2f0
[   76.374732][ T5341]  #4: ffffffff8f2ea6a8 (dpm_list_mtx){+.+.}-{4:4}, at: dpm_for_each_dev+0x2b/0xc0
[   76.378516][ T5341] 
[   76.378516][ T5341] stack backtrace:
[   76.381343][ T5341] CPU: 0 UID: 0 PID: 5341 Comm: syz.0.0 Not tainted 6.12.0-syzkaller-10296-gaaf20f870da0 #0
[   76.385413][ T5341] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   76.389346][ T5341] Call Trace:
[   76.390596][ T5341]  <TASK>
[   76.391750][ T5341]  dump_stack_lvl+0x241/0x360
[   76.393476][ T5341]  ? __pfx_dump_stack_lvl+0x10/0x10
[   76.395410][ T5341]  ? __pfx__printk+0x10/0x10
[   76.397171][ T5341]  ? lockdep_unlock+0x16a/0x300
[   76.399012][ T5341]  print_deadlock_bug+0x483/0x620
[   76.400967][ T5341]  ? validate_chain+0x11e/0x5920
[   76.402852][ T5341]  validate_chain+0x15e2/0x5920
[   76.404685][ T5341]  ? mark_lock+0x9a/0x360
[   76.406310][ T5341]  ? __pfx_validate_chain+0x10/0x10
[   76.408221][ T5341]  ? mark_lock+0x9a/0x360
[   76.409881][ T5341]  ? __lock_acquire+0x1397/0x2100
[   76.411726][ T5341]  ? mark_lock+0x9a/0x360
[   76.413384][ T5341]  __lock_acquire+0x1397/0x2100
[   76.415297][ T5341]  lock_acquire+0x1ed/0x550
[   76.417000][ T5341]  ? assign_fw+0x56/0x890
[   76.418546][ T5341]  ? __pfx_lock_acquire+0x10/0x10
[   76.420446][ T5341]  ? __pfx___might_resched+0x10/0x10
[   76.422805][ T5341]  ? kasan_save_track+0x51/0x80
[   76.425056][ T5341]  ? kasan_save_track+0x3f/0x80
[   76.427407][ T5341]  ? kasan_save_free_info+0x40/0x50
[   76.429888][ T5341]  ? __kasan_slab_free+0x59/0x70
[   76.432147][ T5341]  ? kmem_cache_free+0x195/0x410
[   76.434395][ T5341]  ? __async_dev_cache_fw_image+0xe7/0x320
[   76.437259][ T5341]  ? async_schedule_node_domain+0xdc/0x110
[   76.439989][ T5341]  ? dev_cache_fw_image+0x36d/0x3e0
[   76.442389][ T5341]  ? fw_pm_notify+0x24a/0x2f0
[   76.444565][ T5341]  __mutex_lock+0x1ac/0xee0
[   76.446713][ T5341]  ? assign_fw+0x56/0x890
[   76.448595][ T5341]  ? do_syscall_64+0xf3/0x230
[   76.450350][ T5341]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   76.452486][ T5341]  ? mark_lock+0x9a/0x360
[   76.454220][ T5341]  ? assign_fw+0x56/0x890
[   76.455824][ T5341]  ? __pfx___mutex_lock+0x10/0x10
[   76.457763][ T5341]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[   76.460085][ T5341]  ? kasan_quarantine_put+0xdc/0x230
[   76.462039][ T5341]  ? lockdep_hardirqs_on+0x99/0x150
[   76.464029][ T5341]  assign_fw+0x56/0x890
[   76.465546][ T5341]  ? kmem_cache_free+0x195/0x410
[   76.467435][ T5341]  ? _request_firmware+0xd5a/0x13b0
[   76.469408][ T5341]  _request_firmware+0xe16/0x13b0
[   76.471256][ T5341]  ? __pfx__request_firmware+0x10/0x10
[   76.473249][ T5341]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[   76.475546][ T5341]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   76.477980][ T5341]  __async_dev_cache_fw_image+0xe7/0x320
[   76.480125][ T5341]  ? __pfx___async_dev_cache_fw_image+0x10/0x10
[   76.482396][ T5341]  ? rcu_is_watching+0x15/0xb0
[   76.484115][ T5341]  ? async_schedule_node_domain+0xa3/0x110
[   76.486293][ T5341]  ? kfree+0x4e/0x420
[   76.487744][ T5341]  ? __kmalloc_cache_noprof+0x243/0x390
[   76.489784][ T5341]  ? async_schedule_node_domain+0x5c/0x110
[   76.491960][ T5341]  ? __pfx___async_dev_cache_fw_image+0x10/0x10
[   76.494194][ T5341]  async_schedule_node_domain+0xdc/0x110
[   76.496198][ T5341]  dev_cache_fw_image+0x36d/0x3e0
[   76.498017][ T5341]  ? __pfx_dev_cache_fw_image+0x10/0x10
[   76.499987][ T5341]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[   76.502306][ T5341]  ? blake2s_update+0x1a5/0x280
[   76.504235][ T5341]  ? __pfx_dev_cache_fw_image+0x10/0x10
[   76.506395][ T5341]  dpm_for_each_dev+0x58/0xc0
[   76.508170][ T5341]  fw_pm_notify+0x24a/0x2f0
[   76.509792][ T5341]  ? __pfx_fw_pm_notify+0x10/0x10
[   76.511752][ T5341]  ? rcu_is_watching+0x15/0xb0
[   76.513604][ T5341]  ? __pfx_autoremove_wake_function+0x10/0x10
[   76.515928][ T5341]  ? __mutex_lock+0x37f/0xee0
[   76.517758][ T5341]  ? rcu_is_watching+0x15/0xb0
[   76.519620][ T5341]  notifier_call_chain+0x19f/0x3e0
[   76.521551][ T5341]  blocking_notifier_call_chain_robust+0xe8/0x1e0
[   76.524041][ T5341]  ? __pfx_blocking_notifier_call_chain_robust+0x10/0x10
[   76.526723][ T5341]  ? chrdev_open+0x36e/0x600
[   76.528453][ T5341]  pm_notifier_call_chain_robust+0x2c/0x60
[   76.530724][ T5341]  snapshot_open+0x132/0x280
[   76.532522][ T5341]  ? __pfx_snapshot_open+0x10/0x10
[   76.534429][ T5341]  misc_open+0x2cc/0x340
[   76.535727][ T5341]  chrdev_open+0x521/0x600
[   76.537361][ T5341]  ? __pfx_chrdev_open+0x10/0x10
[   76.539282][ T5341]  ? do_raw_spin_unlock+0x58/0x8b0
[   76.541199][ T5341]  ? __pfx_chrdev_open+0x10/0x10
[   76.543179][ T5341]  do_dentry_open+0xbe1/0x1b70
[   76.545032][ T5341]  vfs_open+0x3e/0x330
[   76.546709][ T5341]  path_openat+0x2c84/0x3590
[   76.548245][ T5341]  ? __pfx_path_openat+0x10/0x10
[   76.550060][ T5341]  do_filp_open+0x27f/0x4e0
[   76.551787][ T5341]  ? __pfx_do_filp_open+0x10/0x10
[   76.553622][ T5341]  ? do_raw_spin_lock+0x14f/0x370
[   76.555540][ T5341]  do_sys_openat2+0x13e/0x1d0
[   76.557183][ T5341]  ? __pfx_do_sys_openat2+0x10/0x10
[   76.559281][ T5341]  ? __fget_files+0x2a/0x410
[   76.561105][ T5341]  ? __fget_files+0x2a/0x410
[   76.562964][ T5341]  __x64_sys_openat+0x247/0x2a0
[   76.564876][ T5341]  ? __pfx___x64_sys_openat+0x10/0x10
[   76.566831][ T5341]  ? do_syscall_64+0x100/0x230
[   76.568622][ T5341]  ? do_syscall_64+0xb6/0x230
[   76.570420][ T5341]  do_syscall_64+0xf3/0x230
[   76.572157][ T5341]  ? clear_bhb_loop+0x35/0x90
[   76.573906][ T5341]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   76.576138][ T5341] RIP: 0033:0x7efdc5780809
[   76.577766][ T5341] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   76.584998][ T5341] RSP: 002b:00007efdc6634058 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[   76.588211][ T5341] RAX: ffffffffffffffda RBX: 00007efdc5945fa0 RCX: 00007efdc5780809
[   76.590978][ T5341] RDX: 0000000000000001 RSI: 00000000200000c0 RDI: ffffffffffffff9c
[   76.593964][ T5341] RBP: 00007efdc66340a0 R08: 0000000000000000 R09: 0000000000000000
[   76.596968][ T5341] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   76.599841][ T5341] R13: 0000000000000000 R14: 00007efdc5945fa0 R15: 00007fff0d397148
[   76.602664][ T5341]  </TASK>
[   77.422197][ T4686] Bluetooth: hci0: command tx timeout
[   79.502452][ T4686] Bluetooth: hci0: command tx timeout
[   81.582057][ T4686] Bluetooth: hci0: command tx timeout