program:
syz_usb_connect(0x0, 0x24, &(0x7f0000000200)=ANY=[@ANYBLOB="120100002ec6601037210100352a010203010902120001000000000904"], 0x0)
openat$snapshot(0xffffffffffffff9c, &(0x7f00000000c0), 0x1, 0x0) (fail_nth: 8)
[ 68.307964][ T48] Bluetooth: hci0: command tx timeout
[ 68.606591][ T8] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[ 68.756627][ T8] usb 5-1: Using ep0 maxpacket: 16
[ 68.765063][ T8] usb 5-1: New USB device found, idVendor=2137, idProduct=0001, bcdDevice=2a.35
[ 68.768773][ T8] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 68.771653][ T8] usb 5-1: Product: syz
[ 68.773242][ T8] usb 5-1: Manufacturer: syz
[ 68.775000][ T8] usb 5-1: SerialNumber: syz
[ 68.787074][ T8] usb 5-1: config 0 descriptor??
[ 68.799378][ T8] as10x_usb: device has been detected
[ 68.810280][ T8] dvbdev: DVB: registering new adapter (Sky IT Digital Key (green led))
[ 68.825559][ T8] usb 5-1: DVB: registering adapter 1 frontend 0 (Sky IT Digital Key (green led))...
[ 68.848212][ T8] as10x_usb: error during firmware upload part1
[ 68.851117][ T8] Registered device Sky IT Digital Key (green led)
[ 68.993343][ T5314] random: crng reseeded on system resumption
[ 69.002748][ T5314] FAULT_INJECTION: forcing a failure.
[ 69.002748][ T5314] name failslab, interval 1, probability 0, space 0, times 1
[ 69.008883][ T5314] CPU: 0 UID: 0 PID: 5314 Comm: syz.0.0 Not tainted 6.13.0-rc5-syzkaller-00004-gccb98ccef0e5 #0
[ 69.012814][ T5314] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 69.016683][ T5314] Call Trace:
[ 69.017945][ T5314]
[ 69.019052][ T5314] dump_stack_lvl+0x241/0x360
[ 69.021123][ T5314] ? __pfx_dump_stack_lvl+0x10/0x10
[ 69.024107][ T5314] ? __pfx__printk+0x10/0x10
[ 69.025996][ T5314] should_fail_ex+0x3b0/0x4e0
[ 69.028598][ T5314] ? __pfx___async_dev_cache_fw_image+0x10/0x10
[ 69.030943][ T5314] should_failslab+0xac/0x100
[ 69.032729][ T5314] __kmalloc_cache_noprof+0x70/0x390
[ 69.034410][ T5314] ? async_schedule_node_domain+0x5c/0x110
[ 69.036407][ T5314] ? __pfx___async_dev_cache_fw_image+0x10/0x10
[ 69.038727][ T5314] async_schedule_node_domain+0x5c/0x110
[ 69.040745][ T5314] dev_cache_fw_image+0x36d/0x3e0
[ 69.042537][ T5314] ? __pfx_dev_cache_fw_image+0x10/0x10
[ 69.044477][ T5314] ? _raw_spin_unlock_irqrestore+0xdd/0x140
[ 69.046549][ T5314] ? blake2s_update+0x1a5/0x280
[ 69.048249][ T5314] ? __pfx_dev_cache_fw_image+0x10/0x10
[ 69.050097][ T5314] dpm_for_each_dev+0x58/0xc0
[ 69.051794][ T5314] fw_pm_notify+0x24a/0x2f0
[ 69.053414][ T5314] ? __pfx_fw_pm_notify+0x10/0x10
[ 69.055075][ T5314] ? rcu_is_watching+0x15/0xb0
[ 69.056670][ T5314] ? __pfx_autoremove_wake_function+0x10/0x10
[ 69.058809][ T5314] ? __mutex_lock+0x37f/0xee0
[ 69.060519][ T5314] ? rcu_is_watching+0x15/0xb0
[ 69.062292][ T5314] notifier_call_chain+0x1a5/0x3f0
[ 69.064269][ T5314] blocking_notifier_call_chain_robust+0xe8/0x1e0
[ 69.066668][ T5314] ? __pfx_blocking_notifier_call_chain_robust+0x10/0x10
[ 69.069250][ T5314] ? chrdev_open+0x36e/0x600
[ 69.071049][ T5314] pm_notifier_call_chain_robust+0x2c/0x60
[ 69.073198][ T5314] snapshot_open+0x132/0x280
[ 69.074830][ T5314] ? __pfx_snapshot_open+0x10/0x10
[ 69.076712][ T5314] misc_open+0x2cc/0x340
[ 69.078073][ T5314] chrdev_open+0x521/0x600
[ 69.079496][ T5314] ? __pfx_chrdev_open+0x10/0x10
[ 69.081310][ T5314] ? do_raw_spin_unlock+0x58/0x8b0
[ 69.083122][ T5314] ? __pfx_chrdev_open+0x10/0x10
[ 69.084900][ T5314] do_dentry_open+0xbe1/0x1b70
[ 69.086564][ T5314] vfs_open+0x3e/0x330
[ 69.088061][ T5314] path_openat+0x2c84/0x3590
[ 69.089844][ T5314] ? __pfx_path_openat+0x10/0x10
[ 69.091712][ T5314] do_filp_open+0x27f/0x4e0
[ 69.093208][ T5314] ? __pfx_do_filp_open+0x10/0x10
[ 69.094767][ T5314] ? do_raw_spin_lock+0x14f/0x370
[ 69.096329][ T5314] do_sys_openat2+0x13e/0x1d0
[ 69.097910][ T5314] ? __pfx_do_sys_openat2+0x10/0x10
[ 69.099744][ T5314] ? __fget_files+0x2a/0x410
[ 69.101384][ T5314] ? __fget_files+0x2a/0x410
[ 69.103005][ T5314] __x64_sys_openat+0x247/0x2a0
[ 69.104659][ T5314] ? __pfx___x64_sys_openat+0x10/0x10
[ 69.106530][ T5314] ? do_syscall_64+0x100/0x230
[ 69.108203][ T5314] ? do_syscall_64+0xb6/0x230
[ 69.109858][ T5314] do_syscall_64+0xf3/0x230
[ 69.111521][ T5314] ? clear_bhb_loop+0x35/0x90
[ 69.113194][ T5314] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 69.115318][ T5314] RIP: 0033:0x7fe843185d29
[ 69.116950][ T5314] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 69.123864][ T5314] RSP: 002b:00007fe843fd9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 69.126792][ T5314] RAX: ffffffffffffffda RBX: 00007fe843375fa0 RCX: 00007fe843185d29
[ 69.129549][ T5314] RDX: 0000000000000001 RSI: 00000000200000c0 RDI: ffffffffffffff9c
[ 69.132145][ T5314] RBP: 00007fe843fd9090 R08: 0000000000000000 R09: 0000000000000000
[ 69.134884][ T5314] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 69.137744][ T5314] R13: 0000000000000000 R14: 00007fe843375fa0 R15: 00007ffd840afe68
[ 69.140503][ T5314]
[ 69.154069][ T5314]
[ 69.155040][ T5314] ============================================
[ 69.157261][ T5314] WARNING: possible recursive locking detected
[ 69.159423][ T5314] 6.13.0-rc5-syzkaller-00004-gccb98ccef0e5 #0 Not tainted
[ 69.161791][ T5314] --------------------------------------------
[ 69.163961][ T5314] syz.0.0/5314 is trying to acquire lock:
[ 69.166074][ T5314] ffffffff8f2cf6a8 (fw_lock){+.+.}-{4:4}, at: assign_fw+0x56/0x890
[ 69.169062][ T5314]
[ 69.169062][ T5314] but task is already holding lock:
[ 69.171872][ T5314] ffffffff8f2cf6a8 (fw_lock){+.+.}-{4:4}, at: fw_pm_notify+0x232/0x2f0
[ 69.175662][ T5314]
[ 69.175662][ T5314] other info that might help us debug this:
[ 69.179265][ T5314] Possible unsafe locking scenario:
[ 69.179265][ T5314]
[ 69.182216][ T5314] CPU0
[ 69.183436][ T5314] ----
[ 69.184699][ T5314] lock(fw_lock);
[ 69.186123][ T5314] lock(fw_lock);
[ 69.187821][ T5314]
[ 69.187821][ T5314] *** DEADLOCK ***
[ 69.187821][ T5314]
[ 69.190572][ T5314] May be due to missing lock nesting notation
[ 69.190572][ T5314]
[ 69.193745][ T5314] 5 locks held by syz.0.0/5314:
[ 69.195703][ T5314] #0: ffffffff8f182bc8 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x54/0x340
[ 69.198812][ T5314] #1: ffffffff8e7eba48 (system_transition_mutex){+.+.}-{4:4}, at: lock_system_sleep+0x60/0xa0
[ 69.202597][ T5314] #2: ffffffff8e80b410 ((pm_chain_head).rwsem){++++}-{4:4}, at: blocking_notifier_call_chain_robust+0xac/0x1e0
[ 69.206832][ T5314] #3: ffffffff8f2cf6a8 (fw_lock){+.+.}-{4:4}, at: fw_pm_notify+0x232/0x2f0
[ 69.209624][ T5314] #4: ffffffff8f2ca888 (dpm_list_mtx){+.+.}-{4:4}, at: dpm_for_each_dev+0x2b/0xc0
[ 69.212744][ T5314]
[ 69.212744][ T5314] stack backtrace:
[ 69.214773][ T5314] CPU: 0 UID: 0 PID: 5314 Comm: syz.0.0 Not tainted 6.13.0-rc5-syzkaller-00004-gccb98ccef0e5 #0
[ 69.218382][ T5314] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 69.222140][ T5314] Call Trace:
[ 69.223429][ T5314]
[ 69.224587][ T5314] dump_stack_lvl+0x241/0x360
[ 69.226271][ T5314] ? __pfx_dump_stack_lvl+0x10/0x10
[ 69.228083][ T5314] ? __pfx__printk+0x10/0x10
[ 69.229749][ T5314] ? lockdep_unlock+0x16a/0x300
[ 69.231551][ T5314] print_deadlock_bug+0x483/0x620
[ 69.233270][ T5314] ? validate_chain+0x11e/0x5920
[ 69.235023][ T5314] validate_chain+0x15e2/0x5920
[ 69.236738][ T5314] ? mark_lock+0x9a/0x360
[ 69.238251][ T5314] ? __pfx_validate_chain+0x10/0x10
[ 69.239879][ T5314] ? __lock_acquire+0x1397/0x2100
[ 69.241666][ T5314] ? mark_lock+0x9a/0x360
[ 69.243195][ T5314] ? mark_lock+0x9a/0x360
[ 69.244858][ T5314] __lock_acquire+0x1397/0x2100
[ 69.246644][ T5314] lock_acquire+0x1ed/0x550
[ 69.248265][ T5314] ? assign_fw+0x56/0x890
[ 69.249790][ T5314] ? __pfx_lock_acquire+0x10/0x10
[ 69.251619][ T5314] ? __pfx___might_resched+0x10/0x10
[ 69.253527][ T5314] ? kasan_save_track+0x51/0x80
[ 69.255365][ T5314] ? kasan_save_track+0x3f/0x80
[ 69.256960][ T5314] ? kasan_save_free_info+0x40/0x50
[ 69.258850][ T5314] ? __kasan_slab_free+0x59/0x70
[ 69.260754][ T5314] ? kmem_cache_free+0x195/0x410
[ 69.262517][ T5314] ? __async_dev_cache_fw_image+0xe7/0x320
[ 69.264550][ T5314] ? async_schedule_node_domain+0xdc/0x110
[ 69.266616][ T5314] ? dev_cache_fw_image+0x36d/0x3e0
[ 69.268480][ T5314] ? fw_pm_notify+0x24a/0x2f0
[ 69.270097][ T5314] __mutex_lock+0x1ac/0xee0
[ 69.271715][ T5314] ? assign_fw+0x56/0x890
[ 69.273306][ T5314] ? do_syscall_64+0xf3/0x230
[ 69.275074][ T5314] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 69.277050][ T5314] ? mark_lock+0x9a/0x360
[ 69.278359][ T5314] ? assign_fw+0x56/0x890
[ 69.279587][ T5314] ? __pfx___mutex_lock+0x10/0x10
[ 69.281053][ T5314] ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 69.282847][ T5314] ? kasan_quarantine_put+0xdc/0x230
[ 69.284580][ T5314] ? lockdep_hardirqs_on+0x99/0x150
[ 69.286279][ T5314] assign_fw+0x56/0x890
[ 69.287637][ T5314] ? kmem_cache_free+0x195/0x410
[ 69.289173][ T5314] ? _request_firmware+0xd5a/0x13b0
[ 69.290778][ T5314] _request_firmware+0xe16/0x13b0
[ 69.292388][ T5314] ? __pfx__request_firmware+0x10/0x10
[ 69.294158][ T5314] ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 69.296431][ T5314] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 69.299339][ T5314] __async_dev_cache_fw_image+0xe7/0x320
[ 69.301940][ T5314] ? __pfx___async_dev_cache_fw_image+0x10/0x10
[ 69.304287][ T5314] ? rcu_is_watching+0x15/0xb0
[ 69.306017][ T5314] ? async_schedule_node_domain+0xa3/0x110
[ 69.308181][ T5314] ? kfree+0x4e/0x430
[ 69.309742][ T5314] ? __kmalloc_cache_noprof+0x243/0x390
[ 69.311939][ T5314] ? async_schedule_node_domain+0x5c/0x110
[ 69.314037][ T5314] ? __pfx___async_dev_cache_fw_image+0x10/0x10
[ 69.316215][ T5314] async_schedule_node_domain+0xdc/0x110
[ 69.318371][ T5314] dev_cache_fw_image+0x36d/0x3e0
[ 69.319980][ T5314] ? __pfx_dev_cache_fw_image+0x10/0x10
[ 69.321951][ T5314] ? _raw_spin_unlock_irqrestore+0xdd/0x140
[ 69.324234][ T5314] ? blake2s_update+0x1a5/0x280
[ 69.326036][ T5314] ? __pfx_dev_cache_fw_image+0x10/0x10
[ 69.327901][ T5314] dpm_for_each_dev+0x58/0xc0
[ 69.329494][ T5314] fw_pm_notify+0x24a/0x2f0
[ 69.331048][ T5314] ? __pfx_fw_pm_notify+0x10/0x10
[ 69.332520][ T5314] ? rcu_is_watching+0x15/0xb0
[ 69.334082][ T5314] ? __pfx_autoremove_wake_function+0x10/0x10
[ 69.336021][ T5314] ? __mutex_lock+0x37f/0xee0
[ 69.337558][ T5314] ? rcu_is_watching+0x15/0xb0
[ 69.339518][ T5314] notifier_call_chain+0x1a5/0x3f0
[ 69.341471][ T5314] blocking_notifier_call_chain_robust+0xe8/0x1e0
[ 69.344022][ T5314] ? __pfx_blocking_notifier_call_chain_robust+0x10/0x10
[ 69.346697][ T5314] ? chrdev_open+0x36e/0x600
[ 69.348417][ T5314] pm_notifier_call_chain_robust+0x2c/0x60
[ 69.354192][ T5314] snapshot_open+0x132/0x280
[ 69.355829][ T5314] ? __pfx_snapshot_open+0x10/0x10
[ 69.357578][ T5314] misc_open+0x2cc/0x340
[ 69.359121][ T5314] chrdev_open+0x521/0x600
[ 69.360601][ T5314] ? __pfx_chrdev_open+0x10/0x10
[ 69.362770][ T5314] ? do_raw_spin_unlock+0x58/0x8b0
[ 69.365167][ T5314] ? __pfx_chrdev_open+0x10/0x10
[ 69.366946][ T5314] do_dentry_open+0xbe1/0x1b70
[ 69.368601][ T5314] vfs_open+0x3e/0x330
[ 69.369959][ T5314] path_openat+0x2c84/0x3590
[ 69.371585][ T5314] ? __pfx_path_openat+0x10/0x10
[ 69.373280][ T5314] do_filp_open+0x27f/0x4e0
[ 69.374801][ T5314] ? __pfx_do_filp_open+0x10/0x10
[ 69.376532][ T5314] ? do_raw_spin_lock+0x14f/0x370
[ 69.378187][ T5314] do_sys_openat2+0x13e/0x1d0
[ 69.379775][ T5314] ? __pfx_do_sys_openat2+0x10/0x10
[ 69.381742][ T5314] ? __fget_files+0x2a/0x410
[ 69.383228][ T5314] ? __fget_files+0x2a/0x410
[ 69.384915][ T5314] __x64_sys_openat+0x247/0x2a0
[ 69.386769][ T5314] ? __pfx___x64_sys_openat+0x10/0x10
[ 69.388635][ T5314] ? do_syscall_64+0x100/0x230
[ 69.390039][ T5314] ? do_syscall_64+0xb6/0x230
[ 69.391435][ T5314] do_syscall_64+0xf3/0x230
[ 69.392928][ T5314] ? clear_bhb_loop+0x35/0x90
[ 69.394669][ T5314] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 69.396841][ T5314] RIP: 0033:0x7fe843185d29
[ 69.398511][ T5314] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 69.405816][ T5314] RSP: 002b:00007fe843fd9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 69.408899][ T5314] RAX: ffffffffffffffda RBX: 00007fe843375fa0 RCX: 00007fe843185d29
[ 69.411777][ T5314] RDX: 0000000000000001 RSI: 00000000200000c0 RDI: ffffffffffffff9c
[ 69.414666][ T5314] RBP: 00007fe843fd9090 R08: 0000000000000000 R09: 0000000000000000
[ 69.417222][ T5314] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 69.419761][ T5314] R13: 0000000000000000 R14: 00007fe843375fa0 R15: 00007ffd840afe68
[ 69.422098][ T5314]
[ 70.326701][ T48] Bluetooth: hci0: command tx timeout
[ 72.406700][ T48] Bluetooth: hci0: command tx timeout
[ 74.486552][ T48] Bluetooth: hci0: command tx timeout