92806][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1743.512385][T32173] RSP: 002b:00007fc7e9ef2cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1743.520785][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1743.528746][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1743.536710][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1743.544659][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1743.552604][T32173] R13: 0000000000c9fb6f R14: 00007fc7e9ef39c0 R15: 000000000078bf0c
[ 1743.560566][T32173] syz-executor.0  S29824 27620   6799 0x00000000
[ 1743.566894][T32173] Call Trace:
[ 1743.570170][T32173]  __schedule+0x8f3/0x1fc0
[ 1743.574564][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1743.579831][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1743.585094][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1743.590529][T32173]  schedule+0xd0/0x2a0
[ 1743.594578][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1743.599670][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1743.605109][T32173]  futex_wait+0x1e2/0x550
[ 1743.609435][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1743.614436][T32173]  ? print_usage_bug+0x240/0x240
[ 1743.619354][T32173]  ? hash_futex+0x10/0x200
[ 1743.623746][T32173]  ? futex_wake+0x153/0x480
[ 1743.628235][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1743.634187][T32173]  ? mark_lock+0x11f/0xdd0
[ 1743.638586][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1743.644544][T32173]  do_futex+0x15f/0x1ad0
[ 1743.648770][T32173]  ? find_held_lock+0x2d/0x110
[ 1743.653510][T32173]  ? futex_exit_release+0x60/0x60
[ 1743.658526][T32173]  ? lock_downgrade+0x840/0x840
[ 1743.663354][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1743.668180][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1743.674141][T32173]  ? __might_fault+0x190/0x1d0
[ 1743.678882][T32173]  ? _copy_to_user+0x126/0x160
[ 1743.683628][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1743.688373][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1743.692871][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1743.698309][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1743.704265][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1743.708920][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1743.714879][T32173]  do_syscall_64+0xf6/0x7d0
[ 1743.719362][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1743.725232][T32173] RIP: 0033:0x45ca59
[ 1743.729122][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1743.748703][T32173] RSP: 002b:00007f92d403fcf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1743.757112][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1743.765058][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1743.773006][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1743.780968][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1743.788928][T32173] R13: 0000000000c9fb6f R14: 00007f92d40409c0 R15: 000000000078bf0c
[ 1743.796899][T32173] syz-executor.0  S29824 27626   6799 0x00000000
[ 1743.803214][T32173] Call Trace:
[ 1743.806492][T32173]  __schedule+0x8f3/0x1fc0
[ 1743.810885][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1743.816151][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1743.821417][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1743.826858][T32173]  schedule+0xd0/0x2a0
[ 1743.830908][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1743.835997][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1743.841436][T32173]  futex_wait+0x1e2/0x550
[ 1743.845746][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1743.850787][T32173]  ? wake_up_q+0xc1/0x140
[ 1743.855141][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1743.860320][T32173]  ? futex_wake+0x153/0x480
[ 1743.864814][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1743.870782][T32173]  ? mark_lock+0x11f/0xdd0
[ 1743.875218][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1743.881175][T32173]  do_futex+0x15f/0x1ad0
[ 1743.885403][T32173]  ? find_held_lock+0x2d/0x110
[ 1743.890145][T32173]  ? futex_exit_release+0x60/0x60
[ 1743.895149][T32173]  ? lock_downgrade+0x840/0x840
[ 1743.900004][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1743.904834][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1743.910797][T32173]  ? __might_fault+0x190/0x1d0
[ 1743.915536][T32173]  ? _copy_to_user+0x126/0x160
[ 1743.920282][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1743.925034][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1743.929513][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1743.934947][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1743.940917][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1743.945574][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1743.951548][T32173]  do_syscall_64+0xf6/0x7d0
[ 1743.956040][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1743.961908][T32173] RIP: 0033:0x45ca59
[ 1743.965781][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1743.985377][T32173] RSP: 002b:00007f92d403fcf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1743.993776][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1744.001723][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1744.009670][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1744.017617][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1744.025566][T32173] R13: 0000000000c9fb6f R14: 00007f92d40409c0 R15: 000000000078bf0c
[ 1744.033526][T32173] syz-executor.0  S29824 27632   6799 0x00000000
[ 1744.039863][T32173] Call Trace:
[ 1744.043134][T32173]  __schedule+0x8f3/0x1fc0
[ 1744.047527][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1744.052807][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1744.058073][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1744.063527][T32173]  schedule+0xd0/0x2a0
[ 1744.067574][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1744.072662][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1744.078119][T32173]  futex_wait+0x1e2/0x550
[ 1744.082428][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1744.087434][T32173]  ? wake_up_q+0xc1/0x140
[ 1744.091742][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1744.096919][T32173]  ? futex_wake+0x153/0x480
[ 1744.101514][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1744.107469][T32173]  ? mark_lock+0x11f/0xdd0
[ 1744.111881][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1744.117942][T32173]  do_futex+0x15f/0x1ad0
[ 1744.122273][T32173]  ? find_held_lock+0x2d/0x110
[ 1744.127033][T32173]  ? futex_exit_release+0x60/0x60
[ 1744.132036][T32173]  ? lock_downgrade+0x840/0x840
[ 1744.136862][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1744.141690][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1744.147653][T32173]  ? __might_fault+0x190/0x1d0
[ 1744.152392][T32173]  ? debug_smp_processor_id+0x2f/0x185
[ 1744.157832][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1744.162574][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1744.167075][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1744.172509][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1744.178468][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1744.183138][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1744.189110][T32173]  do_syscall_64+0xf6/0x7d0
[ 1744.193593][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1744.199476][T32173] RIP: 0033:0x45ca59
[ 1744.203348][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1744.222926][T32173] RSP: 002b:00007f92d403fcf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1744.231311][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1744.239263][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1744.247226][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1744.255174][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1744.263139][T32173] R13: 0000000000c9fb6f R14: 00007f92d40409c0 R15: 000000000078bf0c
[ 1744.271099][T32173] syz-executor.0  S29824 27645   6799 0x00000000
[ 1744.277410][T32173] Call Trace:
[ 1744.280700][T32173]  __schedule+0x8f3/0x1fc0
[ 1744.285096][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1744.290359][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1744.295639][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1744.301078][T32173]  schedule+0xd0/0x2a0
[ 1744.305145][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1744.310232][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1744.315670][T32173]  futex_wait+0x1e2/0x550
[ 1744.319979][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1744.324982][T32173]  ? wake_up_q+0xc1/0x140
[ 1744.329285][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1744.334463][T32173]  ? futex_wake+0x153/0x480
[ 1744.338953][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1744.344906][T32173]  ? mark_lock+0x11f/0xdd0
[ 1744.349300][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1744.355256][T32173]  do_futex+0x15f/0x1ad0
[ 1744.359481][T32173]  ? find_held_lock+0x2d/0x110
[ 1744.364220][T32173]  ? futex_exit_release+0x60/0x60
[ 1744.369222][T32173]  ? lock_downgrade+0x840/0x840
[ 1744.374049][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1744.378875][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1744.384853][T32173]  ? __might_fault+0x190/0x1d0
[ 1744.389593][T32173]  ? _copy_to_user+0x126/0x160
[ 1744.394337][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1744.399089][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1744.403570][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1744.409003][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1744.414975][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1744.419637][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1744.425603][T32173]  do_syscall_64+0xf6/0x7d0
[ 1744.430093][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1744.435967][T32173] RIP: 0033:0x45ca59
[ 1744.439846][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1744.459446][T32173] RSP: 002b:00007f92d403fcf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1744.467850][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1744.475825][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1744.483771][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1744.491734][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1744.499796][T32173] R13: 0000000000c9fb6f R14: 00007f92d40409c0 R15: 000000000078bf0c
[ 1744.507795][T32173] syz-executor.1  S29824 27731   6929 0x00000000
[ 1744.514104][T32173] Call Trace:
[ 1744.517402][T32173]  __schedule+0x8f3/0x1fc0
[ 1744.521822][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1744.527088][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1744.532352][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1744.537790][T32173]  schedule+0xd0/0x2a0
[ 1744.541838][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1744.546926][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1744.552365][T32173]  futex_wait+0x1e2/0x550
[ 1744.556693][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1744.561694][T32173]  ? print_usage_bug+0x240/0x240
[ 1744.566626][T32173]  ? hash_futex+0x10/0x200
[ 1744.571019][T32173]  ? futex_wake+0x153/0x480
[ 1744.575523][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1744.581479][T32173]  ? do_wp_page+0x512/0x1440
[ 1744.586047][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1744.592110][T32173]  do_futex+0x15f/0x1ad0
[ 1744.596345][T32173]  ? find_held_lock+0x2d/0x110
[ 1744.601089][T32173]  ? futex_exit_release+0x60/0x60
[ 1744.606188][T32173]  ? lock_downgrade+0x840/0x840
[ 1744.611014][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1744.615840][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1744.621821][T32173]  ? __might_fault+0x190/0x1d0
[ 1744.626564][T32173]  ? _copy_to_user+0x126/0x160
[ 1744.631309][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1744.636053][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1744.640536][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1744.645972][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1744.651930][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1744.656603][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1744.662674][T32173]  do_syscall_64+0xf6/0x7d0
[ 1744.667156][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1744.673021][T32173] RIP: 0033:0x45ca59
[ 1744.676911][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1744.696505][T32173] RSP: 002b:00007f7591596cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1744.704889][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1744.712836][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1744.720783][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1744.728729][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1744.736678][T32173] R13: 0000000000c9fb6f R14: 00007f75915979c0 R15: 000000000078bf0c
[ 1744.744642][T32173] syz-executor.1  S29824 27743   6929 0x00000000
[ 1744.750949][T32173] Call Trace:
[ 1744.754219][T32173]  __schedule+0x8f3/0x1fc0
[ 1744.758613][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1744.763876][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1744.769141][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1744.774578][T32173]  schedule+0xd0/0x2a0
[ 1744.778632][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1744.783720][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1744.789163][T32173]  futex_wait+0x1e2/0x550
[ 1744.793476][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1744.798493][T32173]  ? print_usage_bug+0x240/0x240
[ 1744.803417][T32173]  ? hash_futex+0x10/0x200
[ 1744.807814][T32173]  ? futex_wake+0x153/0x480
[ 1744.812322][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1744.818281][T32173]  ? do_wp_page+0x512/0x1440
[ 1744.822848][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1744.828805][T32173]  do_futex+0x15f/0x1ad0
[ 1744.833033][T32173]  ? find_held_lock+0x2d/0x110
[ 1744.837775][T32173]  ? futex_exit_release+0x60/0x60
[ 1744.842776][T32173]  ? lock_downgrade+0x840/0x840
[ 1744.847607][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1744.852435][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1744.858404][T32173]  ? __might_fault+0x190/0x1d0
[ 1744.863144][T32173]  ? _copy_to_user+0x126/0x160
[ 1744.867888][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1744.872654][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1744.877137][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1744.882574][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1744.888531][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1744.893288][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1744.899247][T32173]  do_syscall_64+0xf6/0x7d0
[ 1744.903732][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1744.909599][T32173] RIP: 0033:0x45ca59
[ 1744.913471][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1744.933062][T32173] RSP: 002b:00007f7591596cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1744.941502][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1744.949468][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1744.957454][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1744.965404][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1744.973379][T32173] R13: 0000000000c9fb6f R14: 00007f75915979c0 R15: 000000000078bf0c
[ 1744.981347][T32173] syz-executor.2  S29824 27749   7087 0x00000000
[ 1744.987662][T32173] Call Trace:
[ 1744.990952][T32173]  __schedule+0x8f3/0x1fc0
[ 1744.995347][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1745.000618][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1745.005881][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1745.011319][T32173]  schedule+0xd0/0x2a0
[ 1745.015371][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1745.020460][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1745.025901][T32173]  futex_wait+0x1e2/0x550
[ 1745.030211][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1745.035213][T32173]  ? print_usage_bug+0x240/0x240
[ 1745.040128][T32173]  ? hash_futex+0x10/0x200
[ 1745.044521][T32173]  ? futex_wake+0x153/0x480
[ 1745.049007][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1745.054964][T32173]  ? do_wp_page+0x512/0x1440
[ 1745.059529][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1745.065486][T32173]  do_futex+0x15f/0x1ad0
[ 1745.069710][T32173]  ? find_held_lock+0x2d/0x110
[ 1745.074452][T32173]  ? futex_exit_release+0x60/0x60
[ 1745.079454][T32173]  ? lock_downgrade+0x840/0x840
[ 1745.084298][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1745.089143][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1745.095106][T32173]  ? __might_fault+0x190/0x1d0
[ 1745.099847][T32173]  ? _copy_to_user+0x126/0x160
[ 1745.104610][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1745.109355][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1745.113851][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1745.119285][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1745.125244][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1745.129895][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1745.135854][T32173]  do_syscall_64+0xf6/0x7d0
[ 1745.140337][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1745.146225][T32173] RIP: 0033:0x45ca59
[ 1745.150097][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1745.169674][T32173] RSP: 002b:00007f8cd7fe7cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1745.178058][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1745.186005][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1745.193949][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1745.201894][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1745.209840][T32173] R13: 0000000000c9fb6f R14: 00007f8cd7fe89c0 R15: 000000000078bf0c
[ 1745.217820][T32173] syz-executor.1  S29824 27756   6929 0x00000000
[ 1745.224129][T32173] Call Trace:
[ 1745.227399][T32173]  __schedule+0x8f3/0x1fc0
[ 1745.231791][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1745.237054][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1745.242316][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1745.247876][T32173]  schedule+0xd0/0x2a0
[ 1745.251928][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1745.257019][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1745.262593][T32173]  futex_wait+0x1e2/0x550
[ 1745.266907][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1745.271917][T32173]  ? print_usage_bug+0x240/0x240
[ 1745.276875][T32173]  ? hash_futex+0x10/0x200
[ 1745.281315][T32173]  ? futex_wake+0x153/0x480
[ 1745.285811][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1745.291825][T32173]  ? do_wp_page+0x512/0x1440
[ 1745.296415][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1745.302380][T32173]  do_futex+0x15f/0x1ad0
[ 1745.306609][T32173]  ? find_held_lock+0x2d/0x110
[ 1745.311350][T32173]  ? futex_exit_release+0x60/0x60
[ 1745.316358][T32173]  ? lock_downgrade+0x840/0x840
[ 1745.321186][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1745.326024][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1745.331987][T32173]  ? __might_fault+0x190/0x1d0
[ 1745.336727][T32173]  ? _copy_to_user+0x126/0x160
[ 1745.341472][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1745.346223][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1745.350703][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1745.356138][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1745.362094][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1745.366756][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1745.372721][T32173]  do_syscall_64+0xf6/0x7d0
[ 1745.377339][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1745.383225][T32173] RIP: 0033:0x45ca59
[ 1745.387099][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1745.406716][T32173] RSP: 002b:00007f7591596cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1745.415104][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1745.423065][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1745.431108][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1745.439071][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1745.447067][T32173] R13: 0000000000c9fb6f R14: 00007f75915979c0 R15: 000000000078bf0c
[ 1745.455069][T32173] syz-executor.1  S29824 27764   6929 0x00000000
[ 1745.461382][T32173] Call Trace:
[ 1745.464657][T32173]  __schedule+0x8f3/0x1fc0
[ 1745.469054][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1745.474318][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1745.479602][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1745.485110][T32173]  schedule+0xd0/0x2a0
[ 1745.489165][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1745.494262][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1745.499906][T32173]  futex_wait+0x1e2/0x550
[ 1745.504223][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1745.509230][T32173]  ? print_usage_bug+0x240/0x240
[ 1745.514149][T32173]  ? hash_futex+0x10/0x200
[ 1745.518547][T32173]  ? futex_wake+0x153/0x480
[ 1745.523040][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1745.529001][T32173]  ? do_wp_page+0x512/0x1440
[ 1745.533569][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1745.539573][T32173]  do_futex+0x15f/0x1ad0
[ 1745.543800][T32173]  ? find_held_lock+0x2d/0x110
[ 1745.548544][T32173]  ? futex_exit_release+0x60/0x60
[ 1745.553549][T32173]  ? lock_downgrade+0x840/0x840
[ 1745.558379][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1745.563220][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1745.569188][T32173]  ? __might_fault+0x190/0x1d0
[ 1745.573929][T32173]  ? _copy_to_user+0x126/0x160
[ 1745.578675][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1745.583418][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1745.587901][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1745.593371][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1745.599332][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1745.603984][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1745.609945][T32173]  do_syscall_64+0xf6/0x7d0
[ 1745.614428][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1745.620297][T32173] RIP: 0033:0x45ca59
[ 1745.624172][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1745.643761][T32173] RSP: 002b:00007f7591596cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1745.652146][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1745.660097][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1745.668043][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1745.676004][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1745.683951][T32173] R13: 0000000000c9fb6f R14: 00007f75915979c0 R15: 000000000078bf0c
[ 1745.691910][T32173] syz-executor.2  S29824 27772   7087 0x00000000
[ 1745.698221][T32173] Call Trace:
[ 1745.701489][T32173]  __schedule+0x8f3/0x1fc0
[ 1745.705900][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1745.711164][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1745.716445][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1745.721881][T32173]  schedule+0xd0/0x2a0
[ 1745.725927][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1745.731017][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1745.736457][T32173]  futex_wait+0x1e2/0x550
[ 1745.740766][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1745.745766][T32173]  ? print_usage_bug+0x240/0x240
[ 1745.750693][T32173]  ? hash_futex+0x10/0x200
[ 1745.755101][T32173]  ? futex_wake+0x153/0x480
[ 1745.759594][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1745.765551][T32173]  ? do_wp_page+0x512/0x1440
[ 1745.770133][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1745.776118][T32173]  do_futex+0x15f/0x1ad0
[ 1745.780360][T32173]  ? find_held_lock+0x2d/0x110
[ 1745.785102][T32173]  ? futex_exit_release+0x60/0x60
[ 1745.790105][T32173]  ? lock_downgrade+0x840/0x840
[ 1745.794931][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1745.799759][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1745.805722][T32173]  ? __might_fault+0x190/0x1d0
[ 1745.810585][T32173]  ? _copy_to_user+0x126/0x160
[ 1745.815329][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1745.820071][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1745.824563][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1745.829995][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1745.835953][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1745.840605][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1745.846565][T32173]  do_syscall_64+0xf6/0x7d0
[ 1745.851045][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1745.856910][T32173] RIP: 0033:0x45ca59
[ 1745.860781][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1745.880446][T32173] RSP: 002b:00007f8cd7fa5cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1745.888847][T32173] RAX: ffffffffffffffda RBX: 000000000078c048 RCX: 000000000045ca59
[ 1745.896794][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078c048
[ 1745.904740][T32173] RBP: 000000000078c040 R08: 0000000000000000 R09: 0000000000000000
[ 1745.912686][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078c04c
[ 1745.920647][T32173] R13: 0000000000c9fb6f R14: 00007f8cd7fa69c0 R15: 000000000078c04c
[ 1745.928628][T32173] syz-executor.1  S29824 27785   6929 0x00000000
[ 1745.934939][T32173] Call Trace:
[ 1745.938207][T32173]  __schedule+0x8f3/0x1fc0
[ 1745.942598][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1745.947864][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1745.953126][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1745.958563][T32173]  schedule+0xd0/0x2a0
[ 1745.962609][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1745.967695][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1745.973133][T32173]  futex_wait+0x1e2/0x550
[ 1745.977442][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1745.982442][T32173]  ? print_usage_bug+0x240/0x240
[ 1745.987374][T32173]  ? hash_futex+0x10/0x200
[ 1745.991784][T32173]  ? futex_wake+0x153/0x480
[ 1745.996293][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1746.002249][T32173]  ? do_wp_page+0x512/0x1440
[ 1746.006819][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1746.012774][T32173]  do_futex+0x15f/0x1ad0
[ 1746.017002][T32173]  ? find_held_lock+0x2d/0x110
[ 1746.021742][T32173]  ? futex_exit_release+0x60/0x60
[ 1746.026747][T32173]  ? lock_downgrade+0x840/0x840
[ 1746.031572][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1746.036400][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1746.042361][T32173]  ? __might_fault+0x190/0x1d0
[ 1746.047102][T32173]  ? _copy_to_user+0x126/0x160
[ 1746.051845][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1746.056588][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1746.061069][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1746.066502][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1746.072456][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1746.077111][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1746.083069][T32173]  do_syscall_64+0xf6/0x7d0
[ 1746.087569][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1746.093434][T32173] RIP: 0033:0x45ca59
[ 1746.097305][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1746.116900][T32173] RSP: 002b:00007f7591596cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1746.125287][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1746.133233][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1746.141183][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1746.149130][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1746.157078][T32173] R13: 0000000000c9fb6f R14: 00007f75915979c0 R15: 000000000078bf0c
[ 1746.165056][T32173] syz-executor.1  S29824 27792   6929 0x00000000
[ 1746.171366][T32173] Call Trace:
[ 1746.174633][T32173]  __schedule+0x8f3/0x1fc0
[ 1746.179024][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1746.184298][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1746.189573][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1746.195013][T32173]  schedule+0xd0/0x2a0
[ 1746.199059][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1746.204155][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1746.209588][T32173]  ? find_held_lock+0x2d/0x110
[ 1746.214337][T32173]  futex_wait+0x1e2/0x550
[ 1746.218734][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1746.223737][T32173]  ? print_usage_bug+0x240/0x240
[ 1746.228654][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1746.233829][T32173]  ? futex_wake+0x153/0x480
[ 1746.238318][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1746.244297][T32173]  ? do_wp_page+0x512/0x1440
[ 1746.248897][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1746.254865][T32173]  do_futex+0x15f/0x1ad0
[ 1746.259117][T32173]  ? find_held_lock+0x2d/0x110
[ 1746.263954][T32173]  ? futex_exit_release+0x60/0x60
[ 1746.268985][T32173]  ? lock_downgrade+0x840/0x840
[ 1746.273814][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1746.278645][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1746.284610][T32173]  ? __might_fault+0x190/0x1d0
[ 1746.289354][T32173]  ? _copy_to_user+0x126/0x160
[ 1746.294109][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1746.298866][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1746.303350][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1746.308787][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1746.314832][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1746.319484][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1746.325461][T32173]  do_syscall_64+0xf6/0x7d0
[ 1746.329942][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1746.335810][T32173] RIP: 0033:0x45ca59
[ 1746.339692][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1746.359272][T32173] RSP: 002b:00007f7591596cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1746.367659][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1746.375604][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1746.383551][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1746.391497][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1746.399445][T32173] R13: 0000000000c9fb6f R14: 00007f75915979c0 R15: 000000000078bf0c
[ 1746.407424][T32173] syz-executor.2  S29824 27795   7087 0x00000000
[ 1746.413748][T32173] Call Trace:
[ 1746.417028][T32173]  __schedule+0x8f3/0x1fc0
[ 1746.421470][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1746.426767][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1746.432037][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1746.437520][T32173]  schedule+0xd0/0x2a0
[ 1746.441603][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1746.446696][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1746.452131][T32173]  ? find_held_lock+0x2d/0x110
[ 1746.456876][T32173]  futex_wait+0x1e2/0x550
[ 1746.461187][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1746.466191][T32173]  ? print_usage_bug+0x240/0x240
[ 1746.471108][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1746.476284][T32173]  ? futex_wake+0x153/0x480
[ 1746.480880][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1746.486837][T32173]  ? do_wp_page+0x512/0x1440
[ 1746.491422][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1746.497399][T32173]  do_futex+0x15f/0x1ad0
[ 1746.501626][T32173]  ? find_held_lock+0x2d/0x110
[ 1746.506890][T32173]  ? futex_exit_release+0x60/0x60
[ 1746.511892][T32173]  ? lock_downgrade+0x840/0x840
[ 1746.516720][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1746.521555][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1746.527516][T32173]  ? __might_fault+0x190/0x1d0
[ 1746.532258][T32173]  ? _copy_to_user+0x126/0x160
[ 1746.537005][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1746.541748][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1746.546230][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1746.551669][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1746.557624][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1746.562278][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1746.568254][T32173]  do_syscall_64+0xf6/0x7d0
[ 1746.572735][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1746.578603][T32173] RIP: 0033:0x45ca59
[ 1746.582473][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1746.602068][T32173] RSP: 002b:00007f8cd7fe7cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1746.610453][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1746.618401][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1746.626347][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1746.634298][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1746.642246][T32173] R13: 0000000000c9fb6f R14: 00007f8cd7fe89c0 R15: 000000000078bf0c
[ 1746.650207][T32173] syz-executor.0  S29824 27804   6799 0x00000000
[ 1746.656519][T32173] Call Trace:
[ 1746.659790][T32173]  __schedule+0x8f3/0x1fc0
[ 1746.664182][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1746.669447][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1746.674708][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1746.680142][T32173]  schedule+0xd0/0x2a0
[ 1746.684189][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1746.689277][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1746.694716][T32173]  futex_wait+0x1e2/0x550
[ 1746.699045][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1746.704043][T32173]  ? print_usage_bug+0x240/0x240
[ 1746.709057][T32173]  ? hash_futex+0x10/0x200
[ 1746.713450][T32173]  ? futex_wake+0x153/0x480
[ 1746.717941][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1746.723912][T32173]  ? do_wp_page+0x512/0x1440
[ 1746.728480][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1746.734440][T32173]  do_futex+0x15f/0x1ad0
[ 1746.738665][T32173]  ? find_held_lock+0x2d/0x110
[ 1746.743406][T32173]  ? futex_exit_release+0x60/0x60
[ 1746.748408][T32173]  ? lock_downgrade+0x840/0x840
[ 1746.753244][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1746.758174][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1746.764137][T32173]  ? __might_fault+0x190/0x1d0
[ 1746.768876][T32173]  ? _copy_to_user+0x126/0x160
[ 1746.773629][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1746.778374][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1746.782855][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1746.788290][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1746.794253][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1746.798915][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1746.804882][T32173]  do_syscall_64+0xf6/0x7d0
[ 1746.809363][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1746.815233][T32173] RIP: 0033:0x45ca59
[ 1746.819134][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1746.838711][T32173] RSP: 002b:00007f92d403fcf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1746.847096][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1746.855055][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1746.863001][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1746.870965][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1746.878913][T32173] R13: 0000000000c9fb6f R14: 00007f92d40409c0 R15: 000000000078bf0c
[ 1746.886903][T32173] syz-executor.1  S29824 27805   6929 0x00000000
[ 1746.893238][T32173] Call Trace:
[ 1746.896508][T32173]  __schedule+0x8f3/0x1fc0
[ 1746.900914][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1746.906179][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1746.911444][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1746.916885][T32173]  schedule+0xd0/0x2a0
[ 1746.920932][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1746.926022][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1746.931477][T32173]  futex_wait+0x1e2/0x550
[ 1746.935804][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1746.940805][T32173]  ? print_usage_bug+0x240/0x240
[ 1746.945721][T32173]  ? hash_futex+0x10/0x200
[ 1746.950114][T32173]  ? futex_wake+0x153/0x480
[ 1746.954604][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1746.960560][T32173]  ? do_wp_page+0x512/0x1440
[ 1746.965149][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1746.971103][T32173]  do_futex+0x15f/0x1ad0
[ 1746.975347][T32173]  ? find_held_lock+0x2d/0x110
[ 1746.980090][T32173]  ? futex_exit_release+0x60/0x60
[ 1746.985097][T32173]  ? lock_downgrade+0x840/0x840
[ 1746.989924][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1746.994754][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1747.000732][T32173]  ? __might_fault+0x190/0x1d0
[ 1747.005486][T32173]  ? _copy_to_user+0x126/0x160
[ 1747.010256][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1747.015042][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1747.019533][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1747.025026][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1747.030989][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1747.035648][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1747.041654][T32173]  do_syscall_64+0xf6/0x7d0
[ 1747.046139][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1747.052007][T32173] RIP: 0033:0x45ca59
[ 1747.055882][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1747.075518][T32173] RSP: 002b:00007f7591596cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1747.083904][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1747.091851][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1747.099846][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1747.107793][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1747.115740][T32173] R13: 0000000000c9fb6f R14: 00007f75915979c0 R15: 000000000078bf0c
[ 1747.123705][T32173] syz-executor.5  S29824 27807   7376 0x00000000
[ 1747.130036][T32173] Call Trace:
[ 1747.133349][T32173]  __schedule+0x8f3/0x1fc0
[ 1747.137747][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1747.143009][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1747.148273][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1747.153708][T32173]  schedule+0xd0/0x2a0
[ 1747.157753][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1747.162883][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1747.168338][T32173]  futex_wait+0x1e2/0x550
[ 1747.172649][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1747.177669][T32173]  ? print_usage_bug+0x240/0x240
[ 1747.182599][T32173]  ? hash_futex+0x10/0x200
[ 1747.186991][T32173]  ? futex_wake+0x153/0x480
[ 1747.191478][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1747.197435][T32173]  ? do_wp_page+0x512/0x1440
[ 1747.202002][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1747.207975][T32173]  do_futex+0x15f/0x1ad0
[ 1747.212219][T32173]  ? find_held_lock+0x2d/0x110
[ 1747.216960][T32173]  ? futex_exit_release+0x60/0x60
[ 1747.221966][T32173]  ? lock_downgrade+0x840/0x840
[ 1747.226797][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1747.231623][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1747.237587][T32173]  ? __might_fault+0x190/0x1d0
[ 1747.242325][T32173]  ? _copy_to_user+0x126/0x160
[ 1747.247072][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1747.251816][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1747.256298][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1747.261733][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1747.267690][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1747.272343][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1747.278318][T32173]  do_syscall_64+0xf6/0x7d0
[ 1747.282801][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1747.288693][T32173] RIP: 0033:0x45ca59
[ 1747.292564][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1747.312142][T32173] RSP: 002b:00007f656341ecf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1747.320544][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1747.328507][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1747.336454][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1747.344419][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1747.352380][T32173] R13: 0000000000c9fb6f R14: 00007f656341f9c0 R15: 000000000078bf0c
[ 1747.360339][T32173] syz-executor.4  S29824 27810   7358 0x00000000
[ 1747.366648][T32173] Call Trace:
[ 1747.369917][T32173]  __schedule+0x8f3/0x1fc0
[ 1747.374310][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1747.379575][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1747.384838][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1747.390272][T32173]  schedule+0xd0/0x2a0
[ 1747.394320][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1747.399407][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1747.404848][T32173]  futex_wait+0x1e2/0x550
[ 1747.409190][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1747.414198][T32173]  ? print_usage_bug+0x240/0x240
[ 1747.419172][T32173]  ? hash_futex+0x10/0x200
[ 1747.423567][T32173]  ? futex_wake+0x153/0x480
[ 1747.428061][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1747.434062][T32173]  ? do_wp_page+0x512/0x1440
[ 1747.438675][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1747.444635][T32173]  do_futex+0x15f/0x1ad0
[ 1747.448864][T32173]  ? find_held_lock+0x2d/0x110
[ 1747.453605][T32173]  ? futex_exit_release+0x60/0x60
[ 1747.458611][T32173]  ? lock_downgrade+0x840/0x840
[ 1747.463482][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1747.468314][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1747.474281][T32173]  ? __might_fault+0x190/0x1d0
[ 1747.479027][T32173]  ? _copy_to_user+0x126/0x160
[ 1747.483791][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1747.488546][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1747.493036][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1747.498473][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1747.504433][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1747.509085][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1747.515089][T32173]  do_syscall_64+0xf6/0x7d0
[ 1747.519603][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1747.525474][T32173] RIP: 0033:0x45ca59
[ 1747.529348][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1747.548929][T32173] RSP: 002b:00007fc7e9ef2cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1747.557318][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1747.565281][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1747.573226][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1747.581174][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1747.589121][T32173] R13: 0000000000c9fb6f R14: 00007fc7e9ef39c0 R15: 000000000078bf0c
[ 1747.597084][T32173] syz-executor.3  S29824 27821   7107 0x00000000
[ 1747.603392][T32173] Call Trace:
[ 1747.606661][T32173]  __schedule+0x8f3/0x1fc0
[ 1747.611052][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1747.616323][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1747.621587][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1747.627026][T32173]  schedule+0xd0/0x2a0
[ 1747.631074][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1747.636168][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1747.641606][T32173]  futex_wait+0x1e2/0x550
[ 1747.645918][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1747.650948][T32173]  ? print_usage_bug+0x240/0x240
[ 1747.655864][T32173]  ? hash_futex+0x10/0x200
[ 1747.660259][T32173]  ? futex_wake+0x153/0x480
[ 1747.664747][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1747.670702][T32173]  ? do_wp_page+0x512/0x1440
[ 1747.675270][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1747.681228][T32173]  do_futex+0x15f/0x1ad0
[ 1747.685453][T32173]  ? find_held_lock+0x2d/0x110
[ 1747.690193][T32173]  ? futex_exit_release+0x60/0x60
[ 1747.695197][T32173]  ? lock_downgrade+0x840/0x840
[ 1747.700022][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1747.704851][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1747.710829][T32173]  ? __might_fault+0x190/0x1d0
[ 1747.715571][T32173]  ? _copy_to_user+0x126/0x160
[ 1747.720402][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1747.725148][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1747.729643][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1747.735080][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1747.741053][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1747.745706][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1747.751663][T32173]  do_syscall_64+0xf6/0x7d0
[ 1747.756149][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1747.762043][T32173] RIP: 0033:0x45ca59
[ 1747.765913][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1747.785492][T32173] RSP: 002b:00007f65fad0acf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1747.793876][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1747.801836][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1747.809799][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1747.817759][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1747.825723][T32173] R13: 0000000000c9fb6f R14: 00007f65fad0b9c0 R15: 000000000078bf0c
[ 1747.833683][T32173] syz-executor.1  S29824 27824   6929 0x00000000
[ 1747.839992][T32173] Call Trace:
[ 1747.843275][T32173]  __schedule+0x8f3/0x1fc0
[ 1747.847669][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1747.852932][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1747.858196][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1747.863634][T32173]  schedule+0xd0/0x2a0
[ 1747.867681][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1747.872773][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1747.878209][T32173]  ? find_held_lock+0x2d/0x110
[ 1747.882965][T32173]  futex_wait+0x1e2/0x550
[ 1747.887278][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1747.892279][T32173]  ? print_usage_bug+0x240/0x240
[ 1747.897194][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1747.902383][T32173]  ? futex_wake+0x153/0x480
[ 1747.906873][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1747.912830][T32173]  ? do_wp_page+0x512/0x1440
[ 1747.917399][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1747.923354][T32173]  do_futex+0x15f/0x1ad0
[ 1747.927581][T32173]  ? find_held_lock+0x2d/0x110
[ 1747.932341][T32173]  ? futex_exit_release+0x60/0x60
[ 1747.937361][T32173]  ? lock_downgrade+0x840/0x840
[ 1747.942189][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1747.947016][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1747.952976][T32173]  ? __might_fault+0x190/0x1d0
[ 1747.957716][T32173]  ? _copy_to_user+0x126/0x160
[ 1747.962474][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1747.967216][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1747.971697][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1747.977152][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1747.983107][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1747.987763][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1747.993738][T32173]  do_syscall_64+0xf6/0x7d0
[ 1747.998310][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1748.004186][T32173] RIP: 0033:0x45ca59
[ 1748.008062][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1748.027638][T32173] RSP: 002b:00007f7591596cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1748.036024][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1748.043986][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1748.051932][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1748.059897][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1748.067847][T32173] R13: 0000000000c9fb6f R14: 00007f75915979c0 R15: 000000000078bf0c
[ 1748.075807][T32173] syz-executor.2  S29824 27826   7087 0x00000000
[ 1748.082117][T32173] Call Trace:
[ 1748.085403][T32173]  __schedule+0x8f3/0x1fc0
[ 1748.089797][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1748.095062][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1748.100324][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1748.105761][T32173]  schedule+0xd0/0x2a0
[ 1748.109807][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1748.114894][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1748.120332][T32173]  futex_wait+0x1e2/0x550
[ 1748.124642][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1748.129643][T32173]  ? print_usage_bug+0x240/0x240
[ 1748.134556][T32173]  ? hash_futex+0x10/0x200
[ 1748.138947][T32173]  ? futex_wake+0x153/0x480
[ 1748.143433][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1748.149407][T32173]  ? do_wp_page+0x512/0x1440
[ 1748.153971][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1748.159931][T32173]  do_futex+0x15f/0x1ad0
[ 1748.164171][T32173]  ? find_held_lock+0x2d/0x110
[ 1748.168919][T32173]  ? futex_exit_release+0x60/0x60
[ 1748.173919][T32173]  ? lock_downgrade+0x840/0x840
[ 1748.178745][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1748.183572][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1748.189533][T32173]  ? __might_fault+0x190/0x1d0
[ 1748.194273][T32173]  ? _copy_to_user+0x126/0x160
[ 1748.199016][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1748.203760][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1748.208241][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1748.213673][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1748.219629][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1748.224282][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1748.230335][T32173]  do_syscall_64+0xf6/0x7d0
[ 1748.234819][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1748.240698][T32173] RIP: 0033:0x45ca59
[ 1748.244678][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1748.264263][T32173] RSP: 002b:00007f8cd7fe7cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1748.272669][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1748.280622][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1748.288572][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1748.296521][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1748.304471][T32173] R13: 0000000000c9fb6f R14: 00007f8cd7fe89c0 R15: 000000000078bf0c
[ 1748.312435][T32173] syz-executor.4  S29792 27829   7358 0x00000000
[ 1748.318790][T32173] Call Trace:
[ 1748.322071][T32173]  __schedule+0x8f3/0x1fc0
[ 1748.326468][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1748.331737][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1748.337001][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1748.342452][T32173]  schedule+0xd0/0x2a0
[ 1748.346553][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1748.351641][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1748.357084][T32173]  futex_wait+0x1e2/0x550
[ 1748.361395][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1748.366400][T32173]  ? print_usage_bug+0x240/0x240
[ 1748.371320][T32173]  ? hash_futex+0x10/0x200
[ 1748.375721][T32173]  ? futex_wake+0x153/0x480
[ 1748.380214][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1748.386174][T32173]  ? do_wp_page+0x512/0x1440
[ 1748.390739][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1748.396752][T32173]  do_futex+0x15f/0x1ad0
[ 1748.400979][T32173]  ? find_held_lock+0x2d/0x110
[ 1748.405723][T32173]  ? futex_exit_release+0x60/0x60
[ 1748.410727][T32173]  ? lock_downgrade+0x840/0x840
[ 1748.415554][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1748.420401][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1748.426371][T32173]  ? __might_fault+0x190/0x1d0
[ 1748.431113][T32173]  ? _copy_to_user+0x126/0x160
[ 1748.435861][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1748.440712][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1748.445242][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1748.450686][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1748.456650][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1748.461350][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1748.467312][T32173]  do_syscall_64+0xf6/0x7d0
[ 1748.471825][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1748.477695][T32173] RIP: 0033:0x45ca59
[ 1748.481624][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1748.501217][T32173] RSP: 002b:00007fc7e9ef2cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1748.509629][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1748.517577][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1748.525527][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1748.533518][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1748.541465][T32173] R13: 0000000000c9fb6f R14: 00007fc7e9ef39c0 R15: 000000000078bf0c
[ 1748.549431][T32173] syz-executor.0  S29824 27841   6799 0x00000000
[ 1748.555760][T32173] Call Trace:
[ 1748.559034][T32173]  __schedule+0x8f3/0x1fc0
[ 1748.563427][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1748.568691][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1748.573953][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1748.579412][T32173]  schedule+0xd0/0x2a0
[ 1748.583510][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1748.588598][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1748.594035][T32173]  futex_wait+0x1e2/0x550
[ 1748.598346][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1748.603346][T32173]  ? print_usage_bug+0x240/0x240
[ 1748.608279][T32173]  ? hash_futex+0x10/0x200
[ 1748.612672][T32173]  ? futex_wake+0x153/0x480
[ 1748.617160][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1748.623118][T32173]  ? do_wp_page+0x512/0x1440
[ 1748.627685][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1748.633659][T32173]  do_futex+0x15f/0x1ad0
[ 1748.637903][T32173]  ? find_held_lock+0x2d/0x110
[ 1748.642645][T32173]  ? futex_exit_release+0x60/0x60
[ 1748.647646][T32173]  ? lock_downgrade+0x840/0x840
[ 1748.652473][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1748.657300][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1748.663265][T32173]  ? __might_fault+0x190/0x1d0
[ 1748.668004][T32173]  ? _copy_to_user+0x126/0x160
[ 1748.672748][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1748.677510][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1748.682011][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1748.687446][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1748.693409][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1748.698067][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1748.704024][T32173]  do_syscall_64+0xf6/0x7d0
[ 1748.708506][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1748.714377][T32173] RIP: 0033:0x45ca59
[ 1748.718249][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1748.737827][T32173] RSP: 002b:00007f92d403fcf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1748.746217][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1748.754170][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1748.762119][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1748.770082][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1748.778031][T32173] R13: 0000000000c9fb6f R14: 00007f92d40409c0 R15: 000000000078bf0c
[ 1748.785994][T32173] syz-executor.5  S29824 27844   7376 0x00000000
[ 1748.792302][T32173] Call Trace:
[ 1748.795571][T32173]  __schedule+0x8f3/0x1fc0
[ 1748.799965][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1748.805231][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1748.810494][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1748.815930][T32173]  schedule+0xd0/0x2a0
[ 1748.819983][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1748.825071][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1748.830531][T32173]  futex_wait+0x1e2/0x550
[ 1748.834844][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1748.839861][T32173]  ? print_usage_bug+0x240/0x240
[ 1748.844779][T32173]  ? hash_futex+0x10/0x200
[ 1748.849176][T32173]  ? futex_wake+0x153/0x480
[ 1748.853666][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1748.859622][T32173]  ? do_wp_page+0x512/0x1440
[ 1748.864192][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1748.870174][T32173]  do_futex+0x15f/0x1ad0
[ 1748.874403][T32173]  ? find_held_lock+0x2d/0x110
[ 1748.879145][T32173]  ? futex_exit_release+0x60/0x60
[ 1748.884160][T32173]  ? lock_downgrade+0x840/0x840
[ 1748.888988][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1748.893832][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1748.899923][T32173]  ? __might_fault+0x190/0x1d0
[ 1748.904668][T32173]  ? _copy_to_user+0x126/0x160
[ 1748.909427][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1748.914172][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1748.918670][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1748.924111][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1748.930076][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1748.934731][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1748.940795][T32173]  do_syscall_64+0xf6/0x7d0
[ 1748.945279][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1748.951169][T32173] RIP: 0033:0x45ca59
[ 1748.955041][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1748.974618][T32173] RSP: 002b:00007f656341ecf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1748.983018][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1748.990964][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1748.998912][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1749.006860][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1749.014808][T32173] R13: 0000000000c9fb6f R14: 00007f656341f9c0 R15: 000000000078bf0c
[ 1749.022856][T32173] syz-executor.3  S29824 27846   7107 0x00000000
[ 1749.029273][T32173] Call Trace:
[ 1749.032547][T32173]  __schedule+0x8f3/0x1fc0
[ 1749.036941][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1749.042204][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1749.047493][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1749.052929][T32173]  schedule+0xd0/0x2a0
[ 1749.056976][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1749.062064][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1749.067503][T32173]  futex_wait+0x1e2/0x550
[ 1749.071815][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1749.076815][T32173]  ? print_usage_bug+0x240/0x240
[ 1749.081730][T32173]  ? hash_futex+0x10/0x200
[ 1749.086125][T32173]  ? futex_wake+0x153/0x480
[ 1749.090617][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1749.096588][T32173]  ? do_wp_page+0x512/0x1440
[ 1749.101157][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1749.107118][T32173]  do_futex+0x15f/0x1ad0
[ 1749.111345][T32173]  ? find_held_lock+0x2d/0x110
[ 1749.116086][T32173]  ? futex_exit_release+0x60/0x60
[ 1749.121089][T32173]  ? lock_downgrade+0x840/0x840
[ 1749.125940][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1749.130768][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1749.136732][T32173]  ? __might_fault+0x190/0x1d0
[ 1749.141472][T32173]  ? _copy_to_user+0x126/0x160
[ 1749.146219][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1749.150959][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1749.155441][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1749.160889][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1749.166932][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1749.171603][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1749.177563][T32173]  do_syscall_64+0xf6/0x7d0
[ 1749.182045][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1749.187912][T32173] RIP: 0033:0x45ca59
[ 1749.191787][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1749.211374][T32173] RSP: 002b:00007f65fad0acf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1749.219782][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1749.227732][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1749.235732][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1749.243683][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1749.251643][T32173] R13: 0000000000c9fb6f R14: 00007f65fad0b9c0 R15: 000000000078bf0c
[ 1749.259615][T32173] syz-executor.1  S29824 27857   6929 0x00000000
[ 1749.265975][T32173] Call Trace:
[ 1749.269291][T32173]  __schedule+0x8f3/0x1fc0
[ 1749.273694][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1749.278991][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1749.284301][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1749.289755][T32173]  schedule+0xd0/0x2a0
[ 1749.293803][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1749.298892][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1749.304330][T32173]  ? find_held_lock+0x2d/0x110
[ 1749.309094][T32173]  futex_wait+0x1e2/0x550
[ 1749.313403][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1749.318403][T32173]  ? print_usage_bug+0x240/0x240
[ 1749.323317][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1749.328492][T32173]  ? futex_wake+0x153/0x480
[ 1749.333001][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1749.339148][T32173]  ? do_wp_page+0x512/0x1440
[ 1749.343712][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1749.349672][T32173]  do_futex+0x15f/0x1ad0
[ 1749.353907][T32173]  ? find_held_lock+0x2d/0x110
[ 1749.358648][T32173]  ? futex_exit_release+0x60/0x60
[ 1749.363648][T32173]  ? lock_downgrade+0x840/0x840
[ 1749.368479][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1749.373307][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1749.379287][T32173]  ? __might_fault+0x190/0x1d0
[ 1749.384028][T32173]  ? _copy_to_user+0x126/0x160
[ 1749.388774][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1749.393518][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1749.398001][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1749.403434][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1749.409390][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1749.414042][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1749.420024][T32173]  do_syscall_64+0xf6/0x7d0
[ 1749.424513][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1749.430430][T32173] RIP: 0033:0x45ca59
[ 1749.434325][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1749.453922][T32173] RSP: 002b:00007f7591596cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1749.462313][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1749.470264][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1749.478214][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1749.486163][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1749.494113][T32173] R13: 0000000000c9fb6f R14: 00007f75915979c0 R15: 000000000078bf0c
[ 1749.502079][T32173] syz-executor.4  S29816 27860   7358 0x00000000
[ 1749.508391][T32173] Call Trace:
[ 1749.511664][T32173]  __schedule+0x8f3/0x1fc0
[ 1749.516068][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1749.521334][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1749.526598][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1749.532035][T32173]  schedule+0xd0/0x2a0
[ 1749.536084][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1749.541170][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1749.546606][T32173]  futex_wait+0x1e2/0x550
[ 1749.550913][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1749.555915][T32173]  ? print_usage_bug+0x240/0x240
[ 1749.560829][T32173]  ? hash_futex+0x10/0x200
[ 1749.565222][T32173]  ? futex_wake+0x153/0x480
[ 1749.569708][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1749.575662][T32173]  ? do_wp_page+0x512/0x1440
[ 1749.580230][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1749.586186][T32173]  do_futex+0x15f/0x1ad0
[ 1749.590408][T32173]  ? find_held_lock+0x2d/0x110
[ 1749.595150][T32173]  ? futex_exit_release+0x60/0x60
[ 1749.600153][T32173]  ? lock_downgrade+0x840/0x840
[ 1749.604978][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1749.609805][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1749.615788][T32173]  ? __might_fault+0x190/0x1d0
[ 1749.620533][T32173]  ? _copy_to_user+0x126/0x160
[ 1749.625280][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1749.630024][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1749.634523][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1749.639960][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1749.645916][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1749.650570][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1749.656532][T32173]  do_syscall_64+0xf6/0x7d0
[ 1749.661014][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1749.666905][T32173] RIP: 0033:0x45ca59
[ 1749.670782][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1749.690359][T32173] RSP: 002b:00007fc7e9ef2cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1749.698749][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1749.706700][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1749.714646][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1749.722591][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1749.730538][T32173] R13: 0000000000c9fb6f R14: 00007fc7e9ef39c0 R15: 000000000078bf0c
[ 1749.738499][T32173] syz-executor.2  S29824 27865   7087 0x00000000
[ 1749.744807][T32173] Call Trace:
[ 1749.748075][T32173]  __schedule+0x8f3/0x1fc0
[ 1749.752469][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1749.757734][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1749.762996][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1749.768433][T32173]  schedule+0xd0/0x2a0
[ 1749.772505][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1749.777594][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1749.783033][T32173]  futex_wait+0x1e2/0x550
[ 1749.787344][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1749.792359][T32173]  ? print_usage_bug+0x240/0x240
[ 1749.797284][T32173]  ? hash_futex+0x10/0x200
[ 1749.801685][T32173]  ? futex_wake+0x153/0x480
[ 1749.806192][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1749.812166][T32173]  ? do_wp_page+0x512/0x1440
[ 1749.816735][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1749.822692][T32173]  do_futex+0x15f/0x1ad0
[ 1749.826921][T32173]  ? find_held_lock+0x2d/0x110
[ 1749.831676][T32173]  ? futex_exit_release+0x60/0x60
[ 1749.836699][T32173]  ? lock_downgrade+0x840/0x840
[ 1749.841526][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1749.846355][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1749.852319][T32173]  ? __might_fault+0x190/0x1d0
[ 1749.857077][T32173]  ? _copy_to_user+0x126/0x160
[ 1749.861823][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1749.866567][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1749.871053][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1749.876485][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1749.882444][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1749.887097][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1749.893054][T32173]  do_syscall_64+0xf6/0x7d0
[ 1749.897537][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1749.903403][T32173] RIP: 0033:0x45ca59
[ 1749.907274][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1749.926861][T32173] RSP: 002b:00007f8cd7fe7cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1749.935335][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1749.943313][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1749.951260][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1749.959205][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1749.967152][T32173] R13: 0000000000c9fb6f R14: 00007f8cd7fe89c0 R15: 000000000078bf0c
[ 1749.975114][T32173] syz-executor.5  S29824 27870   7376 0x00000000
[ 1749.981424][T32173] Call Trace:
[ 1749.984694][T32173]  __schedule+0x8f3/0x1fc0
[ 1749.989100][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1749.994384][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1749.999648][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1750.005086][T32173]  schedule+0xd0/0x2a0
[ 1750.009133][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1750.014220][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1750.019673][T32173]  futex_wait+0x1e2/0x550
[ 1750.023982][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1750.028981][T32173]  ? print_usage_bug+0x240/0x240
[ 1750.033924][T32173]  ? hash_futex+0x10/0x200
[ 1750.038316][T32173]  ? futex_wake+0x153/0x480
[ 1750.042817][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1750.048790][T32173]  ? do_wp_page+0x512/0x1440
[ 1750.053357][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1750.059313][T32173]  do_futex+0x15f/0x1ad0
[ 1750.063539][T32173]  ? find_held_lock+0x2d/0x110
[ 1750.068290][T32173]  ? futex_exit_release+0x60/0x60
[ 1750.073292][T32173]  ? lock_downgrade+0x840/0x840
[ 1750.078117][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1750.082946][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1750.088913][T32173]  ? __might_fault+0x190/0x1d0
[ 1750.093767][T32173]  ? _copy_to_user+0x126/0x160
[ 1750.098512][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1750.103371][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1750.107853][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1750.113395][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1750.119365][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1750.124025][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1750.129993][T32173]  do_syscall_64+0xf6/0x7d0
[ 1750.134495][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1750.140361][T32173] RIP: 0033:0x45ca59
[ 1750.144249][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1750.163827][T32173] RSP: 002b:00007f656341ecf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1750.172226][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1750.180185][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1750.188148][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1750.196095][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1750.204046][T32173] R13: 0000000000c9fb6f R14: 00007f656341f9c0 R15: 000000000078bf0c
[ 1750.212008][T32173] syz-executor.0  S28904 27872   6799 0x00000000
[ 1750.218436][T32173] Call Trace:
[ 1750.221706][T32173]  __schedule+0x8f3/0x1fc0
[ 1750.226099][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1750.231365][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1750.236628][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1750.242066][T32173]  schedule+0xd0/0x2a0
[ 1750.246128][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1750.251369][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1750.256812][T32173]  futex_wait+0x1e2/0x550
[ 1750.261124][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1750.266363][T32173]  ? print_usage_bug+0x240/0x240
[ 1750.271283][T32173]  ? hash_futex+0x10/0x200
[ 1750.275718][T32173]  ? futex_wake+0x153/0x480
[ 1750.280212][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1750.286171][T32173]  ? do_wp_page+0x512/0x1440
[ 1750.290738][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1750.296785][T32173]  do_futex+0x15f/0x1ad0
[ 1750.301013][T32173]  ? find_held_lock+0x2d/0x110
[ 1750.305757][T32173]  ? futex_exit_release+0x60/0x60
[ 1750.310760][T32173]  ? lock_downgrade+0x840/0x840
[ 1750.315590][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1750.320434][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1750.326397][T32173]  ? __might_fault+0x190/0x1d0
[ 1750.331140][T32173]  ? _copy_to_user+0x126/0x160
[ 1750.335910][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1750.340683][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1750.345181][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1750.350616][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1750.356582][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1750.361252][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1750.367213][T32173]  do_syscall_64+0xf6/0x7d0
[ 1750.371700][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1750.377585][T32173] RIP: 0033:0x45ca59
[ 1750.381457][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1750.401145][T32173] RSP: 002b:00007f92d403fcf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1750.409530][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1750.417508][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1750.425457][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1750.433407][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1750.441354][T32173] R13: 0000000000c9fb6f R14: 00007f92d40409c0 R15: 000000000078bf0c
[ 1750.449318][T32173] syz-executor.1  S29824 27877   6929 0x00000000
[ 1750.455630][T32173] Call Trace:
[ 1750.458903][T32173]  __schedule+0x8f3/0x1fc0
[ 1750.463300][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1750.468566][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1750.473860][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1750.479305][T32173]  schedule+0xd0/0x2a0
[ 1750.483353][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1750.488453][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1750.493898][T32173]  futex_wait+0x1e2/0x550
[ 1750.498216][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1750.503274][T32173]  ? print_usage_bug+0x240/0x240
[ 1750.508193][T32173]  ? hash_futex+0x10/0x200
[ 1750.512590][T32173]  ? futex_wake+0x153/0x480
[ 1750.517085][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1750.523046][T32173]  ? do_wp_page+0x512/0x1440
[ 1750.527618][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1750.533577][T32173]  do_futex+0x15f/0x1ad0
[ 1750.537807][T32173]  ? find_held_lock+0x2d/0x110
[ 1750.542551][T32173]  ? futex_exit_release+0x60/0x60
[ 1750.547570][T32173]  ? lock_downgrade+0x840/0x840
[ 1750.552400][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1750.557229][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1750.563233][T32173]  ? __might_fault+0x190/0x1d0
[ 1750.567976][T32173]  ? _copy_to_user+0x126/0x160
[ 1750.572721][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1750.577465][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1750.581945][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1750.587380][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1750.593335][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1750.598030][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1750.604114][T32173]  do_syscall_64+0xf6/0x7d0
[ 1750.608594][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1750.614463][T32173] RIP: 0033:0x45ca59
[ 1750.618338][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1750.637916][T32173] RSP: 002b:00007f7591596cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1750.646317][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1750.654266][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1750.662211][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1750.670158][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1750.678105][T32173] R13: 0000000000c9fb6f R14: 00007f75915979c0 R15: 000000000078bf0c
[ 1750.686066][T32173] syz-executor.3  S29824 27883   7107 0x00000000
[ 1750.692376][T32173] Call Trace:
[ 1750.695645][T32173]  __schedule+0x8f3/0x1fc0
[ 1750.700053][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1750.705319][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1750.710580][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1750.716015][T32173]  schedule+0xd0/0x2a0
[ 1750.720061][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1750.725149][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1750.730586][T32173]  futex_wait+0x1e2/0x550
[ 1750.734896][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1750.739897][T32173]  ? print_usage_bug+0x240/0x240
[ 1750.744814][T32173]  ? hash_futex+0x10/0x200
[ 1750.749207][T32173]  ? futex_wake+0x153/0x480
[ 1750.753694][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1750.759651][T32173]  ? do_wp_page+0x512/0x1440
[ 1750.764217][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1750.770172][T32173]  do_futex+0x15f/0x1ad0
[ 1750.774401][T32173]  ? find_held_lock+0x2d/0x110
[ 1750.779142][T32173]  ? futex_exit_release+0x60/0x60
[ 1750.784247][T32173]  ? lock_downgrade+0x840/0x840
[ 1750.789073][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1750.793916][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1750.799901][T32173]  ? __might_fault+0x190/0x1d0
[ 1750.804652][T32173]  ? _copy_to_user+0x126/0x160
[ 1750.809452][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1750.814200][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1750.818690][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1750.824129][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1750.830088][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1750.834744][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1750.840706][T32173]  do_syscall_64+0xf6/0x7d0
[ 1750.845230][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1750.851101][T32173] RIP: 0033:0x45ca59
[ 1750.854972][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1750.874639][T32173] RSP: 002b:00007f65fad0acf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1750.883025][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1750.890972][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1750.899006][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1750.906954][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1750.914901][T32173] R13: 0000000000c9fb6f R14: 00007f65fad0b9c0 R15: 000000000078bf0c
[ 1750.922862][T32173] syz-executor.1  S29824 28087   6929 0x00000000
[ 1750.929259][T32173] Call Trace:
[ 1750.932797][T32173]  __schedule+0x8f3/0x1fc0
[ 1750.937192][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1750.942458][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1750.947742][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1750.953177][T32173]  schedule+0xd0/0x2a0
[ 1750.957242][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1750.962329][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1750.967771][T32173]  futex_wait+0x1e2/0x550
[ 1750.972097][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1750.977097][T32173]  ? print_usage_bug+0x240/0x240
[ 1750.982011][T32173]  ? hash_futex+0x10/0x200
[ 1750.986404][T32173]  ? futex_wake+0x153/0x480
[ 1750.990890][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1750.996845][T32173]  ? print_usage_bug+0x240/0x240
[ 1751.001781][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1751.007741][T32173]  do_futex+0x15f/0x1ad0
[ 1751.011968][T32173]  ? find_held_lock+0x2d/0x110
[ 1751.016710][T32173]  ? futex_exit_release+0x60/0x60
[ 1751.021713][T32173]  ? lock_downgrade+0x840/0x840
[ 1751.026541][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1751.031974][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1751.038024][T32173]  ? __might_fault+0x190/0x1d0
[ 1751.042780][T32173]  ? _copy_to_user+0x126/0x160
[ 1751.047526][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1751.052267][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1751.056749][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1751.062186][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1751.068142][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1751.072793][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1751.078769][T32173]  do_syscall_64+0xf6/0x7d0
[ 1751.083370][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1751.089253][T32173] RIP: 0033:0x45ca59
[ 1751.093123][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1751.112701][T32173] RSP: 002b:00007f7591596cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1751.121087][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1751.129034][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1751.136981][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1751.144928][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1751.152872][T32173] R13: 0000000000c9fb6f R14: 00007f75915979c0 R15: 000000000078bf0c
[ 1751.160850][T32173] syz-executor.1  S29824 28100   6929 0x00000000
[ 1751.167161][T32173] Call Trace:
[ 1751.170431][T32173]  __schedule+0x8f3/0x1fc0
[ 1751.174824][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1751.180089][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1751.185357][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1751.190812][T32173]  schedule+0xd0/0x2a0
[ 1751.194861][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1751.199946][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1751.205385][T32173]  futex_wait+0x1e2/0x550
[ 1751.209702][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1751.214702][T32173]  ? wake_up_q+0xc1/0x140
[ 1751.219009][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1751.224186][T32173]  ? futex_wake+0x153/0x480
[ 1751.228673][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1751.234628][T32173]  ? mark_lock+0x11f/0xdd0
[ 1751.239029][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1751.244988][T32173]  do_futex+0x15f/0x1ad0
[ 1751.249215][T32173]  ? find_held_lock+0x2d/0x110
[ 1751.253968][T32173]  ? futex_exit_release+0x60/0x60
[ 1751.258976][T32173]  ? lock_downgrade+0x840/0x840
[ 1751.263804][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1751.268647][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1751.274610][T32173]  ? __might_fault+0x190/0x1d0
[ 1751.279400][T32173]  ? _copy_to_user+0x126/0x160
[ 1751.284147][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1751.288889][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1751.293370][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1751.298805][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1751.304767][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1751.309421][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1751.315381][T32173]  do_syscall_64+0xf6/0x7d0
[ 1751.319864][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1751.325844][T32173] RIP: 0033:0x45ca59
[ 1751.329722][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1751.349368][T32173] RSP: 002b:00007f7591596cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1751.357761][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1751.365710][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1751.373658][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1751.381607][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1751.389555][T32173] R13: 0000000000c9fb6f R14: 00007f75915979c0 R15: 000000000078bf0c
[ 1751.397564][T32173] syz-executor.0  S29824 28104   6799 0x00000000
[ 1751.403889][T32173] Call Trace:
[ 1751.407169][T32173]  __schedule+0x8f3/0x1fc0
[ 1751.411679][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1751.416950][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1751.422250][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1751.427697][T32173]  schedule+0xd0/0x2a0
[ 1751.431840][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1751.436974][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1751.442419][T32173]  futex_wait+0x1e2/0x550
[ 1751.446732][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1751.451765][T32173]  ? wake_up_q+0xc1/0x140
[ 1751.456075][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1751.461249][T32173]  ? futex_wake+0x153/0x480
[ 1751.465743][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1751.471696][T32173]  ? mark_lock+0x11f/0xdd0
[ 1751.476093][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1751.482052][T32173]  do_futex+0x15f/0x1ad0
[ 1751.486279][T32173]  ? find_held_lock+0x2d/0x110
[ 1751.491020][T32173]  ? futex_exit_release+0x60/0x60
[ 1751.496024][T32173]  ? lock_downgrade+0x840/0x840
[ 1751.500852][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1751.505678][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1751.511676][T32173]  ? __might_fault+0x190/0x1d0
[ 1751.516418][T32173]  ? debug_smp_processor_id+0x2f/0x185
[ 1751.521859][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1751.526602][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1751.531125][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1751.536558][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1751.542517][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1751.547170][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1751.553131][T32173]  do_syscall_64+0xf6/0x7d0
[ 1751.557614][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1751.563482][T32173] RIP: 0033:0x45ca59
[ 1751.567354][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1751.586931][T32173] RSP: 002b:00007f92d403fcf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1751.595317][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1751.603263][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1751.611224][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1751.619170][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1751.627117][T32173] R13: 0000000000c9fb6f R14: 00007f92d40409c0 R15: 000000000078bf0c
[ 1751.635079][T32173] syz-executor.1  S29824 28112   6929 0x00000000
[ 1751.641389][T32173] Call Trace:
[ 1751.644657][T32173]  __schedule+0x8f3/0x1fc0
[ 1751.649079][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1751.654343][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1751.659604][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1751.665057][T32173]  schedule+0xd0/0x2a0
[ 1751.669104][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1751.674191][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1751.679629][T32173]  futex_wait+0x1e2/0x550
[ 1751.683949][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1751.688958][T32173]  ? wake_up_q+0xc1/0x140
[ 1751.693275][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1751.698452][T32173]  ? futex_wake+0x153/0x480
[ 1751.702957][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1751.708908][T32173]  ? mark_lock+0x11f/0xdd0
[ 1751.713301][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1751.719262][T32173]  do_futex+0x15f/0x1ad0
[ 1751.723486][T32173]  ? find_held_lock+0x2d/0x110
[ 1751.728226][T32173]  ? futex_exit_release+0x60/0x60
[ 1751.733229][T32173]  ? lock_downgrade+0x840/0x840
[ 1751.738056][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1751.742895][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1751.748859][T32173]  ? __might_fault+0x190/0x1d0
[ 1751.753699][T32173]  ? _copy_to_user+0x126/0x160
[ 1751.758444][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1751.763185][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1751.767667][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1751.773099][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1751.779054][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1751.783706][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1751.789665][T32173]  do_syscall_64+0xf6/0x7d0
[ 1751.794149][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1751.800013][T32173] RIP: 0033:0x45ca59
[ 1751.803910][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1751.823514][T32173] RSP: 002b:00007f7591596cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1751.831900][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1751.839846][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1751.847812][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1751.855761][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1751.863708][T32173] R13: 0000000000c9fb6f R14: 00007f75915979c0 R15: 000000000078bf0c
[ 1751.871669][T32173] syz-executor.0  S29824 28118   6799 0x00000000
[ 1751.877994][T32173] Call Trace:
[ 1751.881283][T32173]  __schedule+0x8f3/0x1fc0
[ 1751.885696][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1751.890958][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1751.896236][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1751.901672][T32173]  schedule+0xd0/0x2a0
[ 1751.905722][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1751.910809][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1751.916246][T32173]  futex_wait+0x1e2/0x550
[ 1751.920555][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1751.925559][T32173]  ? wake_up_q+0xc1/0x140
[ 1751.929862][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1751.935052][T32173]  ? futex_wake+0x153/0x480
[ 1751.939542][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1751.945509][T32173]  ? mark_lock+0x11f/0xdd0
[ 1751.949903][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1751.955863][T32173]  do_futex+0x15f/0x1ad0
[ 1751.960089][T32173]  ? find_held_lock+0x2d/0x110
[ 1751.964844][T32173]  ? futex_exit_release+0x60/0x60
[ 1751.969861][T32173]  ? lock_downgrade+0x840/0x840
[ 1751.974705][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1751.979539][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1751.985519][T32173]  ? __might_fault+0x190/0x1d0
[ 1751.990275][T32173]  ? debug_smp_processor_id+0x2f/0x185
[ 1751.995740][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1752.000510][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1752.004989][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1752.010526][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1752.016484][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1752.021151][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1752.027112][T32173]  do_syscall_64+0xf6/0x7d0
[ 1752.031591][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1752.037459][T32173] RIP: 0033:0x45ca59
[ 1752.041344][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1752.060920][T32173] RSP: 002b:00007f92d403fcf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1752.069305][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1752.077251][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1752.085198][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1752.093158][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1752.101121][T32173] R13: 0000000000c9fb6f R14: 00007f92d40409c0 R15: 000000000078bf0c
[ 1752.109085][T32173] syz-executor.1  S29824 28124   6929 0x00000000
[ 1752.115410][T32173] Call Trace:
[ 1752.118680][T32173]  __schedule+0x8f3/0x1fc0
[ 1752.123097][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1752.128377][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1752.133639][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1752.139077][T32173]  schedule+0xd0/0x2a0
[ 1752.143123][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1752.148220][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1752.153657][T32173]  futex_wait+0x1e2/0x550
[ 1752.157966][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1752.162966][T32173]  ? wake_up_q+0xc1/0x140
[ 1752.167271][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1752.172444][T32173]  ? futex_wake+0x153/0x480
[ 1752.176935][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1752.182888][T32173]  ? mark_lock+0x11f/0xdd0
[ 1752.187280][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1752.193251][T32173]  do_futex+0x15f/0x1ad0
[ 1752.197479][T32173]  ? find_held_lock+0x2d/0x110
[ 1752.202236][T32173]  ? futex_exit_release+0x60/0x60
[ 1752.207239][T32173]  ? lock_downgrade+0x840/0x840
[ 1752.212066][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1752.216891][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1752.222853][T32173]  ? __might_fault+0x190/0x1d0
[ 1752.227592][T32173]  ? _copy_to_user+0x126/0x160
[ 1752.232419][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1752.237182][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1752.241671][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1752.247109][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1752.253070][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1752.257727][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1752.263695][T32173]  do_syscall_64+0xf6/0x7d0
[ 1752.268179][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1752.274052][T32173] RIP: 0033:0x45ca59
[ 1752.277928][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1752.297703][T32173] RSP: 002b:00007f7591596cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1752.306090][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1752.314139][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1752.322085][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1752.330036][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1752.337998][T32173] R13: 0000000000c9fb6f R14: 00007f75915979c0 R15: 000000000078bf0c
[ 1752.345985][T32173] syz-executor.4  S29824 28711   7358 0x00000000
[ 1752.352299][T32173] Call Trace:
[ 1752.355591][T32173]  __schedule+0x8f3/0x1fc0
[ 1752.360003][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1752.365267][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1752.370532][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1752.375969][T32173]  schedule+0xd0/0x2a0
[ 1752.380015][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1752.385118][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1752.390579][T32173]  futex_wait+0x1e2/0x550
[ 1752.394889][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1752.399891][T32173]  ? print_usage_bug+0x240/0x240
[ 1752.404823][T32173]  ? hash_futex+0x10/0x200
[ 1752.409219][T32173]  ? futex_wake+0x153/0x480
[ 1752.413711][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1752.419678][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1752.425781][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1752.431741][T32173]  do_futex+0x15f/0x1ad0
[ 1752.435992][T32173]  ? find_held_lock+0x2d/0x110
[ 1752.440738][T32173]  ? futex_exit_release+0x60/0x60
[ 1752.445748][T32173]  ? lock_downgrade+0x840/0x840
[ 1752.450584][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1752.455417][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1752.461384][T32173]  ? __might_fault+0x190/0x1d0
[ 1752.466128][T32173]  ? _copy_to_user+0x126/0x160
[ 1752.470916][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1752.475663][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1752.480143][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1752.485578][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1752.491535][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1752.496190][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1752.502149][T32173]  do_syscall_64+0xf6/0x7d0
[ 1752.506634][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1752.512500][T32173] RIP: 0033:0x45ca59
[ 1752.516373][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1752.535954][T32173] RSP: 002b:00007fc7e9ef2cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1752.544338][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1752.552283][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1752.560229][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1752.568175][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1752.576120][T32173] R13: 0000000000c9fb6f R14: 00007fc7e9ef39c0 R15: 000000000078bf0c
[ 1752.584081][T32173] syz-executor.1  S29824 28749   6929 0x00000000
[ 1752.590390][T32173] Call Trace:
[ 1752.593658][T32173]  __schedule+0x8f3/0x1fc0
[ 1752.598053][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1752.603316][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1752.608607][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1752.614044][T32173]  schedule+0xd0/0x2a0
[ 1752.618091][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1752.623190][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1752.628629][T32173]  futex_wait+0x1e2/0x550
[ 1752.632936][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1752.637936][T32173]  ? print_usage_bug+0x240/0x240
[ 1752.642851][T32173]  ? hash_futex+0x10/0x200
[ 1752.647265][T32173]  ? futex_wake+0x153/0x480
[ 1752.651755][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1752.657727][T32173]  ? mark_lock+0x11f/0xdd0
[ 1752.662120][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1752.668078][T32173]  do_futex+0x15f/0x1ad0
[ 1752.672304][T32173]  ? find_held_lock+0x2d/0x110
[ 1752.677048][T32173]  ? futex_exit_release+0x60/0x60
[ 1752.682050][T32173]  ? lock_downgrade+0x840/0x840
[ 1752.686878][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1752.691711][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1752.697761][T32173]  ? __might_fault+0x190/0x1d0
[ 1752.702502][T32173]  ? _copy_to_user+0x126/0x160
[ 1752.707260][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1752.712003][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1752.716501][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1752.721949][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1752.727906][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1752.732558][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1752.738528][T32173]  do_syscall_64+0xf6/0x7d0
[ 1752.743023][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1752.748891][T32173] RIP: 0033:0x45ca59
[ 1752.752761][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1752.772357][T32173] RSP: 002b:00007f7591575cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1752.780741][T32173] RAX: ffffffffffffffda RBX: 000000000078bfa8 RCX: 000000000045ca59
[ 1752.788693][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bfa8
[ 1752.796640][T32173] RBP: 000000000078bfa0 R08: 0000000000000000 R09: 0000000000000000
[ 1752.804586][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bfac
[ 1752.812531][T32173] R13: 0000000000c9fb6f R14: 00007f75915769c0 R15: 000000000078bfac
[ 1752.820491][T32173] syz-executor.2  S29824 28798   7087 0x00000000
[ 1752.826817][T32173] Call Trace:
[ 1752.830085][T32173]  __schedule+0x8f3/0x1fc0
[ 1752.834478][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1752.839755][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1752.845017][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1752.850452][T32173]  schedule+0xd0/0x2a0
[ 1752.854499][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1752.859586][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1752.865105][T32173]  ? find_held_lock+0x2d/0x110
[ 1752.869873][T32173]  futex_wait+0x1e2/0x550
[ 1752.874181][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1752.879194][T32173]  ? print_usage_bug+0x240/0x240
[ 1752.884109][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1752.889299][T32173]  ? futex_wake+0x153/0x480
[ 1752.893788][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1752.899741][T32173]  ? mark_lock+0x11f/0xdd0
[ 1752.904135][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1752.910089][T32173]  do_futex+0x15f/0x1ad0
[ 1752.914316][T32173]  ? find_held_lock+0x2d/0x110
[ 1752.919058][T32173]  ? futex_exit_release+0x60/0x60
[ 1752.924083][T32173]  ? lock_downgrade+0x840/0x840
[ 1752.928924][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1752.933749][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1752.939729][T32173]  ? __might_fault+0x190/0x1d0
[ 1752.944490][T32173]  ? _copy_to_user+0x126/0x160
[ 1752.949234][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1752.953977][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1752.958458][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1752.963893][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1752.969849][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1752.974519][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1752.980488][T32173]  do_syscall_64+0xf6/0x7d0
[ 1752.984972][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1752.990837][T32173] RIP: 0033:0x45ca59
[ 1752.994711][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1753.014287][T32173] RSP: 002b:00007f8cd7fc6cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1753.022671][T32173] RAX: ffffffffffffffda RBX: 000000000078bfa8 RCX: 000000000045ca59
[ 1753.030617][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bfa8
[ 1753.038566][T32173] RBP: 000000000078bfa0 R08: 0000000000000000 R09: 0000000000000000
[ 1753.046513][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bfac
[ 1753.054476][T32173] R13: 0000000000c9fb6f R14: 00007f8cd7fc79c0 R15: 000000000078bfac
[ 1753.062436][T32173] syz-executor.3  S29824 28863   7107 0x00000000
[ 1753.068759][T32173] Call Trace:
[ 1753.072028][T32173]  __schedule+0x8f3/0x1fc0
[ 1753.076423][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1753.081689][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1753.086950][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1753.092388][T32173]  schedule+0xd0/0x2a0
[ 1753.096451][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1753.101537][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1753.106973][T32173]  ? find_held_lock+0x2d/0x110
[ 1753.111715][T32173]  futex_wait+0x1e2/0x550
[ 1753.116026][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1753.121027][T32173]  ? print_usage_bug+0x240/0x240
[ 1753.125941][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1753.131118][T32173]  ? futex_wake+0x153/0x480
[ 1753.135608][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1753.141562][T32173]  ? mark_lock+0x11f/0xdd0
[ 1753.145974][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1753.151932][T32173]  do_futex+0x15f/0x1ad0
[ 1753.156160][T32173]  ? find_held_lock+0x2d/0x110
[ 1753.160901][T32173]  ? futex_exit_release+0x60/0x60
[ 1753.165927][T32173]  ? lock_downgrade+0x840/0x840
[ 1753.170753][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1753.175580][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1753.181544][T32173]  ? __might_fault+0x190/0x1d0
[ 1753.186302][T32173]  ? _copy_to_user+0x126/0x160
[ 1753.191046][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1753.195790][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1753.200272][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1753.205706][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1753.211661][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1753.216317][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1753.222274][T32173]  do_syscall_64+0xf6/0x7d0
[ 1753.226774][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1753.232642][T32173] RIP: 0033:0x45ca59
[ 1753.236513][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1753.256108][T32173] RSP: 002b:00007f65face9cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1753.264494][T32173] RAX: ffffffffffffffda RBX: 000000000078bfa8 RCX: 000000000045ca59
[ 1753.272441][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bfa8
[ 1753.280390][T32173] RBP: 000000000078bfa0 R08: 0000000000000000 R09: 0000000000000000
[ 1753.288425][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bfac
[ 1753.296381][T32173] R13: 0000000000c9fb6f R14: 00007f65facea9c0 R15: 000000000078bfac
[ 1753.304368][T32173] kworker/u4:1    I25024 28961      2 0x80004000
[ 1753.310794][T32173] Workqueue:  0x0 (bat_events)
[ 1753.315533][T32173] Call Trace:
[ 1753.318808][T32173]  __schedule+0x8f3/0x1fc0
[ 1753.323206][T32173]  ? worker_thread+0x240/0xe20
[ 1753.327953][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1753.333217][T32173]  ? do_raw_spin_lock+0x129/0x2e0
[ 1753.338245][T32173]  ? _raw_spin_unlock_irq+0x1f/0x80
[ 1753.343451][T32173]  schedule+0xd0/0x2a0
[ 1753.347501][T32173]  worker_thread+0x245/0xe20
[ 1753.352077][T32173]  ? process_one_work+0x16a0/0x16a0
[ 1753.357273][T32173]  kthread+0x388/0x470
[ 1753.361319][T32173]  ? kthread_mod_delayed_work+0x1a0/0x1a0
[ 1753.367022][T32173]  ? kthread_mod_delayed_work+0x1a0/0x1a0
[ 1753.372718][T32173]  ret_from_fork+0x24/0x30
[ 1753.377119][T32173] kworker/u4:2    I23872 29526      2 0x80004000
[ 1753.383455][T32173] Workqueue:  0x0 (wg-kex-wg2)
[ 1753.388191][T32173] Call Trace:
[ 1753.391479][T32173]  __schedule+0x8f3/0x1fc0
[ 1753.395871][T32173]  ? worker_thread+0x240/0xe20
[ 1753.400632][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1753.405945][T32173]  ? _raw_spin_unlock_irq+0x1f/0x80
[ 1753.411122][T32173]  schedule+0xd0/0x2a0
[ 1753.415176][T32173]  worker_thread+0x245/0xe20
[ 1753.419787][T32173]  ? process_one_work+0x16a0/0x16a0
[ 1753.424970][T32173]  kthread+0x388/0x470
[ 1753.429017][T32173]  ? kthread_mod_delayed_work+0x1a0/0x1a0
[ 1753.434715][T32173]  ? kthread_mod_delayed_work+0x1a0/0x1a0
[ 1753.440413][T32173]  ret_from_fork+0x24/0x30
[ 1753.444872][T32173] syz-executor.4  S28976 29738   7358 0x00000000
[ 1753.451185][T32173] Call Trace:
[ 1753.454458][T32173]  __schedule+0x8f3/0x1fc0
[ 1753.458855][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1753.464140][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1753.469409][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1753.474847][T32173]  schedule+0xd0/0x2a0
[ 1753.478912][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1753.484014][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1753.489456][T32173]  futex_wait+0x1e2/0x550
[ 1753.493770][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1753.498784][T32173]  ? print_usage_bug+0x240/0x240
[ 1753.503747][T32173]  ? __fd_install+0x1b4/0x600
[ 1753.508409][T32173]  ? hash_futex+0x10/0x200
[ 1753.512807][T32173]  ? futex_wake+0x153/0x480
[ 1753.517302][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1753.523313][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1753.529337][T32173]  do_futex+0x15f/0x1ad0
[ 1753.533566][T32173]  ? find_held_lock+0x2d/0x110
[ 1753.538314][T32173]  ? futex_exit_release+0x60/0x60
[ 1753.543354][T32173]  ? lock_downgrade+0x840/0x840
[ 1753.548185][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1753.553010][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1753.558977][T32173]  ? __might_fault+0x190/0x1d0
[ 1753.563720][T32173]  ? _copy_to_user+0x126/0x160
[ 1753.568464][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1753.573209][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1753.577695][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1753.583129][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1753.589085][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1753.593739][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1753.599703][T32173]  do_syscall_64+0xf6/0x7d0
[ 1753.604212][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1753.610079][T32173] RIP: 0033:0x45ca59
[ 1753.613952][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1753.633546][T32173] RSP: 002b:00007fc7e9ef2cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1753.641943][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1753.649893][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1753.657840][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1753.665786][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1753.673796][T32173] R13: 0000000000c9fb6f R14: 00007fc7e9ef39c0 R15: 000000000078bf0c
[ 1753.681774][T32173] syz-executor.4  S29824 29753   7358 0x00000000
[ 1753.688084][T32173] Call Trace:
[ 1753.691357][T32173]  __schedule+0x8f3/0x1fc0
[ 1753.695753][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1753.701035][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1753.706299][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1753.711735][T32173]  schedule+0xd0/0x2a0
[ 1753.715822][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1753.720910][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1753.726351][T32173]  futex_wait+0x1e2/0x550
[ 1753.730660][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1753.735664][T32173]  ? wake_up_q+0xc1/0x140
[ 1753.739966][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1753.745141][T32173]  ? futex_wake+0x153/0x480
[ 1753.749629][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1753.755596][T32173]  ? mark_lock+0x11f/0xdd0
[ 1753.759990][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1753.765946][T32173]  do_futex+0x15f/0x1ad0
[ 1753.770169][T32173]  ? find_held_lock+0x2d/0x110
[ 1753.774910][T32173]  ? futex_exit_release+0x60/0x60
[ 1753.779913][T32173]  ? lock_downgrade+0x840/0x840
[ 1753.784742][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1753.789569][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1753.795534][T32173]  ? __might_fault+0x190/0x1d0
[ 1753.800277][T32173]  ? _copy_to_user+0x126/0x160
[ 1753.805024][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1753.809767][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1753.814252][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1753.819700][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1753.825658][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1753.830308][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1753.836287][T32173]  do_syscall_64+0xf6/0x7d0
[ 1753.840770][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1753.846653][T32173] RIP: 0033:0x45ca59
[ 1753.850524][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1753.870104][T32173] RSP: 002b:00007fc7e9ef2cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1753.878489][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1753.886437][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1753.894401][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1753.902609][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1753.910644][T32173] R13: 0000000000c9fb6f R14: 00007fc7e9ef39c0 R15: 000000000078bf0c
[ 1753.918606][T32173] syz-executor.4  S29824 29763   7358 0x00000000
[ 1753.924949][T32173] Call Trace:
[ 1753.928219][T32173]  __schedule+0x8f3/0x1fc0
[ 1753.932611][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1753.937889][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1753.943150][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1753.948587][T32173]  schedule+0xd0/0x2a0
[ 1753.952633][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1753.957721][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1753.963161][T32173]  futex_wait+0x1e2/0x550
[ 1753.967472][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1753.972472][T32173]  ? wake_up_q+0xc1/0x140
[ 1753.976778][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1753.981953][T32173]  ? futex_wake+0x153/0x480
[ 1753.986442][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1753.992395][T32173]  ? mark_lock+0x11f/0xdd0
[ 1753.996790][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1754.002747][T32173]  do_futex+0x15f/0x1ad0
[ 1754.006982][T32173]  ? find_held_lock+0x2d/0x110
[ 1754.011725][T32173]  ? futex_exit_release+0x60/0x60
[ 1754.016818][T32173]  ? lock_downgrade+0x840/0x840
[ 1754.021653][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1754.026497][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1754.032459][T32173]  ? __might_fault+0x190/0x1d0
[ 1754.037199][T32173]  ? _copy_to_user+0x126/0x160
[ 1754.041958][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1754.046700][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1754.051195][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1754.056628][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1754.062585][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1754.067239][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1754.073197][T32173]  do_syscall_64+0xf6/0x7d0
[ 1754.077693][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1754.083573][T32173] RIP: 0033:0x45ca59
[ 1754.087447][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1754.107037][T32173] RSP: 002b:00007fc7e9ef2cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1754.117306][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1754.125254][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1754.133204][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1754.141391][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1754.149346][T32173] R13: 0000000000c9fb6f R14: 00007fc7e9ef39c0 R15: 000000000078bf0c
[ 1754.157383][T32173] bond1           I30816 29794      2 0x80004000
[ 1754.163723][T32173] Call Trace:
[ 1754.167006][T32173]  __schedule+0x8f3/0x1fc0
[ 1754.171429][T32173]  ? rescuer_thread+0x691/0xbc0
[ 1754.176263][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1754.181541][T32173]  ? do_raw_spin_lock+0x129/0x2e0
[ 1754.186545][T32173]  ? _raw_spin_unlock_irq+0x1f/0x80
[ 1754.191726][T32173]  schedule+0xd0/0x2a0
[ 1754.195779][T32173]  rescuer_thread+0x6ed/0xbc0
[ 1754.201572][T32173]  ? worker_thread+0xe20/0xe20
[ 1754.206367][T32173]  ? __kthread_parkme+0x13f/0x1e0
[ 1754.211369][T32173]  ? worker_thread+0xe20/0xe20
[ 1754.216113][T32173]  kthread+0x388/0x470
[ 1754.220178][T32173]  ? kthread_mod_delayed_work+0x1a0/0x1a0
[ 1754.225879][T32173]  ? kthread_mod_delayed_work+0x1a0/0x1a0
[ 1754.231577][T32173]  ret_from_fork+0x24/0x30
[ 1754.235986][T32173] bond2           I30816 29892      2 0x80004000
[ 1754.242320][T32173] Call Trace:
[ 1754.245591][T32173]  __schedule+0x8f3/0x1fc0
[ 1754.249997][T32173]  ? rescuer_thread+0x691/0xbc0
[ 1754.254837][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1754.260102][T32173]  ? do_raw_spin_lock+0x129/0x2e0
[ 1754.265106][T32173]  ? _raw_spin_unlock_irq+0x1f/0x80
[ 1754.270287][T32173]  schedule+0xd0/0x2a0
[ 1754.274341][T32173]  rescuer_thread+0x6ed/0xbc0
[ 1754.279007][T32173]  ? worker_thread+0xe20/0xe20
[ 1754.283767][T32173]  ? __kthread_parkme+0x13f/0x1e0
[ 1754.288776][T32173]  ? worker_thread+0xe20/0xe20
[ 1754.293518][T32173]  kthread+0x388/0x470
[ 1754.297569][T32173]  ? kthread_mod_delayed_work+0x1a0/0x1a0
[ 1754.303266][T32173]  ? kthread_mod_delayed_work+0x1a0/0x1a0
[ 1754.309016][T32173]  ret_from_fork+0x24/0x30
[ 1754.313422][T32173] bond1           I30816 29933      2 0x80004000
[ 1754.319804][T32173] Call Trace:
[ 1754.323074][T32173]  __schedule+0x8f3/0x1fc0
[ 1754.327469][T32173]  ? rescuer_thread+0x691/0xbc0
[ 1754.332299][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1754.337562][T32173]  ? do_raw_spin_lock+0x129/0x2e0
[ 1754.342582][T32173]  ? _raw_spin_unlock_irq+0x1f/0x80
[ 1754.347771][T32173]  schedule+0xd0/0x2a0
[ 1754.351832][T32173]  rescuer_thread+0x6ed/0xbc0
[ 1754.356500][T32173]  ? worker_thread+0xe20/0xe20
[ 1754.361248][T32173]  ? __kthread_parkme+0x13f/0x1e0
[ 1754.366253][T32173]  ? worker_thread+0xe20/0xe20
[ 1754.370998][T32173]  kthread+0x388/0x470
[ 1754.375048][T32173]  ? kthread_mod_delayed_work+0x1a0/0x1a0
[ 1754.380741][T32173]  ? kthread_mod_delayed_work+0x1a0/0x1a0
[ 1754.386438][T32173]  ret_from_fork+0x24/0x30
[ 1754.390872][T32173] bond1           I30752 29977      2 0x80004000
[ 1754.397318][T32173] Call Trace:
[ 1754.400688][T32173]  __schedule+0x8f3/0x1fc0
[ 1754.405108][T32173]  ? rescuer_thread+0x691/0xbc0
[ 1754.409951][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1754.415217][T32173]  ? do_raw_spin_lock+0x129/0x2e0
[ 1754.420258][T32173]  ? _raw_spin_unlock_irq+0x1f/0x80
[ 1754.425474][T32173]  schedule+0xd0/0x2a0
[ 1754.429529][T32173]  rescuer_thread+0x6ed/0xbc0
[ 1754.434193][T32173]  ? worker_thread+0xe20/0xe20
[ 1754.438939][T32173]  ? __kthread_parkme+0x13f/0x1e0
[ 1754.443941][T32173]  ? worker_thread+0xe20/0xe20
[ 1754.448679][T32173]  kthread+0x388/0x470
[ 1754.452744][T32173]  ? kthread_mod_delayed_work+0x1a0/0x1a0
[ 1754.458450][T32173]  ? kthread_mod_delayed_work+0x1a0/0x1a0
[ 1754.464149][T32173]  ret_from_fork+0x24/0x30
[ 1754.468550][T32173] bond2           I30672 30032      2 0x80004000
[ 1754.474886][T32173] Call Trace:
[ 1754.478155][T32173]  __schedule+0x8f3/0x1fc0
[ 1754.482547][T32173]  ? rescuer_thread+0x691/0xbc0
[ 1754.487396][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1754.492657][T32173]  ? do_raw_spin_lock+0x129/0x2e0
[ 1754.497658][T32173]  ? _raw_spin_unlock_irq+0x1f/0x80
[ 1754.502832][T32173]  schedule+0xd0/0x2a0
[ 1754.506881][T32173]  rescuer_thread+0x6ed/0xbc0
[ 1754.511542][T32173]  ? worker_thread+0xe20/0xe20
[ 1754.516305][T32173]  ? __kthread_parkme+0x13f/0x1e0
[ 1754.521320][T32173]  ? worker_thread+0xe20/0xe20
[ 1754.526062][T32173]  kthread+0x388/0x470
[ 1754.530105][T32173]  ? kthread_mod_delayed_work+0x1a0/0x1a0
[ 1754.535819][T32173]  ? kthread_mod_delayed_work+0x1a0/0x1a0
[ 1754.541518][T32173]  ret_from_fork+0x24/0x30
[ 1754.545935][T32173] bond3           I30816 30071      2 0x80004000
[ 1754.552261][T32173] Call Trace:
[ 1754.555529][T32173]  __schedule+0x8f3/0x1fc0
[ 1754.559930][T32173]  ? rescuer_thread+0x691/0xbc0
[ 1754.564759][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1754.570017][T32173]  ? do_raw_spin_lock+0x129/0x2e0
[ 1754.575016][T32173]  ? _raw_spin_unlock_irq+0x1f/0x80
[ 1754.580192][T32173]  schedule+0xd0/0x2a0
[ 1754.584240][T32173]  rescuer_thread+0x6ed/0xbc0
[ 1754.588900][T32173]  ? worker_thread+0xe20/0xe20
[ 1754.593642][T32173]  ? __kthread_parkme+0x13f/0x1e0
[ 1754.598646][T32173]  ? worker_thread+0xe20/0xe20
[ 1754.603384][T32173]  kthread+0x388/0x470
[ 1754.607430][T32173]  ? kthread_mod_delayed_work+0x1a0/0x1a0
[ 1754.613123][T32173]  ? kthread_mod_delayed_work+0x1a0/0x1a0
[ 1754.618818][T32173]  ret_from_fork+0x24/0x30
[ 1754.623233][T32173] bond2           I30816 30127      2 0x80004000
[ 1754.629570][T32173] Call Trace:
[ 1754.632839][T32173]  __schedule+0x8f3/0x1fc0
[ 1754.637234][T32173]  ? rescuer_thread+0x691/0xbc0
[ 1754.642064][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1754.647329][T32173]  ? do_raw_spin_lock+0x129/0x2e0
[ 1754.652330][T32173]  ? _raw_spin_unlock_irq+0x1f/0x80
[ 1754.657509][T32173]  schedule+0xd0/0x2a0
[ 1754.661557][T32173]  rescuer_thread+0x6ed/0xbc0
[ 1754.666221][T32173]  ? worker_thread+0xe20/0xe20
[ 1754.670967][T32173]  ? __kthread_parkme+0x13f/0x1e0
[ 1754.675981][T32173]  ? worker_thread+0xe20/0xe20
[ 1754.680721][T32173]  kthread+0x388/0x470
[ 1754.684767][T32173]  ? kthread_mod_delayed_work+0x1a0/0x1a0
[ 1754.690478][T32173]  ? kthread_mod_delayed_work+0x1a0/0x1a0
[ 1754.696180][T32173]  ret_from_fork+0x24/0x30
[ 1754.700601][T32173] bond3           I30816 30170      2 0x80004000
[ 1754.706958][T32173] Call Trace:
[ 1754.710227][T32173]  __schedule+0x8f3/0x1fc0
[ 1754.714623][T32173]  ? rescuer_thread+0x691/0xbc0
[ 1754.719453][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1754.724732][T32173]  ? do_raw_spin_lock+0x129/0x2e0
[ 1754.729733][T32173]  ? _raw_spin_unlock_irq+0x1f/0x80
[ 1754.734909][T32173]  schedule+0xd0/0x2a0
[ 1754.738956][T32173]  rescuer_thread+0x6ed/0xbc0
[ 1754.743621][T32173]  ? worker_thread+0xe20/0xe20
[ 1754.748366][T32173]  ? __kthread_parkme+0x13f/0x1e0
[ 1754.753364][T32173]  ? worker_thread+0xe20/0xe20
[ 1754.758104][T32173]  kthread+0x388/0x470
[ 1754.762148][T32173]  ? kthread_mod_delayed_work+0x1a0/0x1a0
[ 1754.767842][T32173]  ? kthread_mod_delayed_work+0x1a0/0x1a0
[ 1754.773538][T32173]  ret_from_fork+0x24/0x30
[ 1754.777970][T32173] bond4           I30816 30228      2 0x80004000
[ 1754.784318][T32173] Call Trace:
[ 1754.787589][T32173]  __schedule+0x8f3/0x1fc0
[ 1754.791982][T32173]  ? rescuer_thread+0x691/0xbc0
[ 1754.796816][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1754.802077][T32173]  ? do_raw_spin_lock+0x129/0x2e0
[ 1754.807080][T32173]  ? _raw_spin_unlock_irq+0x1f/0x80
[ 1754.812274][T32173]  schedule+0xd0/0x2a0
[ 1754.816323][T32173]  rescuer_thread+0x6ed/0xbc0
[ 1754.820985][T32173]  ? worker_thread+0xe20/0xe20
[ 1754.825747][T32173]  ? __kthread_parkme+0x13f/0x1e0
[ 1754.830747][T32173]  ? worker_thread+0xe20/0xe20
[ 1754.835493][T32173]  kthread+0x388/0x470
[ 1754.839538][T32173]  ? kthread_mod_delayed_work+0x1a0/0x1a0
[ 1754.845232][T32173]  ? kthread_mod_delayed_work+0x1a0/0x1a0
[ 1754.850947][T32173]  ret_from_fork+0x24/0x30
[ 1754.855346][T32173] bond3           I30816 30269      2 0x80004000
[ 1754.861672][T32173] Call Trace:
[ 1754.864960][T32173]  __schedule+0x8f3/0x1fc0
[ 1754.869358][T32173]  ? rescuer_thread+0x691/0xbc0
[ 1754.874191][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1754.879451][T32173]  ? do_raw_spin_lock+0x129/0x2e0
[ 1754.884454][T32173]  ? _raw_spin_unlock_irq+0x1f/0x80
[ 1754.889634][T32173]  schedule+0xd0/0x2a0
[ 1754.893707][T32173]  rescuer_thread+0x6ed/0xbc0
[ 1754.898377][T32173]  ? worker_thread+0xe20/0xe20
[ 1754.903118][T32173]  ? __kthread_parkme+0x13f/0x1e0
[ 1754.908122][T32173]  ? worker_thread+0xe20/0xe20
[ 1754.912865][T32173]  kthread+0x388/0x470
[ 1754.916911][T32173]  ? kthread_mod_delayed_work+0x1a0/0x1a0
[ 1754.922606][T32173]  ? kthread_mod_delayed_work+0x1a0/0x1a0
[ 1754.928303][T32173]  ret_from_fork+0x24/0x30
[ 1754.932704][T32173] syz-executor.3  S28976 30543   7107 0x00000000
[ 1754.939060][T32173] Call Trace:
[ 1754.942354][T32173]  __schedule+0x8f3/0x1fc0
[ 1754.946756][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1754.952067][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1754.957379][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1754.962863][T32173]  schedule+0xd0/0x2a0
[ 1754.966920][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1754.972013][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1754.977449][T32173]  ? alloc_empty_file+0x6d/0x170
[ 1754.982427][T32173]  futex_wait+0x1e2/0x550
[ 1754.986738][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1754.991743][T32173]  ? print_usage_bug+0x240/0x240
[ 1754.996659][T32173]  ? hash_futex+0x10/0x200
[ 1755.001098][T32173]  ? futex_wake+0x153/0x480
[ 1755.005591][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1755.011549][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1755.017512][T32173]  do_futex+0x15f/0x1ad0
[ 1755.021782][T32173]  ? find_held_lock+0x2d/0x110
[ 1755.026526][T32173]  ? futex_exit_release+0x60/0x60
[ 1755.031528][T32173]  ? lock_downgrade+0x840/0x840
[ 1755.036357][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1755.041184][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1755.047148][T32173]  ? __might_fault+0x190/0x1d0
[ 1755.051901][T32173]  ? _copy_to_user+0x126/0x160
[ 1755.056646][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1755.061387][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1755.065893][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1755.071341][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1755.077348][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1755.082009][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1755.087972][T32173]  do_syscall_64+0xf6/0x7d0
[ 1755.092508][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1755.098379][T32173] RIP: 0033:0x45ca59
[ 1755.102294][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1755.121953][T32173] RSP: 002b:00007f65fad0acf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1755.130352][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1755.138363][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1755.146362][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1755.154311][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1755.162263][T32173] R13: 0000000000c9fb6f R14: 00007f65fad0b9c0 R15: 000000000078bf0c
[ 1755.170235][T32173] syz-executor.3  S29824 30554   7107 0x00000000
[ 1755.176573][T32173] Call Trace:
[ 1755.179848][T32173]  __schedule+0x8f3/0x1fc0
[ 1755.184246][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1755.189511][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1755.194776][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1755.200216][T32173]  schedule+0xd0/0x2a0
[ 1755.204267][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1755.209371][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1755.214836][T32173]  futex_wait+0x1e2/0x550
[ 1755.219145][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1755.224146][T32173]  ? wake_up_q+0xc1/0x140
[ 1755.228504][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1755.233707][T32173]  ? futex_wake+0x153/0x480
[ 1755.238211][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1755.244189][T32173]  ? mark_lock+0x11f/0xdd0
[ 1755.248592][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1755.254558][T32173]  do_futex+0x15f/0x1ad0
[ 1755.258795][T32173]  ? find_held_lock+0x2d/0x110
[ 1755.263542][T32173]  ? futex_exit_release+0x60/0x60
[ 1755.268550][T32173]  ? lock_downgrade+0x840/0x840
[ 1755.273392][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1755.278224][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1755.284208][T32173]  ? __might_fault+0x190/0x1d0
[ 1755.288953][T32173]  ? debug_smp_processor_id+0x2f/0x185
[ 1755.294396][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1755.299160][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1755.303644][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1755.309086][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1755.315044][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1755.319696][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1755.325672][T32173]  do_syscall_64+0xf6/0x7d0
[ 1755.330171][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1755.336056][T32173] RIP: 0033:0x45ca59
[ 1755.339928][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1755.359516][T32173] RSP: 002b:00007f65fad0acf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1755.367926][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1755.375880][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1755.383880][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1755.391829][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1755.399776][T32173] R13: 0000000000c9fb6f R14: 00007f65fad0b9c0 R15: 000000000078bf0c
[ 1755.407752][T32173] syz-executor.3  S29816 30567   7107 0x00000000
[ 1755.414069][T32173] Call Trace:
[ 1755.417355][T32173]  __schedule+0x8f3/0x1fc0
[ 1755.421763][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1755.427036][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1755.432303][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1755.437741][T32173]  schedule+0xd0/0x2a0
[ 1755.441793][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1755.446885][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1755.452330][T32173]  futex_wait+0x1e2/0x550
[ 1755.456643][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1755.461648][T32173]  ? wake_up_q+0xc1/0x140
[ 1755.465956][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1755.471132][T32173]  ? futex_wake+0x153/0x480
[ 1755.475621][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1755.481576][T32173]  ? mark_lock+0x11f/0xdd0
[ 1755.486020][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1755.491979][T32173]  do_futex+0x15f/0x1ad0
[ 1755.496207][T32173]  ? find_held_lock+0x2d/0x110
[ 1755.500988][T32173]  ? futex_exit_release+0x60/0x60
[ 1755.505997][T32173]  ? lock_downgrade+0x840/0x840
[ 1755.510865][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1755.515694][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1755.521658][T32173]  ? __might_fault+0x190/0x1d0
[ 1755.526402][T32173]  ? debug_smp_processor_id+0x2f/0x185
[ 1755.531889][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1755.536633][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1755.541116][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1755.546549][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1755.552505][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1755.557159][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1755.563170][T32173]  do_syscall_64+0xf6/0x7d0
[ 1755.567653][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1755.573521][T32173] RIP: 0033:0x45ca59
[ 1755.577395][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1755.596973][T32173] RSP: 002b:00007f65fad0acf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1755.605360][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1755.613412][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1755.621362][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1755.629312][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1755.637259][T32173] R13: 0000000000c9fb6f R14: 00007f65fad0b9c0 R15: 000000000078bf0c
[ 1755.645225][T32173] syz-executor.0  S28976 31425   6799 0x00000000
[ 1755.651541][T32173] Call Trace:
[ 1755.654813][T32173]  __schedule+0x8f3/0x1fc0
[ 1755.659207][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1755.664489][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1755.669751][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1755.675187][T32173]  schedule+0xd0/0x2a0
[ 1755.679234][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1755.684321][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1755.689778][T32173]  ? find_held_lock+0x2d/0x110
[ 1755.694523][T32173]  futex_wait+0x1e2/0x550
[ 1755.698845][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1755.703846][T32173]  ? print_usage_bug+0x240/0x240
[ 1755.708760][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1755.713937][T32173]  ? futex_wake+0x153/0x480
[ 1755.718425][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1755.724386][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1755.730362][T32173]  do_futex+0x15f/0x1ad0
[ 1755.734594][T32173]  ? find_held_lock+0x2d/0x110
[ 1755.739345][T32173]  ? futex_exit_release+0x60/0x60
[ 1755.744348][T32173]  ? lock_downgrade+0x840/0x840
[ 1755.749191][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1755.754033][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1755.760013][T32173]  ? __might_fault+0x190/0x1d0
[ 1755.764755][T32173]  ? _copy_to_user+0x126/0x160
[ 1755.769500][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1755.774245][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1755.778729][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1755.784184][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1755.790140][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1755.794794][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1755.800751][T32173]  do_syscall_64+0xf6/0x7d0
[ 1755.805233][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1755.811098][T32173] RIP: 0033:0x45ca59
[ 1755.814971][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1755.834550][T32173] RSP: 002b:00007f92d403fcf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1755.842949][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1755.850897][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1755.858844][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1755.866807][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1755.874757][T32173] R13: 0000000000c9fb6f R14: 00007f92d40409c0 R15: 000000000078bf0c
[ 1755.882719][T32173] syz-executor.0  S29816 31442   6799 0x00000000
[ 1755.889027][T32173] Call Trace:
[ 1755.892295][T32173]  __schedule+0x8f3/0x1fc0
[ 1755.896689][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1755.901955][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1755.907219][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1755.912654][T32173]  schedule+0xd0/0x2a0
[ 1755.916702][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1755.921789][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1755.927226][T32173]  futex_wait+0x1e2/0x550
[ 1755.931535][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1755.936539][T32173]  ? wake_up_q+0xc1/0x140
[ 1755.940844][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1755.946018][T32173]  ? futex_wake+0x153/0x480
[ 1755.950507][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1755.956459][T32173]  ? mark_lock+0x11f/0xdd0
[ 1755.960852][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1755.966852][T32173]  do_futex+0x15f/0x1ad0
[ 1755.971078][T32173]  ? find_held_lock+0x2d/0x110
[ 1755.975825][T32173]  ? futex_exit_release+0x60/0x60
[ 1755.980827][T32173]  ? lock_downgrade+0x840/0x840
[ 1755.985654][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1755.990479][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1755.996444][T32173]  ? __might_fault+0x190/0x1d0
[ 1756.001183][T32173]  ? debug_smp_processor_id+0x2f/0x185
[ 1756.006625][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1756.011370][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1756.015852][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1756.021288][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1756.027243][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1756.031895][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1756.037851][T32173]  do_syscall_64+0xf6/0x7d0
[ 1756.042332][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1756.048211][T32173] RIP: 0033:0x45ca59
[ 1756.052082][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1756.071661][T32173] RSP: 002b:00007f92d403fcf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1756.080045][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1756.087993][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1756.095937][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1756.103884][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1756.111931][T32173] R13: 0000000000c9fb6f R14: 00007f92d40409c0 R15: 000000000078bf0c
[ 1756.119889][T32173] syz-executor.0  S29816 31455   6799 0x00000000
[ 1756.126201][T32173] Call Trace:
[ 1756.129467][T32173]  __schedule+0x8f3/0x1fc0
[ 1756.133860][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1756.139126][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1756.144388][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1756.149823][T32173]  schedule+0xd0/0x2a0
[ 1756.153869][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1756.158954][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1756.164394][T32173]  futex_wait+0x1e2/0x550
[ 1756.168707][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1756.173726][T32173]  ? wake_up_q+0xc1/0x140
[ 1756.178032][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1756.183213][T32173]  ? futex_wake+0x153/0x480
[ 1756.187703][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1756.193676][T32173]  ? mark_lock+0x11f/0xdd0
[ 1756.198071][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1756.204036][T32173]  do_futex+0x15f/0x1ad0
[ 1756.208264][T32173]  ? find_held_lock+0x2d/0x110
[ 1756.213020][T32173]  ? futex_exit_release+0x60/0x60
[ 1756.218023][T32173]  ? lock_downgrade+0x840/0x840
[ 1756.222850][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1756.227708][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1756.233672][T32173]  ? __might_fault+0x190/0x1d0
[ 1756.238409][T32173]  ? debug_smp_processor_id+0x2f/0x185
[ 1756.243849][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1756.248608][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1756.253096][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1756.258534][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1756.264509][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1756.269223][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1756.275191][T32173]  do_syscall_64+0xf6/0x7d0
[ 1756.279688][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1756.285561][T32173] RIP: 0033:0x45ca59
[ 1756.289435][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1756.309051][T32173] RSP: 002b:00007f92d403fcf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1756.317437][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1756.325546][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1756.333523][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1756.341472][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1756.349420][T32173] R13: 0000000000c9fb6f R14: 00007f92d40409c0 R15: 000000000078bf0c
[ 1756.357384][T32173] syz-executor.0  S29824 31466   6799 0x00000000
[ 1756.363694][T32173] Call Trace:
[ 1756.366964][T32173]  __schedule+0x8f3/0x1fc0
[ 1756.371361][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1756.376628][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1756.381909][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1756.387349][T32173]  schedule+0xd0/0x2a0
[ 1756.391395][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1756.396501][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1756.401940][T32173]  futex_wait+0x1e2/0x550
[ 1756.406250][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1756.411271][T32173]  ? wake_up_q+0xc1/0x140
[ 1756.415592][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1756.420775][T32173]  ? futex_wake+0x153/0x480
[ 1756.425272][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1756.431233][T32173]  ? mark_lock+0x11f/0xdd0
[ 1756.435631][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1756.441607][T32173]  do_futex+0x15f/0x1ad0
[ 1756.445836][T32173]  ? find_held_lock+0x2d/0x110
[ 1756.450609][T32173]  ? futex_exit_release+0x60/0x60
[ 1756.455612][T32173]  ? lock_downgrade+0x840/0x840
[ 1756.460471][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1756.465320][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1756.471282][T32173]  ? __might_fault+0x190/0x1d0
[ 1756.476041][T32173]  ? debug_smp_processor_id+0x2f/0x185
[ 1756.481480][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1756.486223][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1756.490703][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1756.496148][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1756.502104][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1756.506760][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1756.512717][T32173]  do_syscall_64+0xf6/0x7d0
[ 1756.517210][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1756.523081][T32173] RIP: 0033:0x45ca59
[ 1756.526956][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1756.546620][T32173] RSP: 002b:00007f92d403fcf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1756.555006][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1756.562954][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1756.570921][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1756.578868][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1756.586851][T32173] R13: 0000000000c9fb6f R14: 00007f92d40409c0 R15: 000000000078bf0c
[ 1756.594847][T32173] syz-executor.3  S29824 31902   7107 0x00000000
[ 1756.601177][T32173] Call Trace:
[ 1756.604447][T32173]  __schedule+0x8f3/0x1fc0
[ 1756.608838][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1756.614122][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1756.619386][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1756.624824][T32173]  schedule+0xd0/0x2a0
[ 1756.628879][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1756.633970][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1756.639452][T32173]  futex_wait+0x1e2/0x550
[ 1756.643764][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1756.648790][T32173]  ? print_usage_bug+0x240/0x240
[ 1756.653707][T32173]  ? hash_futex+0x10/0x200
[ 1756.658146][T32173]  ? futex_wake+0x153/0x480
[ 1756.662635][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1756.668590][T32173]  ? do_wp_page+0x512/0x1440
[ 1756.673159][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1756.679120][T32173]  do_futex+0x15f/0x1ad0
[ 1756.683350][T32173]  ? find_held_lock+0x2d/0x110
[ 1756.688097][T32173]  ? futex_exit_release+0x60/0x60
[ 1756.693115][T32173]  ? lock_downgrade+0x840/0x840
[ 1756.697945][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1756.702786][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1756.708767][T32173]  ? __might_fault+0x190/0x1d0
[ 1756.713509][T32173]  ? _copy_to_user+0x126/0x160
[ 1756.718270][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1756.723086][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1756.727584][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1756.733028][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1756.738994][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1756.743673][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1756.749646][T32173]  do_syscall_64+0xf6/0x7d0
[ 1756.754139][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1756.760032][T32173] RIP: 0033:0x45ca59
[ 1756.763912][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1756.783501][T32173] RSP: 002b:00007f65fad0acf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1756.791894][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1756.799860][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1756.807810][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1756.815760][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1756.823709][T32173] R13: 0000000000c9fb6f R14: 00007f65fad0b9c0 R15: 000000000078bf0c
[ 1756.831672][T32173] syz-executor.3  S29824 31907   7107 0x00000000
[ 1756.837993][T32173] Call Trace:
[ 1756.841264][T32173]  __schedule+0x8f3/0x1fc0
[ 1756.845660][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1756.850924][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1756.856187][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1756.861624][T32173]  schedule+0xd0/0x2a0
[ 1756.865686][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1756.870776][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1756.876217][T32173]  futex_wait+0x1e2/0x550
[ 1756.880544][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1756.885548][T32173]  ? print_usage_bug+0x240/0x240
[ 1756.890461][T32173]  ? hash_futex+0x10/0x200
[ 1756.894855][T32173]  ? futex_wake+0x153/0x480
[ 1756.899344][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1756.905305][T32173]  ? do_wp_page+0x512/0x1440
[ 1756.909871][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1756.915831][T32173]  do_futex+0x15f/0x1ad0
[ 1756.920164][T32173]  ? find_held_lock+0x2d/0x110
[ 1756.924907][T32173]  ? futex_exit_release+0x60/0x60
[ 1756.929909][T32173]  ? lock_downgrade+0x840/0x840
[ 1756.934737][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1756.939563][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1756.945526][T32173]  ? __might_fault+0x190/0x1d0
[ 1756.950292][T32173]  ? _copy_to_user+0x126/0x160
[ 1756.955037][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1756.959796][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1756.964279][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1756.969715][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1756.975687][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1756.980339][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1756.986315][T32173]  do_syscall_64+0xf6/0x7d0
[ 1756.990798][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1756.996666][T32173] RIP: 0033:0x45ca59
[ 1757.000540][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1757.020135][T32173] RSP: 002b:00007f65fad0acf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1757.028523][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1757.036470][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1757.044432][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1757.052393][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1757.060340][T32173] R13: 0000000000c9fb6f R14: 00007f65fad0b9c0 R15: 000000000078bf0c
[ 1757.068307][T32173] syz-executor.4  S29824 31922   7358 0x00000000
[ 1757.074632][T32173] Call Trace:
[ 1757.077902][T32173]  __schedule+0x8f3/0x1fc0
[ 1757.082297][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1757.087563][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1757.092843][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1757.098285][T32173]  schedule+0xd0/0x2a0
[ 1757.102354][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1757.107442][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1757.112883][T32173]  futex_wait+0x1e2/0x550
[ 1757.117194][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1757.122196][T32173]  ? print_usage_bug+0x240/0x240
[ 1757.127132][T32173]  ? hash_futex+0x10/0x200
[ 1757.131524][T32173]  ? futex_wake+0x153/0x480
[ 1757.136015][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1757.141983][T32173]  ? do_wp_page+0x512/0x1440
[ 1757.146554][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1757.152512][T32173]  do_futex+0x15f/0x1ad0
[ 1757.156762][T32173]  ? find_held_lock+0x2d/0x110
[ 1757.161504][T32173]  ? futex_exit_release+0x60/0x60
[ 1757.166507][T32173]  ? lock_downgrade+0x840/0x840
[ 1757.171334][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1757.176186][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1757.182150][T32173]  ? __might_fault+0x190/0x1d0
[ 1757.186911][T32173]  ? _copy_to_user+0x126/0x160
[ 1757.191661][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1757.196406][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1757.200890][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1757.206327][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1757.212286][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1757.216959][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1757.222917][T32173]  do_syscall_64+0xf6/0x7d0
[ 1757.227400][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1757.233287][T32173] RIP: 0033:0x45ca59
[ 1757.237175][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1757.256768][T32173] RSP: 002b:00007fc7e9ef2cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1757.265162][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1757.273113][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1757.281063][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1757.289013][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1757.296960][T32173] R13: 0000000000c9fb6f R14: 00007fc7e9ef39c0 R15: 000000000078bf0c
[ 1757.304926][T32173] syz-executor.3  S29824 31927   7107 0x00000000
[ 1757.311255][T32173] Call Trace:
[ 1757.314532][T32173]  __schedule+0x8f3/0x1fc0
[ 1757.318944][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1757.324215][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1757.329487][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1757.334925][T32173]  schedule+0xd0/0x2a0
[ 1757.338988][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1757.344077][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1757.349515][T32173]  futex_wait+0x1e2/0x550
[ 1757.353827][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1757.358829][T32173]  ? print_usage_bug+0x240/0x240
[ 1757.363760][T32173]  ? hash_futex+0x10/0x200
[ 1757.368152][T32173]  ? futex_wake+0x153/0x480
[ 1757.372815][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1757.378773][T32173]  ? do_wp_page+0x512/0x1440
[ 1757.383367][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1757.389326][T32173]  do_futex+0x15f/0x1ad0
[ 1757.393560][T32173]  ? find_held_lock+0x2d/0x110
[ 1757.398317][T32173]  ? futex_exit_release+0x60/0x60
[ 1757.403361][T32173]  ? lock_downgrade+0x840/0x840
[ 1757.408204][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1757.413042][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1757.419023][T32173]  ? __might_fault+0x190/0x1d0
[ 1757.423771][T32173]  ? _copy_to_user+0x126/0x160
[ 1757.428520][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1757.433267][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1757.437753][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1757.443193][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1757.449173][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1757.453852][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1757.459819][T32173]  do_syscall_64+0xf6/0x7d0
[ 1757.464305][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1757.470178][T32173] RIP: 0033:0x45ca59
[ 1757.474052][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1757.493634][T32173] RSP: 002b:00007f65fad0acf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1757.502037][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1757.510001][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1757.517951][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1757.525908][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1757.533871][T32173] R13: 0000000000c9fb6f R14: 00007f65fad0b9c0 R15: 000000000078bf0c
[ 1757.541834][T32173] syz-executor.5  S29824 31932   7376 0x00000000
[ 1757.548145][T32173] Call Trace:
[ 1757.551435][T32173]  __schedule+0x8f3/0x1fc0
[ 1757.555854][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1757.561118][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1757.566406][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1757.571844][T32173]  schedule+0xd0/0x2a0
[ 1757.575892][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1757.580985][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1757.586450][T32173]  futex_wait+0x1e2/0x550
[ 1757.590760][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1757.595852][T32173]  ? print_usage_bug+0x240/0x240
[ 1757.600767][T32173]  ? hash_futex+0x10/0x200
[ 1757.605164][T32173]  ? futex_wake+0x153/0x480
[ 1757.609660][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1757.615636][T32173]  ? do_wp_page+0x512/0x1440
[ 1757.620202][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1757.626163][T32173]  do_futex+0x15f/0x1ad0
[ 1757.630389][T32173]  ? find_held_lock+0x2d/0x110
[ 1757.635133][T32173]  ? futex_exit_release+0x60/0x60
[ 1757.640154][T32173]  ? lock_downgrade+0x840/0x840
[ 1757.645004][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1757.649855][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1757.655824][T32173]  ? __might_fault+0x190/0x1d0
[ 1757.660587][T32173]  ? _copy_to_user+0x126/0x160
[ 1757.665386][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1757.670181][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1757.674870][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1757.680310][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1757.686284][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1757.690955][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1757.696929][T32173]  do_syscall_64+0xf6/0x7d0
[ 1757.701426][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1757.707296][T32173] RIP: 0033:0x45ca59
[ 1757.711186][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1757.730766][T32173] RSP: 002b:00007f656341ecf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1757.739282][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1757.747246][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1757.755210][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1757.763533][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1757.771482][T32173] R13: 0000000000c9fb6f R14: 00007f656341f9c0 R15: 000000000078bf0c
[ 1757.779460][T32173] syz-executor.4  S29824 31949   7358 0x00000000
[ 1757.785780][T32173] Call Trace:
[ 1757.789050][T32173]  __schedule+0x8f3/0x1fc0
[ 1757.793463][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1757.799355][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1757.804622][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1757.810193][T32173]  schedule+0xd0/0x2a0
[ 1757.814263][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1757.819367][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1757.825346][T32173]  futex_wait+0x1e2/0x550
[ 1757.829672][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1757.834676][T32173]  ? print_usage_bug+0x240/0x240
[ 1757.839594][T32173]  ? hash_futex+0x10/0x200
[ 1757.843996][T32173]  ? futex_wake+0x153/0x480
[ 1757.848488][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1757.854448][T32173]  ? do_wp_page+0x512/0x1440
[ 1757.859015][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1757.864975][T32173]  do_futex+0x15f/0x1ad0
[ 1757.869212][T32173]  ? find_held_lock+0x2d/0x110
[ 1757.873961][T32173]  ? futex_exit_release+0x60/0x60
[ 1757.878967][T32173]  ? lock_downgrade+0x840/0x840
[ 1757.883794][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1757.888641][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1757.895053][T32173]  ? __might_fault+0x190/0x1d0
[ 1757.899808][T32173]  ? _copy_to_user+0x126/0x160
[ 1757.904568][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1757.909311][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1757.913809][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1757.919245][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1757.925226][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1757.929892][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1757.935868][T32173]  do_syscall_64+0xf6/0x7d0
[ 1757.940365][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1757.946248][T32173] RIP: 0033:0x45ca59
[ 1757.950118][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1757.969799][T32173] RSP: 002b:00007fc7e9ef2cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1757.978185][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1757.986150][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1757.994113][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1758.002062][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1758.010013][T32173] R13: 0000000000c9fb6f R14: 00007fc7e9ef39c0 R15: 000000000078bf0c
[ 1758.017991][T32173] syz-executor.3  S29824 31955   7107 0x00000000
[ 1758.024331][T32173] Call Trace:
[ 1758.027600][T32173]  __schedule+0x8f3/0x1fc0
[ 1758.031994][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1758.037263][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1758.042528][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1758.047966][T32173]  schedule+0xd0/0x2a0
[ 1758.052014][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1758.057118][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1758.062557][T32173]  futex_wait+0x1e2/0x550
[ 1758.066870][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1758.071869][T32173]  ? print_usage_bug+0x240/0x240
[ 1758.076786][T32173]  ? hash_futex+0x10/0x200
[ 1758.081179][T32173]  ? futex_wake+0x153/0x480
[ 1758.086645][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1758.092704][T32173]  ? do_wp_page+0x512/0x1440
[ 1758.097272][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1758.103230][T32173]  do_futex+0x15f/0x1ad0
[ 1758.107457][T32173]  ? find_held_lock+0x2d/0x110
[ 1758.112389][T32173]  ? futex_exit_release+0x60/0x60
[ 1758.117393][T32173]  ? lock_downgrade+0x840/0x840
[ 1758.122219][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1758.127046][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1758.133009][T32173]  ? __might_fault+0x190/0x1d0
[ 1758.137767][T32173]  ? _copy_to_user+0x126/0x160
[ 1758.142515][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1758.147260][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1758.151743][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1758.157197][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1758.163168][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1758.167826][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1758.173803][T32173]  do_syscall_64+0xf6/0x7d0
[ 1758.178286][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1758.184154][T32173] RIP: 0033:0x45ca59
[ 1758.188027][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1758.207603][T32173] RSP: 002b:00007f65fad0acf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1758.215989][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1758.223938][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1758.231886][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1758.239911][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1758.247912][T32173] R13: 0000000000c9fb6f R14: 00007f65fad0b9c0 R15: 000000000078bf0c
[ 1758.255883][T32173] syz-executor.5  S29824 31962   7376 0x00000000
[ 1758.262197][T32173] Call Trace:
[ 1758.265512][T32173]  __schedule+0x8f3/0x1fc0
[ 1758.269909][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1758.275179][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1758.280446][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1758.285887][T32173]  schedule+0xd0/0x2a0
[ 1758.289975][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1758.295075][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1758.300542][T32173]  ? find_held_lock+0x2d/0x110
[ 1758.305297][T32173]  futex_wait+0x1e2/0x550
[ 1758.309658][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1758.314663][T32173]  ? print_usage_bug+0x240/0x240
[ 1758.319582][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1758.324761][T32173]  ? futex_wake+0x153/0x480
[ 1758.329254][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1758.335258][T32173]  ? do_wp_page+0x512/0x1440
[ 1758.339851][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1758.345841][T32173]  do_futex+0x15f/0x1ad0
[ 1758.350069][T32173]  ? find_held_lock+0x2d/0x110
[ 1758.354814][T32173]  ? futex_exit_release+0x60/0x60
[ 1758.359818][T32173]  ? lock_downgrade+0x840/0x840
[ 1758.364646][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1758.369473][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1758.375436][T32173]  ? __might_fault+0x190/0x1d0
[ 1758.380178][T32173]  ? _copy_to_user+0x126/0x160
[ 1758.384929][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1758.389675][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1758.394159][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1758.399593][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1758.405551][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1758.410205][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1758.416179][T32173]  do_syscall_64+0xf6/0x7d0
[ 1758.420682][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1758.426557][T32173] RIP: 0033:0x45ca59
[ 1758.430430][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1758.450017][T32173] RSP: 002b:00007f656341ecf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1758.458407][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1758.466362][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1758.474309][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1758.482255][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1758.490202][T32173] R13: 0000000000c9fb6f R14: 00007f656341f9c0 R15: 000000000078bf0c
[ 1758.498168][T32173] syz-executor.3  S29824 31972   7107 0x00000000
[ 1758.504480][T32173] Call Trace:
[ 1758.507751][T32173]  __schedule+0x8f3/0x1fc0
[ 1758.512195][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1758.517460][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1758.522726][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1758.528165][T32173]  schedule+0xd0/0x2a0
[ 1758.532213][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1758.537301][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1758.542734][T32173]  ? find_held_lock+0x2d/0x110
[ 1758.547492][T32173]  futex_wait+0x1e2/0x550
[ 1758.551848][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1758.556890][T32173]  ? print_usage_bug+0x240/0x240
[ 1758.561805][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1758.566982][T32173]  ? futex_wake+0x153/0x480
[ 1758.571471][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1758.577427][T32173]  ? do_wp_page+0x512/0x1440
[ 1758.582009][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1758.587965][T32173]  do_futex+0x15f/0x1ad0
[ 1758.592190][T32173]  ? find_held_lock+0x2d/0x110
[ 1758.596933][T32173]  ? futex_exit_release+0x60/0x60
[ 1758.601936][T32173]  ? lock_downgrade+0x840/0x840
[ 1758.606801][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1758.611639][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1758.617602][T32173]  ? __might_fault+0x190/0x1d0
[ 1758.622341][T32173]  ? _copy_to_user+0x126/0x160
[ 1758.627087][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1758.631851][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1758.636333][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1758.641767][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1758.647723][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1758.652376][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1758.658352][T32173]  do_syscall_64+0xf6/0x7d0
[ 1758.662853][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1758.668733][T32173] RIP: 0033:0x45ca59
[ 1758.672613][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1758.692205][T32173] RSP: 002b:00007f65fad0acf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1758.700594][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1758.708558][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1758.716506][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1758.724452][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1758.732417][T32173] R13: 0000000000c9fb6f R14: 00007f65fad0b9c0 R15: 000000000078bf0c
[ 1758.740377][T32173] syz-executor.4  S29824 31977   7358 0x00000000
[ 1758.746686][T32173] Call Trace:
[ 1758.749953][T32173]  __schedule+0x8f3/0x1fc0
[ 1758.754346][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1758.759611][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1758.764876][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1758.770309][T32173]  schedule+0xd0/0x2a0
[ 1758.774359][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1758.779445][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1758.784884][T32173]  futex_wait+0x1e2/0x550
[ 1758.789193][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1758.794193][T32173]  ? print_usage_bug+0x240/0x240
[ 1758.799112][T32173]  ? hash_futex+0x10/0x200
[ 1758.803507][T32173]  ? futex_wake+0x153/0x480
[ 1758.807993][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1758.813951][T32173]  ? do_wp_page+0x512/0x1440
[ 1758.818530][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1758.824487][T32173]  do_futex+0x15f/0x1ad0
[ 1758.828714][T32173]  ? find_held_lock+0x2d/0x110
[ 1758.833460][T32173]  ? futex_exit_release+0x60/0x60
[ 1758.838462][T32173]  ? lock_downgrade+0x840/0x840
[ 1758.843291][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1758.848132][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1758.854100][T32173]  ? __might_fault+0x190/0x1d0
[ 1758.858840][T32173]  ? _copy_to_user+0x126/0x160
[ 1758.863587][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1758.868329][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1758.872814][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1758.878251][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1758.884226][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1758.888879][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1758.894857][T32173]  do_syscall_64+0xf6/0x7d0
[ 1758.899339][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1758.905206][T32173] RIP: 0033:0x45ca59
[ 1758.909163][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1758.928754][T32173] RSP: 002b:00007fc7e9ef2cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1758.937246][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1758.945193][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1758.953155][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1758.961104][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1758.969052][T32173] R13: 0000000000c9fb6f R14: 00007fc7e9ef39c0 R15: 000000000078bf0c
[ 1758.977028][T32173] syz-executor.5  S29824 31985   7376 0x00000000
[ 1758.983336][T32173] Call Trace:
[ 1758.986605][T32173]  __schedule+0x8f3/0x1fc0
[ 1758.991013][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1758.996280][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1759.001544][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1759.006984][T32173]  schedule+0xd0/0x2a0
[ 1759.011045][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1759.016135][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1759.021570][T32173]  ? find_held_lock+0x2d/0x110
[ 1759.026314][T32173]  futex_wait+0x1e2/0x550
[ 1759.030725][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1759.035742][T32173]  ? print_usage_bug+0x240/0x240
[ 1759.040656][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1759.045831][T32173]  ? futex_wake+0x153/0x480
[ 1759.050318][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1759.056274][T32173]  ? do_wp_page+0x512/0x1440
[ 1759.060842][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1759.066799][T32173]  do_futex+0x15f/0x1ad0
[ 1759.071038][T32173]  ? find_held_lock+0x2d/0x110
[ 1759.075797][T32173]  ? futex_exit_release+0x60/0x60
[ 1759.080815][T32173]  ? lock_downgrade+0x840/0x840
[ 1759.085643][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1759.090469][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1759.096534][T32173]  ? __might_fault+0x190/0x1d0
[ 1759.101275][T32173]  ? _copy_to_user+0x126/0x160
[ 1759.106023][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1759.110765][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1759.115266][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1759.120698][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1759.126654][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1759.131308][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1759.137266][T32173]  do_syscall_64+0xf6/0x7d0
[ 1759.141747][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1759.147624][T32173] RIP: 0033:0x45ca59
[ 1759.151515][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1759.171096][T32173] RSP: 002b:00007f656341ecf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1759.179502][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1759.187452][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1759.195414][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1759.203378][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1759.211349][T32173] R13: 0000000000c9fb6f R14: 00007f656341f9c0 R15: 000000000078bf0c
[ 1759.219311][T32173] syz-executor.5  S27632   836   7376 0x00000000
[ 1759.225636][T32173] Call Trace:
[ 1759.228903][T32173]  __schedule+0x8f3/0x1fc0
[ 1759.233298][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1759.238563][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1759.243846][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1759.249297][T32173]  schedule+0xd0/0x2a0
[ 1759.253357][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1759.258448][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1759.263888][T32173]  futex_wait+0x1e2/0x550
[ 1759.268214][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1759.273216][T32173]  ? print_usage_bug+0x240/0x240
[ 1759.278133][T32173]  ? hash_futex+0x10/0x200
[ 1759.282545][T32173]  ? futex_wake+0x153/0x480
[ 1759.287059][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1759.293018][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1759.298975][T32173]  do_futex+0x15f/0x1ad0
[ 1759.303216][T32173]  ? find_held_lock+0x2d/0x110
[ 1759.307961][T32173]  ? futex_exit_release+0x60/0x60
[ 1759.312980][T32173]  ? lock_downgrade+0x840/0x840
[ 1759.317816][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1759.322657][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1759.328628][T32173]  ? __might_fault+0x190/0x1d0
[ 1759.333391][T32173]  ? _copy_to_user+0x126/0x160
[ 1759.338154][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1759.342910][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1759.347392][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1759.352827][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1759.358852][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1759.363512][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1759.369492][T32173]  do_syscall_64+0xf6/0x7d0
[ 1759.373982][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1759.379876][T32173] RIP: 0033:0x45ca59
[ 1759.383759][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1759.403490][T32173] RSP: 002b:00007f656341ecf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1759.411887][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1759.419851][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1759.427832][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1759.435794][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1759.443745][T32173] R13: 0000000000c9fb6f R14: 00007f656341f9c0 R15: 000000000078bf0c
[ 1759.451714][T32173] syz-executor.4  S28976   839   7358 0x00000000
[ 1759.458027][T32173] Call Trace:
[ 1759.461325][T32173]  __schedule+0x8f3/0x1fc0
[ 1759.465738][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1759.471020][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1759.476306][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1759.481761][T32173]  schedule+0xd0/0x2a0
[ 1759.485864][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1759.490954][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1759.496397][T32173]  futex_wait+0x1e2/0x550
[ 1759.501459][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1759.506504][T32173]  ? print_usage_bug+0x240/0x240
[ 1759.511421][T32173]  ? hash_futex+0x10/0x200
[ 1759.515818][T32173]  ? futex_wake+0x153/0x480
[ 1759.520312][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1759.526271][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1759.532229][T32173]  do_futex+0x15f/0x1ad0
[ 1759.536471][T32173]  ? find_held_lock+0x2d/0x110
[ 1759.541212][T32173]  ? futex_exit_release+0x60/0x60
[ 1759.546217][T32173]  ? lock_downgrade+0x840/0x840
[ 1759.551046][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1759.555892][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1759.561858][T32173]  ? __might_fault+0x190/0x1d0
[ 1759.566601][T32173]  ? _copy_to_user+0x126/0x160
[ 1759.571373][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1759.576139][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1759.580622][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1759.586059][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1759.592016][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1759.596670][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1759.602628][T32173]  do_syscall_64+0xf6/0x7d0
[ 1759.607118][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1759.612984][T32173] RIP: 0033:0x45ca59
[ 1759.616875][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1759.636460][T32173] RSP: 002b:00007fc7e9ed1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1759.644845][T32173] RAX: ffffffffffffffda RBX: 000000000078bfa8 RCX: 000000000045ca59
[ 1759.652809][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bfa8
[ 1759.660757][T32173] RBP: 000000000078bfa0 R08: 0000000000000000 R09: 0000000000000000
[ 1759.668707][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bfac
[ 1759.676671][T32173] R13: 0000000000c9fb6f R14: 00007fc7e9ed29c0 R15: 000000000078bfac
[ 1759.684638][T32173] syz-executor.5  S27632   842   7376 0x00000000
[ 1759.690951][T32173] Call Trace:
[ 1759.694225][T32173]  __schedule+0x8f3/0x1fc0
[ 1759.698639][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1759.703906][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1759.709168][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1759.714609][T32173]  schedule+0xd0/0x2a0
[ 1759.718659][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1759.723747][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1759.729189][T32173]  futex_wait+0x1e2/0x550
[ 1759.733503][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1759.738505][T32173]  ? print_usage_bug+0x240/0x240
[ 1759.743423][T32173]  ? hash_futex+0x10/0x200
[ 1759.747816][T32173]  ? futex_wake+0x153/0x480
[ 1759.752322][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1759.758281][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1759.764240][T32173]  do_futex+0x15f/0x1ad0
[ 1759.768476][T32173]  ? find_held_lock+0x2d/0x110
[ 1759.773218][T32173]  ? futex_exit_release+0x60/0x60
[ 1759.778221][T32173]  ? lock_downgrade+0x840/0x840
[ 1759.783050][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1759.787876][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1759.793858][T32173]  ? __might_fault+0x190/0x1d0
[ 1759.798615][T32173]  ? _copy_to_user+0x126/0x160
[ 1759.803380][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1759.808126][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1759.812609][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1759.818045][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1759.824003][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1759.828656][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1759.834618][T32173]  do_syscall_64+0xf6/0x7d0
[ 1759.839105][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1759.844973][T32173] RIP: 0033:0x45ca59
[ 1759.848843][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1759.868436][T32173] RSP: 002b:00007f656341ecf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1759.876841][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1759.884875][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1759.892821][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1759.900789][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1759.908737][T32173] R13: 0000000000c9fb6f R14: 00007f656341f9c0 R15: 000000000078bf0c
[ 1759.916716][T32173] syz-executor.3  S27632   855   7107 0x00000000
[ 1759.923044][T32173] Call Trace:
[ 1759.926317][T32173]  __schedule+0x8f3/0x1fc0
[ 1759.930804][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1759.936072][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1759.941336][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1759.946776][T32173]  schedule+0xd0/0x2a0
[ 1759.950823][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1759.955910][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1759.961366][T32173]  futex_wait+0x1e2/0x550
[ 1759.965679][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1759.970700][T32173]  ? wake_up_q+0xc1/0x140
[ 1759.975023][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1759.980198][T32173]  ? futex_wake+0x153/0x480
[ 1759.984689][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1759.990645][T32173]  ? find_held_lock+0x2d/0x110
[ 1759.995388][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1760.001346][T32173]  do_futex+0x15f/0x1ad0
[ 1760.005573][T32173]  ? find_held_lock+0x2d/0x110
[ 1760.010314][T32173]  ? futex_exit_release+0x60/0x60
[ 1760.015334][T32173]  ? userfaultfd_unmap_prep+0x540/0x540
[ 1760.020857][T32173]  ? lock_downgrade+0x840/0x840
[ 1760.025710][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1760.030545][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1760.036508][T32173]  ? __might_fault+0x190/0x1d0
[ 1760.041249][T32173]  ? debug_smp_processor_id+0x2f/0x185
[ 1760.046704][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1760.051449][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1760.055934][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1760.061369][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1760.067327][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1760.071984][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1760.077944][T32173]  do_syscall_64+0xf6/0x7d0
[ 1760.082447][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1760.088419][T32173] RIP: 0033:0x45ca59
[ 1760.092292][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1760.111871][T32173] RSP: 002b:00007f65fad0acf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1760.120257][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1760.128206][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1760.136172][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1760.144121][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1760.152069][T32173] R13: 0000000000c9fb6f R14: 00007f65fad0b9c0 R15: 000000000078bf0c
[ 1760.160031][T32173] syz-executor.4  S29440   884   7358 0x00000000
[ 1760.166429][T32173] Call Trace:
[ 1760.169700][T32173]  __schedule+0x8f3/0x1fc0
[ 1760.174094][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1760.179359][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1760.184624][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1760.190148][T32173]  schedule+0xd0/0x2a0
[ 1760.194199][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1760.199288][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1760.204728][T32173]  futex_wait+0x1e2/0x550
[ 1760.209061][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1760.214069][T32173]  ? print_usage_bug+0x240/0x240
[ 1760.219008][T32173]  ? hash_futex+0x10/0x200
[ 1760.223430][T32173]  ? futex_wake+0x153/0x480
[ 1760.227964][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1760.233933][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1760.239895][T32173]  do_futex+0x15f/0x1ad0
[ 1760.244125][T32173]  ? find_held_lock+0x2d/0x110
[ 1760.248890][T32173]  ? futex_exit_release+0x60/0x60
[ 1760.253896][T32173]  ? lock_downgrade+0x840/0x840
[ 1760.258726][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1760.263589][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1760.269556][T32173]  ? __might_fault+0x190/0x1d0
[ 1760.274419][T32173]  ? _copy_to_user+0x126/0x160
[ 1760.279165][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1760.283930][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1760.288460][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1760.293906][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1760.299864][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1760.304526][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1760.310490][T32173]  do_syscall_64+0xf6/0x7d0
[ 1760.314974][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1760.320857][T32173] RIP: 0033:0x45ca59
[ 1760.324733][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1760.344450][T32173] RSP: 002b:00007fc7e9ed1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1760.352839][T32173] RAX: ffffffffffffffda RBX: 000000000078bfa8 RCX: 000000000045ca59
[ 1760.360843][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bfa8
[ 1760.368793][T32173] RBP: 000000000078bfa0 R08: 0000000000000000 R09: 0000000000000000
[ 1760.376743][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bfac
[ 1760.384692][T32173] R13: 0000000000c9fb6f R14: 00007fc7e9ed29c0 R15: 000000000078bfac
[ 1760.392670][T32173] syz-executor.3  S29440   887   7107 0x00000000
[ 1760.398981][T32173] Call Trace:
[ 1760.402252][T32173]  __schedule+0x8f3/0x1fc0
[ 1760.406647][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1760.411910][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1760.417189][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1760.422632][T32173]  schedule+0xd0/0x2a0
[ 1760.426686][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1760.431780][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1760.437225][T32173]  futex_wait+0x1e2/0x550
[ 1760.441544][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1760.446550][T32173]  ? print_usage_bug+0x240/0x240
[ 1760.451467][T32173]  ? hash_futex+0x10/0x200
[ 1760.455861][T32173]  ? futex_wake+0x153/0x480
[ 1760.460352][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1760.466313][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1760.472334][T32173]  do_futex+0x15f/0x1ad0
[ 1760.476696][T32173]  ? find_held_lock+0x2d/0x110
[ 1760.481485][T32173]  ? futex_exit_release+0x60/0x60
[ 1760.486490][T32173]  ? lock_downgrade+0x840/0x840
[ 1760.491321][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1760.496174][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1760.502136][T32173]  ? __might_fault+0x190/0x1d0
[ 1760.506877][T32173]  ? _copy_to_user+0x126/0x160
[ 1760.511627][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1760.516372][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1760.520853][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1760.526290][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1760.532247][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1760.536916][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1760.542875][T32173]  do_syscall_64+0xf6/0x7d0
[ 1760.547359][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1760.553331][T32173] RIP: 0033:0x45ca59
[ 1760.557223][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1760.576802][T32173] RSP: 002b:00007f65face9cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1760.585206][T32173] RAX: ffffffffffffffda RBX: 000000000078bfa8 RCX: 000000000045ca59
[ 1760.593170][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bfa8
[ 1760.601121][T32173] RBP: 000000000078bfa0 R08: 0000000000000000 R09: 0000000000000000
[ 1760.609068][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bfac
[ 1760.617031][T32173] R13: 0000000000c9fb6f R14: 00007f65facea9c0 R15: 000000000078bfac
[ 1760.624996][T32173] syz-executor.3  S29440   935   7107 0x00000000
[ 1760.631405][T32173] Call Trace:
[ 1760.634676][T32173]  __schedule+0x8f3/0x1fc0
[ 1760.639079][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1760.644360][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1760.649639][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1760.655076][T32173]  schedule+0xd0/0x2a0
[ 1760.659124][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1760.664214][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1760.669652][T32173]  futex_wait+0x1e2/0x550
[ 1760.673965][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1760.678966][T32173]  ? print_usage_bug+0x240/0x240
[ 1760.683885][T32173]  ? hash_futex+0x10/0x200
[ 1760.688277][T32173]  ? futex_wake+0x153/0x480
[ 1760.692766][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1760.698732][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1760.704778][T32173]  do_futex+0x15f/0x1ad0
[ 1760.709005][T32173]  ? find_held_lock+0x2d/0x110
[ 1760.713759][T32173]  ? futex_exit_release+0x60/0x60
[ 1760.718767][T32173]  ? lock_downgrade+0x840/0x840
[ 1760.723600][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1760.728484][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1760.734454][T32173]  ? __might_fault+0x190/0x1d0
[ 1760.739250][T32173]  ? _copy_to_user+0x126/0x160
[ 1760.744030][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1760.748780][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1760.753266][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1760.759056][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1760.765971][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1760.770629][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1760.776597][T32173]  do_syscall_64+0xf6/0x7d0
[ 1760.781082][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1760.786970][T32173] RIP: 0033:0x45ca59
[ 1760.790845][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1760.810441][T32173] RSP: 002b:00007f65face9cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1760.818827][T32173] RAX: ffffffffffffffda RBX: 000000000078bfa8 RCX: 000000000045ca59
[ 1760.826774][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bfa8
[ 1760.834721][T32173] RBP: 000000000078bfa0 R08: 0000000000000000 R09: 0000000000000000
[ 1760.842667][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bfac
[ 1760.850905][T32173] R13: 0000000000c9fb6f R14: 00007f65facea9c0 R15: 000000000078bfac
[ 1760.858867][T32173] syz-executor.4  S29440   936   7358 0x00000000
[ 1760.865180][T32173] Call Trace:
[ 1760.868474][T32173]  __schedule+0x8f3/0x1fc0
[ 1760.872872][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1760.878138][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1760.883409][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1760.888863][T32173]  schedule+0xd0/0x2a0
[ 1760.892909][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1760.898018][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1760.903459][T32173]  futex_wait+0x1e2/0x550
[ 1760.907769][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1760.912769][T32173]  ? print_usage_bug+0x240/0x240
[ 1760.917685][T32173]  ? hash_futex+0x10/0x200
[ 1760.922097][T32173]  ? futex_wake+0x153/0x480
[ 1760.926587][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1760.932635][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1760.938610][T32173]  do_futex+0x15f/0x1ad0
[ 1760.942838][T32173]  ? find_held_lock+0x2d/0x110
[ 1760.947583][T32173]  ? futex_exit_release+0x60/0x60
[ 1760.952617][T32173]  ? lock_downgrade+0x840/0x840
[ 1760.957445][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1760.962273][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1760.968237][T32173]  ? __might_fault+0x190/0x1d0
[ 1760.972995][T32173]  ? _copy_to_user+0x126/0x160
[ 1760.977743][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1760.982487][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1760.986970][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1760.992405][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1760.998365][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1761.003038][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1761.008999][T32173]  do_syscall_64+0xf6/0x7d0
[ 1761.013483][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1761.019351][T32173] RIP: 0033:0x45ca59
[ 1761.023224][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1761.042804][T32173] RSP: 002b:00007fc7e9ed1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1761.051191][T32173] RAX: ffffffffffffffda RBX: 000000000078bfa8 RCX: 000000000045ca59
[ 1761.059174][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bfa8
[ 1761.067127][T32173] RBP: 000000000078bfa0 R08: 0000000000000000 R09: 0000000000000000
[ 1761.075090][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bfac
[ 1761.083038][T32173] R13: 0000000000c9fb6f R14: 00007fc7e9ed29c0 R15: 000000000078bfac
[ 1761.091028][T32173] syz-executor.3  S29440   976   7107 0x00000000
[ 1761.097365][T32173] Call Trace:
[ 1761.100638][T32173]  __schedule+0x8f3/0x1fc0
[ 1761.105036][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1761.110303][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1761.115569][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1761.121012][T32173]  schedule+0xd0/0x2a0
[ 1761.125060][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1761.130150][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1761.135592][T32173]  futex_wait+0x1e2/0x550
[ 1761.139901][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1761.144903][T32173]  ? print_usage_bug+0x240/0x240
[ 1761.149832][T32173]  ? hash_futex+0x10/0x200
[ 1761.154243][T32173]  ? futex_wake+0x153/0x480
[ 1761.158748][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1761.164708][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1761.170687][T32173]  do_futex+0x15f/0x1ad0
[ 1761.174923][T32173]  ? find_held_lock+0x2d/0x110
[ 1761.179670][T32173]  ? futex_exit_release+0x60/0x60
[ 1761.184744][T32173]  ? lock_downgrade+0x840/0x840
[ 1761.189579][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1761.194411][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1761.200381][T32173]  ? __might_fault+0x190/0x1d0
[ 1761.205176][T32173]  ? _copy_to_user+0x126/0x160
[ 1761.215607][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1761.220395][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1761.225016][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1761.230495][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1761.236502][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1761.241158][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1761.247121][T32173]  do_syscall_64+0xf6/0x7d0
[ 1761.251626][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1761.257559][T32173] RIP: 0033:0x45ca59
[ 1761.261440][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1761.281123][T32173] RSP: 002b:00007f65face9cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1761.289569][T32173] RAX: ffffffffffffffda RBX: 000000000078bfa8 RCX: 000000000045ca59
[ 1761.297526][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bfa8
[ 1761.305476][T32173] RBP: 000000000078bfa0 R08: 0000000000000000 R09: 0000000000000000
[ 1761.313427][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bfac
[ 1761.321375][T32173] R13: 0000000000c9fb6f R14: 00007f65facea9c0 R15: 000000000078bfac
[ 1761.329356][T32173] syz-executor.1  S29440   978   6929 0x00000000
[ 1761.335692][T32173] Call Trace:
[ 1761.339075][T32173]  __schedule+0x8f3/0x1fc0
[ 1761.343473][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1761.348739][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1761.354005][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1761.359443][T32173]  schedule+0xd0/0x2a0
[ 1761.363501][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1761.368589][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1761.374050][T32173]  futex_wait+0x1e2/0x550
[ 1761.378370][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1761.383372][T32173]  ? print_usage_bug+0x240/0x240
[ 1761.388290][T32173]  ? hash_futex+0x10/0x200
[ 1761.392683][T32173]  ? futex_wake+0x153/0x480
[ 1761.397187][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1761.403164][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1761.409127][T32173]  do_futex+0x15f/0x1ad0
[ 1761.413359][T32173]  ? find_held_lock+0x2d/0x110
[ 1761.418122][T32173]  ? futex_exit_release+0x60/0x60
[ 1761.423140][T32173]  ? lock_downgrade+0x840/0x840
[ 1761.427999][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1761.432838][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1761.438805][T32173]  ? __might_fault+0x190/0x1d0
[ 1761.443548][T32173]  ? _copy_to_user+0x126/0x160
[ 1761.448339][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1761.453085][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1761.457569][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1761.463002][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1761.468961][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1761.473618][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1761.479591][T32173]  do_syscall_64+0xf6/0x7d0
[ 1761.484077][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1761.489945][T32173] RIP: 0033:0x45ca59
[ 1761.493817][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1761.513412][T32173] RSP: 002b:00007f7591575cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1761.521797][T32173] RAX: ffffffffffffffda RBX: 000000000078bfa8 RCX: 000000000045ca59
[ 1761.529743][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bfa8
[ 1761.537694][T32173] RBP: 000000000078bfa0 R08: 0000000000000000 R09: 0000000000000000
[ 1761.545642][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bfac
[ 1761.553606][T32173] R13: 0000000000c9fb6f R14: 00007f75915769c0 R15: 000000000078bfac
[ 1761.561567][T32173] syz-executor.4  S29440   980   7358 0x00000000
[ 1761.567896][T32173] Call Trace:
[ 1761.571169][T32173]  __schedule+0x8f3/0x1fc0
[ 1761.575564][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1761.580837][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1761.586108][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1761.591545][T32173]  schedule+0xd0/0x2a0
[ 1761.595688][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1761.600779][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1761.606219][T32173]  futex_wait+0x1e2/0x550
[ 1761.610546][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1761.615548][T32173]  ? print_usage_bug+0x240/0x240
[ 1761.620464][T32173]  ? hash_futex+0x10/0x200
[ 1761.624861][T32173]  ? futex_wake+0x153/0x480
[ 1761.629366][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1761.635323][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1761.641280][T32173]  do_futex+0x15f/0x1ad0
[ 1761.645510][T32173]  ? find_held_lock+0x2d/0x110
[ 1761.650252][T32173]  ? futex_exit_release+0x60/0x60
[ 1761.655256][T32173]  ? lock_downgrade+0x840/0x840
[ 1761.660086][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1761.664914][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1761.670877][T32173]  ? __might_fault+0x190/0x1d0
[ 1761.675632][T32173]  ? _copy_to_user+0x126/0x160
[ 1761.680377][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1761.685121][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1761.689618][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1761.695067][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1761.701029][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1761.705731][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1761.711696][T32173]  do_syscall_64+0xf6/0x7d0
[ 1761.716232][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1761.722105][T32173] RIP: 0033:0x45ca59
[ 1761.725983][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1761.745586][T32173] RSP: 002b:00007fc7e9ed1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1761.753974][T32173] RAX: ffffffffffffffda RBX: 000000000078bfa8 RCX: 000000000045ca59
[ 1761.761923][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bfa8
[ 1761.769891][T32173] RBP: 000000000078bfa0 R08: 0000000000000000 R09: 0000000000000000
[ 1761.777854][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bfac
[ 1761.785808][T32173] R13: 0000000000c9fb6f R14: 00007fc7e9ed29c0 R15: 000000000078bfac
[ 1761.793771][T32173] syz-executor.4  S29520  1300   7358 0x00000000
[ 1761.800081][T32173] Call Trace:
[ 1761.803350][T32173]  __schedule+0x8f3/0x1fc0
[ 1761.807744][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1761.813024][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1761.818289][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1761.823726][T32173]  schedule+0xd0/0x2a0
[ 1761.827776][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1761.832863][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1761.838308][T32173]  futex_wait+0x1e2/0x550
[ 1761.842620][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1761.847623][T32173]  ? print_usage_bug+0x240/0x240
[ 1761.852539][T32173]  ? hash_futex+0x10/0x200
[ 1761.856946][T32173]  ? futex_wake+0x153/0x480
[ 1761.861537][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1761.867491][T32173]  ? get_signal+0x1bf4/0x2510
[ 1761.872152][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1761.878110][T32173]  do_futex+0x15f/0x1ad0
[ 1761.882338][T32173]  ? find_held_lock+0x2d/0x110
[ 1761.887095][T32173]  ? futex_exit_release+0x60/0x60
[ 1761.892099][T32173]  ? lock_downgrade+0x840/0x840
[ 1761.896927][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1761.901755][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1761.907735][T32173]  ? __might_fault+0x190/0x1d0
[ 1761.912475][T32173]  ? _copy_to_user+0x126/0x160
[ 1761.917224][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1761.921971][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1761.926473][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1761.931920][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1761.937886][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1761.942540][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1761.948512][T32173]  do_syscall_64+0xf6/0x7d0
[ 1761.953012][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1761.958880][T32173] RIP: 0033:0x45ca59
[ 1761.962752][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1761.982332][T32173] RSP: 002b:00007fc7e9ef2cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1761.990720][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1761.998667][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1762.006616][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1762.014585][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1762.022534][T32173] R13: 0000000000c9fb6f R14: 00007fc7e9ef39c0 R15: 000000000078bf0c
[ 1762.030510][T32173] syz-executor.4  S28976  1333   7358 0x00000000
[ 1762.036836][T32173] Call Trace:
[ 1762.040114][T32173]  __schedule+0x8f3/0x1fc0
[ 1762.044509][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1762.049782][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1762.055048][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1762.060502][T32173]  schedule+0xd0/0x2a0
[ 1762.064552][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1762.069754][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1762.075225][T32173]  ? find_held_lock+0x2d/0x110
[ 1762.080001][T32173]  futex_wait+0x1e2/0x550
[ 1762.084317][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1762.089341][T32173]  ? print_usage_bug+0x240/0x240
[ 1762.094258][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1762.099436][T32173]  ? futex_wake+0x153/0x480
[ 1762.103927][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1762.109886][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1762.115862][T32173]  do_futex+0x15f/0x1ad0
[ 1762.120088][T32173]  ? find_held_lock+0x2d/0x110
[ 1762.124832][T32173]  ? futex_exit_release+0x60/0x60
[ 1762.129835][T32173]  ? lock_downgrade+0x840/0x840
[ 1762.134665][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1762.139493][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1762.145457][T32173]  ? __might_fault+0x190/0x1d0
[ 1762.150198][T32173]  ? _copy_to_user+0x126/0x160
[ 1762.154942][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1762.159688][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1762.164170][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1762.169624][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1762.175596][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1762.180305][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1762.186277][T32173]  do_syscall_64+0xf6/0x7d0
[ 1762.190796][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1762.196678][T32173] RIP: 0033:0x45ca59
[ 1762.200593][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1762.220174][T32173] RSP: 002b:00007fc7e9ed1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1762.228561][T32173] RAX: ffffffffffffffda RBX: 000000000078bfa8 RCX: 000000000045ca59
[ 1762.236523][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bfa8
[ 1762.244483][T32173] RBP: 000000000078bfa0 R08: 0000000000000000 R09: 0000000000000000
[ 1762.252479][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bfac
[ 1762.260432][T32173] R13: 0000000000c9fb6f R14: 00007fc7e9ed29c0 R15: 000000000078bfac
[ 1762.268404][T32173] syz-executor.4  S29792  1347   7358 0x00000000
[ 1762.274731][T32173] Call Trace:
[ 1762.278008][T32173]  __schedule+0x8f3/0x1fc0
[ 1762.282409][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1762.287719][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1762.292987][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1762.298426][T32173]  schedule+0xd0/0x2a0
[ 1762.302474][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1762.307580][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1762.313021][T32173]  futex_wait+0x1e2/0x550
[ 1762.317333][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1762.322335][T32173]  ? print_usage_bug+0x240/0x240
[ 1762.327251][T32173]  ? hash_futex+0x10/0x200
[ 1762.331657][T32173]  ? futex_wake+0x153/0x480
[ 1762.336148][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1762.342116][T32173]  ? get_signal+0x1bf4/0x2510
[ 1762.346791][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1762.352757][T32173]  do_futex+0x15f/0x1ad0
[ 1762.356992][T32173]  ? find_held_lock+0x2d/0x110
[ 1762.361738][T32173]  ? futex_exit_release+0x60/0x60
[ 1762.366746][T32173]  ? lock_downgrade+0x840/0x840
[ 1762.371629][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1762.376461][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1762.382427][T32173]  ? __might_fault+0x190/0x1d0
[ 1762.387174][T32173]  ? _copy_to_user+0x126/0x160
[ 1762.391922][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1762.396686][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1762.401169][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1762.406622][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1762.412599][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1762.417289][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1762.423262][T32173]  do_syscall_64+0xf6/0x7d0
[ 1762.427751][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1762.433620][T32173] RIP: 0033:0x45ca59
[ 1762.437624][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1762.457213][T32173] RSP: 002b:00007fc7e9ef2cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1762.465625][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1762.473590][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1762.481536][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1762.489499][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1762.497467][T32173] R13: 0000000000c9fb6f R14: 00007fc7e9ef39c0 R15: 000000000078bf0c
[ 1762.505431][T32173] syz-executor.0  S29264  1355   6799 0x00000000
[ 1762.511766][T32173] Call Trace:
[ 1762.515041][T32173]  __schedule+0x8f3/0x1fc0
[ 1762.519438][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1762.524704][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1762.529970][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1762.535409][T32173]  schedule+0xd0/0x2a0
[ 1762.539456][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1762.544562][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1762.550004][T32173]  futex_wait+0x1e2/0x550
[ 1762.554314][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1762.559316][T32173]  ? print_usage_bug+0x240/0x240
[ 1762.564335][T32173]  ? hash_futex+0x10/0x200
[ 1762.568741][T32173]  ? futex_wake+0x153/0x480
[ 1762.573233][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1762.579190][T32173]  ? get_signal+0x1bf4/0x2510
[ 1762.583846][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1762.589825][T32173]  do_futex+0x15f/0x1ad0
[ 1762.594054][T32173]  ? find_held_lock+0x2d/0x110
[ 1762.598796][T32173]  ? futex_exit_release+0x60/0x60
[ 1762.603825][T32173]  ? lock_downgrade+0x840/0x840
[ 1762.608667][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1762.613496][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1762.619460][T32173]  ? __might_fault+0x190/0x1d0
[ 1762.624205][T32173]  ? _copy_to_user+0x126/0x160
[ 1762.628953][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1762.633825][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1762.638326][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1762.643779][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1762.649755][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1762.654410][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1762.660369][T32173]  do_syscall_64+0xf6/0x7d0
[ 1762.664851][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1762.670719][T32173] RIP: 0033:0x45ca59
[ 1762.674591][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1762.694185][T32173] RSP: 002b:00007f92d403fcf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1762.702570][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1762.710519][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1762.718466][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1762.726416][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1762.734379][T32173] R13: 0000000000c9fb6f R14: 00007f92d40409c0 R15: 000000000078bf0c
[ 1762.742358][T32173] syz-executor.2  S29824  1366   7087 0x00000000
[ 1762.748670][T32173] Call Trace:
[ 1762.751954][T32173]  __schedule+0x8f3/0x1fc0
[ 1762.756352][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1762.761621][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1762.766904][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1762.772342][T32173]  schedule+0xd0/0x2a0
[ 1762.776391][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1762.781480][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1762.786931][T32173]  ? find_held_lock+0x2d/0x110
[ 1762.791693][T32173]  futex_wait+0x1e2/0x550
[ 1762.796005][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1762.801021][T32173]  ? print_usage_bug+0x240/0x240
[ 1762.805955][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1762.811130][T32173]  ? futex_wake+0x153/0x480
[ 1762.815623][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1762.821578][T32173]  ? get_signal+0x1bf4/0x2510
[ 1762.826341][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1762.832319][T32173]  do_futex+0x15f/0x1ad0
[ 1762.836546][T32173]  ? find_held_lock+0x2d/0x110
[ 1762.841301][T32173]  ? futex_exit_release+0x60/0x60
[ 1762.846324][T32173]  ? lock_downgrade+0x840/0x840
[ 1762.851174][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1762.856009][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1762.861975][T32173]  ? __might_fault+0x190/0x1d0
[ 1762.866761][T32173]  ? _copy_to_user+0x126/0x160
[ 1762.871509][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1762.876255][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1762.880741][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1762.886221][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1762.892202][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1762.896857][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1762.902816][T32173]  do_syscall_64+0xf6/0x7d0
[ 1762.907300][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1762.913177][T32173] RIP: 0033:0x45ca59
[ 1762.917052][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1762.936630][T32173] RSP: 002b:00007f8cd7fe7cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1762.945038][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1762.952985][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1762.960931][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1762.968876][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1762.976826][T32173] R13: 0000000000c9fb6f R14: 00007f8cd7fe89c0 R15: 000000000078bf0c
[ 1762.984786][T32173] syz-executor.4  S29656  1379   7358 0x00000000
[ 1762.991113][T32173] Call Trace:
[ 1762.994385][T32173]  __schedule+0x8f3/0x1fc0
[ 1762.998794][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1763.004165][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1763.009442][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1763.014880][T32173]  schedule+0xd0/0x2a0
[ 1763.018940][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1763.024030][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1763.029468][T32173]  futex_wait+0x1e2/0x550
[ 1763.033792][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1763.038819][T32173]  ? print_usage_bug+0x240/0x240
[ 1763.043742][T32173]  ? hash_futex+0x10/0x200
[ 1763.048138][T32173]  ? futex_wake+0x153/0x480
[ 1763.052628][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1763.058583][T32173]  ? get_signal+0x1bf4/0x2510
[ 1763.063240][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1763.069197][T32173]  do_futex+0x15f/0x1ad0
[ 1763.073423][T32173]  ? find_held_lock+0x2d/0x110
[ 1763.078180][T32173]  ? futex_exit_release+0x60/0x60
[ 1763.083184][T32173]  ? lock_downgrade+0x840/0x840
[ 1763.088009][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1763.092834][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1763.098798][T32173]  ? __might_fault+0x190/0x1d0
[ 1763.103540][T32173]  ? _copy_to_user+0x126/0x160
[ 1763.108286][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1763.113029][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1763.117511][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1763.122959][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1763.128931][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1763.133589][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1763.139548][T32173]  do_syscall_64+0xf6/0x7d0
[ 1763.144032][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1763.149913][T32173] RIP: 0033:0x45ca59
[ 1763.153786][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1763.173372][T32173] RSP: 002b:00007fc7e9ef2cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1763.181755][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1763.189707][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1763.197656][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1763.205603][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1763.213550][T32173] R13: 0000000000c9fb6f R14: 00007fc7e9ef39c0 R15: 000000000078bf0c
[ 1763.221510][T32173] syz-executor.0  S29816  1385   6799 0x00000000
[ 1763.227822][T32173] Call Trace:
[ 1763.231090][T32173]  __schedule+0x8f3/0x1fc0
[ 1763.235556][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1763.240822][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1763.246101][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1763.251588][T32173]  schedule+0xd0/0x2a0
[ 1763.255646][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1763.260744][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1763.266236][T32173]  futex_wait+0x1e2/0x550
[ 1763.270555][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1763.275568][T32173]  ? print_usage_bug+0x240/0x240
[ 1763.280490][T32173]  ? hash_futex+0x10/0x200
[ 1763.284902][T32173]  ? futex_wake+0x153/0x480
[ 1763.289406][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1763.295483][T32173]  ? get_signal+0x1bf4/0x2510
[ 1763.300139][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1763.306097][T32173]  do_futex+0x15f/0x1ad0
[ 1763.310326][T32173]  ? find_held_lock+0x2d/0x110
[ 1763.315068][T32173]  ? futex_exit_release+0x60/0x60
[ 1763.320070][T32173]  ? lock_downgrade+0x840/0x840
[ 1763.324899][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1763.329727][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1763.335711][T32173]  ? __might_fault+0x190/0x1d0
[ 1763.340452][T32173]  ? _copy_to_user+0x126/0x160
[ 1763.345199][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1763.349947][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1763.354432][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1763.359865][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1763.365838][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1763.370502][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1763.376463][T32173]  do_syscall_64+0xf6/0x7d0
[ 1763.380947][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1763.386815][T32173] RIP: 0033:0x45ca59
[ 1763.390686][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1763.410272][T32173] RSP: 002b:00007f92d403fcf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1763.418670][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1763.426623][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1763.434575][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1763.442526][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1763.450524][T32173] R13: 0000000000c9fb6f R14: 00007f92d40409c0 R15: 000000000078bf0c
[ 1763.458544][T32173] syz-executor.2  S29656  1391   7087 0x00000000
[ 1763.464857][T32173] Call Trace:
[ 1763.468131][T32173]  __schedule+0x8f3/0x1fc0
[ 1763.472525][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1763.477830][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1763.483126][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1763.488574][T32173]  schedule+0xd0/0x2a0
[ 1763.492623][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1763.497712][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1763.503169][T32173]  ? find_held_lock+0x2d/0x110
[ 1763.507911][T32173]  futex_wait+0x1e2/0x550
[ 1763.512220][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1763.517222][T32173]  ? print_usage_bug+0x240/0x240
[ 1763.522183][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1763.527360][T32173]  ? futex_wake+0x153/0x480
[ 1763.531869][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1763.537823][T32173]  ? get_signal+0x1bf4/0x2510
[ 1763.542499][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1763.548462][T32173]  do_futex+0x15f/0x1ad0
[ 1763.552688][T32173]  ? find_held_lock+0x2d/0x110
[ 1763.557437][T32173]  ? futex_exit_release+0x60/0x60
[ 1763.562441][T32173]  ? lock_downgrade+0x840/0x840
[ 1763.567287][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1763.572119][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1763.578187][T32173]  ? __might_fault+0x190/0x1d0
[ 1763.582927][T32173]  ? _copy_to_user+0x126/0x160
[ 1763.587693][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1763.592436][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1763.596938][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1763.602400][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1763.608358][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1763.613028][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1763.618990][T32173]  do_syscall_64+0xf6/0x7d0
[ 1763.623473][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1763.629341][T32173] RIP: 0033:0x45ca59
[ 1763.633213][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1763.652793][T32173] RSP: 002b:00007f8cd7fe7cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1763.661236][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1763.669185][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1763.677132][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1763.685101][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1763.693048][T32173] R13: 0000000000c9fb6f R14: 00007f8cd7fe89c0 R15: 000000000078bf0c
[ 1763.701031][T32173] syz-executor.4  S29824  1414   7358 0x00000000
[ 1763.707345][T32173] Call Trace:
[ 1763.710617][T32173]  __schedule+0x8f3/0x1fc0
[ 1763.715031][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1763.720309][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1763.725575][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1763.731029][T32173]  schedule+0xd0/0x2a0
[ 1763.735082][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1763.740177][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1763.747119][T32173]  ? find_held_lock+0x2d/0x110
[ 1763.751864][T32173]  futex_wait+0x1e2/0x550
[ 1763.756195][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1763.761216][T32173]  ? print_usage_bug+0x240/0x240
[ 1763.766132][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1763.771349][T32173]  ? futex_wake+0x153/0x480
[ 1763.775842][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1763.781837][T32173]  ? get_signal+0x1bf4/0x2510
[ 1763.786503][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1763.792472][T32173]  do_futex+0x15f/0x1ad0
[ 1763.796710][T32173]  ? find_held_lock+0x2d/0x110
[ 1763.801459][T32173]  ? futex_exit_release+0x60/0x60
[ 1763.806466][T32173]  ? lock_downgrade+0x840/0x840
[ 1763.811302][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1763.816130][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1763.822106][T32173]  ? __might_fault+0x190/0x1d0
[ 1763.826850][T32173]  ? _copy_to_user+0x126/0x160
[ 1763.831618][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1763.836382][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1763.840879][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1763.846314][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1763.852271][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1763.856924][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1763.862882][T32173]  do_syscall_64+0xf6/0x7d0
[ 1763.867376][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1763.873245][T32173] RIP: 0033:0x45ca59
[ 1763.877134][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1763.896726][T32173] RSP: 002b:00007fc7e9ef2cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1763.905128][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1763.913085][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1763.921037][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1763.928987][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1763.936935][T32173] R13: 0000000000c9fb6f R14: 00007fc7e9ef39c0 R15: 000000000078bf0c
[ 1763.944898][T32173] syz-executor.0  S29656  1426   6799 0x00000000
[ 1763.951221][T32173] Call Trace:
[ 1763.954494][T32173]  __schedule+0x8f3/0x1fc0
[ 1763.958887][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1763.964154][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1763.969418][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1763.974856][T32173]  schedule+0xd0/0x2a0
[ 1763.978903][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1763.984010][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1763.989461][T32173]  futex_wait+0x1e2/0x550
[ 1763.993771][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1763.998771][T32173]  ? print_usage_bug+0x240/0x240
[ 1764.003688][T32173]  ? hash_futex+0x10/0x200
[ 1764.008080][T32173]  ? futex_wake+0x153/0x480
[ 1764.012568][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1764.018523][T32173]  ? get_signal+0x1bf4/0x2510
[ 1764.023179][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1764.029150][T32173]  do_futex+0x15f/0x1ad0
[ 1764.033377][T32173]  ? find_held_lock+0x2d/0x110
[ 1764.038116][T32173]  ? futex_exit_release+0x60/0x60
[ 1764.043119][T32173]  ? lock_downgrade+0x840/0x840
[ 1764.047945][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1764.052773][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1764.058761][T32173]  ? __might_fault+0x190/0x1d0
[ 1764.063520][T32173]  ? _copy_to_user+0x126/0x160
[ 1764.068265][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1764.073025][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1764.077512][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1764.082947][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1764.088920][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1764.093574][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1764.099533][T32173]  do_syscall_64+0xf6/0x7d0
[ 1764.104018][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1764.109887][T32173] RIP: 0033:0x45ca59
[ 1764.113759][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1764.133337][T32173] RSP: 002b:00007f92d403fcf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1764.141723][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1764.149672][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1764.157623][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1764.165571][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1764.173521][T32173] R13: 0000000000c9fb6f R14: 00007f92d40409c0 R15: 000000000078bf0c
[ 1764.181480][T32173] syz-executor.2  S29816  1434   7087 0x00000000
[ 1764.187791][T32173] Call Trace:
[ 1764.191073][T32173]  __schedule+0x8f3/0x1fc0
[ 1764.195480][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1764.200776][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1764.206039][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1764.211562][T32173]  schedule+0xd0/0x2a0
[ 1764.215610][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1764.220701][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1764.226140][T32173]  futex_wait+0x1e2/0x550
[ 1764.230446][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1764.235447][T32173]  ? print_usage_bug+0x240/0x240
[ 1764.240382][T32173]  ? hash_futex+0x10/0x200
[ 1764.244774][T32173]  ? futex_wake+0x153/0x480
[ 1764.249350][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1764.255323][T32173]  ? get_signal+0x1bf4/0x2510
[ 1764.259980][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1764.265938][T32173]  do_futex+0x15f/0x1ad0
[ 1764.270162][T32173]  ? find_held_lock+0x2d/0x110
[ 1764.274903][T32173]  ? futex_exit_release+0x60/0x60
[ 1764.279904][T32173]  ? lock_downgrade+0x840/0x840
[ 1764.284755][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1764.289598][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1764.295568][T32173]  ? __might_fault+0x190/0x1d0
[ 1764.300308][T32173]  ? _copy_to_user+0x126/0x160
[ 1764.305053][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1764.309798][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1764.314297][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1764.319753][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1764.325710][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1764.330368][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1764.336335][T32173]  do_syscall_64+0xf6/0x7d0
[ 1764.340994][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1764.346886][T32173] RIP: 0033:0x45ca59
[ 1764.350773][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1764.370360][T32173] RSP: 002b:00007f8cd7fe7cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1764.378919][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1764.386868][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1764.394829][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1764.402790][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1764.410796][T32173] R13: 0000000000c9fb6f R14: 00007f8cd7fe89c0 R15: 000000000078bf0c
[ 1764.418777][T32173] syz-executor.5  T29856  3342   7376 0x00000000
[ 1764.425110][T32173] Call Trace:
[ 1764.428404][T32173]  __schedule+0x8f3/0x1fc0
[ 1764.432807][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1764.438071][T32173]  ? _raw_spin_unlock_irq+0x1f/0x80
[ 1764.443268][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1764.449230][T32173]  schedule+0xd0/0x2a0
[ 1764.453281][T32173]  do_signal_stop+0x31d/0x840
[ 1764.457940][T32173]  get_signal+0x958/0x2510
[ 1764.462359][T32173]  ? do_send_specific+0x12b/0x240
[ 1764.467419][T32173]  do_signal+0x81/0x2240
[ 1764.471741][T32173]  ? check_kill_permission+0x53/0x540
[ 1764.477094][T32173]  ? copy_siginfo_to_user32+0xa0/0xa0
[ 1764.482442][T32173]  ? do_send_specific+0x14d/0x240
[ 1764.487462][T32173]  ? do_tkill+0x186/0x1f0
[ 1764.491774][T32173]  ? exit_to_usermode_loop+0x36/0x360
[ 1764.497124][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1764.503087][T32173]  exit_to_usermode_loop+0x26c/0x360
[ 1764.508353][T32173]  do_syscall_64+0x6b1/0x7d0
[ 1764.512923][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1764.518790][T32173] RIP: 0033:0x45ca59
[ 1764.522663][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1764.542242][T32173] RSP: 002b:00007f656341ec78 EFLAGS: 00000246 ORIG_RAX: 00000000000000c8
[ 1764.550629][T32173] RAX: 0000000000000000 RBX: 000000000050ade0 RCX: 000000000045ca59
[ 1764.558577][T32173] RDX: 0000000000000000 RSI: 0000000000000016 RDI: 0000000000000a99
[ 1764.566524][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1764.574471][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff
[ 1764.582417][T32173] R13: 0000000000000c6d R14: 00000000004cec8f R15: 00007f656341f6d4
[ 1764.590379][T32173] syz-executor.5  S29792  3374   7376 0x00000000
[ 1764.596703][T32173] Call Trace:
[ 1764.599973][T32173]  __schedule+0x8f3/0x1fc0
[ 1764.604370][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1764.609721][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1764.614983][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1764.620420][T32173]  schedule+0xd0/0x2a0
[ 1764.624493][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1764.629579][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1764.635021][T32173]  futex_wait+0x1e2/0x550
[ 1764.639329][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1764.644333][T32173]  ? wake_up_q+0xc1/0x140
[ 1764.648637][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1764.653811][T32173]  ? futex_wake+0x153/0x480
[ 1764.658299][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1764.664254][T32173]  ? __sigqueue_alloc+0x236/0x540
[ 1764.669255][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1764.675215][T32173]  do_futex+0x15f/0x1ad0
[ 1764.679442][T32173]  ? find_held_lock+0x2d/0x110
[ 1764.684186][T32173]  ? futex_exit_release+0x60/0x60
[ 1764.689186][T32173]  ? lock_downgrade+0x840/0x840
[ 1764.694027][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1764.698862][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1764.704827][T32173]  ? __might_fault+0x190/0x1d0
[ 1764.709573][T32173]  ? _copy_to_user+0x126/0x160
[ 1764.714327][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1764.719098][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1764.723627][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1764.729079][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1764.735056][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1764.739713][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1764.745706][T32173]  do_syscall_64+0xf6/0x7d0
[ 1764.750211][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1764.756084][T32173] RIP: 0033:0x45ca59
[ 1764.759960][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1764.779545][T32173] RSP: 002b:00007f65633dccf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1764.787938][T32173] RAX: ffffffffffffffda RBX: 000000000078c048 RCX: 000000000045ca59
[ 1764.795886][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078c048
[ 1764.803836][T32173] RBP: 000000000078c040 R08: 0000000000000000 R09: 0000000000000000
[ 1764.811783][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078c04c
[ 1764.819732][T32173] R13: 0000000000c9fb6f R14: 00007f65633dd9c0 R15: 000000000078c04c
[ 1764.827715][T32173] syz-executor.5  T29536  3428   7376 0x00000000
[ 1764.834026][T32173] Call Trace:
[ 1764.837306][T32173]  __schedule+0x8f3/0x1fc0
[ 1764.841721][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1764.846983][T32173]  ? _raw_spin_unlock_irq+0x1f/0x80
[ 1764.852157][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1764.858125][T32173]  schedule+0xd0/0x2a0
[ 1764.862190][T32173]  do_signal_stop+0x31d/0x840
[ 1764.866849][T32173]  get_signal+0x958/0x2510
[ 1764.871337][T32173]  ? do_send_specific+0x12b/0x240
[ 1764.876345][T32173]  do_signal+0x81/0x2240
[ 1764.880565][T32173]  ? check_kill_permission+0x53/0x540
[ 1764.885919][T32173]  ? copy_siginfo_to_user32+0xa0/0xa0
[ 1764.891267][T32173]  ? do_send_specific+0x14d/0x240
[ 1764.896270][T32173]  ? do_tkill+0x186/0x1f0
[ 1764.900603][T32173]  ? exit_to_usermode_loop+0x36/0x360
[ 1764.905965][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1764.911924][T32173]  exit_to_usermode_loop+0x26c/0x360
[ 1764.917190][T32173]  do_syscall_64+0x6b1/0x7d0
[ 1764.921759][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1764.927648][T32173] RIP: 0033:0x45ca59
[ 1764.931518][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1764.951970][T32173] RSP: 002b:00007f656341ec78 EFLAGS: 00000246 ORIG_RAX: 00000000000000c8
[ 1764.960380][T32173] RAX: 0000000000000000 RBX: 000000000050ade0 RCX: 000000000045ca59
[ 1764.968327][T32173] RDX: 0000000000000000 RSI: 0000000000000016 RDI: 0000000000000a9f
[ 1764.976292][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1764.984256][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff
[ 1764.992219][T32173] R13: 0000000000000c6d R14: 00000000004cec8f R15: 00007f656341f6d4
[ 1765.000267][T32173] syz-executor.5  T29824  3503   7376 0x00000000
[ 1765.006577][T32173] Call Trace:
[ 1765.009846][T32173]  __schedule+0x8f3/0x1fc0
[ 1765.014246][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1765.019906][T32173]  ? _raw_spin_unlock_irq+0x1f/0x80
[ 1765.025099][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1765.031055][T32173]  schedule+0xd0/0x2a0
[ 1765.035105][T32173]  do_signal_stop+0x31d/0x840
[ 1765.039762][T32173]  get_signal+0x958/0x2510
[ 1765.044162][T32173]  ? do_send_specific+0x12b/0x240
[ 1765.049181][T32173]  do_signal+0x81/0x2240
[ 1765.053404][T32173]  ? check_kill_permission+0x53/0x540
[ 1765.058753][T32173]  ? copy_siginfo_to_user32+0xa0/0xa0
[ 1765.064103][T32173]  ? do_send_specific+0x14d/0x240
[ 1765.069105][T32173]  ? do_tkill+0x186/0x1f0
[ 1765.073435][T32173]  ? exit_to_usermode_loop+0x36/0x360
[ 1765.078798][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1765.084773][T32173]  exit_to_usermode_loop+0x26c/0x360
[ 1765.090045][T32173]  do_syscall_64+0x6b1/0x7d0
[ 1765.094615][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1765.100495][T32173] RIP: 0033:0x45ca59
[ 1765.104368][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1765.123961][T32173] RSP: 002b:00007f656341ec78 EFLAGS: 00000246 ORIG_RAX: 00000000000000c8
[ 1765.132364][T32173] RAX: 0000000000000000 RBX: 000000000050ade0 RCX: 000000000045ca59
[ 1765.140315][T32173] RDX: 0000000000000000 RSI: 0000000000000016 RDI: 0000000000000aa3
[ 1765.148260][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1765.156225][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff
[ 1765.164286][T32173] R13: 0000000000000c6d R14: 00000000004cec8f R15: 00007f656341f6d4
[ 1765.172260][T32173] syz-executor.3  S29824  3505   7107 0x00000000
[ 1765.178572][T32173] Call Trace:
[ 1765.181845][T32173]  __schedule+0x8f3/0x1fc0
[ 1765.186239][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1765.191503][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1765.196766][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1765.202219][T32173]  schedule+0xd0/0x2a0
[ 1765.206269][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1765.211363][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1765.216801][T32173]  futex_wait+0x1e2/0x550
[ 1765.221110][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1765.226110][T32173]  ? print_usage_bug+0x240/0x240
[ 1765.231023][T32173]  ? hash_futex+0x10/0x200
[ 1765.235435][T32173]  ? futex_wake+0x153/0x480
[ 1765.239941][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1765.245904][T32173]  ? do_wp_page+0x512/0x1440
[ 1765.250474][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1765.256562][T32173]  do_futex+0x15f/0x1ad0
[ 1765.260802][T32173]  ? find_held_lock+0x2d/0x110
[ 1765.265552][T32173]  ? futex_exit_release+0x60/0x60
[ 1765.270612][T32173]  ? lock_downgrade+0x840/0x840
[ 1765.275445][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1765.280277][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1765.286247][T32173]  ? __might_fault+0x190/0x1d0
[ 1765.290991][T32173]  ? _copy_to_user+0x126/0x160
[ 1765.295937][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1765.300687][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1765.305196][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1765.310640][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1765.316604][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1765.321282][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1765.327264][T32173]  do_syscall_64+0xf6/0x7d0
[ 1765.331868][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1765.337756][T32173] RIP: 0033:0x45ca59
[ 1765.341631][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1765.361210][T32173] RSP: 002b:00007f65fad0acf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1765.369596][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1765.377545][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1765.385493][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1765.393443][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1765.401477][T32173] R13: 0000000000c9fb6f R14: 00007f65fad0b9c0 R15: 000000000078bf0c
[ 1765.409440][T32173] syz-executor.5  T29856  3535   7376 0x00000000
[ 1765.415762][T32173] Call Trace:
[ 1765.419046][T32173]  __schedule+0x8f3/0x1fc0
[ 1765.423450][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1765.428715][T32173]  ? _raw_spin_unlock_irq+0x1f/0x80
[ 1765.433902][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1765.439865][T32173]  schedule+0xd0/0x2a0
[ 1765.443917][T32173]  do_signal_stop+0x31d/0x840
[ 1765.448576][T32173]  get_signal+0x958/0x2510
[ 1765.452987][T32173]  ? do_send_specific+0x12b/0x240
[ 1765.458001][T32173]  do_signal+0x81/0x2240
[ 1765.462224][T32173]  ? check_kill_permission+0x53/0x540
[ 1765.467576][T32173]  ? copy_siginfo_to_user32+0xa0/0xa0
[ 1765.472923][T32173]  ? do_send_specific+0x14d/0x240
[ 1765.477925][T32173]  ? do_tkill+0x186/0x1f0
[ 1765.482238][T32173]  ? exit_to_usermode_loop+0x36/0x360
[ 1765.487605][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1765.493565][T32173]  exit_to_usermode_loop+0x26c/0x360
[ 1765.498828][T32173]  do_syscall_64+0x6b1/0x7d0
[ 1765.503419][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1765.509287][T32173] RIP: 0033:0x45ca59
[ 1765.513160][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1765.532741][T32173] RSP: 002b:00007f656341ec78 EFLAGS: 00000246 ORIG_RAX: 00000000000000c8
[ 1765.541146][T32173] RAX: 0000000000000000 RBX: 000000000050ade0 RCX: 000000000045ca59
[ 1765.549094][T32173] RDX: 0000000000000000 RSI: 0000000000000016 RDI: 0000000000000aa7
[ 1765.557045][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1765.565012][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff
[ 1765.572990][T32173] R13: 0000000000000c6d R14: 00000000004cec8f R15: 00007f656341f6d4
[ 1765.580954][T32173] syz-executor.3  S29824  3536   7107 0x00000000
[ 1765.587264][T32173] Call Trace:
[ 1765.590534][T32173]  __schedule+0x8f3/0x1fc0
[ 1765.594928][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1765.600193][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1765.605458][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1765.610893][T32173]  schedule+0xd0/0x2a0
[ 1765.614940][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1765.620029][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1765.625467][T32173]  futex_wait+0x1e2/0x550
[ 1765.629774][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1765.634774][T32173]  ? print_usage_bug+0x240/0x240
[ 1765.639690][T32173]  ? hash_futex+0x10/0x200
[ 1765.644089][T32173]  ? futex_wake+0x153/0x480
[ 1765.648576][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1765.654531][T32173]  ? do_wp_page+0x512/0x1440
[ 1765.659099][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1765.665075][T32173]  do_futex+0x15f/0x1ad0
[ 1765.669317][T32173]  ? find_held_lock+0x2d/0x110
[ 1765.674107][T32173]  ? futex_exit_release+0x60/0x60
[ 1765.679112][T32173]  ? lock_downgrade+0x840/0x840
[ 1765.683939][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1765.688810][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1765.694775][T32173]  ? __might_fault+0x190/0x1d0
[ 1765.699525][T32173]  ? _copy_to_user+0x126/0x160
[ 1765.704271][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1765.709014][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1765.713498][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1765.718932][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1765.724891][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1765.729550][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1765.735518][T32173]  do_syscall_64+0xf6/0x7d0
[ 1765.740001][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1765.745869][T32173] RIP: 0033:0x45ca59
[ 1765.749743][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1765.769340][T32173] RSP: 002b:00007f65fad0acf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1765.777739][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1765.785686][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1765.793648][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1765.801595][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1765.809547][T32173] R13: 0000000000c9fb6f R14: 00007f65fad0b9c0 R15: 000000000078bf0c
[ 1765.817525][T32173] syz-executor.3  S29824  3545   7107 0x00000000
[ 1765.823836][T32173] Call Trace:
[ 1765.827106][T32173]  __schedule+0x8f3/0x1fc0
[ 1765.831498][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1765.836789][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1765.842054][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1765.847492][T32173]  schedule+0xd0/0x2a0
[ 1765.851541][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1765.856640][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1765.862088][T32173]  ? psi_task_switch+0x183/0x410
[ 1765.867006][T32173]  futex_wait+0x1e2/0x550
[ 1765.871346][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1765.876347][T32173]  ? print_usage_bug+0x240/0x240
[ 1765.881281][T32173]  ? hash_futex+0x10/0x200
[ 1765.885674][T32173]  ? futex_wake+0x153/0x480
[ 1765.890162][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1765.896117][T32173]  ? do_wp_page+0x512/0x1440
[ 1765.900685][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1765.906642][T32173]  do_futex+0x15f/0x1ad0
[ 1765.910869][T32173]  ? find_held_lock+0x2d/0x110
[ 1765.915612][T32173]  ? futex_exit_release+0x60/0x60
[ 1765.920613][T32173]  ? lock_downgrade+0x840/0x840
[ 1765.925454][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1765.930288][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1765.936253][T32173]  ? __might_fault+0x190/0x1d0
[ 1765.940992][T32173]  ? _copy_to_user+0x126/0x160
[ 1765.945736][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1765.950479][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1765.954967][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1765.960415][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1765.966372][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1765.971029][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1765.976988][T32173]  do_syscall_64+0xf6/0x7d0
[ 1765.981471][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1765.987340][T32173] RIP: 0033:0x45ca59
[ 1765.991229][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1766.010808][T32173] RSP: 002b:00007f65fad0acf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1766.019195][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1766.027141][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1766.035089][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1766.043034][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1766.050980][T32173] R13: 0000000000c9fb6f R14: 00007f65fad0b9c0 R15: 000000000078bf0c
[ 1766.058942][T32173] syz-executor.1  S29824  3578   6929 0x00000000
[ 1766.065275][T32173] Call Trace:
[ 1766.068544][T32173]  __schedule+0x8f3/0x1fc0
[ 1766.072947][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1766.078217][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1766.083509][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1766.088948][T32173]  schedule+0xd0/0x2a0
[ 1766.093007][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1766.098092][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1766.103530][T32173]  futex_wait+0x1e2/0x550
[ 1766.107837][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1766.112847][T32173]  ? print_usage_bug+0x240/0x240
[ 1766.117763][T32173]  ? hash_futex+0x10/0x200
[ 1766.122171][T32173]  ? futex_wake+0x153/0x480
[ 1766.126660][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1766.132616][T32173]  ? do_wp_page+0x512/0x1440
[ 1766.137191][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1766.143148][T32173]  do_futex+0x15f/0x1ad0
[ 1766.147374][T32173]  ? find_held_lock+0x2d/0x110
[ 1766.152114][T32173]  ? futex_exit_release+0x60/0x60
[ 1766.157138][T32173]  ? lock_downgrade+0x840/0x840
[ 1766.161971][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1766.166801][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1766.172763][T32173]  ? __might_fault+0x190/0x1d0
[ 1766.177504][T32173]  ? _copy_to_user+0x126/0x160
[ 1766.182252][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1766.186996][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1766.191480][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1766.196917][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1766.202873][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1766.207527][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1766.213490][T32173]  do_syscall_64+0xf6/0x7d0
[ 1766.217972][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1766.223858][T32173] RIP: 0033:0x45ca59
[ 1766.227746][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1766.247345][T32173] RSP: 002b:00007f7591596cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1766.255767][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1766.263805][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1766.271754][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1766.279704][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1766.287697][T32173] R13: 0000000000c9fb6f R14: 00007f75915979c0 R15: 000000000078bf0c
[ 1766.295665][T32173] syz-executor.3  S29824  3589   7107 0x00000000
[ 1766.301974][T32173] Call Trace:
[ 1766.305249][T32173]  __schedule+0x8f3/0x1fc0
[ 1766.309645][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1766.314909][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1766.320175][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1766.325613][T32173]  schedule+0xd0/0x2a0
[ 1766.329659][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1766.334747][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1766.340181][T32173]  ? find_held_lock+0x2d/0x110
[ 1766.344926][T32173]  futex_wait+0x1e2/0x550
[ 1766.349234][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1766.354277][T32173]  ? print_usage_bug+0x240/0x240
[ 1766.359193][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1766.364370][T32173]  ? futex_wake+0x153/0x480
[ 1766.368875][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1766.374851][T32173]  ? do_wp_page+0x512/0x1440
[ 1766.379418][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1766.385397][T32173]  do_futex+0x15f/0x1ad0
[ 1766.389719][T32173]  ? find_held_lock+0x2d/0x110
[ 1766.394462][T32173]  ? futex_exit_release+0x60/0x60
[ 1766.399531][T32173]  ? lock_downgrade+0x840/0x840
[ 1766.404397][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1766.409235][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1766.415206][T32173]  ? __might_fault+0x190/0x1d0
[ 1766.419952][T32173]  ? _copy_to_user+0x126/0x160
[ 1766.424702][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1766.429449][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1766.433977][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1766.439412][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1766.445369][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1766.450072][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1766.456031][T32173]  do_syscall_64+0xf6/0x7d0
[ 1766.460516][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1766.466385][T32173] RIP: 0033:0x45ca59
[ 1766.470385][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1766.489982][T32173] RSP: 002b:00007f65fad0acf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1766.498425][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1766.506372][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1766.514335][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1766.522283][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1766.530231][T32173] R13: 0000000000c9fb6f R14: 00007f65fad0b9c0 R15: 000000000078bf0c
[ 1766.538195][T32173] syz-executor.1  S29824  3599   6929 0x00000000
[ 1766.544507][T32173] Call Trace:
[ 1766.547797][T32173]  __schedule+0x8f3/0x1fc0
[ 1766.552189][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1766.557454][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1766.562716][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1766.568153][T32173]  schedule+0xd0/0x2a0
[ 1766.572200][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1766.577288][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1766.582726][T32173]  futex_wait+0x1e2/0x550
[ 1766.587044][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1766.592060][T32173]  ? print_usage_bug+0x240/0x240
[ 1766.596975][T32173]  ? hash_futex+0x10/0x200
[ 1766.601368][T32173]  ? futex_wake+0x153/0x480
[ 1766.605857][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1766.611812][T32173]  ? do_wp_page+0x512/0x1440
[ 1766.616398][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1766.622356][T32173]  do_futex+0x15f/0x1ad0
[ 1766.626583][T32173]  ? find_held_lock+0x2d/0x110
[ 1766.631325][T32173]  ? futex_exit_release+0x60/0x60
[ 1766.636327][T32173]  ? lock_downgrade+0x840/0x840
[ 1766.641229][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1766.646120][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1766.652218][T32173]  ? __might_fault+0x190/0x1d0
[ 1766.656967][T32173]  ? _copy_to_user+0x126/0x160
[ 1766.661718][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1766.666466][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1766.670997][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1766.676473][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1766.682531][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1766.687185][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1766.693146][T32173]  do_syscall_64+0xf6/0x7d0
[ 1766.697630][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1766.703500][T32173] RIP: 0033:0x45ca59
[ 1766.707372][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1766.726983][T32173] RSP: 002b:00007f7591596cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1766.735371][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1766.743319][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1766.751281][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1766.759231][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1766.767226][T32173] R13: 0000000000c9fb6f R14: 00007f75915979c0 R15: 000000000078bf0c
[ 1766.775202][T32173] syz-executor.5  T29824  3612   7376 0x00004004
[ 1766.781520][T32173] Call Trace:
[ 1766.784797][T32173]  __schedule+0x8f3/0x1fc0
[ 1766.789199][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1766.794470][T32173]  ? _raw_spin_unlock_irq+0x1f/0x80
[ 1766.799647][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1766.805607][T32173]  schedule+0xd0/0x2a0
[ 1766.809655][T32173]  do_signal_stop+0x31d/0x840
[ 1766.814312][T32173]  get_signal+0x100d/0x2510
[ 1766.818804][T32173]  do_signal+0x81/0x2240
[ 1766.823025][T32173]  ? check_kill_permission+0x53/0x540
[ 1766.828381][T32173]  ? copy_siginfo_to_user32+0xa0/0xa0
[ 1766.833757][T32173]  ? do_rt_tgsigqueueinfo+0xab/0x100
[ 1766.839048][T32173]  ? exit_to_usermode_loop+0x36/0x360
[ 1766.844398][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1766.850356][T32173]  exit_to_usermode_loop+0x26c/0x360
[ 1766.855636][T32173]  do_syscall_64+0x6b1/0x7d0
[ 1766.860224][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1766.866106][T32173] RIP: 0033:0x45ca59
[ 1766.869983][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1766.889560][T32173] RSP: 002b:00007f656341ec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000129
[ 1766.897946][T32173] RAX: 0000000000000000 RBX: 00000000004fc6a0 RCX: 000000000045ca59
[ 1766.905912][T32173] RDX: 0000000000000015 RSI: 0000000000000aab RDI: 0000000000000aab
[ 1766.913862][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1766.921808][T32173] R10: 00000000200000c0 R11: 0000000000000246 R12: 00000000ffffffff
[ 1766.929768][T32173] R13: 00000000000008d0 R14: 00000000004cba6f R15: 00007f656341f6d4
[ 1766.937731][T32173] syz-executor.1  S29824  3615   6929 0x00000000
[ 1766.944067][T32173] Call Trace:
[ 1766.947351][T32173]  __schedule+0x8f3/0x1fc0
[ 1766.951744][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1766.957025][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1766.962291][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1766.967728][T32173]  schedule+0xd0/0x2a0
[ 1766.971774][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1766.976863][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1766.982305][T32173]  futex_wait+0x1e2/0x550
[ 1766.986631][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1766.991647][T32173]  ? print_usage_bug+0x240/0x240
[ 1766.996564][T32173]  ? hash_futex+0x10/0x200
[ 1767.000972][T32173]  ? futex_wake+0x153/0x480
[ 1767.005462][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1767.011418][T32173]  ? do_wp_page+0x512/0x1440
[ 1767.015989][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1767.021948][T32173]  do_futex+0x15f/0x1ad0
[ 1767.026180][T32173]  ? find_held_lock+0x2d/0x110
[ 1767.030937][T32173]  ? futex_exit_release+0x60/0x60
[ 1767.035941][T32173]  ? lock_downgrade+0x840/0x840
[ 1767.040768][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1767.045596][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1767.051573][T32173]  ? __might_fault+0x190/0x1d0
[ 1767.056315][T32173]  ? _copy_to_user+0x126/0x160
[ 1767.061148][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1767.065907][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1767.070387][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1767.075822][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1767.081778][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1767.086461][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1767.092425][T32173]  do_syscall_64+0xf6/0x7d0
[ 1767.098037][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1767.104947][T32173] RIP: 0033:0x45ca59
[ 1767.108821][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1767.128399][T32173] RSP: 002b:00007f7591596cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1767.136789][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1767.144735][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1767.152684][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1767.160634][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1767.168582][T32173] R13: 0000000000c9fb6f R14: 00007f75915979c0 R15: 000000000078bf0c
[ 1767.176630][T32173] syz-executor.5  S29584  3660   7376 0x00000000
[ 1767.182971][T32173] Call Trace:
[ 1767.186253][T32173]  __schedule+0x8f3/0x1fc0
[ 1767.190646][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1767.195911][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1767.201173][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1767.206628][T32173]  schedule+0xd0/0x2a0
[ 1767.210674][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1767.215764][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1767.221308][T32173]  futex_wait+0x1e2/0x550
[ 1767.225625][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1767.230632][T32173]  ? print_usage_bug+0x240/0x240
[ 1767.235557][T32173]  ? hash_futex+0x10/0x200
[ 1767.239956][T32173]  ? futex_wake+0x153/0x480
[ 1767.244456][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1767.250423][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1767.256385][T32173]  do_futex+0x15f/0x1ad0
[ 1767.260707][T32173]  ? find_held_lock+0x2d/0x110
[ 1767.265464][T32173]  ? futex_exit_release+0x60/0x60
[ 1767.270479][T32173]  ? lock_downgrade+0x840/0x840
[ 1767.275314][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1767.280179][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1767.286146][T32173]  ? __might_fault+0x190/0x1d0
[ 1767.290888][T32173]  ? _copy_to_user+0x126/0x160
[ 1767.295677][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1767.300547][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1767.305036][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1767.310469][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1767.316425][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1767.321080][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1767.327043][T32173]  do_syscall_64+0xf6/0x7d0
[ 1767.331526][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1767.337396][T32173] RIP: 0033:0x45ca59
[ 1767.341268][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1767.360987][T32173] RSP: 002b:00007f65633fdcf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1767.369383][T32173] RAX: ffffffffffffffda RBX: 000000000078bfa8 RCX: 000000000045ca59
[ 1767.377345][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bfa8
[ 1767.385301][T32173] RBP: 000000000078bfa0 R08: 0000000000000000 R09: 0000000000000000
[ 1767.393262][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bfac
[ 1767.401220][T32173] R13: 0000000000c9fb6f R14: 00007f65633fe9c0 R15: 000000000078bfac
[ 1767.409249][T32173] syz-executor.5  S28800  3673   7376 0x00000000
[ 1767.415563][T32173] Call Trace:
[ 1767.418886][T32173]  __schedule+0x8f3/0x1fc0
[ 1767.423332][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1767.428650][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1767.433916][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1767.439352][T32173]  schedule+0xd0/0x2a0
[ 1767.443402][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1767.448554][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1767.454019][T32173]  futex_wait+0x1e2/0x550
[ 1767.458364][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1767.463368][T32173]  ? print_usage_bug+0x240/0x240
[ 1767.468312][T32173]  ? kernel_text_address+0x6e/0xe0
[ 1767.473402][T32173]  ? hash_futex+0x10/0x200
[ 1767.477822][T32173]  ? futex_wake+0x153/0x480
[ 1767.482327][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1767.488283][T32173]  ? stack_trace_consume_entry+0x160/0x160
[ 1767.494085][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1767.500043][T32173]  do_futex+0x15f/0x1ad0
[ 1767.504270][T32173]  ? find_held_lock+0x2d/0x110
[ 1767.509010][T32173]  ? futex_exit_release+0x60/0x60
[ 1767.514012][T32173]  ? lock_downgrade+0x840/0x840
[ 1767.518840][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1767.523666][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1767.529635][T32173]  ? __might_fault+0x190/0x1d0
[ 1767.534375][T32173]  ? _copy_to_user+0x126/0x160
[ 1767.539118][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1767.543863][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1767.548345][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1767.553778][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1767.559736][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1767.564390][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1767.570348][T32173]  do_syscall_64+0xf6/0x7d0
[ 1767.574832][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1767.580701][T32173] RIP: 0033:0x45ca59
[ 1767.584574][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1767.604152][T32173] RSP: 002b:00007f656341ecf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1767.612537][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1767.620491][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1767.628453][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1767.636405][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1767.644364][T32173] R13: 0000000000c9fb6f R14: 00007f656341f9c0 R15: 000000000078bf0c
[ 1767.652329][T32173] syz-executor.5  T29856  3684   7376 0x00004004
[ 1767.658656][T32173] Call Trace:
[ 1767.661926][T32173]  __schedule+0x8f3/0x1fc0
[ 1767.666340][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1767.671606][T32173]  ? _raw_spin_unlock_irq+0x1f/0x80
[ 1767.676799][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1767.682777][T32173]  schedule+0xd0/0x2a0
[ 1767.686828][T32173]  do_signal_stop+0x31d/0x840
[ 1767.691490][T32173]  get_signal+0x100d/0x2510
[ 1767.695981][T32173]  do_signal+0x81/0x2240
[ 1767.700217][T32173]  ? check_kill_permission+0x53/0x540
[ 1767.705570][T32173]  ? copy_siginfo_to_user32+0xa0/0xa0
[ 1767.710934][T32173]  ? do_rt_tgsigqueueinfo+0xab/0x100
[ 1767.716221][T32173]  ? exit_to_usermode_loop+0x36/0x360
[ 1767.721569][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1767.727528][T32173]  exit_to_usermode_loop+0x26c/0x360
[ 1767.732792][T32173]  do_syscall_64+0x6b1/0x7d0
[ 1767.737480][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1767.743347][T32173] RIP: 0033:0x45ca59
[ 1767.747236][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1767.766830][T32173] RSP: 002b:00007f656341ec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000129
[ 1767.775216][T32173] RAX: 0000000000000000 RBX: 00000000004fc6a0 RCX: 000000000045ca59
[ 1767.783163][T32173] RDX: 0000000000000015 RSI: 0000000000000ab5 RDI: 0000000000000ab5
[ 1767.791111][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1767.799064][T32173] R10: 00000000200000c0 R11: 0000000000000246 R12: 00000000ffffffff
[ 1767.807018][T32173] R13: 00000000000008d0 R14: 00000000004cba6f R15: 00007f656341f6d4
[ 1767.814980][T32173] syz-executor.5  T29728  3726   7376 0x00004004
[ 1767.821307][T32173] Call Trace:
[ 1767.824576][T32173]  __schedule+0x8f3/0x1fc0
[ 1767.828974][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1767.834235][T32173]  ? _raw_spin_unlock_irq+0x1f/0x80
[ 1767.839409][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1767.845368][T32173]  schedule+0xd0/0x2a0
[ 1767.849415][T32173]  do_signal_stop+0x31d/0x840
[ 1767.854073][T32173]  get_signal+0x100d/0x2510
[ 1767.858563][T32173]  do_signal+0x81/0x2240
[ 1767.862782][T32173]  ? check_kill_permission+0x53/0x540
[ 1767.868143][T32173]  ? copy_siginfo_to_user32+0xa0/0xa0
[ 1767.873495][T32173]  ? do_rt_tgsigqueueinfo+0xab/0x100
[ 1767.878765][T32173]  ? exit_to_usermode_loop+0x36/0x360
[ 1767.884112][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1767.890071][T32173]  exit_to_usermode_loop+0x26c/0x360
[ 1767.895336][T32173]  do_syscall_64+0x6b1/0x7d0
[ 1767.899905][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1767.905771][T32173] RIP: 0033:0x45ca59
[ 1767.909642][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1767.929230][T32173] RSP: 002b:00007f656341ec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000129
[ 1767.937672][T32173] RAX: 0000000000000000 RBX: 00000000004fc6a0 RCX: 000000000045ca59
[ 1767.945632][T32173] RDX: 0000000000000015 RSI: 0000000000000ab9 RDI: 0000000000000ab9
[ 1767.953806][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1767.961855][T32173] R10: 00000000200000c0 R11: 0000000000000246 R12: 00000000ffffffff
[ 1767.969851][T32173] R13: 00000000000008d0 R14: 00000000004cba6f R15: 00007f656341f6d4
[ 1767.977820][T32173] syz-executor.3  S29824  3838   7107 0x00000000
[ 1767.984132][T32173] Call Trace:
[ 1767.987405][T32173]  __schedule+0x8f3/0x1fc0
[ 1767.991802][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1767.997116][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1768.002381][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1768.007857][T32173]  schedule+0xd0/0x2a0
[ 1768.011904][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1768.016993][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1768.022445][T32173]  futex_wait+0x1e2/0x550
[ 1768.026755][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1768.031757][T32173]  ? print_usage_bug+0x240/0x240
[ 1768.036678][T32173]  ? hash_futex+0x10/0x200
[ 1768.041072][T32173]  ? futex_wake+0x153/0x480
[ 1768.045577][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1768.051544][T32173]  ? mark_lock+0x11f/0xdd0
[ 1768.055939][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1768.061897][T32173]  do_futex+0x15f/0x1ad0
[ 1768.066126][T32173]  ? find_held_lock+0x2d/0x110
[ 1768.070868][T32173]  ? futex_exit_release+0x60/0x60
[ 1768.075889][T32173]  ? lock_downgrade+0x840/0x840
[ 1768.080805][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1768.085634][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1768.091594][T32173]  ? __might_fault+0x190/0x1d0
[ 1768.096340][T32173]  ? _copy_to_user+0x126/0x160
[ 1768.101104][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1768.105865][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1768.110348][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1768.115782][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1768.121740][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1768.126393][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1768.132464][T32173]  do_syscall_64+0xf6/0x7d0
[ 1768.136946][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1768.142818][T32173] RIP: 0033:0x45ca59
[ 1768.146705][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1768.166425][T32173] RSP: 002b:00007f65face9cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1768.174810][T32173] RAX: ffffffffffffffda RBX: 000000000078bfa8 RCX: 000000000045ca59
[ 1768.182757][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bfa8
[ 1768.190713][T32173] RBP: 000000000078bfa0 R08: 0000000000000000 R09: 0000000000000000
[ 1768.198667][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bfac
[ 1768.206614][T32173] R13: 0000000000c9fb6f R14: 00007f65facea9c0 R15: 000000000078bfac
[ 1768.214577][T32173] syz-executor.5  S29824  3840   7376 0x00000000
[ 1768.220903][T32173] Call Trace:
[ 1768.224173][T32173]  __schedule+0x8f3/0x1fc0
[ 1768.228584][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1768.233850][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1768.239129][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1768.244574][T32173]  schedule+0xd0/0x2a0
[ 1768.248625][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1768.253741][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1768.259184][T32173]  futex_wait+0x1e2/0x550
[ 1768.263504][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1768.268509][T32173]  ? print_usage_bug+0x240/0x240
[ 1768.273427][T32173]  ? hash_futex+0x10/0x200
[ 1768.277824][T32173]  ? futex_wake+0x153/0x480
[ 1768.282315][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1768.288278][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1768.294241][T32173]  do_futex+0x15f/0x1ad0
[ 1768.298516][T32173]  ? find_held_lock+0x2d/0x110
[ 1768.303317][T32173]  ? futex_exit_release+0x60/0x60
[ 1768.308341][T32173]  ? lock_downgrade+0x840/0x840
[ 1768.313172][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1768.318001][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1768.323965][T32173]  ? __might_fault+0x190/0x1d0
[ 1768.328793][T32173]  ? _copy_to_user+0x126/0x160
[ 1768.333539][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1768.338298][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1768.342794][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1768.348233][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1768.354189][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1768.358841][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1768.364820][T32173]  do_syscall_64+0xf6/0x7d0
[ 1768.369299][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1768.375185][T32173] RIP: 0033:0x45ca59
[ 1768.379092][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1768.398671][T32173] RSP: 002b:00007f65633dccf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1768.407074][T32173] RAX: ffffffffffffffda RBX: 000000000078c048 RCX: 000000000045ca59
[ 1768.415031][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078c048
[ 1768.422990][T32173] RBP: 000000000078c040 R08: 0000000000000000 R09: 0000000000000000
[ 1768.430941][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078c04c
[ 1768.438892][T32173] R13: 0000000000c9fb6f R14: 00007f65633dd9c0 R15: 000000000078c04c
[ 1768.446860][T32173] syz-executor.4  S27640  4538   7358 0x00000000
[ 1768.453175][T32173] Call Trace:
[ 1768.456451][T32173]  __schedule+0x8f3/0x1fc0
[ 1768.460847][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1768.466117][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1768.471384][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1768.476822][T32173]  schedule+0xd0/0x2a0
[ 1768.480870][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1768.485960][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1768.491392][T32173]  ? find_held_lock+0x2d/0x110
[ 1768.496135][T32173]  futex_wait+0x1e2/0x550
[ 1768.500443][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1768.505446][T32173]  ? print_usage_bug+0x240/0x240
[ 1768.510377][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1768.515553][T32173]  ? futex_wake+0x153/0x480
[ 1768.520044][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1768.526002][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1768.531959][T32173]  do_futex+0x15f/0x1ad0
[ 1768.536185][T32173]  ? find_held_lock+0x2d/0x110
[ 1768.540926][T32173]  ? futex_exit_release+0x60/0x60
[ 1768.545929][T32173]  ? lock_downgrade+0x840/0x840
[ 1768.550756][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1768.555583][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1768.561545][T32173]  ? __might_fault+0x190/0x1d0
[ 1768.566308][T32173]  ? _copy_to_user+0x126/0x160
[ 1768.571070][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1768.575815][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1768.580314][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1768.585750][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1768.591713][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1768.596365][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1768.602325][T32173]  do_syscall_64+0xf6/0x7d0
[ 1768.606808][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1768.612674][T32173] RIP: 0033:0x45ca59
[ 1768.616545][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1768.636257][T32173] RSP: 002b:00007fc7e9ef2cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1768.644643][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1768.652589][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1768.660545][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1768.668491][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1768.676440][T32173] R13: 0000000000c9fb6f R14: 00007fc7e9ef39c0 R15: 000000000078bf0c
[ 1768.684399][T32173] syz-executor.4  S27984  4693   7358 0x00000000
[ 1768.690704][T32173] Call Trace:
[ 1768.693975][T32173]  __schedule+0x8f3/0x1fc0
[ 1768.698367][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1768.703632][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1768.708897][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1768.714335][T32173]  schedule+0xd0/0x2a0
[ 1768.718379][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1768.723468][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1768.729023][T32173]  futex_wait+0x1e2/0x550
[ 1768.733332][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1768.738333][T32173]  ? wake_up_q+0xc1/0x140
[ 1768.742636][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1768.747810][T32173]  ? futex_wake+0x153/0x480
[ 1768.752302][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1768.758305][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1768.764272][T32173]  do_futex+0x15f/0x1ad0
[ 1768.768497][T32173]  ? find_held_lock+0x2d/0x110
[ 1768.773259][T32173]  ? futex_exit_release+0x60/0x60
[ 1768.778262][T32173]  ? lock_downgrade+0x840/0x840
[ 1768.783107][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1768.787949][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1768.793913][T32173]  ? __might_fault+0x190/0x1d0
[ 1768.798650][T32173]  ? _copy_to_user+0x126/0x160
[ 1768.803396][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1768.808138][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1768.812620][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1768.818052][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1768.824008][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1768.828676][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1768.834634][T32173]  do_syscall_64+0xf6/0x7d0
[ 1768.839132][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1768.844998][T32173] RIP: 0033:0x45ca59
[ 1768.848884][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1768.868465][T32173] RSP: 002b:00007fc7e9ed1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1768.876849][T32173] RAX: ffffffffffffffda RBX: 000000000078bfa8 RCX: 000000000045ca59
[ 1768.884796][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bfa8
[ 1768.892748][T32173] RBP: 000000000078bfa0 R08: 0000000000000000 R09: 0000000000000000
[ 1768.901045][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bfac
[ 1768.908992][T32173] R13: 0000000000c9fb6f R14: 00007fc7e9ed29c0 R15: 000000000078bfac
[ 1768.916959][T32173] syz-executor.5  S28304  4942   7376 0x00000000
[ 1768.923284][T32173] Call Trace:
[ 1768.926553][T32173]  __schedule+0x8f3/0x1fc0
[ 1768.930949][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1768.936213][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1768.941652][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1768.947088][T32173]  schedule+0xd0/0x2a0
[ 1768.951136][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1768.956328][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1768.961759][T32173]  ? find_held_lock+0x2d/0x110
[ 1768.966519][T32173]  futex_wait+0x1e2/0x550
[ 1768.970826][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1768.975827][T32173]  ? print_usage_bug+0x240/0x240
[ 1768.980744][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1768.985928][T32173]  ? futex_wake+0x153/0x480
[ 1768.990418][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1768.996374][T32173]  ? kvfree+0x42/0x50
[ 1769.000352][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1769.006312][T32173]  do_futex+0x15f/0x1ad0
[ 1769.010553][T32173]  ? find_held_lock+0x2d/0x110
[ 1769.015310][T32173]  ? futex_exit_release+0x60/0x60
[ 1769.020313][T32173]  ? lock_downgrade+0x840/0x840
[ 1769.025143][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1769.029971][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1769.035935][T32173]  ? __might_fault+0x190/0x1d0
[ 1769.040688][T32173]  ? _copy_to_user+0x126/0x160
[ 1769.045457][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1769.050201][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1769.054704][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1769.060158][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1769.066135][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1769.070788][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1769.076746][T32173]  do_syscall_64+0xf6/0x7d0
[ 1769.081228][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1769.087093][T32173] RIP: 0033:0x45ca59
[ 1769.090967][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1769.110543][T32173] RSP: 002b:00007f656341ecf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1769.118928][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1769.126887][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1769.134831][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1769.142777][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1769.150734][T32173] R13: 0000000000c9fb6f R14: 00007f656341f9c0 R15: 000000000078bf0c
[ 1769.158714][T32173] syz-executor.5  S29816  4954   7376 0x00000000
[ 1769.165130][T32173] Call Trace:
[ 1769.168401][T32173]  __schedule+0x8f3/0x1fc0
[ 1769.172806][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1769.178072][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1769.183332][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1769.188765][T32173]  schedule+0xd0/0x2a0
[ 1769.192820][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1769.197906][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1769.203343][T32173]  futex_wait+0x1e2/0x550
[ 1769.207663][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1769.212673][T32173]  ? wake_up_q+0xc1/0x140
[ 1769.216979][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1769.222154][T32173]  ? futex_wake+0x153/0x480
[ 1769.226643][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1769.232593][T32173]  ? mark_lock+0x11f/0xdd0
[ 1769.236984][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1769.242940][T32173]  do_futex+0x15f/0x1ad0
[ 1769.247171][T32173]  ? find_held_lock+0x2d/0x110
[ 1769.251909][T32173]  ? futex_exit_release+0x60/0x60
[ 1769.256919][T32173]  ? lock_downgrade+0x840/0x840
[ 1769.261757][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1769.266591][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1769.272563][T32173]  ? __might_fault+0x190/0x1d0
[ 1769.277314][T32173]  ? debug_smp_processor_id+0x2f/0x185
[ 1769.282754][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1769.287494][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1769.291971][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1769.297402][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1769.303369][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1769.308021][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1769.313984][T32173]  do_syscall_64+0xf6/0x7d0
[ 1769.318476][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1769.324341][T32173] RIP: 0033:0x45ca59
[ 1769.328227][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1769.347813][T32173] RSP: 002b:00007f656341ecf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1769.356197][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1769.364148][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1769.372092][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1769.380036][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1769.387982][T32173] R13: 0000000000c9fb6f R14: 00007f656341f9c0 R15: 000000000078bf0c
[ 1769.395952][T32173] syz-executor.5  S29816  4963   7376 0x00000000
[ 1769.402268][T32173] Call Trace:
[ 1769.405536][T32173]  __schedule+0x8f3/0x1fc0
[ 1769.409937][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1769.415219][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1769.420499][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1769.425945][T32173]  schedule+0xd0/0x2a0
[ 1769.429996][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1769.435090][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1769.440530][T32173]  futex_wait+0x1e2/0x550
[ 1769.444839][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1769.449841][T32173]  ? wake_up_q+0xc1/0x140
[ 1769.454159][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1769.459332][T32173]  ? futex_wake+0x153/0x480
[ 1769.463834][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1769.469783][T32173]  ? mark_lock+0x11f/0xdd0
[ 1769.474177][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1769.480146][T32173]  do_futex+0x15f/0x1ad0
[ 1769.484392][T32173]  ? find_held_lock+0x2d/0x110
[ 1769.489144][T32173]  ? futex_exit_release+0x60/0x60
[ 1769.494147][T32173]  ? lock_downgrade+0x840/0x840
[ 1769.498971][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1769.503797][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1769.509759][T32173]  ? __might_fault+0x190/0x1d0
[ 1769.514497][T32173]  ? debug_smp_processor_id+0x2f/0x185
[ 1769.519934][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1769.524676][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1769.529154][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1769.534607][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1769.540572][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1769.545239][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1769.551301][T32173]  do_syscall_64+0xf6/0x7d0
[ 1769.555790][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1769.561654][T32173] RIP: 0033:0x45ca59
[ 1769.565537][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1769.585225][T32173] RSP: 002b:00007f656341ecf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1769.593618][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1769.601561][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1769.609517][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1769.617465][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1769.625423][T32173] R13: 0000000000c9fb6f R14: 00007f656341f9c0 R15: 000000000078bf0c
[ 1769.633395][T32173] syz-executor.1  S29824  4967   6929 0x00000000
[ 1769.640064][T32173] Call Trace:
[ 1769.643332][T32173]  __schedule+0x8f3/0x1fc0
[ 1769.647721][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1769.652999][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1769.658258][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1769.663693][T32173]  schedule+0xd0/0x2a0
[ 1769.667737][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1769.672823][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1769.678272][T32173]  futex_wait+0x1e2/0x550
[ 1769.682592][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1769.687593][T32173]  ? wake_up_q+0xc1/0x140
[ 1769.691904][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1769.697095][T32173]  ? futex_wake+0x153/0x480
[ 1769.701579][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1769.707532][T32173]  ? mark_lock+0x11f/0xdd0
[ 1769.711937][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1769.717892][T32173]  do_futex+0x15f/0x1ad0
[ 1769.722145][T32173]  ? find_held_lock+0x2d/0x110
[ 1769.726886][T32173]  ? futex_exit_release+0x60/0x60
[ 1769.731908][T32173]  ? lock_downgrade+0x840/0x840
[ 1769.736737][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1769.741563][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1769.747625][T32173]  ? __might_fault+0x190/0x1d0
[ 1769.752375][T32173]  ? debug_smp_processor_id+0x2f/0x185
[ 1769.757816][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1769.762555][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1769.767033][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1769.772463][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1769.778417][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1769.783068][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1769.789027][T32173]  do_syscall_64+0xf6/0x7d0
[ 1769.793506][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1769.799371][T32173] RIP: 0033:0x45ca59
[ 1769.803242][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1769.822824][T32173] RSP: 002b:00007f7591596cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1769.831211][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1769.839155][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1769.847099][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1769.855042][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1769.863001][T32173] R13: 0000000000c9fb6f R14: 00007f75915979c0 R15: 000000000078bf0c
[ 1769.870967][T32173] syz-executor.5  S29824  4981   7376 0x00000000
[ 1769.877283][T32173] Call Trace:
[ 1769.880552][T32173]  __schedule+0x8f3/0x1fc0
[ 1769.884943][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1769.890207][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1769.895487][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1769.900985][T32173]  schedule+0xd0/0x2a0
[ 1769.905045][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1769.910137][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1769.915588][T32173]  futex_wait+0x1e2/0x550
[ 1769.919898][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1769.924899][T32173]  ? wake_up_q+0xc1/0x140
[ 1769.929214][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1769.934394][T32173]  ? futex_wake+0x153/0x480
[ 1769.938886][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1769.944838][T32173]  ? mark_lock+0x11f/0xdd0
[ 1769.949252][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1769.955256][T32173]  do_futex+0x15f/0x1ad0
[ 1769.959488][T32173]  ? find_held_lock+0x2d/0x110
[ 1769.964270][T32173]  ? futex_exit_release+0x60/0x60
[ 1769.969277][T32173]  ? lock_downgrade+0x840/0x840
[ 1769.974106][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1769.978970][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1769.984936][T32173]  ? __might_fault+0x190/0x1d0
[ 1769.989676][T32173]  ? _copy_to_user+0x126/0x160
[ 1769.994421][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1769.999163][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1770.003645][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1770.009076][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1770.015030][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1770.019682][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1770.025640][T32173]  do_syscall_64+0xf6/0x7d0
[ 1770.030123][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1770.035989][T32173] RIP: 0033:0x45ca59
[ 1770.039892][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1770.059467][T32173] RSP: 002b:00007f656341ecf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1770.067865][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1770.075810][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1770.083755][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1770.091722][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1770.099668][T32173] R13: 0000000000c9fb6f R14: 00007f656341f9c0 R15: 000000000078bf0c
[ 1770.107674][T32173] syz-executor.1  S29824  4983   6929 0x00000000
[ 1770.113983][T32173] Call Trace:
[ 1770.117255][T32173]  __schedule+0x8f3/0x1fc0
[ 1770.121648][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1770.126912][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1770.132178][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1770.137614][T32173]  schedule+0xd0/0x2a0
[ 1770.141664][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1770.146752][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1770.152189][T32173]  futex_wait+0x1e2/0x550
[ 1770.156497][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1770.161496][T32173]  ? wake_up_q+0xc1/0x140
[ 1770.165800][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1770.170971][T32173]  ? futex_wake+0x153/0x480
[ 1770.175482][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1770.181441][T32173]  do_futex+0x15f/0x1ad0
[ 1770.185697][T32173]  ? find_held_lock+0x2d/0x110
[ 1770.190437][T32173]  ? finish_task_switch+0x147/0x750
[ 1770.195612][T32173]  ? futex_exit_release+0x60/0x60
[ 1770.200610][T32173]  ? lock_downgrade+0x840/0x840
[ 1770.205503][T32173]  ? perf_sched_cb_inc+0x250/0x250
[ 1770.210630][T32173]  ? _raw_spin_unlock_irq+0x1f/0x80
[ 1770.215838][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1770.221815][T32173]  ? _raw_spin_unlock_irq+0x55/0x80
[ 1770.226987][T32173]  ? finish_task_switch+0x147/0x750
[ 1770.232158][T32173]  ? finish_task_switch+0x119/0x750
[ 1770.237366][T32173]  ? debug_smp_processor_id+0x2f/0x185
[ 1770.242915][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1770.247670][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1770.252157][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1770.257596][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1770.263557][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1770.268213][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1770.274171][T32173]  do_syscall_64+0xf6/0x7d0
[ 1770.278655][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1770.284541][T32173] RIP: 0033:0x45ca59
[ 1770.288412][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1770.308002][T32173] RSP: 002b:00007f7591596cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1770.316390][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1770.324347][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1770.332295][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1770.340252][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1770.348197][T32173] R13: 0000000000c9fb6f R14: 00007f75915979c0 R15: 000000000078bf0c
[ 1770.356162][T32173] syz-executor.1  S29816  4997   6929 0x00000000
[ 1770.362469][T32173] Call Trace:
[ 1770.365738][T32173]  __schedule+0x8f3/0x1fc0
[ 1770.370131][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1770.375413][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1770.380674][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1770.386124][T32173]  schedule+0xd0/0x2a0
[ 1770.390180][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1770.395267][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1770.400704][T32173]  futex_wait+0x1e2/0x550
[ 1770.405025][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1770.410032][T32173]  ? wake_up_q+0xc1/0x140
[ 1770.414387][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1770.419572][T32173]  ? futex_wake+0x153/0x480
[ 1770.424064][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1770.430199][T32173]  ? mark_lock+0x11f/0xdd0
[ 1770.434600][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1770.440600][T32173]  do_futex+0x15f/0x1ad0
[ 1770.444845][T32173]  ? find_held_lock+0x2d/0x110
[ 1770.449591][T32173]  ? futex_exit_release+0x60/0x60
[ 1770.454609][T32173]  ? lock_downgrade+0x840/0x840
[ 1770.459444][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1770.464275][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1770.470238][T32173]  ? __might_fault+0x190/0x1d0
[ 1770.475068][T32173]  ? debug_smp_processor_id+0x2f/0x185
[ 1770.480602][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1770.485347][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1770.489830][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1770.495263][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1770.501219][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1770.505871][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1770.511830][T32173]  do_syscall_64+0xf6/0x7d0
[ 1770.516316][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1770.522209][T32173] RIP: 0033:0x45ca59
[ 1770.526091][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1770.545670][T32173] RSP: 002b:00007f7591596cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1770.554058][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1770.562003][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1770.569962][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1770.577909][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1770.585866][T32173] R13: 0000000000c9fb6f R14: 00007f75915979c0 R15: 000000000078bf0c
[ 1770.593838][T32173] syz-executor.1  T28720  5141   6929 0x01004014
[ 1770.600172][T32173] Call Trace:
[ 1770.603443][T32173]  __schedule+0x8f3/0x1fc0
[ 1770.607839][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1770.613099][T32173]  ? _raw_spin_unlock_irq+0x1f/0x80
[ 1770.618271][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1770.624228][T32173]  schedule+0xd0/0x2a0
[ 1770.628271][T32173]  do_signal_stop+0x31d/0x840
[ 1770.632940][T32173]  get_signal+0x100d/0x2510
[ 1770.637428][T32173]  do_signal+0x81/0x2240
[ 1770.641646][T32173]  ? check_kill_permission+0x53/0x540
[ 1770.647009][T32173]  ? copy_siginfo_to_user32+0xa0/0xa0
[ 1770.652356][T32173]  ? do_rt_tgsigqueueinfo+0xab/0x100
[ 1770.657624][T32173]  ? exit_to_usermode_loop+0x36/0x360
[ 1770.662973][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1770.668930][T32173]  exit_to_usermode_loop+0x26c/0x360
[ 1770.674193][T32173]  do_syscall_64+0x6b1/0x7d0
[ 1770.678774][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1770.684642][T32173] RIP: 0033:0x45ca59
[ 1770.688511][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1770.708086][T32173] RSP: 002b:00007f7591596c78 EFLAGS: 00000346 ORIG_RAX: 0000000000000129
[ 1770.716469][T32173] RAX: 0000000000000000 RBX: 00000000004fc6a0 RCX: 000000000045ca59
[ 1770.724415][T32173] RDX: 0000000000000015 RSI: 0000000000000bb5 RDI: 0000000000000bb5
[ 1770.732364][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1770.740310][T32173] R10: 00000000200000c0 R11: 0000000000000246 R12: 00000000ffffffff
[ 1770.748269][T32173] R13: 00000000000008d0 R14: 00000000004cba6f R15: 00007f75915976d4
[ 1770.756245][T32173] syz-executor.1  T28720  5155   6929 0x01004014
[ 1770.762550][T32173] Call Trace:
[ 1770.765818][T32173]  __schedule+0x8f3/0x1fc0
[ 1770.770214][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1770.775472][T32173]  ? _raw_spin_unlock_irq+0x1f/0x80
[ 1770.780655][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1770.786614][T32173]  schedule+0xd0/0x2a0
[ 1770.790659][T32173]  do_signal_stop+0x31d/0x840
[ 1770.795318][T32173]  get_signal+0x958/0x2510
[ 1770.799732][T32173]  do_signal+0x81/0x2240
[ 1770.803962][T32173]  ? check_kill_permission+0x53/0x540
[ 1770.809314][T32173]  ? copy_siginfo_to_user32+0xa0/0xa0
[ 1770.814662][T32173]  ? do_rt_tgsigqueueinfo+0xab/0x100
[ 1770.819930][T32173]  ? exit_to_usermode_loop+0x36/0x360
[ 1770.825275][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1770.831233][T32173]  exit_to_usermode_loop+0x26c/0x360
[ 1770.836495][T32173]  do_syscall_64+0x6b1/0x7d0
[ 1770.841060][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1770.846926][T32173] RIP: 0033:0x45ca59
[ 1770.850798][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1770.870386][T32173] RSP: 002b:00007f7591596c78 EFLAGS: 00000346 ORIG_RAX: 0000000000000129
[ 1770.878770][T32173] RAX: 0000000000000000 RBX: 00000000004fc6a0 RCX: 000000000045ca59
[ 1770.886717][T32173] RDX: 0000000000000015 RSI: 0000000000000bba RDI: 0000000000000bba
[ 1770.894675][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1770.902628][T32173] R10: 00000000200000c0 R11: 0000000000000246 R12: 00000000ffffffff
[ 1770.911008][T32173] R13: 00000000000008d0 R14: 00000000004cba6f R15: 00007f75915976d4
[ 1770.918969][T32173] syz-executor.1  T28720  5162   6929 0x01004014
[ 1770.925307][T32173] Call Trace:
[ 1770.928586][T32173]  __schedule+0x8f3/0x1fc0
[ 1770.932986][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1770.938247][T32173]  ? _raw_spin_unlock_irq+0x1f/0x80
[ 1770.943432][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1770.949390][T32173]  schedule+0xd0/0x2a0
[ 1770.953438][T32173]  do_signal_stop+0x31d/0x840
[ 1770.958093][T32173]  get_signal+0x958/0x2510
[ 1770.962492][T32173]  do_signal+0x81/0x2240
[ 1770.966720][T32173]  ? check_kill_permission+0x53/0x540
[ 1770.972070][T32173]  ? copy_siginfo_to_user32+0xa0/0xa0
[ 1770.977419][T32173]  ? do_rt_tgsigqueueinfo+0xab/0x100
[ 1770.982689][T32173]  ? exit_to_usermode_loop+0x36/0x360
[ 1770.988068][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1770.994039][T32173]  exit_to_usermode_loop+0x26c/0x360
[ 1770.999304][T32173]  do_syscall_64+0x6b1/0x7d0
[ 1771.003887][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1771.009756][T32173] RIP: 0033:0x45ca59
[ 1771.013627][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1771.033215][T32173] RSP: 002b:00007f7591596c78 EFLAGS: 00000346 ORIG_RAX: 0000000000000129
[ 1771.041607][T32173] RAX: 0000000000000000 RBX: 00000000004fc6a0 RCX: 000000000045ca59
[ 1771.049550][T32173] RDX: 0000000000000015 RSI: 0000000000000bbd RDI: 0000000000000bbd
[ 1771.057516][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1771.065462][T32173] R10: 00000000200000c0 R11: 0000000000000246 R12: 00000000ffffffff
[ 1771.073423][T32173] R13: 00000000000008d0 R14: 00000000004cba6f R15: 00007f75915976d4
[ 1771.081392][T32173] syz-executor.1  T28720  5170   6929 0x01004014
[ 1771.087709][T32173] Call Trace:
[ 1771.090977][T32173]  __schedule+0x8f3/0x1fc0
[ 1771.095396][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1771.100655][T32173]  ? _raw_spin_unlock_irq+0x1f/0x80
[ 1771.105830][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1771.111800][T32173]  schedule+0xd0/0x2a0
[ 1771.115848][T32173]  do_signal_stop+0x31d/0x840
[ 1771.120504][T32173]  get_signal+0x958/0x2510
[ 1771.124909][T32173]  do_signal+0x81/0x2240
[ 1771.129128][T32173]  ? check_kill_permission+0x53/0x540
[ 1771.134480][T32173]  ? copy_siginfo_to_user32+0xa0/0xa0
[ 1771.139830][T32173]  ? do_rt_tgsigqueueinfo+0xab/0x100
[ 1771.145100][T32173]  ? exit_to_usermode_loop+0x36/0x360
[ 1771.150884][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1771.156841][T32173]  exit_to_usermode_loop+0x26c/0x360
[ 1771.162124][T32173]  do_syscall_64+0x6b1/0x7d0
[ 1771.166704][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1771.172577][T32173] RIP: 0033:0x45ca59
[ 1771.176470][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1771.196051][T32173] RSP: 002b:00007f7591596c78 EFLAGS: 00000346 ORIG_RAX: 0000000000000129
[ 1771.204453][T32173] RAX: 0000000000000000 RBX: 00000000004fc6a0 RCX: 000000000045ca59
[ 1771.212403][T32173] RDX: 0000000000000015 RSI: 0000000000000bc0 RDI: 0000000000000bc0
[ 1771.220368][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1771.228322][T32173] R10: 00000000200000c0 R11: 0000000000000246 R12: 00000000ffffffff
[ 1771.236303][T32173] R13: 00000000000008d0 R14: 00000000004cba6f R15: 00007f75915976d4
[ 1771.244274][T32173] syz-executor.1  T29728  5180   6929 0x01004014
[ 1771.250636][T32173] Call Trace:
[ 1771.253917][T32173]  __schedule+0x8f3/0x1fc0
[ 1771.258318][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1771.263620][T32173]  ? _raw_spin_unlock_irq+0x1f/0x80
[ 1771.268797][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1771.274772][T32173]  schedule+0xd0/0x2a0
[ 1771.278821][T32173]  do_signal_stop+0x31d/0x840
[ 1771.283491][T32173]  get_signal+0x958/0x2510
[ 1771.287910][T32173]  do_signal+0x81/0x2240
[ 1771.292127][T32173]  ? check_kill_permission+0x53/0x540
[ 1771.297479][T32173]  ? copy_siginfo_to_user32+0xa0/0xa0
[ 1771.302833][T32173]  ? do_rt_tgsigqueueinfo+0xab/0x100
[ 1771.308104][T32173]  ? exit_to_usermode_loop+0x36/0x360
[ 1771.313462][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1771.319421][T32173]  exit_to_usermode_loop+0x26c/0x360
[ 1771.324684][T32173]  do_syscall_64+0x6b1/0x7d0
[ 1771.329251][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1771.335116][T32173] RIP: 0033:0x45ca59
[ 1771.338986][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1771.358573][T32173] RSP: 002b:00007f7591596c78 EFLAGS: 00000346 ORIG_RAX: 0000000000000129
[ 1771.366973][T32173] RAX: 0000000000000000 RBX: 00000000004fc6a0 RCX: 000000000045ca59
[ 1771.374932][T32173] RDX: 0000000000000015 RSI: 0000000000000bc3 RDI: 0000000000000bc3
[ 1771.382891][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1771.390843][T32173] R10: 00000000200000c0 R11: 0000000000000246 R12: 00000000ffffffff
[ 1771.398791][T32173] R13: 00000000000008d0 R14: 00000000004cba6f R15: 00007f75915976d4
[ 1771.406753][T32173] syz-executor.3  T28720  5187   7107 0x01004014
[ 1771.413068][T32173] Call Trace:
[ 1771.416343][T32173]  __schedule+0x8f3/0x1fc0
[ 1771.420744][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1771.426007][T32173]  ? _raw_spin_unlock_irq+0x1f/0x80
[ 1771.431185][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1771.437147][T32173]  schedule+0xd0/0x2a0
[ 1771.441198][T32173]  do_signal_stop+0x31d/0x840
[ 1771.445857][T32173]  get_signal+0x958/0x2510
[ 1771.450263][T32173]  do_signal+0x81/0x2240
[ 1771.454483][T32173]  ? check_kill_permission+0x53/0x540
[ 1771.459838][T32173]  ? copy_siginfo_to_user32+0xa0/0xa0
[ 1771.465229][T32173]  ? do_rt_tgsigqueueinfo+0xab/0x100
[ 1771.470517][T32173]  ? exit_to_usermode_loop+0x36/0x360
[ 1771.475880][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1771.481857][T32173]  exit_to_usermode_loop+0x26c/0x360
[ 1771.487152][T32173]  do_syscall_64+0x6b1/0x7d0
[ 1771.491727][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1771.497595][T32173] RIP: 0033:0x45ca59
[ 1771.501464][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1771.521052][T32173] RSP: 002b:00007f65fad0ac78 EFLAGS: 00000346 ORIG_RAX: 0000000000000129
[ 1771.529437][T32173] RAX: 0000000000000000 RBX: 00000000004fc6a0 RCX: 000000000045ca59
[ 1771.537395][T32173] RDX: 0000000000000015 RSI: 0000000000000bd7 RDI: 0000000000000bd7
[ 1771.545344][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1771.553291][T32173] R10: 00000000200000c0 R11: 0000000000000246 R12: 00000000ffffffff
[ 1771.561236][T32173] R13: 00000000000008d0 R14: 00000000004cba6f R15: 00007f65fad0b6d4
[ 1771.569197][T32173] syz-executor.3  T28720  5196   7107 0x01004014
[ 1771.575524][T32173] Call Trace:
[ 1771.578793][T32173]  __schedule+0x8f3/0x1fc0
[ 1771.583188][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1771.588447][T32173]  ? _raw_spin_unlock_irq+0x1f/0x80
[ 1771.593632][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1771.599589][T32173]  schedule+0xd0/0x2a0
[ 1771.603635][T32173]  do_signal_stop+0x31d/0x840
[ 1771.608292][T32173]  get_signal+0x100d/0x2510
[ 1771.612780][T32173]  do_signal+0x81/0x2240
[ 1771.617010][T32173]  ? check_kill_permission+0x53/0x540
[ 1771.622357][T32173]  ? copy_siginfo_to_user32+0xa0/0xa0
[ 1771.627719][T32173]  ? do_rt_tgsigqueueinfo+0xab/0x100
[ 1771.632986][T32173]  ? exit_to_usermode_loop+0x36/0x360
[ 1771.638331][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1771.644289][T32173]  exit_to_usermode_loop+0x26c/0x360
[ 1771.649552][T32173]  do_syscall_64+0x6b1/0x7d0
[ 1771.654119][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1771.659998][T32173] RIP: 0033:0x45ca59
[ 1771.663870][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1771.683449][T32173] RSP: 002b:00007f65fad0ac78 EFLAGS: 00000346 ORIG_RAX: 0000000000000129
[ 1771.691832][T32173] RAX: 0000000000000000 RBX: 00000000004fc6a0 RCX: 000000000045ca59
[ 1771.699778][T32173] RDX: 0000000000000015 RSI: 0000000000000bda RDI: 0000000000000bda
[ 1771.707723][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1771.715679][T32173] R10: 00000000200000c0 R11: 0000000000000246 R12: 00000000ffffffff
[ 1771.723625][T32173] R13: 00000000000008d0 R14: 00000000004cba6f R15: 00007f65fad0b6d4
[ 1771.731585][T32173] syz-executor.1  T28720  5197   6929 0x01004014
[ 1771.737891][T32173] Call Trace:
[ 1771.741160][T32173]  __schedule+0x8f3/0x1fc0
[ 1771.745559][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1771.750817][T32173]  ? _raw_spin_unlock_irq+0x1f/0x80
[ 1771.755999][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1771.761974][T32173]  schedule+0xd0/0x2a0
[ 1771.766020][T32173]  do_signal_stop+0x31d/0x840
[ 1771.770676][T32173]  get_signal+0x958/0x2510
[ 1771.775078][T32173]  do_signal+0x81/0x2240
[ 1771.779296][T32173]  ? check_kill_permission+0x53/0x540
[ 1771.784647][T32173]  ? copy_siginfo_to_user32+0xa0/0xa0
[ 1771.789994][T32173]  ? do_rt_tgsigqueueinfo+0xab/0x100
[ 1771.795263][T32173]  ? exit_to_usermode_loop+0x36/0x360
[ 1771.800620][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1771.806592][T32173]  exit_to_usermode_loop+0x26c/0x360
[ 1771.811853][T32173]  do_syscall_64+0x6b1/0x7d0
[ 1771.816435][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1771.822299][T32173] RIP: 0033:0x45ca59
[ 1771.826183][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1771.845760][T32173] RSP: 002b:00007f7591596c78 EFLAGS: 00000346 ORIG_RAX: 0000000000000129
[ 1771.854154][T32173] RAX: 0000000000000000 RBX: 00000000004fc6a0 RCX: 000000000045ca59
[ 1771.862099][T32173] RDX: 0000000000000015 RSI: 0000000000000bc7 RDI: 0000000000000bc7
[ 1771.870051][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1771.877999][T32173] R10: 00000000200000c0 R11: 0000000000000246 R12: 00000000ffffffff
[ 1771.885947][T32173] R13: 00000000000008d0 R14: 00000000004cba6f R15: 00007f75915976d4
[ 1771.893920][T32173] syz-executor.3  T28720  5206   7107 0x01004014
[ 1771.900229][T32173] Call Trace:
[ 1771.903502][T32173]  __schedule+0x8f3/0x1fc0
[ 1771.907913][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1771.913172][T32173]  ? _raw_spin_unlock_irq+0x1f/0x80
[ 1771.918345][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1771.924302][T32173]  schedule+0xd0/0x2a0
[ 1771.928348][T32173]  do_signal_stop+0x31d/0x840
[ 1771.933006][T32173]  get_signal+0x100d/0x2510
[ 1771.937497][T32173]  do_signal+0x81/0x2240
[ 1771.941719][T32173]  ? copy_siginfo_to_user32+0xa0/0xa0
[ 1771.947068][T32173]  ? do_rt_tgsigqueueinfo+0xab/0x100
[ 1771.952337][T32173]  ? exit_to_usermode_loop+0x36/0x360
[ 1771.957686][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1771.963656][T32173]  exit_to_usermode_loop+0x26c/0x360
[ 1771.968926][T32173]  do_syscall_64+0x6b1/0x7d0
[ 1771.973494][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1771.979357][T32173] RIP: 0033:0x45ca59
[ 1771.983235][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1772.002814][T32173] RSP: 002b:00007f65fad0ac78 EFLAGS: 00000346 ORIG_RAX: 0000000000000129
[ 1772.011197][T32173] RAX: 0000000000000000 RBX: 00000000004fc6a0 RCX: 000000000045ca59
[ 1772.019144][T32173] RDX: 0000000000000015 RSI: 0000000000000bdd RDI: 0000000000000bdd
[ 1772.027112][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1772.035057][T32173] R10: 00000000200000c0 R11: 0000000000000246 R12: 00000000ffffffff
[ 1772.043015][T32173] R13: 00000000000008d0 R14: 00000000004cba6f R15: 00007f65fad0b6d4
[ 1772.050978][T32173] syz-executor.1  T28720  5209   6929 0x01004014
[ 1772.057285][T32173] Call Trace:
[ 1772.060553][T32173]  __schedule+0x8f3/0x1fc0
[ 1772.064950][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1772.070210][T32173]  ? _raw_spin_unlock_irq+0x1f/0x80
[ 1772.075385][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1772.081353][T32173]  schedule+0xd0/0x2a0
[ 1772.085400][T32173]  do_signal_stop+0x31d/0x840
[ 1772.090055][T32173]  get_signal+0x100d/0x2510
[ 1772.094546][T32173]  do_signal+0x81/0x2240
[ 1772.098763][T32173]  ? check_kill_permission+0x53/0x540
[ 1772.104125][T32173]  ? copy_siginfo_to_user32+0xa0/0xa0
[ 1772.109483][T32173]  ? do_rt_tgsigqueueinfo+0xab/0x100
[ 1772.114751][T32173]  ? exit_to_usermode_loop+0x36/0x360
[ 1772.120098][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1772.126057][T32173]  exit_to_usermode_loop+0x26c/0x360
[ 1772.131331][T32173]  do_syscall_64+0x6b1/0x7d0
[ 1772.135899][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1772.141764][T32173] RIP: 0033:0x45ca59
[ 1772.145644][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1772.165231][T32173] RSP: 002b:00007f7591596c78 EFLAGS: 00000346 ORIG_RAX: 0000000000000129
[ 1772.173614][T32173] RAX: 0000000000000000 RBX: 00000000004fc6a0 RCX: 000000000045ca59
[ 1772.181573][T32173] RDX: 0000000000000015 RSI: 0000000000000bca RDI: 0000000000000bca
[ 1772.189528][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1772.197486][T32173] R10: 00000000200000c0 R11: 0000000000000246 R12: 00000000ffffffff
[ 1772.205438][T32173] R13: 00000000000008d0 R14: 00000000004cba6f R15: 00007f75915976d4
[ 1772.213403][T32173] syz-executor.4  S29824  5674   7358 0x00000000
[ 1772.219716][T32173] Call Trace:
[ 1772.222994][T32173]  __schedule+0x8f3/0x1fc0
[ 1772.227390][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1772.232656][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1772.237935][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1772.243381][T32173]  schedule+0xd0/0x2a0
[ 1772.247434][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1772.252558][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1772.258008][T32173]  futex_wait+0x1e2/0x550
[ 1772.262335][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1772.267344][T32173]  ? print_usage_bug+0x240/0x240
[ 1772.272260][T32173]  ? hash_futex+0x10/0x200
[ 1772.276666][T32173]  ? futex_wake+0x153/0x480
[ 1772.281156][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1772.287127][T32173]  ? do_wp_page+0x512/0x1440
[ 1772.291714][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1772.297677][T32173]  do_futex+0x15f/0x1ad0
[ 1772.301904][T32173]  ? find_held_lock+0x2d/0x110
[ 1772.306647][T32173]  ? futex_exit_release+0x60/0x60
[ 1772.311649][T32173]  ? lock_downgrade+0x840/0x840
[ 1772.316486][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1772.321311][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1772.327707][T32173]  ? __might_fault+0x190/0x1d0
[ 1772.332448][T32173]  ? _copy_to_user+0x126/0x160
[ 1772.337193][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1772.341937][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1772.346431][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1772.351863][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1772.357826][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1772.362502][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1772.368470][T32173]  do_syscall_64+0xf6/0x7d0
[ 1772.372970][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1772.378844][T32173] RIP: 0033:0x45ca59
[ 1772.382720][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1772.402302][T32173] RSP: 002b:00007fc7e9ef2cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1772.410702][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1772.418654][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1772.426663][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1772.434615][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1772.442564][T32173] R13: 0000000000c9fb6f R14: 00007fc7e9ef39c0 R15: 000000000078bf0c
[ 1772.450527][T32173] syz-executor.4  S29824  5677   7358 0x00000000
[ 1772.456834][T32173] Call Trace:
[ 1772.460105][T32173]  __schedule+0x8f3/0x1fc0
[ 1772.464500][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1772.469761][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1772.475024][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1772.480473][T32173]  schedule+0xd0/0x2a0
[ 1772.484525][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1772.489612][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1772.495091][T32173]  ? find_held_lock+0x2d/0x110
[ 1772.499880][T32173]  futex_wait+0x1e2/0x550
[ 1772.504194][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1772.509199][T32173]  ? print_usage_bug+0x240/0x240
[ 1772.514115][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1772.519292][T32173]  ? futex_wake+0x153/0x480
[ 1772.523779][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1772.529735][T32173]  ? do_wp_page+0x512/0x1440
[ 1772.534301][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1772.540258][T32173]  do_futex+0x15f/0x1ad0
[ 1772.544488][T32173]  ? find_held_lock+0x2d/0x110
[ 1772.549249][T32173]  ? futex_exit_release+0x60/0x60
[ 1772.554251][T32173]  ? lock_downgrade+0x840/0x840
[ 1772.559089][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1772.563946][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1772.569906][T32173]  ? __might_fault+0x190/0x1d0
[ 1772.574647][T32173]  ? _copy_to_user+0x126/0x160
[ 1772.579391][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1772.584145][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1772.588629][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1772.594060][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1772.600016][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1772.604669][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1772.610625][T32173]  do_syscall_64+0xf6/0x7d0
[ 1772.615122][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1772.620988][T32173] RIP: 0033:0x45ca59
[ 1772.624863][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1772.644448][T32173] RSP: 002b:00007fc7e9ef2cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1772.652833][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1772.661312][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1772.669255][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1772.677211][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1772.685168][T32173] R13: 0000000000c9fb6f R14: 00007fc7e9ef39c0 R15: 000000000078bf0c
[ 1772.693139][T32173] syz-executor.4  S29824  5684   7358 0x00000000
[ 1772.699446][T32173] Call Trace:
[ 1772.702813][T32173]  __schedule+0x8f3/0x1fc0
[ 1772.707210][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1772.712484][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1772.717765][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1772.723202][T32173]  schedule+0xd0/0x2a0
[ 1772.727247][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1772.732343][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1772.737792][T32173]  futex_wait+0x1e2/0x550
[ 1772.742108][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1772.747107][T32173]  ? print_usage_bug+0x240/0x240
[ 1772.752021][T32173]  ? hash_futex+0x10/0x200
[ 1772.756412][T32173]  ? futex_wake+0x153/0x480
[ 1772.760897][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1772.766871][T32173]  ? do_wp_page+0x512/0x1440
[ 1772.771435][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1772.777390][T32173]  do_futex+0x15f/0x1ad0
[ 1772.781626][T32173]  ? find_held_lock+0x2d/0x110
[ 1772.786368][T32173]  ? futex_exit_release+0x60/0x60
[ 1772.791366][T32173]  ? lock_downgrade+0x840/0x840
[ 1772.796191][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1772.801016][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1772.806976][T32173]  ? __might_fault+0x190/0x1d0
[ 1772.811722][T32173]  ? _copy_to_user+0x126/0x160
[ 1772.816465][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1772.821205][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1772.825685][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1772.831119][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1772.837072][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1772.841723][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1772.847691][T32173]  do_syscall_64+0xf6/0x7d0
[ 1772.852171][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1772.858034][T32173] RIP: 0033:0x45ca59
[ 1772.861903][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1772.881480][T32173] RSP: 002b:00007fc7e9ef2cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1772.889877][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1772.897823][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1772.905788][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1772.913732][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1772.921677][T32173] R13: 0000000000c9fb6f R14: 00007fc7e9ef39c0 R15: 000000000078bf0c
[ 1772.929635][T32173] syz-executor.4  S29824  5693   7358 0x00000000
[ 1772.935942][T32173] Call Trace:
[ 1772.939209][T32173]  __schedule+0x8f3/0x1fc0
[ 1772.943602][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1772.948882][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1772.954142][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1772.959579][T32173]  schedule+0xd0/0x2a0
[ 1772.963634][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1772.968721][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1772.974157][T32173]  futex_wait+0x1e2/0x550
[ 1772.978464][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1772.983462][T32173]  ? print_usage_bug+0x240/0x240
[ 1772.988387][T32173]  ? hash_futex+0x10/0x200
[ 1772.992781][T32173]  ? futex_wake+0x153/0x480
[ 1772.997268][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1773.003224][T32173]  ? do_wp_page+0x512/0x1440
[ 1773.007790][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1773.013747][T32173]  do_futex+0x15f/0x1ad0
[ 1773.017973][T32173]  ? find_held_lock+0x2d/0x110
[ 1773.022714][T32173]  ? futex_exit_release+0x60/0x60
[ 1773.027712][T32173]  ? lock_downgrade+0x840/0x840
[ 1773.032653][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1773.037487][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1773.043465][T32173]  ? __might_fault+0x190/0x1d0
[ 1773.048212][T32173]  ? _copy_to_user+0x126/0x160
[ 1773.052955][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1773.057695][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1773.062174][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1773.067605][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1773.073559][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1773.078208][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1773.084178][T32173]  do_syscall_64+0xf6/0x7d0
[ 1773.088656][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1773.094519][T32173] RIP: 0033:0x45ca59
[ 1773.098387][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1773.117974][T32173] RSP: 002b:00007fc7e9ef2cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1773.126371][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1773.134316][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1773.142272][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1773.150217][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1773.158171][T32173] R13: 0000000000c9fb6f R14: 00007fc7e9ef39c0 R15: 000000000078bf0c
[ 1773.166139][T32173] syz-executor.4  S29824  5716   7358 0x00000000
[ 1773.172465][T32173] Call Trace:
[ 1773.175733][T32173]  __schedule+0x8f3/0x1fc0
[ 1773.180122][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1773.185383][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1773.190643][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1773.196091][T32173]  schedule+0xd0/0x2a0
[ 1773.200134][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1773.205223][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1773.210651][T32173]  ? find_held_lock+0x2d/0x110
[ 1773.215396][T32173]  futex_wait+0x1e2/0x550
[ 1773.219705][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1773.224716][T32173]  ? print_usage_bug+0x240/0x240
[ 1773.229627][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1773.234802][T32173]  ? futex_wake+0x153/0x480
[ 1773.239319][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1773.246607][T32173]  ? do_wp_page+0x512/0x1440
[ 1773.251232][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1773.257192][T32173]  do_futex+0x15f/0x1ad0
[ 1773.261421][T32173]  ? find_held_lock+0x2d/0x110
[ 1773.266165][T32173]  ? futex_exit_release+0x60/0x60
[ 1773.271170][T32173]  ? lock_downgrade+0x840/0x840
[ 1773.276000][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1773.280832][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1773.286799][T32173]  ? __might_fault+0x190/0x1d0
[ 1773.291541][T32173]  ? _copy_to_user+0x126/0x160
[ 1773.296288][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1773.301036][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1773.305521][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1773.310967][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1773.316957][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1773.321615][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1773.327597][T32173]  do_syscall_64+0xf6/0x7d0
[ 1773.332081][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1773.337996][T32173] RIP: 0033:0x45ca59
[ 1773.341875][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1773.361491][T32173] RSP: 002b:00007fc7e9ef2cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1773.369881][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1773.377868][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1773.385850][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1773.393798][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1773.401746][T32173] R13: 0000000000c9fb6f R14: 00007fc7e9ef39c0 R15: 000000000078bf0c
[ 1773.409719][T32173] syz-executor.3  S29824  5733   7107 0x00000000
[ 1773.416050][T32173] Call Trace:
[ 1773.419340][T32173]  __schedule+0x8f3/0x1fc0
[ 1773.423750][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1773.429018][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1773.434294][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1773.439733][T32173]  schedule+0xd0/0x2a0
[ 1773.443781][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1773.448873][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1773.454314][T32173]  futex_wait+0x1e2/0x550
[ 1773.458638][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1773.463640][T32173]  ? wake_up_q+0xc1/0x140
[ 1773.467948][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1773.473122][T32173]  ? futex_wake+0x153/0x480
[ 1773.477611][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1773.483575][T32173]  ? mark_lock+0x11f/0xdd0
[ 1773.487978][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1773.493937][T32173]  do_futex+0x15f/0x1ad0
[ 1773.498161][T32173]  ? find_held_lock+0x2d/0x110
[ 1773.502900][T32173]  ? futex_exit_release+0x60/0x60
[ 1773.507902][T32173]  ? lock_downgrade+0x840/0x840
[ 1773.512728][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1773.517552][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1773.523614][T32173]  ? __might_fault+0x190/0x1d0
[ 1773.528353][T32173]  ? _copy_to_user+0x126/0x160
[ 1773.533100][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1773.537842][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1773.542319][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1773.547751][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1773.553724][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1773.558386][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1773.564354][T32173]  do_syscall_64+0xf6/0x7d0
[ 1773.569095][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1773.574962][T32173] RIP: 0033:0x45ca59
[ 1773.578833][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1773.598420][T32173] RSP: 002b:00007f65fad0acf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1773.606806][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1773.614754][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1773.622700][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1773.630645][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1773.638592][T32173] R13: 0000000000c9fb6f R14: 00007f65fad0b9c0 R15: 000000000078bf0c
[ 1773.646554][T32173] syz-executor.3  S29816  5746   7107 0x00000000
[ 1773.652873][T32173] Call Trace:
[ 1773.656151][T32173]  __schedule+0x8f3/0x1fc0
[ 1773.660542][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1773.665809][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1773.671070][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1773.676515][T32173]  schedule+0xd0/0x2a0
[ 1773.680560][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1773.685647][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1773.691095][T32173]  futex_wait+0x1e2/0x550
[ 1773.695405][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1773.700406][T32173]  ? wake_up_q+0xc1/0x140
[ 1773.704717][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1773.709891][T32173]  ? futex_wake+0x153/0x480
[ 1773.714381][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1773.720355][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1773.726312][T32173]  do_futex+0x15f/0x1ad0
[ 1773.730537][T32173]  ? find_held_lock+0x2d/0x110
[ 1773.735277][T32173]  ? futex_exit_release+0x60/0x60
[ 1773.740276][T32173]  ? lock_downgrade+0x840/0x840
[ 1773.745101][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1773.749933][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1773.755896][T32173]  ? __might_fault+0x190/0x1d0
[ 1773.760636][T32173]  ? _copy_to_user+0x126/0x160
[ 1773.765380][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1773.770121][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1773.774602][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1773.780044][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1773.786000][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1773.790661][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1773.796623][T32173]  do_syscall_64+0xf6/0x7d0
[ 1773.801115][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1773.806979][T32173] RIP: 0033:0x45ca59
[ 1773.810860][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1773.830435][T32173] RSP: 002b:00007f65fad0acf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1773.838819][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1773.846771][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1773.854715][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1773.862662][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1773.870611][T32173] R13: 0000000000c9fb6f R14: 00007f65fad0b9c0 R15: 000000000078bf0c
[ 1773.878581][T32173] syz-executor.3  S29816  5761   7107 0x00000000
[ 1773.884887][T32173] Call Trace:
[ 1773.888156][T32173]  __schedule+0x8f3/0x1fc0
[ 1773.892563][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1773.897837][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1773.903101][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1773.908535][T32173]  schedule+0xd0/0x2a0
[ 1773.912580][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1773.917666][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1773.923104][T32173]  futex_wait+0x1e2/0x550
[ 1773.927411][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1773.932418][T32173]  ? wake_up_q+0xc1/0x140
[ 1773.936731][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1773.941915][T32173]  ? futex_wake+0x153/0x480
[ 1773.946412][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1773.952365][T32173]  ? mark_lock+0x11f/0xdd0
[ 1773.956782][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1773.962738][T32173]  do_futex+0x15f/0x1ad0
[ 1773.966978][T32173]  ? find_held_lock+0x2d/0x110
[ 1773.971719][T32173]  ? futex_exit_release+0x60/0x60
[ 1773.976721][T32173]  ? lock_downgrade+0x840/0x840
[ 1773.981636][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1773.986460][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1773.992442][T32173]  ? __might_fault+0x190/0x1d0
[ 1773.997182][T32173]  ? debug_smp_processor_id+0x2f/0x185
[ 1774.002621][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1774.007361][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1774.011849][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1774.017281][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1774.023237][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1774.027887][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1774.033845][T32173]  do_syscall_64+0xf6/0x7d0
[ 1774.038325][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1774.044188][T32173] RIP: 0033:0x45ca59
[ 1774.048068][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1774.067655][T32173] RSP: 002b:00007f65fad0acf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1774.076036][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1774.083983][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1774.091929][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1774.099876][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1774.107822][T32173] R13: 0000000000c9fb6f R14: 00007f65fad0b9c0 R15: 000000000078bf0c
[ 1774.115781][T32173] syz-executor.4  S29824  5825   7358 0x00000000
[ 1774.122096][T32173] Call Trace:
[ 1774.125364][T32173]  __schedule+0x8f3/0x1fc0
[ 1774.129778][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1774.135042][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1774.140305][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1774.145748][T32173]  schedule+0xd0/0x2a0
[ 1774.149806][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1774.154904][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1774.160353][T32173]  futex_wait+0x1e2/0x550
[ 1774.164662][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1774.169659][T32173]  ? print_usage_bug+0x240/0x240
[ 1774.174585][T32173]  ? __lock_acquire+0x2224/0x48a0
[ 1774.179596][T32173]  ? hash_futex+0x10/0x200
[ 1774.184000][T32173]  ? futex_wake+0x153/0x480
[ 1774.188488][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1774.194444][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1774.200399][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1774.206356][T32173]  do_futex+0x15f/0x1ad0
[ 1774.210580][T32173]  ? find_held_lock+0x2d/0x110
[ 1774.215322][T32173]  ? futex_exit_release+0x60/0x60
[ 1774.220320][T32173]  ? lock_downgrade+0x840/0x840
[ 1774.225154][T32173]  ? lock_downgrade+0x840/0x840
[ 1774.229979][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1774.234821][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1774.240799][T32173]  ? __might_fault+0x190/0x1d0
[ 1774.245563][T32173]  ? _copy_to_user+0x126/0x160
[ 1774.250311][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1774.255059][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1774.259547][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1774.264985][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1774.270942][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1774.275601][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1774.281599][T32173]  do_syscall_64+0xf6/0x7d0
[ 1774.286091][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1774.291962][T32173] RIP: 0033:0x45ca59
[ 1774.295833][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1774.315419][T32173] RSP: 002b:00007fc7e9ef2cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1774.323804][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1774.331748][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1774.339694][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1774.347644][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1774.355589][T32173] R13: 0000000000c9fb6f R14: 00007fc7e9ef39c0 R15: 000000000078bf0c
[ 1774.363551][T32173] syz-executor.4  S29824  5844   7358 0x00000000
[ 1774.369856][T32173] Call Trace:
[ 1774.373126][T32173]  __schedule+0x8f3/0x1fc0
[ 1774.377529][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1774.382810][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1774.388072][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1774.393521][T32173]  schedule+0xd0/0x2a0
[ 1774.397579][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1774.402667][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1774.408122][T32173]  futex_wait+0x1e2/0x550
[ 1774.412453][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1774.417462][T32173]  ? wake_up_q+0xc1/0x140
[ 1774.421767][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1774.426955][T32173]  ? futex_wake+0x153/0x480
[ 1774.431445][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1774.437400][T32173]  ? mark_lock+0x11f/0xdd0
[ 1774.441802][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1774.447760][T32173]  do_futex+0x15f/0x1ad0
[ 1774.451983][T32173]  ? find_held_lock+0x2d/0x110
[ 1774.456733][T32173]  ? futex_exit_release+0x60/0x60
[ 1774.461733][T32173]  ? lock_downgrade+0x840/0x840
[ 1774.466570][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1774.471403][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1774.477375][T32173]  ? __might_fault+0x190/0x1d0
[ 1774.482111][T32173]  ? debug_smp_processor_id+0x2f/0x185
[ 1774.487550][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1774.492290][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1774.496772][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1774.502214][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1774.508171][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1774.512822][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1774.518792][T32173]  do_syscall_64+0xf6/0x7d0
[ 1774.523288][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1774.529153][T32173] RIP: 0033:0x45ca59
[ 1774.533024][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1774.552600][T32173] RSP: 002b:00007fc7e9ed1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1774.560984][T32173] RAX: ffffffffffffffda RBX: 000000000078bfa8 RCX: 000000000045ca59
[ 1774.568942][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bfa8
[ 1774.576887][T32173] RBP: 000000000078bfa0 R08: 0000000000000000 R09: 0000000000000000
[ 1774.584831][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bfac
[ 1774.592787][T32173] R13: 0000000000c9fb6f R14: 00007fc7e9ed29c0 R15: 000000000078bfac
[ 1774.600747][T32173] syz-executor.4  S29824  5856   7358 0x00000000
[ 1774.607053][T32173] Call Trace:
[ 1774.610333][T32173]  __schedule+0x8f3/0x1fc0
[ 1774.614726][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1774.619990][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1774.625251][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1774.630696][T32173]  schedule+0xd0/0x2a0
[ 1774.634746][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1774.639833][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1774.645270][T32173]  futex_wait+0x1e2/0x550
[ 1774.649578][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1774.654579][T32173]  ? wake_up_q+0xc1/0x140
[ 1774.658881][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1774.664058][T32173]  ? futex_wake+0x153/0x480
[ 1774.668546][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1774.674512][T32173]  ? mark_lock+0x11f/0xdd0
[ 1774.678914][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1774.684877][T32173]  do_futex+0x15f/0x1ad0
[ 1774.689113][T32173]  ? find_held_lock+0x2d/0x110
[ 1774.693858][T32173]  ? futex_exit_release+0x60/0x60
[ 1774.698861][T32173]  ? lock_downgrade+0x840/0x840
[ 1774.703687][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1774.708510][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1774.714471][T32173]  ? __might_fault+0x190/0x1d0
[ 1774.719207][T32173]  ? debug_smp_processor_id+0x2f/0x185
[ 1774.724648][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1774.729389][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1774.733872][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1774.740007][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1774.745976][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1774.750628][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1774.756587][T32173]  do_syscall_64+0xf6/0x7d0
[ 1774.761077][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1774.766944][T32173] RIP: 0033:0x45ca59
[ 1774.770815][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1774.790391][T32173] RSP: 002b:00007fc7e9ed1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1774.798773][T32173] RAX: ffffffffffffffda RBX: 000000000078bfa8 RCX: 000000000045ca59
[ 1774.806728][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bfa8
[ 1774.814685][T32173] RBP: 000000000078bfa0 R08: 0000000000000000 R09: 0000000000000000
[ 1774.822630][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bfac
[ 1774.830575][T32173] R13: 0000000000c9fb6f R14: 00007fc7e9ed29c0 R15: 000000000078bfac
[ 1774.838541][T32173] syz-executor.4  S29816  5868   7358 0x00000000
[ 1774.844849][T32173] Call Trace:
[ 1774.848117][T32173]  __schedule+0x8f3/0x1fc0
[ 1774.852512][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1774.857772][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1774.863033][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1774.868471][T32173]  schedule+0xd0/0x2a0
[ 1774.872533][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1774.877630][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1774.883070][T32173]  futex_wait+0x1e2/0x550
[ 1774.887377][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1774.892378][T32173]  ? wake_up_q+0xc1/0x140
[ 1774.896679][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1774.901855][T32173]  ? futex_wake+0x153/0x480
[ 1774.906341][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1774.912292][T32173]  ? mark_lock+0x11f/0xdd0
[ 1774.916706][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1774.922675][T32173]  do_futex+0x15f/0x1ad0
[ 1774.926897][T32173]  ? find_held_lock+0x2d/0x110
[ 1774.931637][T32173]  ? futex_exit_release+0x60/0x60
[ 1774.936638][T32173]  ? lock_downgrade+0x840/0x840
[ 1774.941475][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1774.946324][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1774.952295][T32173]  ? __might_fault+0x190/0x1d0
[ 1774.957063][T32173]  ? debug_smp_processor_id+0x2f/0x185
[ 1774.962503][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1774.967245][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1774.971743][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1774.977186][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1774.983141][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1774.987793][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1774.993759][T32173]  do_syscall_64+0xf6/0x7d0
[ 1774.998239][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1775.004108][T32173] RIP: 0033:0x45ca59
[ 1775.007976][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1775.027560][T32173] RSP: 002b:00007fc7e9ef2cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1775.035957][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1775.043992][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1775.051937][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1775.059970][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1775.067917][T32173] R13: 0000000000c9fb6f R14: 00007fc7e9ef39c0 R15: 000000000078bf0c
[ 1775.075885][T32173] syz-executor.4  S28800  6043   7358 0x00000000
[ 1775.082224][T32173] Call Trace:
[ 1775.085495][T32173]  __schedule+0x8f3/0x1fc0
[ 1775.089885][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1775.095149][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1775.100411][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1775.105850][T32173]  schedule+0xd0/0x2a0
[ 1775.109895][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1775.114982][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1775.120419][T32173]  ? find_held_lock+0x2d/0x110
[ 1775.125163][T32173]  futex_wait+0x1e2/0x550
[ 1775.129468][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1775.134481][T32173]  ? print_usage_bug+0x240/0x240
[ 1775.139394][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1775.144582][T32173]  ? futex_wake+0x153/0x480
[ 1775.149070][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1775.155023][T32173]  ? stack_trace_consume_entry+0x160/0x160
[ 1775.160843][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1775.166799][T32173]  do_futex+0x15f/0x1ad0
[ 1775.171030][T32173]  ? find_held_lock+0x2d/0x110
[ 1775.175772][T32173]  ? futex_exit_release+0x60/0x60
[ 1775.180792][T32173]  ? lock_downgrade+0x840/0x840
[ 1775.185628][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1775.190457][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1775.196432][T32173]  ? __might_fault+0x190/0x1d0
[ 1775.201176][T32173]  ? _copy_to_user+0x126/0x160
[ 1775.205923][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1775.210704][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1775.215186][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1775.220641][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1775.226616][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1775.231286][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1775.237250][T32173]  do_syscall_64+0xf6/0x7d0
[ 1775.241759][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1775.247637][T32173] RIP: 0033:0x45ca59
[ 1775.251514][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1775.271093][T32173] RSP: 002b:00007fc7e9ef2cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1775.279480][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1775.287427][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1775.295373][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1775.303320][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1775.311268][T32173] R13: 0000000000c9fb6f R14: 00007fc7e9ef39c0 R15: 000000000078bf0c
[ 1775.319245][T32173] syz-executor.5  T28720  6344   7376 0x03004014
[ 1775.325660][T32173] Call Trace:
[ 1775.328938][T32173]  __schedule+0x8f3/0x1fc0
[ 1775.333357][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1775.338618][T32173]  ? _raw_spin_unlock_irq+0x1f/0x80
[ 1775.343806][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1775.349764][T32173]  schedule+0xd0/0x2a0
[ 1775.353824][T32173]  do_signal_stop+0x31d/0x840
[ 1775.358481][T32173]  get_signal+0x100d/0x2510
[ 1775.362971][T32173]  do_signal+0x81/0x2240
[ 1775.367189][T32173]  ? check_kill_permission+0x53/0x540
[ 1775.372540][T32173]  ? copy_siginfo_to_user32+0xa0/0xa0
[ 1775.377886][T32173]  ? do_rt_tgsigqueueinfo+0xab/0x100
[ 1775.383156][T32173]  ? exit_to_usermode_loop+0x36/0x360
[ 1775.388518][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1775.394486][T32173]  exit_to_usermode_loop+0x26c/0x360
[ 1775.399750][T32173]  do_syscall_64+0x6b1/0x7d0
[ 1775.404319][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1775.411016][T32173] RIP: 0033:0x45ca59
[ 1775.414891][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1775.434475][T32173] RSP: 002b:00007f656341ec78 EFLAGS: 00000346 ORIG_RAX: 0000000000000129
[ 1775.442862][T32173] RAX: 0000000000000000 RBX: 00000000004fc6a0 RCX: 000000000045ca59
[ 1775.450816][T32173] RDX: 0000000000000013 RSI: 0000000000000bee RDI: 0000000000000bee
[ 1775.458793][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1775.466739][T32173] R10: 0000000020000100 R11: 0000000000000246 R12: 00000000ffffffff
[ 1775.474685][T32173] R13: 00000000000008d0 R14: 00000000004cba6f R15: 00007f656341f6d4
[ 1775.482651][T32173] syz-executor.5  S29616  6345   7376 0x00000000
[ 1775.488973][T32173] Call Trace:
[ 1775.492244][T32173]  __schedule+0x8f3/0x1fc0
[ 1775.496645][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1775.501909][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1775.507174][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1775.512610][T32173]  schedule+0xd0/0x2a0
[ 1775.516659][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1775.521746][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1775.527176][T32173]  ? find_held_lock+0x2d/0x110
[ 1775.531915][T32173]  futex_wait+0x1e2/0x550
[ 1775.536225][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1775.541223][T32173]  ? print_usage_bug+0x240/0x240
[ 1775.546139][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1775.551311][T32173]  ? futex_wake+0x153/0x480
[ 1775.555799][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1775.561752][T32173]  ? page_fault+0x39/0x40
[ 1775.566071][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1775.572036][T32173]  do_futex+0x15f/0x1ad0
[ 1775.576261][T32173]  ? find_held_lock+0x2d/0x110
[ 1775.581017][T32173]  ? futex_exit_release+0x60/0x60
[ 1775.586018][T32173]  ? compat_ifr_data_ioctl+0x160/0x160
[ 1775.591451][T32173]  ? lock_downgrade+0x840/0x840
[ 1775.596275][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1775.601101][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1775.607061][T32173]  ? __might_fault+0x190/0x1d0
[ 1775.611825][T32173]  ? _copy_to_user+0x126/0x160
[ 1775.616586][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1775.621339][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1775.625825][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1775.631363][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1775.637323][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1775.642013][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1775.647977][T32173]  do_syscall_64+0xf6/0x7d0
[ 1775.652462][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1775.658369][T32173] RIP: 0033:0x45ca59
[ 1775.662238][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1775.681853][T32173] RSP: 002b:00007f656341ecf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1775.690238][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1775.698184][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1775.706130][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1775.714079][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1775.722035][T32173] R13: 0000000000c9fb6f R14: 00007f656341f9c0 R15: 000000000078bf0c
[ 1775.730011][T32173] syz-executor.5  T28720  6353   7376 0x03004014
[ 1775.736321][T32173] Call Trace:
[ 1775.739591][T32173]  __schedule+0x8f3/0x1fc0
[ 1775.743989][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1775.749249][T32173]  ? _raw_spin_unlock_irq+0x1f/0x80
[ 1775.754425][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1775.760379][T32173]  schedule+0xd0/0x2a0
[ 1775.764426][T32173]  do_signal_stop+0x31d/0x840
[ 1775.769087][T32173]  get_signal+0x958/0x2510
[ 1775.773492][T32173]  do_signal+0x81/0x2240
[ 1775.777710][T32173]  ? check_kill_permission+0x53/0x540
[ 1775.783062][T32173]  ? copy_siginfo_to_user32+0xa0/0xa0
[ 1775.788412][T32173]  ? do_rt_tgsigqueueinfo+0xab/0x100
[ 1775.793696][T32173]  ? exit_to_usermode_loop+0x36/0x360
[ 1775.799041][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1775.804998][T32173]  exit_to_usermode_loop+0x26c/0x360
[ 1775.810261][T32173]  do_syscall_64+0x6b1/0x7d0
[ 1775.814829][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1775.820693][T32173] RIP: 0033:0x45ca59
[ 1775.824564][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1775.844153][T32173] RSP: 002b:00007f656341ec78 EFLAGS: 00000346 ORIG_RAX: 0000000000000129
[ 1775.852555][T32173] RAX: 0000000000000000 RBX: 00000000004fc6a0 RCX: 000000000045ca59
[ 1775.860521][T32173] RDX: 0000000000000013 RSI: 0000000000000bf4 RDI: 0000000000000bf4
[ 1775.868469][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1775.876414][T32173] R10: 0000000020000100 R11: 0000000000000246 R12: 00000000ffffffff
[ 1775.884374][T32173] R13: 00000000000008d0 R14: 00000000004cba6f R15: 00007f656341f6d4
[ 1775.892348][T32173] syz-executor.5  T28160  6357   7376 0x03004014
[ 1775.898656][T32173] Call Trace:
[ 1775.901936][T32173]  __schedule+0x8f3/0x1fc0
[ 1775.906334][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1775.911637][T32173]  ? _raw_spin_unlock_irq+0x1f/0x80
[ 1775.916824][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1775.922781][T32173]  schedule+0xd0/0x2a0
[ 1775.926828][T32173]  do_signal_stop+0x31d/0x840
[ 1775.931496][T32173]  get_signal+0x958/0x2510
[ 1775.935900][T32173]  do_signal+0x81/0x2240
[ 1775.940117][T32173]  ? check_kill_permission+0x53/0x540
[ 1775.945469][T32173]  ? copy_siginfo_to_user32+0xa0/0xa0
[ 1775.950815][T32173]  ? do_rt_tgsigqueueinfo+0xab/0x100
[ 1775.956085][T32173]  ? exit_to_usermode_loop+0x36/0x360
[ 1775.961448][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1775.967409][T32173]  exit_to_usermode_loop+0x26c/0x360
[ 1775.972671][T32173]  do_syscall_64+0x6b1/0x7d0
[ 1775.977240][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1775.983109][T32173] RIP: 0033:0x45ca59
[ 1775.986981][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1776.006558][T32173] RSP: 002b:00007f656341ec78 EFLAGS: 00000346 ORIG_RAX: 0000000000000129
[ 1776.014941][T32173] RAX: 0000000000000000 RBX: 00000000004fc6a0 RCX: 000000000045ca59
[ 1776.022903][T32173] RDX: 0000000000000013 RSI: 0000000000000bf7 RDI: 0000000000000bf7
[ 1776.030850][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1776.039403][T32173] R10: 0000000020000100 R11: 0000000000000246 R12: 00000000ffffffff
[ 1776.047347][T32173] R13: 00000000000008d0 R14: 00000000004cba6f R15: 00007f656341f6d4
[ 1776.055310][T32173] syz-executor.5  T28720  6362   7376 0x03004014
[ 1776.061622][T32173] Call Trace:
[ 1776.064892][T32173]  __schedule+0x8f3/0x1fc0
[ 1776.069288][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1776.074547][T32173]  ? _raw_spin_unlock_irq+0x1f/0x80
[ 1776.079721][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1776.085679][T32173]  schedule+0xd0/0x2a0
[ 1776.089736][T32173]  do_signal_stop+0x31d/0x840
[ 1776.094393][T32173]  get_signal+0x958/0x2510
[ 1776.098808][T32173]  do_signal+0x81/0x2240
[ 1776.103025][T32173]  ? check_kill_permission+0x53/0x540
[ 1776.108378][T32173]  ? copy_siginfo_to_user32+0xa0/0xa0
[ 1776.113739][T32173]  ? do_rt_tgsigqueueinfo+0xab/0x100
[ 1776.119020][T32173]  ? exit_to_usermode_loop+0x36/0x360
[ 1776.124373][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1776.130334][T32173]  exit_to_usermode_loop+0x26c/0x360
[ 1776.135595][T32173]  do_syscall_64+0x6b1/0x7d0
[ 1776.140162][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1776.146028][T32173] RIP: 0033:0x45ca59
[ 1776.149917][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1776.169509][T32173] RSP: 002b:00007f656341ec78 EFLAGS: 00000346 ORIG_RAX: 0000000000000129
[ 1776.177899][T32173] RAX: 0000000000000000 RBX: 00000000004fc6a0 RCX: 000000000045ca59
[ 1776.185850][T32173] RDX: 0000000000000013 RSI: 0000000000000bfa RDI: 0000000000000bfa
[ 1776.193799][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1776.201843][T32173] R10: 0000000020000100 R11: 0000000000000246 R12: 00000000ffffffff
[ 1776.209805][T32173] R13: 00000000000008d0 R14: 00000000004cba6f R15: 00007f656341f6d4
[ 1776.217774][T32173] syz-executor.1  S29280  6619   6929 0x00000000
[ 1776.224087][T32173] Call Trace:
[ 1776.227398][T32173]  __schedule+0x8f3/0x1fc0
[ 1776.231806][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1776.237089][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1776.242374][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1776.247816][T32173]  schedule+0xd0/0x2a0
[ 1776.251905][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1776.257009][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1776.262462][T32173]  futex_wait+0x1e2/0x550
[ 1776.266788][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1776.271792][T32173]  ? print_usage_bug+0x240/0x240
[ 1776.276741][T32173]  ? arch_stack_walk+0x97/0xf0
[ 1776.281488][T32173]  ? hash_futex+0x10/0x200
[ 1776.285887][T32173]  ? futex_wake+0x153/0x480
[ 1776.290416][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1776.296397][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1776.302357][T32173]  do_futex+0x15f/0x1ad0
[ 1776.306581][T32173]  ? find_held_lock+0x2d/0x110
[ 1776.311583][T32173]  ? futex_exit_release+0x60/0x60
[ 1776.316585][T32173]  ? lock_downgrade+0x840/0x840
[ 1776.321413][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1776.326239][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1776.332204][T32173]  ? __might_fault+0x190/0x1d0
[ 1776.336954][T32173]  ? _copy_to_user+0x126/0x160
[ 1776.341697][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1776.346438][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1776.350917][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1776.356373][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1776.362365][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1776.367029][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1776.372988][T32173]  do_syscall_64+0xf6/0x7d0
[ 1776.377469][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1776.383348][T32173] RIP: 0033:0x45ca59
[ 1776.387219][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1776.406840][T32173] RSP: 002b:00007f7591596cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1776.415239][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1776.423192][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1776.431140][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1776.439091][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1776.447047][T32173] R13: 0000000000c9fb6f R14: 00007f75915979c0 R15: 000000000078bf0c
[ 1776.455019][T32173] syz-executor.1  S29824  6634   6929 0x00000000
[ 1776.461330][T32173] Call Trace:
[ 1776.464604][T32173]  __schedule+0x8f3/0x1fc0
[ 1776.468998][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1776.474265][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1776.479528][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1776.484964][T32173]  schedule+0xd0/0x2a0
[ 1776.489007][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1776.494114][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1776.499553][T32173]  futex_wait+0x1e2/0x550
[ 1776.503861][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1776.508862][T32173]  ? wake_up_q+0xc1/0x140
[ 1776.513175][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1776.518348][T32173]  ? futex_wake+0x153/0x480
[ 1776.522838][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1776.528794][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1776.534766][T32173]  do_futex+0x15f/0x1ad0
[ 1776.538991][T32173]  ? find_held_lock+0x2d/0x110
[ 1776.543735][T32173]  ? futex_exit_release+0x60/0x60
[ 1776.548746][T32173]  ? lock_downgrade+0x840/0x840
[ 1776.553575][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1776.558410][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1776.564375][T32173]  ? __might_fault+0x190/0x1d0
[ 1776.569115][T32173]  ? debug_smp_processor_id+0x2f/0x185
[ 1776.574554][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1776.579307][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1776.583788][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1776.589221][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1776.595177][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1776.599842][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1776.605812][T32173]  do_syscall_64+0xf6/0x7d0
[ 1776.610292][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1776.616160][T32173] RIP: 0033:0x45ca59
[ 1776.620029][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1776.639606][T32173] RSP: 002b:00007f7591575cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1776.648002][T32173] RAX: ffffffffffffffda RBX: 000000000078bfa8 RCX: 000000000045ca59
[ 1776.655949][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bfa8
[ 1776.663908][T32173] RBP: 000000000078bfa0 R08: 0000000000000000 R09: 0000000000000000
[ 1776.671853][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bfac
[ 1776.680320][T32173] R13: 0000000000c9fb6f R14: 00007f75915769c0 R15: 000000000078bfac
[ 1776.688281][T32173] syz-executor.2  S29824  6640   7087 0x00000000
[ 1776.694599][T32173] Call Trace:
[ 1776.697881][T32173]  __schedule+0x8f3/0x1fc0
[ 1776.702276][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1776.707538][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1776.712798][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1776.718233][T32173]  schedule+0xd0/0x2a0
[ 1776.722291][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1776.727379][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1776.732818][T32173]  futex_wait+0x1e2/0x550
[ 1776.737125][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1776.742124][T32173]  ? wake_up_q+0xc1/0x140
[ 1776.746426][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1776.751598][T32173]  ? futex_wake+0x153/0x480
[ 1776.756092][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1776.762046][T32173]  ? mark_lock+0x11f/0xdd0
[ 1776.766439][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1776.772395][T32173]  do_futex+0x15f/0x1ad0
[ 1776.776618][T32173]  ? find_held_lock+0x2d/0x110
[ 1776.781357][T32173]  ? futex_exit_release+0x60/0x60
[ 1776.786359][T32173]  ? lock_downgrade+0x840/0x840
[ 1776.791185][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1776.796010][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1776.802417][T32173]  ? __might_fault+0x190/0x1d0
[ 1776.807175][T32173]  ? _copy_to_user+0x126/0x160
[ 1776.812028][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1776.816779][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1776.821269][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1776.826711][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1776.832671][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1776.837365][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1776.843371][T32173]  do_syscall_64+0xf6/0x7d0
[ 1776.847852][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1776.853756][T32173] RIP: 0033:0x45ca59
[ 1776.857626][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1776.877206][T32173] RSP: 002b:00007f8cd7fc6cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1776.885589][T32173] RAX: ffffffffffffffda RBX: 000000000078bfa8 RCX: 000000000045ca59
[ 1776.893533][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bfa8
[ 1776.901479][T32173] RBP: 000000000078bfa0 R08: 0000000000000000 R09: 0000000000000000
[ 1776.909439][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bfac
[ 1776.917419][T32173] R13: 0000000000c9fb6f R14: 00007f8cd7fc79c0 R15: 000000000078bfac
[ 1776.925379][T32173] syz-executor.2  S29824  6652   7087 0x00000000
[ 1776.931722][T32173] Call Trace:
[ 1776.935007][T32173]  __schedule+0x8f3/0x1fc0
[ 1776.939399][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1776.944661][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1776.949933][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1776.955386][T32173]  schedule+0xd0/0x2a0
[ 1776.959431][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1776.964866][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1776.970301][T32173]  futex_wait+0x1e2/0x550
[ 1776.974609][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1776.979611][T32173]  ? wake_up_q+0xc1/0x140
[ 1776.983915][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1776.989087][T32173]  ? futex_wake+0x153/0x480
[ 1776.993923][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1776.999880][T32173]  ? mark_lock+0x11f/0xdd0
[ 1777.004274][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1777.010245][T32173]  do_futex+0x15f/0x1ad0
[ 1777.014471][T32173]  ? find_held_lock+0x2d/0x110
[ 1777.019214][T32173]  ? futex_exit_release+0x60/0x60
[ 1777.024217][T32173]  ? lock_downgrade+0x840/0x840
[ 1777.029059][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1777.033884][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1777.039846][T32173]  ? __might_fault+0x190/0x1d0
[ 1777.044586][T32173]  ? debug_smp_processor_id+0x2f/0x185
[ 1777.050039][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1777.054781][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1777.059278][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1777.064710][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1777.070666][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1777.075317][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1777.081287][T32173]  do_syscall_64+0xf6/0x7d0
[ 1777.085770][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1777.091642][T32173] RIP: 0033:0x45ca59
[ 1777.095513][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1777.115176][T32173] RSP: 002b:00007f8cd7fe7cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1777.123575][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1777.131522][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1777.139466][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1777.147423][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1777.155368][T32173] R13: 0000000000c9fb6f R14: 00007f8cd7fe89c0 R15: 000000000078bf0c
[ 1777.163341][T32173] syz-executor.1  S28904  6656   6929 0x00000000
[ 1777.169647][T32173] Call Trace:
[ 1777.172915][T32173]  __schedule+0x8f3/0x1fc0
[ 1777.177323][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1777.182598][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1777.187860][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1777.193296][T32173]  schedule+0xd0/0x2a0
[ 1777.197342][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1777.202444][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1777.207880][T32173]  futex_wait+0x1e2/0x550
[ 1777.212196][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1777.217199][T32173]  ? wake_up_q+0xc1/0x140
[ 1777.221515][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1777.226705][T32173]  ? futex_wake+0x153/0x480
[ 1777.231213][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1777.237181][T32173]  ? mark_lock+0x11f/0xdd0
[ 1777.241577][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1777.247548][T32173]  do_futex+0x15f/0x1ad0
[ 1777.251783][T32173]  ? find_held_lock+0x2d/0x110
[ 1777.256528][T32173]  ? futex_exit_release+0x60/0x60
[ 1777.261538][T32173]  ? lock_downgrade+0x840/0x840
[ 1777.266506][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1777.271341][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1777.277309][T32173]  ? __might_fault+0x190/0x1d0
[ 1777.282050][T32173]  ? debug_smp_processor_id+0x2f/0x185
[ 1777.287497][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1777.292244][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1777.296725][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1777.302168][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1777.308174][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1777.312826][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1777.318824][T32173]  do_syscall_64+0xf6/0x7d0
[ 1777.323432][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1777.329303][T32173] RIP: 0033:0x45ca59
[ 1777.333175][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1777.352790][T32173] RSP: 002b:00007f7591596cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1777.361175][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1777.369121][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1777.377070][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1777.385016][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1777.392962][T32173] R13: 0000000000c9fb6f R14: 00007f75915979c0 R15: 000000000078bf0c
[ 1777.400937][T32173] syz-executor.1  S29824  6672   6929 0x00000000
[ 1777.407265][T32173] Call Trace:
[ 1777.410550][T32173]  __schedule+0x8f3/0x1fc0
[ 1777.414951][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1777.420221][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1777.425488][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1777.430929][T32173]  schedule+0xd0/0x2a0
[ 1777.435122][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1777.440211][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1777.445687][T32173]  futex_wait+0x1e2/0x550
[ 1777.449999][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1777.455037][T32173]  ? wake_up_q+0xc1/0x140
[ 1777.459343][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1777.464518][T32173]  ? futex_wake+0x153/0x480
[ 1777.469008][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1777.474961][T32173]  ? mark_lock+0x11f/0xdd0
[ 1777.479367][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1777.485359][T32173]  do_futex+0x15f/0x1ad0
[ 1777.489623][T32173]  ? find_held_lock+0x2d/0x110
[ 1777.494365][T32173]  ? futex_exit_release+0x60/0x60
[ 1777.499379][T32173]  ? lock_downgrade+0x840/0x840
[ 1777.504209][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1777.509032][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1777.515008][T32173]  ? __might_fault+0x190/0x1d0
[ 1777.519746][T32173]  ? debug_smp_processor_id+0x2f/0x185
[ 1777.525197][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1777.529947][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1777.534433][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1777.539878][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1777.545850][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1777.550503][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1777.556482][T32173]  do_syscall_64+0xf6/0x7d0
[ 1777.560962][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1777.566831][T32173] RIP: 0033:0x45ca59
[ 1777.570702][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1777.590713][T32173] RSP: 002b:00007f7591575cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1777.599100][T32173] RAX: ffffffffffffffda RBX: 000000000078bfa8 RCX: 000000000045ca59
[ 1777.607046][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bfa8
[ 1777.614995][T32173] RBP: 000000000078bfa0 R08: 0000000000000000 R09: 0000000000000000
[ 1777.622940][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bfac
[ 1777.630886][T32173] R13: 0000000000c9fb6f R14: 00007f75915769c0 R15: 000000000078bfac
[ 1777.638846][T32173] syz-executor.2  S29824  6674   7087 0x00000000
[ 1777.645154][T32173] Call Trace:
[ 1777.648421][T32173]  __schedule+0x8f3/0x1fc0
[ 1777.652816][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1777.658078][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1777.663339][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1777.668773][T32173]  schedule+0xd0/0x2a0
[ 1777.672817][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1777.677905][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1777.683345][T32173]  futex_wait+0x1e2/0x550
[ 1777.687652][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1777.692653][T32173]  ? wake_up_q+0xc1/0x140
[ 1777.696956][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1777.702137][T32173]  ? futex_wake+0x153/0x480
[ 1777.706628][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1777.712578][T32173]  ? mark_lock+0x11f/0xdd0
[ 1777.716984][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1777.722941][T32173]  do_futex+0x15f/0x1ad0
[ 1777.727164][T32173]  ? find_held_lock+0x2d/0x110
[ 1777.731914][T32173]  ? futex_exit_release+0x60/0x60
[ 1777.736919][T32173]  ? lock_downgrade+0x840/0x840
[ 1777.741746][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1777.746584][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1777.752556][T32173]  ? __might_fault+0x190/0x1d0
[ 1777.757295][T32173]  ? debug_smp_processor_id+0x2f/0x185
[ 1777.762734][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1777.767488][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1777.771969][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1777.777402][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1777.783368][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1777.788019][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1777.793977][T32173]  do_syscall_64+0xf6/0x7d0
[ 1777.798459][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1777.804340][T32173] RIP: 0033:0x45ca59
[ 1777.808212][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1777.827789][T32173] RSP: 002b:00007f8cd7fc6cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1777.836177][T32173] RAX: ffffffffffffffda RBX: 000000000078bfa8 RCX: 000000000045ca59
[ 1777.844139][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bfa8
[ 1777.852086][T32173] RBP: 000000000078bfa0 R08: 0000000000000000 R09: 0000000000000000
[ 1777.860047][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bfac
[ 1777.867998][T32173] R13: 0000000000c9fb6f R14: 00007f8cd7fc79c0 R15: 000000000078bfac
[ 1777.875969][T32173] syz-executor.4  T29824  6889   7358 0x00004004
[ 1777.882286][T32173] Call Trace:
[ 1777.885569][T32173]  __schedule+0x8f3/0x1fc0
[ 1777.889966][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1777.895230][T32173]  ? _raw_spin_unlock_irq+0x1f/0x80
[ 1777.900403][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1777.906380][T32173]  schedule+0xd0/0x2a0
[ 1777.910444][T32173]  do_signal_stop+0x31d/0x840
[ 1777.915111][T32173]  get_signal+0x100d/0x2510
[ 1777.919599][T32173]  do_signal+0x81/0x2240
[ 1777.923819][T32173]  ? check_kill_permission+0x53/0x540
[ 1777.929183][T32173]  ? copy_siginfo_to_user32+0xa0/0xa0
[ 1777.935157][T32173]  ? do_rt_tgsigqueueinfo+0xab/0x100
[ 1777.940440][T32173]  ? exit_to_usermode_loop+0x36/0x360
[ 1777.945795][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1777.951762][T32173]  exit_to_usermode_loop+0x26c/0x360
[ 1777.957075][T32173]  do_syscall_64+0x6b1/0x7d0
[ 1777.961693][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1777.967596][T32173] RIP: 0033:0x45ca59
[ 1777.971467][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1777.991051][T32173] RSP: 002b:00007fc7e9ef2c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000129
[ 1777.999477][T32173] RAX: 0000000000000000 RBX: 00000000004fc6a0 RCX: 000000000045ca59
[ 1778.007423][T32173] RDX: 0000000000000015 RSI: 0000000000000c4c RDI: 0000000000000c4c
[ 1778.015409][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1778.023355][T32173] R10: 00000000200000c0 R11: 0000000000000246 R12: 00000000ffffffff
[ 1778.031302][T32173] R13: 00000000000008d0 R14: 00000000004cba6f R15: 00007fc7e9ef36d4
[ 1778.039303][T32173] kvm-nx-lpage-re S29544  6906      2 0x80004000
[ 1778.045611][T32173] Call Trace:
[ 1778.048881][T32173]  __schedule+0x8f3/0x1fc0
[ 1778.053304][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1778.058565][T32173]  ? _raw_spin_unlock_irqrestore+0x62/0xe0
[ 1778.064366][T32173]  schedule+0xd0/0x2a0
[ 1778.068410][T32173]  schedule_timeout+0x35c/0x850
[ 1778.073238][T32173]  ? usleep_range+0x160/0x160
[ 1778.077958][T32173]  ? kvm_nx_lpage_recovery_worker+0x56e/0x790
[ 1778.084001][T32173]  ? __next_timer_interrupt+0x190/0x190
[ 1778.089543][T32173]  ? finish_task_switch+0x147/0x750
[ 1778.094721][T32173]  kvm_nx_lpage_recovery_worker+0x1d3/0x790
[ 1778.100615][T32173]  ? kvm_mmu_pte_write+0xdb0/0xdb0
[ 1778.105706][T32173]  ? _raw_spin_unlock_irqrestore+0x62/0xe0
[ 1778.111486][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1778.117446][T32173]  ? __kthread_parkme+0x13f/0x1e0
[ 1778.122482][T32173]  kvm_vm_worker_thread+0x1b3/0x270
[ 1778.127656][T32173]  ? kvm_mmu_pte_write+0xdb0/0xdb0
[ 1778.132754][T32173]  ? kvm_exit+0x80/0x80
[ 1778.136901][T32173]  kthread+0x388/0x470
[ 1778.140943][T32173]  ? kthread_mod_delayed_work+0x1a0/0x1a0
[ 1778.146650][T32173]  ? kthread_mod_delayed_work+0x1a0/0x1a0
[ 1778.152345][T32173]  ret_from_fork+0x24/0x30
[ 1778.156746][T32173] syz-executor.3  S29792  6926   7107 0x00000000
[ 1778.163100][T32173] Call Trace:
[ 1778.166370][T32173]  __schedule+0x8f3/0x1fc0
[ 1778.170760][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1778.176107][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1778.181381][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1778.186849][T32173]  schedule+0xd0/0x2a0
[ 1778.190912][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1778.196002][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1778.201441][T32173]  futex_wait+0x1e2/0x550
[ 1778.205750][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1778.210763][T32173]  ? print_usage_bug+0x240/0x240
[ 1778.215691][T32173]  ? hash_futex+0x10/0x200
[ 1778.220095][T32173]  ? futex_wake+0x153/0x480
[ 1778.224582][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1778.230537][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1778.236559][T32173]  do_futex+0x15f/0x1ad0
[ 1778.240795][T32173]  ? find_held_lock+0x2d/0x110
[ 1778.245551][T32173]  ? futex_exit_release+0x60/0x60
[ 1778.250560][T32173]  ? lock_downgrade+0x840/0x840
[ 1778.255390][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1778.260256][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1778.266236][T32173]  ? __might_fault+0x190/0x1d0
[ 1778.270982][T32173]  ? _copy_to_user+0x126/0x160
[ 1778.275729][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1778.280475][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1778.284958][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1778.290391][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1778.296349][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1778.301003][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1778.306975][T32173]  do_syscall_64+0xf6/0x7d0
[ 1778.311456][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1778.317757][T32173] RIP: 0033:0x45ca59
[ 1778.321645][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1778.341221][T32173] RSP: 002b:00007f65fad0acf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1778.349607][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1778.357555][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1778.365503][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1778.373448][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1778.381392][T32173] R13: 0000000000c9fb6f R14: 00007f65fad0b9c0 R15: 000000000078bf0c
[ 1778.389355][T32173] kvm-nx-lpage-re S29472  6927      2 0x80004000
[ 1778.395665][T32173] Call Trace:
[ 1778.398952][T32173]  __schedule+0x8f3/0x1fc0
[ 1778.403370][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1778.408656][T32173]  ? _raw_spin_unlock_irqrestore+0x62/0xe0
[ 1778.414458][T32173]  schedule+0xd0/0x2a0
[ 1778.418519][T32173]  schedule_timeout+0x35c/0x850
[ 1778.423391][T32173]  ? usleep_range+0x160/0x160
[ 1778.428086][T32173]  ? kvm_nx_lpage_recovery_worker+0x56e/0x790
[ 1778.434138][T32173]  ? __next_timer_interrupt+0x190/0x190
[ 1778.439673][T32173]  kvm_nx_lpage_recovery_worker+0x1d3/0x790
[ 1778.445551][T32173]  ? kvm_mmu_pte_write+0xdb0/0xdb0
[ 1778.450690][T32173]  ? _raw_spin_unlock_irqrestore+0x62/0xe0
[ 1778.456489][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1778.462493][T32173]  ? __kthread_parkme+0x13f/0x1e0
[ 1778.467534][T32173]  kvm_vm_worker_thread+0x1b3/0x270
[ 1778.472857][T32173]  ? kvm_mmu_pte_write+0xdb0/0xdb0
[ 1778.477950][T32173]  ? kvm_exit+0x80/0x80
[ 1778.482099][T32173]  kthread+0x388/0x470
[ 1778.486158][T32173]  ? kthread_mod_delayed_work+0x1a0/0x1a0
[ 1778.491857][T32173]  ? kthread_mod_delayed_work+0x1a0/0x1a0
[ 1778.497679][T32173]  ret_from_fork+0x24/0x30
[ 1778.502096][T32173] syz-executor.4  S29400  6931   7358 0x00000000
[ 1778.508410][T32173] Call Trace:
[ 1778.511809][T32173]  __schedule+0x8f3/0x1fc0
[ 1778.516236][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1778.521502][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1778.526764][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1778.532216][T32173]  schedule+0xd0/0x2a0
[ 1778.536261][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1778.541347][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1778.546781][T32173]  ? find_held_lock+0x2d/0x110
[ 1778.551537][T32173]  futex_wait+0x1e2/0x550
[ 1778.555845][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1778.560855][T32173]  ? print_usage_bug+0x240/0x240
[ 1778.565779][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1778.571053][T32173]  ? futex_wake+0x153/0x480
[ 1778.575552][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1778.581509][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1778.587476][T32173]  do_futex+0x15f/0x1ad0
[ 1778.591725][T32173]  ? find_held_lock+0x2d/0x110
[ 1778.596465][T32173]  ? futex_exit_release+0x60/0x60
[ 1778.601469][T32173]  ? lock_downgrade+0x840/0x840
[ 1778.606296][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1778.611119][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1778.617092][T32173]  ? __might_fault+0x190/0x1d0
[ 1778.621832][T32173]  ? _copy_to_user+0x126/0x160
[ 1778.626575][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1778.631334][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1778.635828][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1778.641259][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1778.647213][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1778.651866][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1778.657823][T32173]  do_syscall_64+0xf6/0x7d0
[ 1778.662307][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1778.668176][T32173] RIP: 0033:0x45ca59
[ 1778.672062][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1778.691648][T32173] RSP: 002b:00007fc7e9ed1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1778.700042][T32173] RAX: ffffffffffffffda RBX: 000000000078bfa8 RCX: 000000000045ca59
[ 1778.707998][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bfa8
[ 1778.715961][T32173] RBP: 000000000078bfa0 R08: 0000000000000000 R09: 0000000000000000
[ 1778.723927][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bfac
[ 1778.731881][T32173] R13: 0000000000c9fb6f R14: 00007fc7e9ed29c0 R15: 000000000078bfac
[ 1778.739896][T32173] syz-executor.4  T29856  6942   7358 0x00004004
[ 1778.746207][T32173] Call Trace:
[ 1778.749478][T32173]  __schedule+0x8f3/0x1fc0
[ 1778.753913][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1778.759176][T32173]  ? _raw_spin_unlock_irq+0x1f/0x80
[ 1778.764351][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1778.770309][T32173]  schedule+0xd0/0x2a0
[ 1778.774356][T32173]  do_signal_stop+0x31d/0x840
[ 1778.779012][T32173]  get_signal+0x100d/0x2510
[ 1778.783502][T32173]  do_signal+0x81/0x2240
[ 1778.787720][T32173]  ? check_kill_permission+0x53/0x540
[ 1778.793083][T32173]  ? copy_siginfo_to_user32+0xa0/0xa0
[ 1778.798477][T32173]  ? do_rt_tgsigqueueinfo+0xab/0x100
[ 1778.803761][T32173]  ? exit_to_usermode_loop+0x36/0x360
[ 1778.809239][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1778.815219][T32173]  exit_to_usermode_loop+0x26c/0x360
[ 1778.820489][T32173]  do_syscall_64+0x6b1/0x7d0
[ 1778.825062][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1778.830945][T32173] RIP: 0033:0x45ca59
[ 1778.834829][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1778.854408][T32173] RSP: 002b:00007fc7e9ef2c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000129
[ 1778.862799][T32173] RAX: 0000000000000000 RBX: 00000000004fc6a0 RCX: 000000000045ca59
[ 1778.870761][T32173] RDX: 0000000000000015 RSI: 0000000000000c52 RDI: 0000000000000c52
[ 1778.878712][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1778.886657][T32173] R10: 00000000200000c0 R11: 0000000000000246 R12: 00000000ffffffff
[ 1778.894616][T32173] R13: 00000000000008d0 R14: 00000000004cba6f R15: 00007fc7e9ef36d4
[ 1778.902575][T32173] syz-executor.3  S29792  6945   7107 0x00000000
[ 1778.908884][T32173] Call Trace:
[ 1778.912153][T32173]  __schedule+0x8f3/0x1fc0
[ 1778.916559][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1778.921823][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1778.927087][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1778.932538][T32173]  schedule+0xd0/0x2a0
[ 1778.936581][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1778.941666][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1778.947120][T32173]  futex_wait+0x1e2/0x550
[ 1778.951440][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1778.956439][T32173]  ? print_usage_bug+0x240/0x240
[ 1778.961352][T32173]  ? hash_futex+0x10/0x200
[ 1778.965758][T32173]  ? futex_wake+0x153/0x480
[ 1778.970250][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1778.976218][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1778.982191][T32173]  do_futex+0x15f/0x1ad0
[ 1778.986415][T32173]  ? find_held_lock+0x2d/0x110
[ 1778.991153][T32173]  ? futex_exit_release+0x60/0x60
[ 1778.996168][T32173]  ? lock_downgrade+0x840/0x840
[ 1779.001006][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1779.005849][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1779.011809][T32173]  ? __might_fault+0x190/0x1d0
[ 1779.016551][T32173]  ? _copy_to_user+0x126/0x160
[ 1779.021294][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1779.026040][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1779.030533][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1779.036154][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1779.042109][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1779.046762][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1779.052719][T32173]  do_syscall_64+0xf6/0x7d0
[ 1779.057197][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1779.063076][T32173] RIP: 0033:0x45ca59
[ 1779.066968][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1779.086557][T32173] RSP: 002b:00007f65fad0acf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1779.094941][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1779.102900][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1779.110857][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1779.118801][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1779.126764][T32173] R13: 0000000000c9fb6f R14: 00007f65fad0b9c0 R15: 000000000078bf0c
[ 1779.134727][T32173] kvm-nx-lpage-re S29472  6963      2 0x80004000
[ 1779.141038][T32173] Call Trace:
[ 1779.144310][T32173]  __schedule+0x8f3/0x1fc0
[ 1779.148717][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1779.153991][T32173]  ? _raw_spin_unlock_irqrestore+0x62/0xe0
[ 1779.159774][T32173]  schedule+0xd0/0x2a0
[ 1779.173455][T32173]  schedule_timeout+0x35c/0x850
[ 1779.178285][T32173]  ? usleep_range+0x160/0x160
[ 1779.182940][T32173]  ? kvm_nx_lpage_recovery_worker+0x56e/0x790
[ 1779.188995][T32173]  ? __next_timer_interrupt+0x190/0x190
[ 1779.194522][T32173]  ? finish_task_switch+0x147/0x750
[ 1779.199712][T32173]  kvm_nx_lpage_recovery_worker+0x1d3/0x790
[ 1779.205584][T32173]  ? kvm_mmu_pte_write+0xdb0/0xdb0
[ 1779.210675][T32173]  ? _raw_spin_unlock_irqrestore+0x62/0xe0
[ 1779.216470][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1779.222431][T32173]  ? __kthread_parkme+0x13f/0x1e0
[ 1779.227433][T32173]  kvm_vm_worker_thread+0x1b3/0x270
[ 1779.232604][T32173]  ? kvm_mmu_pte_write+0xdb0/0xdb0
[ 1779.237687][T32173]  ? kvm_exit+0x80/0x80
[ 1779.241816][T32173]  kthread+0x388/0x470
[ 1779.245875][T32173]  ? kthread_mod_delayed_work+0x1a0/0x1a0
[ 1779.251576][T32173]  ? kthread_mod_delayed_work+0x1a0/0x1a0
[ 1779.257290][T32173]  ret_from_fork+0x24/0x30
[ 1779.261697][T32173] kvm-nx-lpage-re S29472  6964      2 0x80004000
[ 1779.268024][T32173] Call Trace:
[ 1779.271297][T32173]  __schedule+0x8f3/0x1fc0
[ 1779.275714][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1779.280984][T32173]  ? _raw_spin_unlock_irqrestore+0x62/0xe0
[ 1779.286772][T32173]  schedule+0xd0/0x2a0
[ 1779.290823][T32173]  schedule_timeout+0x35c/0x850
[ 1779.295695][T32173]  ? usleep_range+0x160/0x160
[ 1779.300352][T32173]  ? kvm_nx_lpage_recovery_worker+0x56e/0x790
[ 1779.306397][T32173]  ? __next_timer_interrupt+0x190/0x190
[ 1779.311922][T32173]  ? finish_task_switch+0x147/0x750
[ 1779.317101][T32173]  kvm_nx_lpage_recovery_worker+0x1d3/0x790
[ 1779.322976][T32173]  ? kvm_mmu_pte_write+0xdb0/0xdb0
[ 1779.328066][T32173]  ? _raw_spin_unlock_irqrestore+0x62/0xe0
[ 1779.333881][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1779.339850][T32173]  ? __kthread_parkme+0x13f/0x1e0
[ 1779.344854][T32173]  kvm_vm_worker_thread+0x1b3/0x270
[ 1779.350025][T32173]  ? kvm_mmu_pte_write+0xdb0/0xdb0
[ 1779.355110][T32173]  ? kvm_exit+0x80/0x80
[ 1779.359242][T32173]  kthread+0x388/0x470
[ 1779.363288][T32173]  ? kthread_mod_delayed_work+0x1a0/0x1a0
[ 1779.368980][T32173]  ? kthread_mod_delayed_work+0x1a0/0x1a0
[ 1779.374677][T32173]  ret_from_fork+0x24/0x30
[ 1779.379080][T32173] syz-executor.3  S29824  6971   7107 0x00000000
[ 1779.385476][T32173] Call Trace:
[ 1779.388758][T32173]  __schedule+0x8f3/0x1fc0
[ 1779.393150][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1779.398444][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1779.403721][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1779.409172][T32173]  schedule+0xd0/0x2a0
[ 1779.413229][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1779.418358][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1779.423800][T32173]  futex_wait+0x1e2/0x550
[ 1779.428111][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1779.433113][T32173]  ? print_usage_bug+0x240/0x240
[ 1779.438031][T32173]  ? hash_futex+0x10/0x200
[ 1779.442430][T32173]  ? futex_wake+0x153/0x480
[ 1779.446962][T32173]  ? do_wp_page+0x512/0x1440
[ 1779.451529][T32173]  do_futex+0x15f/0x1ad0
[ 1779.455753][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1779.460930][T32173]  ? _raw_spin_unlock+0x24/0x40
[ 1779.465758][T32173]  ? futex_exit_release+0x60/0x60
[ 1779.470765][T32173]  ? do_page_fault+0x5ad/0x13d4
[ 1779.475594][T32173]  ? lock_downgrade+0x840/0x840
[ 1779.480417][T32173]  ? handle_mm_fault+0xcbc/0x3c10
[ 1779.485430][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1779.490181][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1779.494662][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1779.500096][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1779.506064][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1779.510716][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1779.516675][T32173]  do_syscall_64+0xf6/0x7d0
[ 1779.521165][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1779.527032][T32173] RIP: 0033:0x45ca59
[ 1779.530903][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1779.550491][T32173] RSP: 002b:00007f65face9cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1779.558875][T32173] RAX: ffffffffffffffda RBX: 000000000078bfa8 RCX: 000000000045ca59
[ 1779.566836][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bfa8
[ 1779.574783][T32173] RBP: 000000000078bfa0 R08: 0000000000000000 R09: 0000000000000000
[ 1779.582728][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bfac
[ 1779.590684][T32173] R13: 0000000000c9fb6f R14: 00007f65facea9c0 R15: 000000000078bfac
[ 1779.598646][T32173] syz-executor.1  S29824  6972   6929 0x00000000
[ 1779.604956][T32173] Call Trace:
[ 1779.608226][T32173]  __schedule+0x8f3/0x1fc0
[ 1779.612619][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1779.617895][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1779.623157][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1779.628593][T32173]  schedule+0xd0/0x2a0
[ 1779.632638][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1779.637723][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1779.643173][T32173]  futex_wait+0x1e2/0x550
[ 1779.647483][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1779.652483][T32173]  ? print_usage_bug+0x240/0x240
[ 1779.657409][T32173]  ? hash_futex+0x10/0x200
[ 1779.661801][T32173]  ? futex_wake+0x153/0x480
[ 1779.666311][T32173]  ? do_wp_page+0x512/0x1440
[ 1779.670879][T32173]  do_futex+0x15f/0x1ad0
[ 1779.675104][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1779.680277][T32173]  ? _raw_spin_unlock+0x24/0x40
[ 1779.685103][T32173]  ? futex_exit_release+0x60/0x60
[ 1779.690131][T32173]  ? do_page_fault+0x5ad/0x13d4
[ 1779.694963][T32173]  ? lock_downgrade+0x840/0x840
[ 1779.699786][T32173]  ? handle_mm_fault+0xcbc/0x3c10
[ 1779.704802][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1779.709657][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1779.714152][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1779.719597][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1779.725565][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1779.730219][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1779.736177][T32173]  do_syscall_64+0xf6/0x7d0
[ 1779.740670][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1779.746535][T32173] RIP: 0033:0x45ca59
[ 1779.750405][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1779.769982][T32173] RSP: 002b:00007f7591575cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1779.778378][T32173] RAX: ffffffffffffffda RBX: 000000000078bfa8 RCX: 000000000045ca59
[ 1779.786325][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bfa8
[ 1779.794280][T32173] RBP: 000000000078bfa0 R08: 0000000000000000 R09: 0000000000000000
[ 1779.802227][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bfac
[ 1779.810177][T32173] R13: 0000000000c9fb6f R14: 00007f75915769c0 R15: 000000000078bfac
[ 1779.818149][T32173] syz-executor.4  T29856  6982   7358 0x00004004
[ 1779.824459][T32173] Call Trace:
[ 1779.827738][T32173]  __schedule+0x8f3/0x1fc0
[ 1779.832136][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1779.837393][T32173]  ? _raw_spin_unlock_irq+0x1f/0x80
[ 1779.842579][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1779.848536][T32173]  schedule+0xd0/0x2a0
[ 1779.852595][T32173]  do_signal_stop+0x31d/0x840
[ 1779.857252][T32173]  get_signal+0x100d/0x2510
[ 1779.861749][T32173]  do_signal+0x81/0x2240
[ 1779.865977][T32173]  ? check_kill_permission+0x53/0x540
[ 1779.871440][T32173]  ? copy_siginfo_to_user32+0xa0/0xa0
[ 1779.876787][T32173]  ? do_rt_tgsigqueueinfo+0xab/0x100
[ 1779.882055][T32173]  ? exit_to_usermode_loop+0x36/0x360
[ 1779.887414][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1779.893463][T32173]  exit_to_usermode_loop+0x26c/0x360
[ 1779.898735][T32173]  do_syscall_64+0x6b1/0x7d0
[ 1779.903308][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1779.909173][T32173] RIP: 0033:0x45ca59
[ 1779.913043][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1779.932619][T32173] RSP: 002b:00007fc7e9ef2c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000129
[ 1779.941018][T32173] RAX: 0000000000000000 RBX: 00000000004fc6a0 RCX: 000000000045ca59
[ 1779.948975][T32173] RDX: 0000000000000015 RSI: 0000000000000c56 RDI: 0000000000000c56
[ 1779.956922][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1779.964870][T32173] R10: 00000000200000c0 R11: 0000000000000246 R12: 00000000ffffffff
[ 1779.972815][T32173] R13: 00000000000008d0 R14: 00000000004cba6f R15: 00007fc7e9ef36d4
[ 1779.980787][T32173] kvm-nx-lpage-re S28808  6992      2 0x80004000
[ 1779.987094][T32173] Call Trace:
[ 1779.990365][T32173]  __schedule+0x8f3/0x1fc0
[ 1779.994783][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1780.000045][T32173]  ? _raw_spin_unlock_irqrestore+0x62/0xe0
[ 1780.005853][T32173]  schedule+0xd0/0x2a0
[ 1780.009898][T32173]  schedule_timeout+0x35c/0x850
[ 1780.014727][T32173]  ? usleep_range+0x160/0x160
[ 1780.019381][T32173]  ? kvm_nx_lpage_recovery_worker+0x56e/0x790
[ 1780.025440][T32173]  ? __next_timer_interrupt+0x190/0x190
[ 1780.030967][T32173]  ? finish_task_switch+0x147/0x750
[ 1780.036145][T32173]  kvm_nx_lpage_recovery_worker+0x1d3/0x790
[ 1780.042019][T32173]  ? kvm_mmu_pte_write+0xdb0/0xdb0
[ 1780.047107][T32173]  ? _raw_spin_unlock_irqrestore+0x62/0xe0
[ 1780.052902][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1780.058860][T32173]  ? __kthread_parkme+0x13f/0x1e0
[ 1780.063873][T32173]  kvm_vm_worker_thread+0x1b3/0x270
[ 1780.069042][T32173]  ? kvm_mmu_pte_write+0xdb0/0xdb0
[ 1780.074136][T32173]  ? kvm_exit+0x80/0x80
[ 1780.078268][T32173]  kthread+0x388/0x470
[ 1780.082312][T32173]  ? kthread_mod_delayed_work+0x1a0/0x1a0
[ 1780.088019][T32173]  ? kthread_mod_delayed_work+0x1a0/0x1a0
[ 1780.093715][T32173]  ret_from_fork+0x24/0x30
[ 1780.098114][T32173] syz-executor.3  S29824  6998   7107 0x00000000
[ 1780.104427][T32173] Call Trace:
[ 1780.107704][T32173]  __schedule+0x8f3/0x1fc0
[ 1780.112097][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1780.117360][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1780.122634][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1780.128069][T32173]  schedule+0xd0/0x2a0
[ 1780.132115][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1780.137221][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1780.142671][T32173]  futex_wait+0x1e2/0x550
[ 1780.146977][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1780.151985][T32173]  ? print_usage_bug+0x240/0x240
[ 1780.156911][T32173]  ? hash_futex+0x10/0x200
[ 1780.161301][T32173]  ? futex_wake+0x153/0x480
[ 1780.165791][T32173]  ? do_wp_page+0x512/0x1440
[ 1780.170362][T32173]  do_futex+0x15f/0x1ad0
[ 1780.174588][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1780.179775][T32173]  ? _raw_spin_unlock+0x24/0x40
[ 1780.184613][T32173]  ? futex_exit_release+0x60/0x60
[ 1780.189625][T32173]  ? do_page_fault+0x5ad/0x13d4
[ 1780.194456][T32173]  ? lock_downgrade+0x840/0x840
[ 1780.199280][T32173]  ? handle_mm_fault+0xcbc/0x3c10
[ 1780.204290][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1780.209034][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1780.213516][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1780.218953][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1780.224909][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1780.229583][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1780.235549][T32173]  do_syscall_64+0xf6/0x7d0
[ 1780.240039][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1780.245918][T32173] RIP: 0033:0x45ca59
[ 1780.249807][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1780.269395][T32173] RSP: 002b:00007f65face9cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1780.277788][T32173] RAX: ffffffffffffffda RBX: 000000000078bfa8 RCX: 000000000045ca59
[ 1780.285739][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bfa8
[ 1780.293685][T32173] RBP: 000000000078bfa0 R08: 0000000000000000 R09: 0000000000000000
[ 1780.301686][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bfac
[ 1780.309634][T32173] R13: 0000000000c9fb6f R14: 00007f65facea9c0 R15: 000000000078bfac
[ 1780.317598][T32173] kvm-nx-lpage-re S29472  7006      2 0x80004000
[ 1780.323916][T32173] Call Trace:
[ 1780.327200][T32173]  __schedule+0x8f3/0x1fc0
[ 1780.331599][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1780.336878][T32173]  ? _raw_spin_unlock_irqrestore+0x62/0xe0
[ 1780.342674][T32173]  schedule+0xd0/0x2a0
[ 1780.346719][T32173]  schedule_timeout+0x35c/0x850
[ 1780.351544][T32173]  ? usleep_range+0x160/0x160
[ 1780.356255][T32173]  ? kvm_nx_lpage_recovery_worker+0x56e/0x790
[ 1780.362341][T32173]  ? __next_timer_interrupt+0x190/0x190
[ 1780.367908][T32173]  kvm_nx_lpage_recovery_worker+0x1d3/0x790
[ 1780.373788][T32173]  ? kvm_mmu_pte_write+0xdb0/0xdb0
[ 1780.378886][T32173]  ? _raw_spin_unlock_irqrestore+0x62/0xe0
[ 1780.384673][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1780.390665][T32173]  ? __kthread_parkme+0x13f/0x1e0
[ 1780.395671][T32173]  kvm_vm_worker_thread+0x1b3/0x270
[ 1780.400903][T32173]  ? kvm_mmu_pte_write+0xdb0/0xdb0
[ 1780.406007][T32173]  ? kvm_exit+0x80/0x80
[ 1780.410148][T32173]  kthread+0x388/0x470
[ 1780.414203][T32173]  ? kthread_mod_delayed_work+0x1a0/0x1a0
[ 1780.419903][T32173]  ? kthread_mod_delayed_work+0x1a0/0x1a0
[ 1780.425600][T32173]  ret_from_fork+0x24/0x30
[ 1780.430005][T32173] syz-executor.1  S29824  7010   6929 0x00000000
[ 1780.436352][T32173] Call Trace:
[ 1780.439660][T32173]  __schedule+0x8f3/0x1fc0
[ 1780.444055][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1780.449337][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1780.454614][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1780.460050][T32173]  schedule+0xd0/0x2a0
[ 1780.464098][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1780.469184][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1780.474622][T32173]  futex_wait+0x1e2/0x550
[ 1780.478943][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1780.483942][T32173]  ? print_usage_bug+0x240/0x240
[ 1780.488854][T32173]  ? hash_futex+0x10/0x200
[ 1780.493260][T32173]  ? futex_wake+0x153/0x480
[ 1780.497748][T32173]  ? do_wp_page+0x512/0x1440
[ 1780.502317][T32173]  do_futex+0x15f/0x1ad0
[ 1780.506541][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1780.511740][T32173]  ? _raw_spin_unlock+0x24/0x40
[ 1780.516565][T32173]  ? futex_exit_release+0x60/0x60
[ 1780.521570][T32173]  ? do_page_fault+0x5ad/0x13d4
[ 1780.526398][T32173]  ? lock_downgrade+0x840/0x840
[ 1780.531219][T32173]  ? handle_mm_fault+0xcbc/0x3c10
[ 1780.536241][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1780.540994][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1780.545478][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1780.550910][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1780.556866][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1780.561517][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1780.567601][T32173]  do_syscall_64+0xf6/0x7d0
[ 1780.572083][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1780.577950][T32173] RIP: 0033:0x45ca59
[ 1780.581819][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1780.601396][T32173] RSP: 002b:00007f7591575cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1780.609782][T32173] RAX: ffffffffffffffda RBX: 000000000078bfa8 RCX: 000000000045ca59
[ 1780.617730][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bfa8
[ 1780.625678][T32173] RBP: 000000000078bfa0 R08: 0000000000000000 R09: 0000000000000000
[ 1780.633623][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bfac
[ 1780.641569][T32173] R13: 0000000000c9fb6f R14: 00007f75915769c0 R15: 000000000078bfac
[ 1780.649540][T32173] syz-executor.4  S29824  7022   7358 0x00000000
[ 1780.655856][T32173] Call Trace:
[ 1780.659137][T32173]  __schedule+0x8f3/0x1fc0
[ 1780.663535][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1780.668798][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1780.674059][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1780.679494][T32173]  schedule+0xd0/0x2a0
[ 1780.683552][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1780.688637][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1780.694074][T32173]  futex_wait+0x1e2/0x550
[ 1780.698379][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1780.703393][T32173]  ? wake_up_q+0xc1/0x140
[ 1780.707695][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1780.712875][T32173]  ? futex_wake+0x153/0x480
[ 1780.717373][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1780.723330][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1780.729298][T32173]  do_futex+0x15f/0x1ad0
[ 1780.733532][T32173]  ? find_held_lock+0x2d/0x110
[ 1780.738293][T32173]  ? futex_exit_release+0x60/0x60
[ 1780.743308][T32173]  ? lock_downgrade+0x840/0x840
[ 1780.748134][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1780.752962][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1780.758933][T32173]  ? __might_fault+0x190/0x1d0
[ 1780.763672][T32173]  ? _copy_to_user+0x126/0x160
[ 1780.768415][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1780.773159][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1780.777825][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1780.783262][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1780.789215][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1780.793869][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1780.799839][T32173]  do_syscall_64+0xf6/0x7d0
[ 1780.804334][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1780.810210][T32173] RIP: 0033:0x45ca59
[ 1780.814082][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1780.833831][T32173] RSP: 002b:00007fc7e9ef2cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1780.842214][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1780.850161][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1780.858105][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1780.866162][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1780.874110][T32173] R13: 0000000000c9fb6f R14: 00007fc7e9ef39c0 R15: 000000000078bf0c
[ 1780.882073][T32173] kvm-nx-lpage-re S29472  7023      2 0x80004000
[ 1780.888391][T32173] Call Trace:
[ 1780.891671][T32173]  __schedule+0x8f3/0x1fc0
[ 1780.896071][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1780.901329][T32173]  ? _raw_spin_unlock_irqrestore+0x62/0xe0
[ 1780.907113][T32173]  schedule+0xd0/0x2a0
[ 1780.911166][T32173]  schedule_timeout+0x35c/0x850
[ 1780.915994][T32173]  ? usleep_range+0x160/0x160
[ 1780.920645][T32173]  ? kvm_nx_lpage_recovery_worker+0x56e/0x790
[ 1780.926695][T32173]  ? __next_timer_interrupt+0x190/0x190
[ 1780.932218][T32173]  ? put_task_struct_rcu_user+0x7f/0xb0
[ 1780.937743][T32173]  kvm_nx_lpage_recovery_worker+0x1d3/0x790
[ 1780.943617][T32173]  ? kvm_mmu_pte_write+0xdb0/0xdb0
[ 1780.948704][T32173]  ? _raw_spin_unlock_irqrestore+0x62/0xe0
[ 1780.954497][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1780.960458][T32173]  ? __kthread_parkme+0x13f/0x1e0
[ 1780.965462][T32173]  kvm_vm_worker_thread+0x1b3/0x270
[ 1780.970633][T32173]  ? kvm_mmu_pte_write+0xdb0/0xdb0
[ 1780.975720][T32173]  ? kvm_exit+0x80/0x80
[ 1780.979852][T32173]  kthread+0x388/0x470
[ 1780.983897][T32173]  ? kthread_mod_delayed_work+0x1a0/0x1a0
[ 1780.989588][T32173]  ? kthread_mod_delayed_work+0x1a0/0x1a0
[ 1780.995294][T32173]  ret_from_fork+0x24/0x30
[ 1780.999693][T32173] kvm-nx-lpage-re S29472  7028      2 0x80004000
[ 1781.006014][T32173] Call Trace:
[ 1781.009280][T32173]  __schedule+0x8f3/0x1fc0
[ 1781.013678][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1781.018942][T32173]  ? _raw_spin_unlock_irqrestore+0x62/0xe0
[ 1781.024726][T32173]  schedule+0xd0/0x2a0
[ 1781.028784][T32173]  schedule_timeout+0x35c/0x850
[ 1781.033613][T32173]  ? usleep_range+0x160/0x160
[ 1781.038266][T32173]  ? kvm_nx_lpage_recovery_worker+0x56e/0x790
[ 1781.044321][T32173]  ? __next_timer_interrupt+0x190/0x190
[ 1781.049852][T32173]  kvm_nx_lpage_recovery_worker+0x1d3/0x790
[ 1781.055724][T32173]  ? kvm_mmu_pte_write+0xdb0/0xdb0
[ 1781.060826][T32173]  ? _raw_spin_unlock_irqrestore+0x62/0xe0
[ 1781.066620][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1781.072578][T32173]  ? __kthread_parkme+0x13f/0x1e0
[ 1781.077581][T32173]  kvm_vm_worker_thread+0x1b3/0x270
[ 1781.082752][T32173]  ? kvm_mmu_pte_write+0xdb0/0xdb0
[ 1781.087848][T32173]  ? kvm_exit+0x80/0x80
[ 1781.091981][T32173]  kthread+0x388/0x470
[ 1781.096035][T32173]  ? kthread_mod_delayed_work+0x1a0/0x1a0
[ 1781.101726][T32173]  ? kthread_mod_delayed_work+0x1a0/0x1a0
[ 1781.107421][T32173]  ret_from_fork+0x24/0x30
[ 1781.111818][T32173] kvm-nx-lpage-re S29472  7034      2 0x80004000
[ 1781.118127][T32173] Call Trace:
[ 1781.121404][T32173]  __schedule+0x8f3/0x1fc0
[ 1781.125801][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1781.131062][T32173]  ? _raw_spin_unlock_irqrestore+0x62/0xe0
[ 1781.136853][T32173]  schedule+0xd0/0x2a0
[ 1781.140898][T32173]  schedule_timeout+0x35c/0x850
[ 1781.145725][T32173]  ? usleep_range+0x160/0x160
[ 1781.150376][T32173]  ? kvm_nx_lpage_recovery_worker+0x56e/0x790
[ 1781.156435][T32173]  ? __next_timer_interrupt+0x190/0x190
[ 1781.161966][T32173]  kvm_nx_lpage_recovery_worker+0x1d3/0x790
[ 1781.167846][T32173]  ? kvm_mmu_pte_write+0xdb0/0xdb0
[ 1781.172935][T32173]  ? _raw_spin_unlock_irqrestore+0x62/0xe0
[ 1781.178714][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1781.184671][T32173]  ? __kthread_parkme+0x13f/0x1e0
[ 1781.189670][T32173]  kvm_vm_worker_thread+0x1b3/0x270
[ 1781.194840][T32173]  ? kvm_mmu_pte_write+0xdb0/0xdb0
[ 1781.199925][T32173]  ? kvm_exit+0x80/0x80
[ 1781.204059][T32173]  kthread+0x388/0x470
[ 1781.208106][T32173]  ? kthread_mod_delayed_work+0x1a0/0x1a0
[ 1781.213799][T32173]  ? kthread_mod_delayed_work+0x1a0/0x1a0
[ 1781.219491][T32173]  ret_from_fork+0x24/0x30
[ 1781.223891][T32173] kvm-nx-lpage-re S29472  7044      2 0x80004000
[ 1781.230205][T32173] Call Trace:
[ 1781.233479][T32173]  __schedule+0x8f3/0x1fc0
[ 1781.237896][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1781.243168][T32173]  ? _raw_spin_unlock_irqrestore+0x62/0xe0
[ 1781.248954][T32173]  schedule+0xd0/0x2a0
[ 1781.253005][T32173]  schedule_timeout+0x35c/0x850
[ 1781.257877][T32173]  ? usleep_range+0x160/0x160
[ 1781.262537][T32173]  ? kvm_nx_lpage_recovery_worker+0x56e/0x790
[ 1781.268630][T32173]  ? __next_timer_interrupt+0x190/0x190
[ 1781.274159][T32173]  ? finish_task_switch+0x147/0x750
[ 1781.279628][T32173]  kvm_nx_lpage_recovery_worker+0x1d3/0x790
[ 1781.285510][T32173]  ? kvm_mmu_pte_write+0xdb0/0xdb0
[ 1781.290601][T32173]  ? _raw_spin_unlock_irqrestore+0x62/0xe0
[ 1781.296386][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1781.302349][T32173]  ? __kthread_parkme+0x13f/0x1e0
[ 1781.307355][T32173]  kvm_vm_worker_thread+0x1b3/0x270
[ 1781.312563][T32173]  ? kvm_mmu_pte_write+0xdb0/0xdb0
[ 1781.317649][T32173]  ? kvm_exit+0x80/0x80
[ 1781.321818][T32173]  kthread+0x388/0x470
[ 1781.325898][T32173]  ? kthread_mod_delayed_work+0x1a0/0x1a0
[ 1781.331593][T32173]  ? kthread_mod_delayed_work+0x1a0/0x1a0
[ 1781.337288][T32173]  ret_from_fork+0x24/0x30
[ 1781.341691][T32173] syz-executor.2  S28904  7059   7087 0x00000000
[ 1781.347997][T32173] Call Trace:
[ 1781.351264][T32173]  __schedule+0x8f3/0x1fc0
[ 1781.355655][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1781.360919][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1781.366219][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1781.371799][T32173]  schedule+0xd0/0x2a0
[ 1781.375892][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1781.380980][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1781.386437][T32173]  futex_wait+0x1e2/0x550
[ 1781.390748][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1781.395798][T32173]  ? print_usage_bug+0x240/0x240
[ 1781.400755][T32173]  ? hash_futex+0x10/0x200
[ 1781.405150][T32173]  ? futex_wake+0x153/0x480
[ 1781.409657][T32173]  ? do_wp_page+0x512/0x1440
[ 1781.414236][T32173]  do_futex+0x15f/0x1ad0
[ 1781.418462][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1781.423638][T32173]  ? _raw_spin_unlock+0x24/0x40
[ 1781.428463][T32173]  ? futex_exit_release+0x60/0x60
[ 1781.433481][T32173]  ? do_page_fault+0x5ad/0x13d4
[ 1781.438351][T32173]  ? lock_downgrade+0x840/0x840
[ 1781.443180][T32173]  ? handle_mm_fault+0xcbc/0x3c10
[ 1781.448210][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1781.452954][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1781.457438][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1781.462872][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1781.468829][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1781.473497][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1781.479456][T32173]  do_syscall_64+0xf6/0x7d0
[ 1781.483940][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1781.489845][T32173] RIP: 0033:0x45ca59
[ 1781.493718][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1781.513302][T32173] RSP: 002b:00007f8cd7fc6cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1781.521687][T32173] RAX: ffffffffffffffda RBX: 000000000078bfa8 RCX: 000000000045ca59
[ 1781.529632][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bfa8
[ 1781.537579][T32173] RBP: 000000000078bfa0 R08: 0000000000000000 R09: 0000000000000000
[ 1781.547890][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bfac
[ 1781.555835][T32173] R13: 0000000000c9fb6f R14: 00007f8cd7fc79c0 R15: 000000000078bfac
[ 1781.563795][T32173] syz-executor.4  S28904  7060   7358 0x00000000
[ 1781.570100][T32173] Call Trace:
[ 1781.573369][T32173]  __schedule+0x8f3/0x1fc0
[ 1781.577762][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1781.583027][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1781.588306][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1781.593743][T32173]  schedule+0xd0/0x2a0
[ 1781.597788][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1781.602876][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1781.608313][T32173]  futex_wait+0x1e2/0x550
[ 1781.612628][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1781.617625][T32173]  ? print_usage_bug+0x240/0x240
[ 1781.622539][T32173]  ? hash_futex+0x10/0x200
[ 1781.626931][T32173]  ? futex_wake+0x153/0x480
[ 1781.631421][T32173]  ? do_wp_page+0x512/0x1440
[ 1781.635990][T32173]  do_futex+0x15f/0x1ad0
[ 1781.640213][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1781.645386][T32173]  ? _raw_spin_unlock+0x24/0x40
[ 1781.650211][T32173]  ? futex_exit_release+0x60/0x60
[ 1781.655228][T32173]  ? do_page_fault+0x5ad/0x13d4
[ 1781.660058][T32173]  ? lock_downgrade+0x840/0x840
[ 1781.664894][T32173]  ? handle_mm_fault+0xcbc/0x3c10
[ 1781.669902][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1781.674645][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1781.679136][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1781.684574][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1781.690529][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1781.695180][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1781.701136][T32173]  do_syscall_64+0xf6/0x7d0
[ 1781.705620][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1781.711484][T32173] RIP: 0033:0x45ca59
[ 1781.715366][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1781.734942][T32173] RSP: 002b:00007fc7e9ed1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1781.743336][T32173] RAX: ffffffffffffffda RBX: 000000000078bfa8 RCX: 000000000045ca59
[ 1781.751281][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bfa8
[ 1781.759226][T32173] RBP: 000000000078bfa0 R08: 0000000000000000 R09: 0000000000000000
[ 1781.767186][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bfac
[ 1781.775140][T32173] R13: 0000000000c9fb6f R14: 00007fc7e9ed29c0 R15: 000000000078bfac
[ 1781.783114][T32173] syz-executor.1  S28904  7061   6929 0x00000000
[ 1781.789422][T32173] Call Trace:
[ 1781.792705][T32173]  __schedule+0x8f3/0x1fc0
[ 1781.797107][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1781.802371][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1781.807736][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1781.813174][T32173]  schedule+0xd0/0x2a0
[ 1781.817222][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1781.822308][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1781.827741][T32173]  ? find_held_lock+0x2d/0x110
[ 1781.832484][T32173]  futex_wait+0x1e2/0x550
[ 1781.836791][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1781.841788][T32173]  ? print_usage_bug+0x240/0x240
[ 1781.846699][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1781.851877][T32173]  ? futex_wake+0x153/0x480
[ 1781.856368][T32173]  ? do_wp_page+0x512/0x1440
[ 1781.860953][T32173]  do_futex+0x15f/0x1ad0
[ 1781.865178][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1781.870355][T32173]  ? _raw_spin_unlock+0x24/0x40
[ 1781.875181][T32173]  ? futex_exit_release+0x60/0x60
[ 1781.880183][T32173]  ? do_page_fault+0x5ad/0x13d4
[ 1781.885012][T32173]  ? lock_downgrade+0x840/0x840
[ 1781.889847][T32173]  ? handle_mm_fault+0xcbc/0x3c10
[ 1781.894855][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1781.899598][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1781.904077][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1781.909508][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1781.915464][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1781.920114][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1781.926086][T32173]  do_syscall_64+0xf6/0x7d0
[ 1781.930566][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1781.936951][T32173] RIP: 0033:0x45ca59
[ 1781.940832][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1781.960549][T32173] RSP: 002b:00007f7591575cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1781.968939][T32173] RAX: ffffffffffffffda RBX: 000000000078bfa8 RCX: 000000000045ca59
[ 1781.976888][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bfa8
[ 1781.984838][T32173] RBP: 000000000078bfa0 R08: 0000000000000000 R09: 0000000000000000
[ 1781.992786][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bfac
[ 1782.000734][T32173] R13: 0000000000c9fb6f R14: 00007f75915769c0 R15: 000000000078bfac
[ 1782.008699][T32173] syz-executor.3  S29824  7063   7107 0x00000000
[ 1782.015007][T32173] Call Trace:
[ 1782.018283][T32173]  __schedule+0x8f3/0x1fc0
[ 1782.022690][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1782.027953][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1782.033218][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1782.038752][T32173]  schedule+0xd0/0x2a0
[ 1782.042801][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1782.047886][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1782.053328][T32173]  ? find_held_lock+0x2d/0x110
[ 1782.058071][T32173]  futex_wait+0x1e2/0x550
[ 1782.062392][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1782.067388][T32173]  ? print_usage_bug+0x240/0x240
[ 1782.072302][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1782.077484][T32173]  ? futex_wake+0x153/0x480
[ 1782.081975][T32173]  ? do_wp_page+0x512/0x1440
[ 1782.086559][T32173]  do_futex+0x15f/0x1ad0
[ 1782.090782][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1782.095955][T32173]  ? _raw_spin_unlock+0x24/0x40
[ 1782.100784][T32173]  ? futex_exit_release+0x60/0x60
[ 1782.106276][T32173]  ? do_page_fault+0x5ad/0x13d4
[ 1782.111119][T32173]  ? lock_downgrade+0x840/0x840
[ 1782.115962][T32173]  ? handle_mm_fault+0xcbc/0x3c10
[ 1782.120985][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1782.125737][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1782.130219][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1782.135657][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1782.141611][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1782.146283][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1782.152253][T32173]  do_syscall_64+0xf6/0x7d0
[ 1782.156748][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1782.162616][T32173] RIP: 0033:0x45ca59
[ 1782.166499][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1782.186085][T32173] RSP: 002b:00007f65face9cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1782.194483][T32173] RAX: ffffffffffffffda RBX: 000000000078bfa8 RCX: 000000000045ca59
[ 1782.202440][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bfa8
[ 1782.210395][T32173] RBP: 000000000078bfa0 R08: 0000000000000000 R09: 0000000000000000
[ 1782.218341][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bfac
[ 1782.226287][T32173] R13: 0000000000c9fb6f R14: 00007f65facea9c0 R15: 000000000078bfac
[ 1782.234258][T32173] kvm-nx-lpage-re S29872  7068      2 0x80004000
[ 1782.240575][T32173] Call Trace:
[ 1782.243862][T32173]  __schedule+0x8f3/0x1fc0
[ 1782.248319][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1782.253624][T32173]  ? _raw_spin_unlock_irqrestore+0x62/0xe0
[ 1782.259412][T32173]  schedule+0xd0/0x2a0
[ 1782.263461][T32173]  schedule_timeout+0x35c/0x850
[ 1782.268335][T32173]  ? usleep_range+0x160/0x160
[ 1782.273007][T32173]  ? kvm_nx_lpage_recovery_worker+0x56e/0x790
[ 1782.279054][T32173]  ? __next_timer_interrupt+0x190/0x190
[ 1782.284585][T32173]  kvm_nx_lpage_recovery_worker+0x1d3/0x790
[ 1782.290461][T32173]  ? kvm_mmu_pte_write+0xdb0/0xdb0
[ 1782.295567][T32173]  ? _raw_spin_unlock_irqrestore+0x62/0xe0
[ 1782.301350][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1782.311568][T32173]  ? __kthread_parkme+0x13f/0x1e0
[ 1782.316582][T32173]  kvm_vm_worker_thread+0x1b3/0x270
[ 1782.321766][T32173]  ? kvm_mmu_pte_write+0xdb0/0xdb0
[ 1782.326853][T32173]  ? kvm_exit+0x80/0x80
[ 1782.330982][T32173]  kthread+0x388/0x470
[ 1782.335030][T32173]  ? kthread_mod_delayed_work+0x1a0/0x1a0
[ 1782.340733][T32173]  ? kthread_mod_delayed_work+0x1a0/0x1a0
[ 1782.346513][T32173]  ret_from_fork+0x24/0x30
[ 1782.350915][T32173] kvm-nx-lpage-re S29536  7095      2 0x80004000
[ 1782.357224][T32173] Call Trace:
[ 1782.360489][T32173]  __schedule+0x8f3/0x1fc0
[ 1782.364905][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1782.370187][T32173]  ? _raw_spin_unlock_irqrestore+0x62/0xe0
[ 1782.375983][T32173]  schedule+0xd0/0x2a0
[ 1782.380035][T32173]  schedule_timeout+0x35c/0x850
[ 1782.384868][T32173]  ? usleep_range+0x160/0x160
[ 1782.389526][T32173]  ? kvm_nx_lpage_recovery_worker+0x56e/0x790
[ 1782.395576][T32173]  ? __next_timer_interrupt+0x190/0x190
[ 1782.401110][T32173]  kvm_nx_lpage_recovery_worker+0x1d3/0x790
[ 1782.406991][T32173]  ? kvm_mmu_pte_write+0xdb0/0xdb0
[ 1782.412094][T32173]  ? _raw_spin_unlock_irqrestore+0x62/0xe0
[ 1782.417880][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1782.423858][T32173]  ? __kthread_parkme+0x13f/0x1e0
[ 1782.428864][T32173]  kvm_vm_worker_thread+0x1b3/0x270
[ 1782.434040][T32173]  ? kvm_mmu_pte_write+0xdb0/0xdb0
[ 1782.439156][T32173]  ? kvm_exit+0x80/0x80
[ 1782.443290][T32173]  kthread+0x388/0x470
[ 1782.447336][T32173]  ? kthread_mod_delayed_work+0x1a0/0x1a0
[ 1782.453031][T32173]  ? kthread_mod_delayed_work+0x1a0/0x1a0
[ 1782.458768][T32173]  ret_from_fork+0x24/0x30
[ 1782.463172][T32173] kvm-nx-lpage-re S29872  7105      2 0x80004000
[ 1782.469483][T32173] Call Trace:
[ 1782.472753][T32173]  __schedule+0x8f3/0x1fc0
[ 1782.477154][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1782.482416][T32173]  ? _raw_spin_unlock_irqrestore+0x62/0xe0
[ 1782.488197][T32173]  schedule+0xd0/0x2a0
[ 1782.492243][T32173]  schedule_timeout+0x35c/0x850
[ 1782.497069][T32173]  ? usleep_range+0x160/0x160
[ 1782.501720][T32173]  ? kvm_nx_lpage_recovery_worker+0x56e/0x790
[ 1782.507807][T32173]  ? __next_timer_interrupt+0x190/0x190
[ 1782.513380][T32173]  kvm_nx_lpage_recovery_worker+0x1d3/0x790
[ 1782.519253][T32173]  ? kvm_mmu_pte_write+0xdb0/0xdb0
[ 1782.524343][T32173]  ? _raw_spin_unlock_irqrestore+0x62/0xe0
[ 1782.530141][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1782.536100][T32173]  ? __kthread_parkme+0x13f/0x1e0
[ 1782.541116][T32173]  kvm_vm_worker_thread+0x1b3/0x270
[ 1782.546286][T32173]  ? kvm_mmu_pte_write+0xdb0/0xdb0
[ 1782.551483][T32173]  ? kvm_exit+0x80/0x80
[ 1782.555626][T32173]  kthread+0x388/0x470
[ 1782.559671][T32173]  ? kthread_mod_delayed_work+0x1a0/0x1a0
[ 1782.565372][T32173]  ? kthread_mod_delayed_work+0x1a0/0x1a0
[ 1782.571065][T32173]  ret_from_fork+0x24/0x30
[ 1782.575464][T32173] syz-executor.5  S29824  7106   7376 0x00000000
[ 1782.581773][T32173] Call Trace:
[ 1782.585058][T32173]  __schedule+0x8f3/0x1fc0
[ 1782.589450][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1782.594725][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1782.599988][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1782.605426][T32173]  schedule+0xd0/0x2a0
[ 1782.609472][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1782.614571][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1782.620004][T32173]  ? find_held_lock+0x2d/0x110
[ 1782.624749][T32173]  futex_wait+0x1e2/0x550
[ 1782.629055][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1782.634054][T32173]  ? print_usage_bug+0x240/0x240
[ 1782.638968][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1782.644235][T32173]  ? futex_wake+0x153/0x480
[ 1782.648722][T32173]  ? do_wp_page+0x512/0x1440
[ 1782.653305][T32173]  do_futex+0x15f/0x1ad0
[ 1782.657529][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1782.662704][T32173]  ? _raw_spin_unlock+0x24/0x40
[ 1782.667528][T32173]  ? futex_exit_release+0x60/0x60
[ 1782.672533][T32173]  ? do_page_fault+0x5ad/0x13d4
[ 1782.677360][T32173]  ? lock_downgrade+0x840/0x840
[ 1782.682186][T32173]  ? handle_mm_fault+0xcbc/0x3c10
[ 1782.687194][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1782.691950][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1782.696441][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1782.701876][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1782.707846][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1782.712498][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1782.718466][T32173]  do_syscall_64+0xf6/0x7d0
[ 1782.722948][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1782.728840][T32173] RIP: 0033:0x45ca59
[ 1782.732724][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1782.752315][T32173] RSP: 002b:00007f65633fdcf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1782.760698][T32173] RAX: ffffffffffffffda RBX: 000000000078bfa8 RCX: 000000000045ca59
[ 1782.768642][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bfa8
[ 1782.776589][T32173] RBP: 000000000078bfa0 R08: 0000000000000000 R09: 0000000000000000
[ 1782.784542][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bfac
[ 1782.792493][T32173] R13: 0000000000c9fb6f R14: 00007f65633fe9c0 R15: 000000000078bfac
[ 1782.800461][T32173] syz-executor.2  S28904  7111   7087 0x00000000
[ 1782.806773][T32173] Call Trace:
[ 1782.810063][T32173]  __schedule+0x8f3/0x1fc0
[ 1782.814460][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1782.819726][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1782.824991][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1782.830431][T32173]  schedule+0xd0/0x2a0
[ 1782.834479][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1782.839567][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1782.845007][T32173]  futex_wait+0x1e2/0x550
[ 1782.849314][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1782.854314][T32173]  ? print_usage_bug+0x240/0x240
[ 1782.859249][T32173]  ? hash_futex+0x10/0x200
[ 1782.863644][T32173]  ? futex_wake+0x153/0x480
[ 1782.868137][T32173]  ? do_wp_page+0x512/0x1440
[ 1782.872707][T32173]  do_futex+0x15f/0x1ad0
[ 1782.876934][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1782.882123][T32173]  ? _raw_spin_unlock+0x24/0x40
[ 1782.886950][T32173]  ? futex_exit_release+0x60/0x60
[ 1782.892056][T32173]  ? do_page_fault+0x5ad/0x13d4
[ 1782.896900][T32173]  ? lock_downgrade+0x840/0x840
[ 1782.901726][T32173]  ? handle_mm_fault+0xcbc/0x3c10
[ 1782.906739][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1782.911480][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1782.915972][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1782.921413][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1782.927367][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1782.932021][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1782.937980][T32173]  do_syscall_64+0xf6/0x7d0
[ 1782.942460][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1782.948335][T32173] RIP: 0033:0x45ca59
[ 1782.952218][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1782.971797][T32173] RSP: 002b:00007f8cd7fc6cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1782.980185][T32173] RAX: ffffffffffffffda RBX: 000000000078bfa8 RCX: 000000000045ca59
[ 1782.988142][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bfa8
[ 1782.996101][T32173] RBP: 000000000078bfa0 R08: 0000000000000000 R09: 0000000000000000
[ 1783.004064][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bfac
[ 1783.012011][T32173] R13: 0000000000c9fb6f R14: 00007f8cd7fc79c0 R15: 000000000078bfac
[ 1783.019972][T32173] syz-executor.4  S29824  7113   7358 0x00000000
[ 1783.026281][T32173] Call Trace:
[ 1783.029549][T32173]  __schedule+0x8f3/0x1fc0
[ 1783.033954][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1783.039218][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1783.044480][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1783.049916][T32173]  schedule+0xd0/0x2a0
[ 1783.053960][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1783.059045][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1783.064495][T32173]  futex_wait+0x1e2/0x550
[ 1783.068803][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1783.073805][T32173]  ? print_usage_bug+0x240/0x240
[ 1783.078720][T32173]  ? hash_futex+0x10/0x200
[ 1783.083125][T32173]  ? futex_wake+0x153/0x480
[ 1783.087616][T32173]  ? do_wp_page+0x512/0x1440
[ 1783.092187][T32173]  do_futex+0x15f/0x1ad0
[ 1783.096423][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1783.101596][T32173]  ? _raw_spin_unlock+0x24/0x40
[ 1783.106429][T32173]  ? futex_exit_release+0x60/0x60
[ 1783.111443][T32173]  ? do_page_fault+0x5ad/0x13d4
[ 1783.116272][T32173]  ? lock_downgrade+0x840/0x840
[ 1783.121095][T32173]  ? handle_mm_fault+0xcbc/0x3c10
[ 1783.126116][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1783.130857][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1783.135341][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1783.140772][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1783.146729][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1783.151382][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1783.157341][T32173]  do_syscall_64+0xf6/0x7d0
[ 1783.161823][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1783.167691][T32173] RIP: 0033:0x45ca59
[ 1783.171573][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1783.191150][T32173] RSP: 002b:00007fc7e9ed1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1783.199544][T32173] RAX: ffffffffffffffda RBX: 000000000078bfa8 RCX: 000000000045ca59
[ 1783.207490][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bfa8
[ 1783.215437][T32173] RBP: 000000000078bfa0 R08: 0000000000000000 R09: 0000000000000000
[ 1783.223384][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bfac
[ 1783.231328][T32173] R13: 0000000000c9fb6f R14: 00007fc7e9ed29c0 R15: 000000000078bfac
[ 1783.239289][T32173] kvm-nx-lpage-re S28960  7128      2 0x80004000
[ 1783.245855][T32173] Call Trace:
[ 1783.249145][T32173]  __schedule+0x8f3/0x1fc0
[ 1783.253546][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1783.258810][T32173]  ? _raw_spin_unlock_irqrestore+0x62/0xe0
[ 1783.264597][T32173]  schedule+0xd0/0x2a0
[ 1783.268651][T32173]  schedule_timeout+0x35c/0x850
[ 1783.273484][T32173]  ? usleep_range+0x160/0x160
[ 1783.278178][T32173]  ? kvm_nx_lpage_recovery_worker+0x56e/0x790
[ 1783.284226][T32173]  ? __next_timer_interrupt+0x190/0x190
[ 1783.289775][T32173]  kvm_nx_lpage_recovery_worker+0x1d3/0x790
[ 1783.295653][T32173]  ? kvm_mmu_pte_write+0xdb0/0xdb0
[ 1783.300744][T32173]  ? _raw_spin_unlock_irqrestore+0x62/0xe0
[ 1783.306546][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1783.312506][T32173]  ? __kthread_parkme+0x13f/0x1e0
[ 1783.317509][T32173]  kvm_vm_worker_thread+0x1b3/0x270
[ 1783.322682][T32173]  ? kvm_mmu_pte_write+0xdb0/0xdb0
[ 1783.327766][T32173]  ? kvm_exit+0x80/0x80
[ 1783.331899][T32173]  kthread+0x388/0x470
[ 1783.335958][T32173]  ? kthread_mod_delayed_work+0x1a0/0x1a0
[ 1783.341655][T32173]  ? kthread_mod_delayed_work+0x1a0/0x1a0
[ 1783.347355][T32173]  ret_from_fork+0x24/0x30
[ 1783.351787][T32173] kvm-nx-lpage-re S29472  7129      2 0x80004000
[ 1783.358103][T32173] Call Trace:
[ 1783.361374][T32173]  __schedule+0x8f3/0x1fc0
[ 1783.365786][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1783.371049][T32173]  ? _raw_spin_unlock_irqrestore+0x62/0xe0
[ 1783.376878][T32173]  schedule+0xd0/0x2a0
[ 1783.380923][T32173]  schedule_timeout+0x35c/0x850
[ 1783.385751][T32173]  ? usleep_range+0x160/0x160
[ 1783.390417][T32173]  ? kvm_nx_lpage_recovery_worker+0x56e/0x790
[ 1783.396462][T32173]  ? __next_timer_interrupt+0x190/0x190
[ 1783.401989][T32173]  ? finish_task_switch+0x147/0x750
[ 1783.407166][T32173]  kvm_nx_lpage_recovery_worker+0x1d3/0x790
[ 1783.413060][T32173]  ? kvm_mmu_pte_write+0xdb0/0xdb0
[ 1783.418164][T32173]  ? _raw_spin_unlock_irqrestore+0x62/0xe0
[ 1783.423965][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1783.429941][T32173]  ? __kthread_parkme+0x13f/0x1e0
[ 1783.434948][T32173]  kvm_vm_worker_thread+0x1b3/0x270
[ 1783.440122][T32173]  ? kvm_mmu_pte_write+0xdb0/0xdb0
[ 1783.445216][T32173]  ? kvm_exit+0x80/0x80
[ 1783.449350][T32173]  kthread+0x388/0x470
[ 1783.453392][T32173]  ? kthread_mod_delayed_work+0x1a0/0x1a0
[ 1783.459086][T32173]  ? kthread_mod_delayed_work+0x1a0/0x1a0
[ 1783.464792][T32173]  ret_from_fork+0x24/0x30
[ 1783.469192][T32173] kvm-nx-lpage-re S29872  7138      2 0x80004000
[ 1783.475499][T32173] Call Trace:
[ 1783.478804][T32173]  __schedule+0x8f3/0x1fc0
[ 1783.483202][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1783.488474][T32173]  ? _raw_spin_unlock_irqrestore+0x62/0xe0
[ 1783.494258][T32173]  schedule+0xd0/0x2a0
[ 1783.498304][T32173]  schedule_timeout+0x35c/0x850
[ 1783.503131][T32173]  ? usleep_range+0x160/0x160
[ 1783.507783][T32173]  ? kvm_nx_lpage_recovery_worker+0x56e/0x790
[ 1783.513825][T32173]  ? __next_timer_interrupt+0x190/0x190
[ 1783.519355][T32173]  kvm_nx_lpage_recovery_worker+0x1d3/0x790
[ 1783.525230][T32173]  ? kvm_mmu_pte_write+0xdb0/0xdb0
[ 1783.530318][T32173]  ? _raw_spin_unlock_irqrestore+0x62/0xe0
[ 1783.536099][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1783.542233][T32173]  ? __kthread_parkme+0x13f/0x1e0
[ 1783.547235][T32173]  kvm_vm_worker_thread+0x1b3/0x270
[ 1783.552416][T32173]  ? kvm_mmu_pte_write+0xdb0/0xdb0
[ 1783.557500][T32173]  ? kvm_exit+0x80/0x80
[ 1783.561646][T32173]  kthread+0x388/0x470
[ 1783.565711][T32173]  ? kthread_mod_delayed_work+0x1a0/0x1a0
[ 1783.571402][T32173]  ? kthread_mod_delayed_work+0x1a0/0x1a0
[ 1783.577097][T32173]  ret_from_fork+0x24/0x30
[ 1783.581497][T32173] syz-executor.4  S28904  7148   7358 0x00000000
[ 1783.587813][T32173] Call Trace:
[ 1783.591098][T32173]  __schedule+0x8f3/0x1fc0
[ 1783.595491][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1783.600755][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1783.606017][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1783.611455][T32173]  schedule+0xd0/0x2a0
[ 1783.615500][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1783.620586][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1783.626023][T32173]  futex_wait+0x1e2/0x550
[ 1783.630505][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1783.635519][T32173]  ? lock_downgrade+0x840/0x840
[ 1783.640363][T32173]  ? hash_futex+0x10/0x200
[ 1783.644765][T32173]  ? futex_wake+0x153/0x480
[ 1783.649260][T32173]  do_futex+0x15f/0x1ad0
[ 1783.653481][T32173]  ? handle_mm_fault+0x1b0c/0x3c10
[ 1783.658571][T32173]  ? futex_exit_release+0x60/0x60
[ 1783.663574][T32173]  ? do_page_fault+0x5ad/0x13d4
[ 1783.668413][T32173]  ? lock_downgrade+0x840/0x840
[ 1783.673251][T32173]  ? handle_mm_fault+0xcbc/0x3c10
[ 1783.678258][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1783.683000][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1783.687494][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1783.692927][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1783.698888][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1783.703542][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1783.709502][T32173]  do_syscall_64+0xf6/0x7d0
[ 1783.713984][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1783.719847][T32173] RIP: 0033:0x45ca59
[ 1783.723723][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1783.743312][T32173] RSP: 002b:00007fc7e9ed1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1783.751770][T32173] RAX: ffffffffffffffda RBX: 000000000078bfa8 RCX: 000000000045ca59
[ 1783.759740][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bfa8
[ 1783.767725][T32173] RBP: 000000000078bfa0 R08: 0000000000000000 R09: 0000000000000000
[ 1783.775716][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bfac
[ 1783.783673][T32173] R13: 0000000000c9fb6f R14: 00007fc7e9ed29c0 R15: 000000000078bfac
[ 1783.791647][T32173] syz-executor.5  S29824  7150   7376 0x00000000
[ 1783.797974][T32173] Call Trace:
[ 1783.801243][T32173]  __schedule+0x8f3/0x1fc0
[ 1783.805638][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1783.810908][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1783.816173][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1783.821653][T32173]  schedule+0xd0/0x2a0
[ 1783.825703][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1783.830824][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1783.836258][T32173]  ? find_held_lock+0x2d/0x110
[ 1783.841085][T32173]  futex_wait+0x1e2/0x550
[ 1783.845430][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1783.850439][T32173]  ? print_usage_bug+0x240/0x240
[ 1783.855365][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1783.860540][T32173]  ? futex_wake+0x153/0x480
[ 1783.865030][T32173]  ? do_wp_page+0x512/0x1440
[ 1783.869602][T32173]  do_futex+0x15f/0x1ad0
[ 1783.873839][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1783.879013][T32173]  ? _raw_spin_unlock+0x24/0x40
[ 1783.883850][T32173]  ? futex_exit_release+0x60/0x60
[ 1783.888855][T32173]  ? do_page_fault+0x5ad/0x13d4
[ 1783.893697][T32173]  ? lock_downgrade+0x840/0x840
[ 1783.898532][T32173]  ? handle_mm_fault+0xcbc/0x3c10
[ 1783.903543][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1783.908295][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1783.912788][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1783.918230][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1783.924186][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1783.928851][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1783.934810][T32173]  do_syscall_64+0xf6/0x7d0
[ 1783.939301][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1783.945180][T32173] RIP: 0033:0x45ca59
[ 1783.949049][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1783.968626][T32173] RSP: 002b:00007f65633fdcf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1783.977011][T32173] RAX: ffffffffffffffda RBX: 000000000078bfa8 RCX: 000000000045ca59
[ 1783.984957][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bfa8
[ 1783.992902][T32173] RBP: 000000000078bfa0 R08: 0000000000000000 R09: 0000000000000000
[ 1784.000846][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bfac
[ 1784.008793][T32173] R13: 0000000000c9fb6f R14: 00007f65633fe9c0 R15: 000000000078bfac
[ 1784.016755][T32173] syz-executor.2  S29824  7152   7087 0x00000000
[ 1784.023063][T32173] Call Trace:
[ 1784.026333][T32173]  __schedule+0x8f3/0x1fc0
[ 1784.030725][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1784.035990][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1784.041256][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1784.046692][T32173]  schedule+0xd0/0x2a0
[ 1784.050737][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1784.055838][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1784.061277][T32173]  futex_wait+0x1e2/0x550
[ 1784.065589][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1784.070588][T32173]  ? print_usage_bug+0x240/0x240
[ 1784.075504][T32173]  ? hash_futex+0x10/0x200
[ 1784.079903][T32173]  ? futex_wake+0x153/0x480
[ 1784.084394][T32173]  ? do_wp_page+0x512/0x1440
[ 1784.088976][T32173]  do_futex+0x15f/0x1ad0
[ 1784.093214][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1784.098399][T32173]  ? _raw_spin_unlock+0x24/0x40
[ 1784.103236][T32173]  ? futex_exit_release+0x60/0x60
[ 1784.108250][T32173]  ? do_page_fault+0x5ad/0x13d4
[ 1784.113080][T32173]  ? lock_downgrade+0x840/0x840
[ 1784.117904][T32173]  ? handle_mm_fault+0xcbc/0x3c10
[ 1784.122916][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1784.127656][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1784.132139][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1784.137575][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1784.143530][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1784.148194][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1784.154163][T32173]  do_syscall_64+0xf6/0x7d0
[ 1784.158643][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1784.164524][T32173] RIP: 0033:0x45ca59
[ 1784.168393][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1784.187982][T32173] RSP: 002b:00007f8cd7fc6cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1784.196365][T32173] RAX: ffffffffffffffda RBX: 000000000078bfa8 RCX: 000000000045ca59
[ 1784.204328][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bfa8
[ 1784.212274][T32173] RBP: 000000000078bfa0 R08: 0000000000000000 R09: 0000000000000000
[ 1784.220276][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bfac
[ 1784.228267][T32173] R13: 0000000000c9fb6f R14: 00007f8cd7fc79c0 R15: 000000000078bfac
[ 1784.236237][T32173] kvm-nx-lpage-re S29544  7161      2 0x80004000
[ 1784.242549][T32173] Call Trace:
[ 1784.245827][T32173]  __schedule+0x8f3/0x1fc0
[ 1784.250226][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1784.255534][T32173]  ? _raw_spin_unlock_irqrestore+0x62/0xe0
[ 1784.261318][T32173]  schedule+0xd0/0x2a0
[ 1784.265425][T32173]  schedule_timeout+0x35c/0x850
[ 1784.270253][T32173]  ? usleep_range+0x160/0x160
[ 1784.274911][T32173]  ? kvm_nx_lpage_recovery_worker+0x56e/0x790
[ 1784.280956][T32173]  ? __next_timer_interrupt+0x190/0x190
[ 1784.286518][T32173]  ? finish_task_switch+0x147/0x750
[ 1784.291708][T32173]  kvm_nx_lpage_recovery_worker+0x1d3/0x790
[ 1784.297618][T32173]  ? kvm_mmu_pte_write+0xdb0/0xdb0
[ 1784.302707][T32173]  ? _raw_spin_unlock_irqrestore+0x62/0xe0
[ 1784.308487][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1784.314446][T32173]  ? __kthread_parkme+0x13f/0x1e0
[ 1784.319462][T32173]  kvm_vm_worker_thread+0x1b3/0x270
[ 1784.324634][T32173]  ? kvm_mmu_pte_write+0xdb0/0xdb0
[ 1784.329719][T32173]  ? kvm_exit+0x80/0x80
[ 1784.333861][T32173]  kthread+0x388/0x470
[ 1784.337909][T32173]  ? kthread_mod_delayed_work+0x1a0/0x1a0
[ 1784.343605][T32173]  ? kthread_mod_delayed_work+0x1a0/0x1a0
[ 1784.349299][T32173]  ret_from_fork+0x24/0x30
[ 1784.353701][T32173] syz-executor.5  S28976  7179   7376 0x00000000
[ 1784.360007][T32173] Call Trace:
[ 1784.363272][T32173]  __schedule+0x8f3/0x1fc0
[ 1784.367664][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1784.372928][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1784.378205][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1784.383648][T32173]  schedule+0xd0/0x2a0
[ 1784.387697][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1784.392787][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1784.398226][T32173]  futex_wait+0x1e2/0x550
[ 1784.402540][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1784.407540][T32173]  ? print_usage_bug+0x240/0x240
[ 1784.412510][T32173]  ? hash_futex+0x10/0x200
[ 1784.416910][T32173]  ? futex_wake+0x153/0x480
[ 1784.421446][T32173]  ? do_wp_page+0x512/0x1440
[ 1784.426020][T32173]  do_futex+0x15f/0x1ad0
[ 1784.430248][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1784.435448][T32173]  ? _raw_spin_unlock+0x24/0x40
[ 1784.440309][T32173]  ? futex_exit_release+0x60/0x60
[ 1784.445317][T32173]  ? do_page_fault+0x5ad/0x13d4
[ 1784.450151][T32173]  ? lock_downgrade+0x840/0x840
[ 1784.454976][T32173]  ? handle_mm_fault+0xcbc/0x3c10
[ 1784.459984][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1784.464730][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1784.469210][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1784.474679][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1784.480633][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1784.485287][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1784.491279][T32173]  do_syscall_64+0xf6/0x7d0
[ 1784.495761][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1784.501635][T32173] RIP: 0033:0x45ca59
[ 1784.505514][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1784.525093][T32173] RSP: 002b:00007f65633fdcf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1784.533490][T32173] RAX: ffffffffffffffda RBX: 000000000078bfa8 RCX: 000000000045ca59
[ 1784.541444][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bfa8
[ 1784.549390][T32173] RBP: 000000000078bfa0 R08: 0000000000000000 R09: 0000000000000000
[ 1784.557335][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bfac
[ 1784.565279][T32173] R13: 0000000000c9fb6f R14: 00007f65633fe9c0 R15: 000000000078bfac
[ 1784.573251][T32173] syz-executor.5  S27808  7538   7376 0x00000000
[ 1784.579557][T32173] Call Trace:
[ 1784.582823][T32173]  __schedule+0x8f3/0x1fc0
[ 1784.587213][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1784.592484][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1784.597748][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1784.603185][T32173]  schedule+0xd0/0x2a0
[ 1784.607231][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1784.612318][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1784.617749][T32173]  ? find_held_lock+0x2d/0x110
[ 1784.622495][T32173]  futex_wait+0x1e2/0x550
[ 1784.626804][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1784.631802][T32173]  ? print_usage_bug+0x240/0x240
[ 1784.636713][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1784.641887][T32173]  ? futex_wake+0x153/0x480
[ 1784.646383][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1784.652338][T32173]  ? kfree+0x1fe/0x2b0
[ 1784.656392][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1784.662361][T32173]  do_futex+0x15f/0x1ad0
[ 1784.666585][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1784.672030][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1784.677980][T32173]  ? retint_kernel+0x2b/0x2b
[ 1784.682547][T32173]  ? trace_hardirqs_on_caller+0x64/0x240
[ 1784.688160][T32173]  ? futex_exit_release+0x60/0x60
[ 1784.693171][T32173]  ? __this_cpu_preempt_check+0x84/0x190
[ 1784.698779][T32173]  ? smp_apic_timer_interrupt+0x1b6/0x600
[ 1784.704474][T32173]  ? retint_kernel+0x2b/0x2b
[ 1784.709044][T32173]  ? _copy_to_user+0x110/0x160
[ 1784.713814][T32173]  ? copy_user_generic_string+0x40/0x40
[ 1784.719333][T32173]  ? _copy_to_user+0x126/0x160
[ 1784.724078][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1784.728829][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1784.733311][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1784.738745][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1784.744713][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1784.749366][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1784.755325][T32173]  do_syscall_64+0xf6/0x7d0
[ 1784.759804][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1784.765668][T32173] RIP: 0033:0x45ca59
[ 1784.769539][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1784.789116][T32173] RSP: 002b:00007f656341ecf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1784.797499][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1784.805446][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1784.813496][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1784.821440][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1784.829388][T32173] R13: 0000000000c9fb6f R14: 00007f656341f9c0 R15: 000000000078bf0c
[ 1784.837350][T32173] syz-executor.4  S28904  7661   7358 0x00000000
[ 1784.843659][T32173] Call Trace:
[ 1784.846927][T32173]  __schedule+0x8f3/0x1fc0
[ 1784.851316][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1784.856579][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1784.861842][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1784.867297][T32173]  schedule+0xd0/0x2a0
[ 1784.871353][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1784.876447][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1784.881911][T32173]  futex_wait+0x1e2/0x550
[ 1784.886219][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1784.891216][T32173]  ? print_usage_bug+0x240/0x240
[ 1784.896130][T32173]  ? hash_futex+0x10/0x200
[ 1784.900523][T32173]  ? futex_wake+0x153/0x480
[ 1784.905011][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1784.910963][T32173]  ? mark_lock+0x11f/0xdd0
[ 1784.915354][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1784.921310][T32173]  do_futex+0x15f/0x1ad0
[ 1784.925548][T32173]  ? find_held_lock+0x2d/0x110
[ 1784.930294][T32173]  ? futex_exit_release+0x60/0x60
[ 1784.935297][T32173]  ? lock_downgrade+0x840/0x840
[ 1784.940124][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1784.945035][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1784.950998][T32173]  ? __might_fault+0x190/0x1d0
[ 1784.955743][T32173]  ? _copy_to_user+0x126/0x160
[ 1784.960488][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1784.965229][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1784.969708][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1784.975262][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1784.981216][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1784.985879][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1784.991837][T32173]  do_syscall_64+0xf6/0x7d0
[ 1784.996319][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1785.002183][T32173] RIP: 0033:0x45ca59
[ 1785.006061][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1785.025647][T32173] RSP: 002b:00007fc7e9ed1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1785.034073][T32173] RAX: ffffffffffffffda RBX: 000000000078bfa8 RCX: 000000000045ca59
[ 1785.042023][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bfa8
[ 1785.049974][T32173] RBP: 000000000078bfa0 R08: 0000000000000000 R09: 0000000000000000
[ 1785.057925][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bfac
[ 1785.065875][T32173] R13: 0000000000c9fb6f R14: 00007fc7e9ed29c0 R15: 000000000078bfac
[ 1785.073844][T32173] syz-executor.5  S29824  7847   7376 0x00000000
[ 1785.080197][T32173] Call Trace:
[ 1785.083471][T32173]  __schedule+0x8f3/0x1fc0
[ 1785.087865][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1785.093130][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1785.098402][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1785.103867][T32173]  schedule+0xd0/0x2a0
[ 1785.107912][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1785.112999][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1785.118435][T32173]  futex_wait+0x1e2/0x550
[ 1785.122746][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1785.127748][T32173]  ? print_usage_bug+0x240/0x240
[ 1785.132662][T32173]  ? hash_futex+0x10/0x200
[ 1785.137069][T32173]  ? futex_wake+0x153/0x480
[ 1785.141555][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1785.147507][T32173]  ? mark_lock+0x11f/0xdd0
[ 1785.151903][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1785.157870][T32173]  do_futex+0x15f/0x1ad0
[ 1785.162108][T32173]  ? find_held_lock+0x2d/0x110
[ 1785.166845][T32173]  ? futex_exit_release+0x60/0x60
[ 1785.171847][T32173]  ? lock_downgrade+0x840/0x840
[ 1785.176674][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1785.181500][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1785.187475][T32173]  ? __might_fault+0x190/0x1d0
[ 1785.192217][T32173]  ? _copy_to_user+0x126/0x160
[ 1785.196962][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1785.201704][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1785.206196][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1785.211640][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1785.217607][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1785.222258][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1785.228214][T32173]  do_syscall_64+0xf6/0x7d0
[ 1785.232713][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1785.238585][T32173] RIP: 0033:0x45ca59
[ 1785.242519][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1785.262278][T32173] RSP: 002b:00007f656341ecf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1785.270666][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1785.278614][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1785.286574][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1785.294532][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1785.302480][T32173] R13: 0000000000c9fb6f R14: 00007f656341f9c0 R15: 000000000078bf0c
[ 1785.310455][T32173] syz-executor.3  S29824  8027   7107 0x00000000
[ 1785.316766][T32173] Call Trace:
[ 1785.320038][T32173]  __schedule+0x8f3/0x1fc0
[ 1785.324433][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1785.329699][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1785.334986][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1785.340423][T32173]  schedule+0xd0/0x2a0
[ 1785.344469][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1785.349558][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1785.355007][T32173]  ? find_held_lock+0x2d/0x110
[ 1785.359767][T32173]  futex_wait+0x1e2/0x550
[ 1785.364122][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1785.369164][T32173]  ? print_usage_bug+0x240/0x240
[ 1785.374080][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1785.379259][T32173]  ? futex_wake+0x153/0x480
[ 1785.383752][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1785.389711][T32173]  ? do_wp_page+0x512/0x1440
[ 1785.394294][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1785.400309][T32173]  do_futex+0x15f/0x1ad0
[ 1785.404548][T32173]  ? find_held_lock+0x2d/0x110
[ 1785.409403][T32173]  ? futex_exit_release+0x60/0x60
[ 1785.414411][T32173]  ? lock_downgrade+0x840/0x840
[ 1785.419243][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1785.424113][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1785.430080][T32173]  ? __might_fault+0x190/0x1d0
[ 1785.434821][T32173]  ? _copy_to_user+0x126/0x160
[ 1785.439568][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1785.444573][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1785.449058][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1785.454491][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1785.460446][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1785.465099][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1785.471056][T32173]  do_syscall_64+0xf6/0x7d0
[ 1785.475586][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1785.481464][T32173] RIP: 0033:0x45ca59
[ 1785.485349][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1785.504938][T32173] RSP: 002b:00007f65fad0acf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1785.513328][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1785.521286][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1785.529235][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1785.537190][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1785.545142][T32173] R13: 0000000000c9fb6f R14: 00007f65fad0b9c0 R15: 000000000078bf0c
[ 1785.553105][T32173] syz-executor.3  S29824  8058   7107 0x00000000
[ 1785.559425][T32173] Call Trace:
[ 1785.562702][T32173]  __schedule+0x8f3/0x1fc0
[ 1785.567096][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1785.572359][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1785.577631][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1785.583080][T32173]  schedule+0xd0/0x2a0
[ 1785.587126][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1785.592223][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1785.597661][T32173]  futex_wait+0x1e2/0x550
[ 1785.601983][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1785.606991][T32173]  ? print_usage_bug+0x240/0x240
[ 1785.611906][T32173]  ? hash_futex+0x10/0x200
[ 1785.616299][T32173]  ? futex_wake+0x153/0x480
[ 1785.620785][T32173]  ? do_wp_page+0x512/0x1440
[ 1785.625354][T32173]  do_futex+0x15f/0x1ad0
[ 1785.629577][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1785.634752][T32173]  ? _raw_spin_unlock+0x24/0x40
[ 1785.639585][T32173]  ? futex_exit_release+0x60/0x60
[ 1785.644599][T32173]  ? do_page_fault+0x5ad/0x13d4
[ 1785.649430][T32173]  ? lock_downgrade+0x840/0x840
[ 1785.654253][T32173]  ? handle_mm_fault+0xcbc/0x3c10
[ 1785.659261][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1785.664016][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1785.668495][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1785.673927][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1785.679901][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1785.684553][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1785.690523][T32173]  do_syscall_64+0xf6/0x7d0
[ 1785.695016][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1785.700890][T32173] RIP: 0033:0x45ca59
[ 1785.704761][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1785.724437][T32173] RSP: 002b:00007f65face9cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1785.733258][T32173] RAX: ffffffffffffffda RBX: 000000000078bfa8 RCX: 000000000045ca59
[ 1785.741205][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bfa8
[ 1785.749182][T32173] RBP: 000000000078bfa0 R08: 0000000000000000 R09: 0000000000000000
[ 1785.757130][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bfac
[ 1785.765079][T32173] R13: 0000000000c9fb6f R14: 00007f65facea9c0 R15: 000000000078bfac
[ 1785.773039][T32173] syz-executor.3  S29824  8081   7107 0x00000000
[ 1785.779365][T32173] Call Trace:
[ 1785.782651][T32173]  __schedule+0x8f3/0x1fc0
[ 1785.787053][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1785.792318][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1785.797580][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1785.803017][T32173]  schedule+0xd0/0x2a0
[ 1785.807063][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1785.812151][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1785.817596][T32173]  ? find_held_lock+0x2d/0x110
[ 1785.822354][T32173]  futex_wait+0x1e2/0x550
[ 1785.826683][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1785.831687][T32173]  ? print_usage_bug+0x240/0x240
[ 1785.836617][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1785.841809][T32173]  ? futex_wake+0x153/0x480
[ 1785.846297][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1785.852269][T32173]  ? do_wp_page+0x512/0x1440
[ 1785.856836][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1785.862809][T32173]  do_futex+0x15f/0x1ad0
[ 1785.867039][T32173]  ? find_held_lock+0x2d/0x110
[ 1785.871780][T32173]  ? futex_exit_release+0x60/0x60
[ 1785.876800][T32173]  ? lock_downgrade+0x840/0x840
[ 1785.881635][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1785.886465][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1785.892427][T32173]  ? __might_fault+0x190/0x1d0
[ 1785.897166][T32173]  ? _copy_to_user+0x126/0x160
[ 1785.901927][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1785.906672][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1785.911152][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1785.916603][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1785.922837][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1785.927491][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1785.933450][T32173]  do_syscall_64+0xf6/0x7d0
[ 1785.937931][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1785.943798][T32173] RIP: 0033:0x45ca59
[ 1785.947671][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1785.967247][T32173] RSP: 002b:00007f65fad0acf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1785.975631][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1785.983583][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1785.991529][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1785.999484][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1786.007430][T32173] R13: 0000000000c9fb6f R14: 00007f65fad0b9c0 R15: 000000000078bf0c
[ 1786.015400][T32173] syz-executor.3  S29824  8108   7107 0x00000000
[ 1786.021710][T32173] Call Trace:
[ 1786.024980][T32173]  __schedule+0x8f3/0x1fc0
[ 1786.029372][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1786.034638][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1786.039903][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1786.045341][T32173]  schedule+0xd0/0x2a0
[ 1786.049390][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1786.054479][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1786.059916][T32173]  futex_wait+0x1e2/0x550
[ 1786.064226][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1786.069405][T32173]  ? print_usage_bug+0x240/0x240
[ 1786.074321][T32173]  ? hash_futex+0x10/0x200
[ 1786.078717][T32173]  ? futex_wake+0x153/0x480
[ 1786.083208][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1786.089162][T32173]  ? do_wp_page+0x512/0x1440
[ 1786.093731][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1786.099704][T32173]  do_futex+0x15f/0x1ad0
[ 1786.103931][T32173]  ? find_held_lock+0x2d/0x110
[ 1786.108680][T32173]  ? futex_exit_release+0x60/0x60
[ 1786.113682][T32173]  ? lock_downgrade+0x840/0x840
[ 1786.118510][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1786.123599][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1786.129564][T32173]  ? __might_fault+0x190/0x1d0
[ 1786.134303][T32173]  ? _copy_to_user+0x126/0x160
[ 1786.139046][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1786.143809][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1786.148289][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1786.153725][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1786.159693][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1786.164347][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1786.170306][T32173]  do_syscall_64+0xf6/0x7d0
[ 1786.174789][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1786.180656][T32173] RIP: 0033:0x45ca59
[ 1786.184530][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1786.204109][T32173] RSP: 002b:00007f65fad0acf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1786.212514][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1786.220461][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1786.228407][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1786.236369][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1786.244385][T32173] R13: 0000000000c9fb6f R14: 00007f65fad0b9c0 R15: 000000000078bf0c
[ 1786.252354][T32173] syz-executor.3  S28120  8846   7107 0x00000000
[ 1786.258726][T32173] Call Trace:
[ 1786.262005][T32173]  __schedule+0x8f3/0x1fc0
[ 1786.266403][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1786.271673][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1786.276983][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1786.282468][T32173]  schedule+0xd0/0x2a0
[ 1786.286533][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1786.291628][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1786.297084][T32173]  ? find_held_lock+0x2d/0x110
[ 1786.301828][T32173]  futex_wait+0x1e2/0x550
[ 1786.306138][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1786.311139][T32173]  ? print_usage_bug+0x240/0x240
[ 1786.316053][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1786.321246][T32173]  ? futex_wake+0x153/0x480
[ 1786.325738][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1786.331715][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1786.337678][T32173]  do_futex+0x15f/0x1ad0
[ 1786.341908][T32173]  ? find_held_lock+0x2d/0x110
[ 1786.346656][T32173]  ? futex_exit_release+0x60/0x60
[ 1786.351664][T32173]  ? lock_downgrade+0x840/0x840
[ 1786.356493][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1786.361333][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1786.367313][T32173]  ? __might_fault+0x190/0x1d0
[ 1786.372058][T32173]  ? _copy_to_user+0x126/0x160
[ 1786.376803][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1786.381571][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1786.386069][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1786.391505][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1786.397496][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1786.402163][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1786.408132][T32173]  do_syscall_64+0xf6/0x7d0
[ 1786.412676][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1786.418556][T32173] RIP: 0033:0x45ca59
[ 1786.422434][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1786.442019][T32173] RSP: 002b:00007f65fad0acf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1786.450453][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1786.458663][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1786.466613][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1786.474724][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1786.482718][T32173] R13: 0000000000c9fb6f R14: 00007f65fad0b9c0 R15: 000000000078bf0c
[ 1786.490683][T32173] syz-executor.3  S29824  9025   7107 0x00000000
[ 1786.497006][T32173] Call Trace:
[ 1786.500279][T32173]  __schedule+0x8f3/0x1fc0
[ 1786.504674][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1786.509939][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1786.515221][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1786.520659][T32173]  schedule+0xd0/0x2a0
[ 1786.524707][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1786.529795][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1786.535236][T32173]  futex_wait+0x1e2/0x550
[ 1786.539543][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1786.544544][T32173]  ? print_usage_bug+0x240/0x240
[ 1786.549473][T32173]  ? hash_futex+0x10/0x200
[ 1786.553867][T32173]  ? futex_wake+0x153/0x480
[ 1786.558357][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1786.564314][T32173]  ? do_wp_page+0x512/0x1440
[ 1786.568898][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1786.574872][T32173]  do_futex+0x15f/0x1ad0
[ 1786.579113][T32173]  ? find_held_lock+0x2d/0x110
[ 1786.583873][T32173]  ? futex_exit_release+0x60/0x60
[ 1786.588891][T32173]  ? lock_downgrade+0x840/0x840
[ 1786.593719][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1786.598548][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1786.604512][T32173]  ? __might_fault+0x190/0x1d0
[ 1786.609269][T32173]  ? _copy_to_user+0x126/0x160
[ 1786.614014][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1786.618776][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1786.623260][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1786.628694][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1786.634668][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1786.639338][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1786.645314][T32173]  do_syscall_64+0xf6/0x7d0
[ 1786.649827][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1786.655700][T32173] RIP: 0033:0x45ca59
[ 1786.659576][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1786.679193][T32173] RSP: 002b:00007f65fad0acf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1786.687581][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1786.695533][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1786.703502][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1786.711467][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1786.719432][T32173] R13: 0000000000c9fb6f R14: 00007f65fad0b9c0 R15: 000000000078bf0c
[ 1786.727411][T32173] syz-executor.3  S29824  9029   7107 0x00000000
[ 1786.733731][T32173] Call Trace:
[ 1786.737044][T32173]  __schedule+0x8f3/0x1fc0
[ 1786.741443][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1786.746711][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1786.751977][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1786.757416][T32173]  schedule+0xd0/0x2a0
[ 1786.761466][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1786.766595][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1786.772053][T32173]  ? find_held_lock+0x2d/0x110
[ 1786.776797][T32173]  futex_wait+0x1e2/0x550
[ 1786.781107][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1786.786136][T32173]  ? print_usage_bug+0x240/0x240
[ 1786.791052][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1786.796229][T32173]  ? futex_wake+0x153/0x480
[ 1786.800821][T32173]  ? do_wp_page+0x512/0x1440
[ 1786.805394][T32173]  do_futex+0x15f/0x1ad0
[ 1786.809619][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1786.814794][T32173]  ? _raw_spin_unlock+0x24/0x40
[ 1786.819621][T32173]  ? futex_exit_release+0x60/0x60
[ 1786.824626][T32173]  ? do_page_fault+0x5ad/0x13d4
[ 1786.829455][T32173]  ? lock_downgrade+0x840/0x840
[ 1786.834282][T32173]  ? handle_mm_fault+0xcbc/0x3c10
[ 1786.839291][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1786.844036][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1786.848517][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1786.853952][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1786.859927][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1786.864583][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1786.870548][T32173]  do_syscall_64+0xf6/0x7d0
[ 1786.875036][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1786.880904][T32173] RIP: 0033:0x45ca59
[ 1786.884777][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1786.904373][T32173] RSP: 002b:00007f65face9cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1786.912774][T32173] RAX: ffffffffffffffda RBX: 000000000078bfa8 RCX: 000000000045ca59
[ 1786.920721][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bfa8
[ 1786.928685][T32173] RBP: 000000000078bfa0 R08: 0000000000000000 R09: 0000000000000000
[ 1786.936633][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bfac
[ 1786.944581][T32173] R13: 0000000000c9fb6f R14: 00007f65facea9c0 R15: 000000000078bfac
[ 1786.952566][T32173] syz-executor.3  S29824  9036   7107 0x00000000
[ 1786.958877][T32173] Call Trace:
[ 1786.962147][T32173]  __schedule+0x8f3/0x1fc0
[ 1786.966541][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1786.971809][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1786.977089][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1786.982528][T32173]  schedule+0xd0/0x2a0
[ 1786.986576][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1786.991665][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1786.997106][T32173]  futex_wait+0x1e2/0x550
[ 1787.001417][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1787.006418][T32173]  ? print_usage_bug+0x240/0x240
[ 1787.011332][T32173]  ? hash_futex+0x10/0x200
[ 1787.015727][T32173]  ? futex_wake+0x153/0x480
[ 1787.020216][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1787.026175][T32173]  ? do_wp_page+0x512/0x1440
[ 1787.030761][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1787.036718][T32173]  do_futex+0x15f/0x1ad0
[ 1787.040943][T32173]  ? find_held_lock+0x2d/0x110
[ 1787.045686][T32173]  ? futex_exit_release+0x60/0x60
[ 1787.050687][T32173]  ? lock_downgrade+0x840/0x840
[ 1787.055518][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1787.060366][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1787.066330][T32173]  ? __might_fault+0x190/0x1d0
[ 1787.071070][T32173]  ? _copy_to_user+0x126/0x160
[ 1787.075816][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1787.080565][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1787.085050][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1787.090482][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1787.096440][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1787.101090][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1787.107065][T32173]  do_syscall_64+0xf6/0x7d0
[ 1787.111552][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1787.117419][T32173] RIP: 0033:0x45ca59
[ 1787.121291][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1787.140884][T32173] RSP: 002b:00007f65fad0acf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1787.149443][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1787.157389][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1787.165340][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1787.173287][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1787.181248][T32173] R13: 0000000000c9fb6f R14: 00007f65fad0b9c0 R15: 000000000078bf0c
[ 1787.189209][T32173] syz-executor.1  S29824  9046   6929 0x00000000
[ 1787.195518][T32173] Call Trace:
[ 1787.198790][T32173]  __schedule+0x8f3/0x1fc0
[ 1787.203185][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1787.208456][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1787.213720][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1787.219160][T32173]  schedule+0xd0/0x2a0
[ 1787.223211][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1787.228301][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1787.233741][T32173]  futex_wait+0x1e2/0x550
[ 1787.238065][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1787.243070][T32173]  ? print_usage_bug+0x240/0x240
[ 1787.247991][T32173]  ? hash_futex+0x10/0x200
[ 1787.252393][T32173]  ? futex_wake+0x153/0x480
[ 1787.256893][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1787.262858][T32173]  ? do_wp_page+0x512/0x1440
[ 1787.267431][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1787.273390][T32173]  do_futex+0x15f/0x1ad0
[ 1787.277618][T32173]  ? find_held_lock+0x2d/0x110
[ 1787.282360][T32173]  ? futex_exit_release+0x60/0x60
[ 1787.287362][T32173]  ? lock_downgrade+0x840/0x840
[ 1787.292190][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1787.297062][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1787.303025][T32173]  ? __might_fault+0x190/0x1d0
[ 1787.307785][T32173]  ? _copy_to_user+0x126/0x160
[ 1787.312530][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1787.317274][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1787.321757][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1787.327191][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1787.333148][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1787.337800][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1787.343775][T32173]  do_syscall_64+0xf6/0x7d0
[ 1787.348274][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1787.354153][T32173] RIP: 0033:0x45ca59
[ 1787.358033][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1787.377614][T32173] RSP: 002b:00007f7591596cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1787.386003][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1787.393951][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1787.401914][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1787.409861][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1787.417842][T32173] R13: 0000000000c9fb6f R14: 00007f75915979c0 R15: 000000000078bf0c
[ 1787.425819][T32173] syz-executor.3  S29824  9049   7107 0x00000000
[ 1787.432136][T32173] Call Trace:
[ 1787.435412][T32173]  __schedule+0x8f3/0x1fc0
[ 1787.439812][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1787.445080][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1787.450362][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1787.455818][T32173]  schedule+0xd0/0x2a0
[ 1787.459880][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1787.464969][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1787.470409][T32173]  futex_wait+0x1e2/0x550
[ 1787.474718][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1787.479720][T32173]  ? print_usage_bug+0x240/0x240
[ 1787.484638][T32173]  ? hash_futex+0x10/0x200
[ 1787.489033][T32173]  ? futex_wake+0x153/0x480
[ 1787.493524][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1787.499481][T32173]  ? do_wp_page+0x512/0x1440
[ 1787.504048][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1787.510006][T32173]  do_futex+0x15f/0x1ad0
[ 1787.514234][T32173]  ? find_held_lock+0x2d/0x110
[ 1787.518976][T32173]  ? futex_exit_release+0x60/0x60
[ 1787.523978][T32173]  ? lock_downgrade+0x840/0x840
[ 1787.528805][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1787.533633][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1787.539595][T32173]  ? __might_fault+0x190/0x1d0
[ 1787.544338][T32173]  ? _copy_to_user+0x126/0x160
[ 1787.549101][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1787.553844][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1787.558325][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1787.563759][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1787.569715][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1787.574385][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1787.580343][T32173]  do_syscall_64+0xf6/0x7d0
[ 1787.584828][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1787.590693][T32173] RIP: 0033:0x45ca59
[ 1787.594567][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1787.614165][T32173] RSP: 002b:00007f65fad0acf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1787.622554][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1787.630520][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1787.638466][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1787.646414][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1787.654361][T32173] R13: 0000000000c9fb6f R14: 00007f65fad0b9c0 R15: 000000000078bf0c
[ 1787.662342][T32173] syz-executor.1  S29824  9073   6929 0x00000000
[ 1787.668655][T32173] Call Trace:
[ 1787.671925][T32173]  __schedule+0x8f3/0x1fc0
[ 1787.676317][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1787.681581][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1787.686844][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1787.692282][T32173]  schedule+0xd0/0x2a0
[ 1787.696333][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1787.701423][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1787.706873][T32173]  futex_wait+0x1e2/0x550
[ 1787.711199][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1787.716203][T32173]  ? print_usage_bug+0x240/0x240
[ 1787.721119][T32173]  ? hash_futex+0x10/0x200
[ 1787.725513][T32173]  ? futex_wake+0x153/0x480
[ 1787.730000][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1787.735962][T32173]  ? do_wp_page+0x512/0x1440
[ 1787.740529][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1787.746489][T32173]  do_futex+0x15f/0x1ad0
[ 1787.750732][T32173]  ? find_held_lock+0x2d/0x110
[ 1787.755473][T32173]  ? futex_exit_release+0x60/0x60
[ 1787.760489][T32173]  ? lock_downgrade+0x840/0x840
[ 1787.765318][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1787.770146][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1787.776124][T32173]  ? __might_fault+0x190/0x1d0
[ 1787.780882][T32173]  ? _copy_to_user+0x126/0x160
[ 1787.785631][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1787.790374][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1787.794872][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1787.800320][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1787.806294][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1787.810949][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1787.816907][T32173]  do_syscall_64+0xf6/0x7d0
[ 1787.821410][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1787.827288][T32173] RIP: 0033:0x45ca59
[ 1787.831177][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1787.850772][T32173] RSP: 002b:00007f7591596cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1787.859176][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1787.867138][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1787.875086][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1787.883033][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1787.891067][T32173] R13: 0000000000c9fb6f R14: 00007f75915979c0 R15: 000000000078bf0c
[ 1787.899031][T32173] syz-executor.3  S29824  9075   7107 0x00000000
[ 1787.905352][T32173] Call Trace:
[ 1787.908637][T32173]  __schedule+0x8f3/0x1fc0
[ 1787.913043][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1787.918320][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1787.923591][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1787.929037][T32173]  schedule+0xd0/0x2a0
[ 1787.933088][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1787.938176][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1787.943612][T32173]  ? find_held_lock+0x2d/0x110
[ 1787.948356][T32173]  futex_wait+0x1e2/0x550
[ 1787.952666][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1787.957668][T32173]  ? print_usage_bug+0x240/0x240
[ 1787.962585][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1787.967761][T32173]  ? futex_wake+0x153/0x480
[ 1787.972268][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1787.978329][T32173]  ? do_wp_page+0x512/0x1440
[ 1787.982914][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1787.988882][T32173]  do_futex+0x15f/0x1ad0
[ 1787.993115][T32173]  ? find_held_lock+0x2d/0x110
[ 1787.997905][T32173]  ? futex_exit_release+0x60/0x60
[ 1788.002912][T32173]  ? lock_downgrade+0x840/0x840
[ 1788.007741][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1788.012567][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1788.018546][T32173]  ? __might_fault+0x190/0x1d0
[ 1788.023287][T32173]  ? _copy_to_user+0x126/0x160
[ 1788.028033][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1788.032778][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1788.037261][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1788.042697][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1788.048653][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1788.053347][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1788.059306][T32173]  do_syscall_64+0xf6/0x7d0
[ 1788.063793][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1788.069658][T32173] RIP: 0033:0x45ca59
[ 1788.073584][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1788.093170][T32173] RSP: 002b:00007f65fad0acf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1788.101556][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1788.109505][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1788.117468][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1788.125430][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1788.133387][T32173] R13: 0000000000c9fb6f R14: 00007f65fad0b9c0 R15: 000000000078bf0c
[ 1788.141355][T32173] syz-executor.2  S29824  9093   7087 0x00000000
[ 1788.147731][T32173] Call Trace:
[ 1788.151044][T32173]  __schedule+0x8f3/0x1fc0
[ 1788.155442][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1788.160706][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1788.165972][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1788.171419][T32173]  schedule+0xd0/0x2a0
[ 1788.175474][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1788.180562][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1788.186038][T32173]  futex_wait+0x1e2/0x550
[ 1788.190349][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1788.195352][T32173]  ? print_usage_bug+0x240/0x240
[ 1788.200266][T32173]  ? hash_futex+0x10/0x200
[ 1788.204664][T32173]  ? futex_wake+0x153/0x480
[ 1788.209151][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1788.215107][T32173]  ? do_wp_page+0x512/0x1440
[ 1788.219690][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1788.225655][T32173]  do_futex+0x15f/0x1ad0
[ 1788.229906][T32173]  ? find_held_lock+0x2d/0x110
[ 1788.234655][T32173]  ? futex_exit_release+0x60/0x60
[ 1788.239681][T32173]  ? lock_downgrade+0x840/0x840
[ 1788.244522][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1788.249357][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1788.255325][T32173]  ? __might_fault+0x190/0x1d0
[ 1788.260068][T32173]  ? _copy_to_user+0x126/0x160
[ 1788.264818][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1788.269566][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1788.274049][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1788.279486][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1788.285448][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1788.290103][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1788.296062][T32173]  do_syscall_64+0xf6/0x7d0
[ 1788.300546][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1788.306416][T32173] RIP: 0033:0x45ca59
[ 1788.310296][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1788.329892][T32173] RSP: 002b:00007f8cd7fe7cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1788.338279][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1788.346226][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1788.354175][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1788.362122][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1788.370067][T32173] R13: 0000000000c9fb6f R14: 00007f8cd7fe89c0 R15: 000000000078bf0c
[ 1788.378031][T32173] syz-executor.1  S29824  9099   6929 0x00000000
[ 1788.384451][T32173] Call Trace:
[ 1788.387720][T32173]  __schedule+0x8f3/0x1fc0
[ 1788.392113][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1788.397378][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1788.402715][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1788.408217][T32173]  schedule+0xd0/0x2a0
[ 1788.412277][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1788.417369][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1788.422810][T32173]  futex_wait+0x1e2/0x550
[ 1788.427167][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1788.432210][T32173]  ? print_usage_bug+0x240/0x240
[ 1788.437126][T32173]  ? hash_futex+0x10/0x200
[ 1788.441539][T32173]  ? futex_wake+0x153/0x480
[ 1788.446027][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1788.451983][T32173]  ? do_wp_page+0x512/0x1440
[ 1788.456550][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1788.462508][T32173]  do_futex+0x15f/0x1ad0
[ 1788.466776][T32173]  ? find_held_lock+0x2d/0x110
[ 1788.471519][T32173]  ? futex_exit_release+0x60/0x60
[ 1788.476523][T32173]  ? lock_downgrade+0x840/0x840
[ 1788.481377][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1788.486221][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1788.492193][T32173]  ? __might_fault+0x190/0x1d0
[ 1788.496944][T32173]  ? _copy_to_user+0x126/0x160
[ 1788.501697][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1788.506448][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1788.510939][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1788.516377][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1788.522334][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1788.526988][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1788.532949][T32173]  do_syscall_64+0xf6/0x7d0
[ 1788.537434][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1788.543318][T32173] RIP: 0033:0x45ca59
[ 1788.547192][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1788.566770][T32173] RSP: 002b:00007f7591596cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1788.575156][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1788.583119][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1788.591069][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1788.599017][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1788.606963][T32173] R13: 0000000000c9fb6f R14: 00007f75915979c0 R15: 000000000078bf0c
[ 1788.614929][T32173] syz-executor.2  S29824  9131   7087 0x00000000
[ 1788.621235][T32173] Call Trace:
[ 1788.624524][T32173]  __schedule+0x8f3/0x1fc0
[ 1788.628919][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1788.634183][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1788.639447][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1788.644886][T32173]  schedule+0xd0/0x2a0
[ 1788.648949][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1788.654036][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1788.659473][T32173]  futex_wait+0x1e2/0x550
[ 1788.663785][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1788.668785][T32173]  ? print_usage_bug+0x240/0x240
[ 1788.673715][T32173]  ? hash_futex+0x10/0x200
[ 1788.678109][T32173]  ? futex_wake+0x153/0x480
[ 1788.682610][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1788.688565][T32173]  ? do_wp_page+0x512/0x1440
[ 1788.693132][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1788.699088][T32173]  do_futex+0x15f/0x1ad0
[ 1788.703315][T32173]  ? find_held_lock+0x2d/0x110
[ 1788.708054][T32173]  ? futex_exit_release+0x60/0x60
[ 1788.713074][T32173]  ? lock_downgrade+0x840/0x840
[ 1788.717916][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1788.722830][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1788.728791][T32173]  ? __might_fault+0x190/0x1d0
[ 1788.733531][T32173]  ? _copy_to_user+0x126/0x160
[ 1788.738274][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1788.743020][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1788.747501][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1788.752934][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1788.758891][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1788.763545][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1788.769504][T32173]  do_syscall_64+0xf6/0x7d0
[ 1788.773986][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1788.779854][T32173] RIP: 0033:0x45ca59
[ 1788.783725][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1788.803318][T32173] RSP: 002b:00007f8cd7fe7cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1788.811703][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1788.819649][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1788.827596][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1788.835544][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1788.843491][T32173] R13: 0000000000c9fb6f R14: 00007f8cd7fe89c0 R15: 000000000078bf0c
[ 1788.851520][T32173] syz-executor.2  S29824  9171   7087 0x00000000
[ 1788.857843][T32173] Call Trace:
[ 1788.861127][T32173]  __schedule+0x8f3/0x1fc0
[ 1788.865572][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1788.870845][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1788.876112][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1788.881575][T32173]  schedule+0xd0/0x2a0
[ 1788.885622][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1788.890709][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1788.896150][T32173]  futex_wait+0x1e2/0x550
[ 1788.900503][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1788.905507][T32173]  ? print_usage_bug+0x240/0x240
[ 1788.910425][T32173]  ? hash_futex+0x10/0x200
[ 1788.914820][T32173]  ? futex_wake+0x153/0x480
[ 1788.919309][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1788.925267][T32173]  ? do_wp_page+0x512/0x1440
[ 1788.929835][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1788.935794][T32173]  do_futex+0x15f/0x1ad0
[ 1788.940020][T32173]  ? find_held_lock+0x2d/0x110
[ 1788.944810][T32173]  ? futex_exit_release+0x60/0x60
[ 1788.949811][T32173]  ? lock_downgrade+0x840/0x840
[ 1788.954638][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1788.959477][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1788.965441][T32173]  ? __might_fault+0x190/0x1d0
[ 1788.970229][T32173]  ? _copy_to_user+0x126/0x160
[ 1788.974976][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1788.979759][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1788.984258][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1788.989797][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1788.995755][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1789.000410][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1789.006369][T32173]  do_syscall_64+0xf6/0x7d0
[ 1789.010850][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1789.016717][T32173] RIP: 0033:0x45ca59
[ 1789.020590][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1789.040168][T32173] RSP: 002b:00007f8cd7fe7cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1789.048571][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1789.056518][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1789.064465][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1789.072415][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1789.080360][T32173] R13: 0000000000c9fb6f R14: 00007f8cd7fe89c0 R15: 000000000078bf0c
[ 1789.088321][T32173] syz-executor.5  S29824  9303   7376 0x00000000
[ 1789.094640][T32173] Call Trace:
[ 1789.097911][T32173]  __schedule+0x8f3/0x1fc0
[ 1789.102312][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1789.107578][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1789.112843][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1789.118278][T32173]  schedule+0xd0/0x2a0
[ 1789.122327][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1789.127413][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1789.132853][T32173]  futex_wait+0x1e2/0x550
[ 1789.137178][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1789.142183][T32173]  ? print_usage_bug+0x240/0x240
[ 1789.147099][T32173]  ? hash_futex+0x10/0x200
[ 1789.151494][T32173]  ? futex_wake+0x153/0x480
[ 1789.155983][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1789.161961][T32173]  ? do_wp_page+0x512/0x1440
[ 1789.166544][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1789.172501][T32173]  do_futex+0x15f/0x1ad0
[ 1789.176726][T32173]  ? find_held_lock+0x2d/0x110
[ 1789.181490][T32173]  ? futex_exit_release+0x60/0x60
[ 1789.186493][T32173]  ? lock_downgrade+0x840/0x840
[ 1789.191334][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1789.196185][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1789.202150][T32173]  ? __might_fault+0x190/0x1d0
[ 1789.206893][T32173]  ? _copy_to_user+0x126/0x160
[ 1789.211645][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1789.216395][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1789.220877][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1789.226328][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1789.232362][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1789.237067][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1789.243057][T32173]  do_syscall_64+0xf6/0x7d0
[ 1789.247578][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1789.253451][T32173] RIP: 0033:0x45ca59
[ 1789.257327][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1789.276907][T32173] RSP: 002b:00007f656341ecf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1789.285294][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1789.293258][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1789.301230][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1789.309194][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1789.317157][T32173] R13: 0000000000c9fb6f R14: 00007f656341f9c0 R15: 000000000078bf0c
[ 1789.325121][T32173] syz-executor.5  S29824  9308   7376 0x00000000
[ 1789.331521][T32173] Call Trace:
[ 1789.334791][T32173]  __schedule+0x8f3/0x1fc0
[ 1789.339189][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1789.344457][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1789.349740][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1789.355181][T32173]  schedule+0xd0/0x2a0
[ 1789.359229][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1789.364343][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1789.369798][T32173]  ? find_held_lock+0x2d/0x110
[ 1789.374560][T32173]  futex_wait+0x1e2/0x550
[ 1789.378878][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1789.383884][T32173]  ? print_usage_bug+0x240/0x240
[ 1789.388801][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1789.393979][T32173]  ? futex_wake+0x153/0x480
[ 1789.398472][T32173]  ? do_wp_page+0x512/0x1440
[ 1789.403042][T32173]  do_futex+0x15f/0x1ad0
[ 1789.407284][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1789.412468][T32173]  ? _raw_spin_unlock+0x24/0x40
[ 1789.417318][T32173]  ? futex_exit_release+0x60/0x60
[ 1789.422414][T32173]  ? do_page_fault+0x5ad/0x13d4
[ 1789.427262][T32173]  ? lock_downgrade+0x840/0x840
[ 1789.432092][T32173]  ? handle_mm_fault+0xcbc/0x3c10
[ 1789.437105][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1789.441853][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1789.446390][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1789.451826][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1789.457782][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1789.462437][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1789.468398][T32173]  do_syscall_64+0xf6/0x7d0
[ 1789.472881][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1789.478751][T32173] RIP: 0033:0x45ca59
[ 1789.482626][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1789.502223][T32173] RSP: 002b:00007f65633fdcf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1789.510610][T32173] RAX: ffffffffffffffda RBX: 000000000078bfa8 RCX: 000000000045ca59
[ 1789.518557][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bfa8
[ 1789.526505][T32173] RBP: 000000000078bfa0 R08: 0000000000000000 R09: 0000000000000000
[ 1789.534472][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bfac
[ 1789.542422][T32173] R13: 0000000000c9fb6f R14: 00007f65633fe9c0 R15: 000000000078bfac
[ 1789.550382][T32173] syz-executor.5  S29824  9324   7376 0x00000000
[ 1789.556703][T32173] Call Trace:
[ 1789.559974][T32173]  __schedule+0x8f3/0x1fc0
[ 1789.564370][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1789.569636][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1789.574917][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1789.580356][T32173]  schedule+0xd0/0x2a0
[ 1789.584405][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1789.589580][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1789.595015][T32173]  ? find_held_lock+0x2d/0x110
[ 1789.599784][T32173]  futex_wait+0x1e2/0x550
[ 1789.604096][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1789.609095][T32173]  ? print_usage_bug+0x240/0x240
[ 1789.614012][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1789.619206][T32173]  ? futex_wake+0x153/0x480
[ 1789.623697][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1789.629654][T32173]  ? do_wp_page+0x512/0x1440
[ 1789.634223][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1789.640182][T32173]  do_futex+0x15f/0x1ad0
[ 1789.644429][T32173]  ? find_held_lock+0x2d/0x110
[ 1789.649175][T32173]  ? futex_exit_release+0x60/0x60
[ 1789.654198][T32173]  ? lock_downgrade+0x840/0x840
[ 1789.659030][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1789.663861][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1789.669838][T32173]  ? __might_fault+0x190/0x1d0
[ 1789.674590][T32173]  ? _copy_to_user+0x126/0x160
[ 1789.679339][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1789.684088][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1789.688637][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1789.694074][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1789.700030][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1789.704685][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1789.710641][T32173]  do_syscall_64+0xf6/0x7d0
[ 1789.715125][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1789.720993][T32173] RIP: 0033:0x45ca59
[ 1789.724951][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1789.744569][T32173] RSP: 002b:00007f656341ecf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1789.752994][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1789.760942][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1789.768888][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1789.776837][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1789.784784][T32173] R13: 0000000000c9fb6f R14: 00007f656341f9c0 R15: 000000000078bf0c
[ 1789.792749][T32173] syz-executor.5  S29824  9338   7376 0x00000000
[ 1789.799060][T32173] Call Trace:
[ 1789.802332][T32173]  __schedule+0x8f3/0x1fc0
[ 1789.806724][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1789.812032][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1789.817297][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1789.822734][T32173]  schedule+0xd0/0x2a0
[ 1789.826800][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1789.831895][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1789.837333][T32173]  futex_wait+0x1e2/0x550
[ 1789.841648][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1789.846650][T32173]  ? print_usage_bug+0x240/0x240
[ 1789.851566][T32173]  ? hash_futex+0x10/0x200
[ 1789.855960][T32173]  ? futex_wake+0x153/0x480
[ 1789.860448][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1789.866430][T32173]  ? do_wp_page+0x512/0x1440
[ 1789.870997][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1789.876956][T32173]  do_futex+0x15f/0x1ad0
[ 1789.881181][T32173]  ? find_held_lock+0x2d/0x110
[ 1789.885923][T32173]  ? futex_exit_release+0x60/0x60
[ 1789.890926][T32173]  ? lock_downgrade+0x840/0x840
[ 1789.895754][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1789.900599][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1789.906564][T32173]  ? __might_fault+0x190/0x1d0
[ 1789.911312][T32173]  ? _copy_to_user+0x126/0x160
[ 1789.916062][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1789.920806][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1789.925315][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1789.930756][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1789.936714][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1789.941368][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1789.947328][T32173]  do_syscall_64+0xf6/0x7d0
[ 1789.951853][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1789.957724][T32173] RIP: 0033:0x45ca59
[ 1789.961612][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1789.981197][T32173] RSP: 002b:00007f656341ecf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1789.989627][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1789.997596][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1790.005545][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1790.013491][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1790.021437][T32173] R13: 0000000000c9fb6f R14: 00007f656341f9c0 R15: 000000000078bf0c
[ 1790.029400][T32173] syz-executor.4  S29824  9343   7358 0x00000000
[ 1790.035707][T32173] Call Trace:
[ 1790.038979][T32173]  __schedule+0x8f3/0x1fc0
[ 1790.043373][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1790.048636][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1790.053939][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1790.059427][T32173]  schedule+0xd0/0x2a0
[ 1790.063475][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1790.068562][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1790.074019][T32173]  futex_wait+0x1e2/0x550
[ 1790.078328][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1790.083329][T32173]  ? print_usage_bug+0x240/0x240
[ 1790.088247][T32173]  ? hash_futex+0x10/0x200
[ 1790.092641][T32173]  ? futex_wake+0x153/0x480
[ 1790.097143][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1790.103100][T32173]  ? do_wp_page+0x512/0x1440
[ 1790.107664][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1790.113622][T32173]  do_futex+0x15f/0x1ad0
[ 1790.117848][T32173]  ? find_held_lock+0x2d/0x110
[ 1790.122592][T32173]  ? futex_exit_release+0x60/0x60
[ 1790.127594][T32173]  ? lock_downgrade+0x840/0x840
[ 1790.132422][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1790.137272][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1790.143239][T32173]  ? __might_fault+0x190/0x1d0
[ 1790.147981][T32173]  ? _copy_to_user+0x126/0x160
[ 1790.152728][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1790.157469][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1790.161953][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1790.167386][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1790.173343][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1790.178011][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1790.183970][T32173]  do_syscall_64+0xf6/0x7d0
[ 1790.188452][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1790.194331][T32173] RIP: 0033:0x45ca59
[ 1790.198219][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1790.217796][T32173] RSP: 002b:00007fc7e9ef2cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1790.226199][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1790.234170][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1790.242127][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1790.250080][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1790.258036][T32173] R13: 0000000000c9fb6f R14: 00007fc7e9ef39c0 R15: 000000000078bf0c
[ 1790.266008][T32173] syz-executor.1  S29824  9347   6929 0x00000000
[ 1790.272323][T32173] Call Trace:
[ 1790.275640][T32173]  __schedule+0x8f3/0x1fc0
[ 1790.280076][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1790.285348][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1790.290612][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1790.296052][T32173]  schedule+0xd0/0x2a0
[ 1790.300141][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1790.305230][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1790.310662][T32173]  ? find_held_lock+0x2d/0x110
[ 1790.315450][T32173]  futex_wait+0x1e2/0x550
[ 1790.319759][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1790.324762][T32173]  ? print_usage_bug+0x240/0x240
[ 1790.329721][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1790.335013][T32173]  ? futex_wake+0x153/0x480
[ 1790.339511][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1790.345490][T32173]  ? do_wp_page+0x512/0x1440
[ 1790.350074][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1790.356033][T32173]  do_futex+0x15f/0x1ad0
[ 1790.360263][T32173]  ? find_held_lock+0x2d/0x110
[ 1790.365005][T32173]  ? futex_exit_release+0x60/0x60
[ 1790.370007][T32173]  ? lock_downgrade+0x840/0x840
[ 1790.374838][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1790.379681][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1790.385667][T32173]  ? __might_fault+0x190/0x1d0
[ 1790.390465][T32173]  ? _copy_to_user+0x126/0x160
[ 1790.395220][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1790.399973][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1790.404461][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1790.409949][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1790.415910][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1790.420668][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1790.426669][T32173]  do_syscall_64+0xf6/0x7d0
[ 1790.431155][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1790.437022][T32173] RIP: 0033:0x45ca59
[ 1790.440936][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1790.460528][T32173] RSP: 002b:00007f7591596cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1790.468933][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1790.476899][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1790.484847][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1790.492804][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1790.500751][T32173] R13: 0000000000c9fb6f R14: 00007f75915979c0 R15: 000000000078bf0c
[ 1790.508714][T32173] syz-executor.5  S29824  9350   7376 0x00000000
[ 1790.515055][T32173] Call Trace:
[ 1790.518325][T32173]  __schedule+0x8f3/0x1fc0
[ 1790.522718][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1790.527995][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1790.533347][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1790.538805][T32173]  schedule+0xd0/0x2a0
[ 1790.542855][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1790.547943][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1790.553384][T32173]  futex_wait+0x1e2/0x550
[ 1790.557694][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1790.562697][T32173]  ? print_usage_bug+0x240/0x240
[ 1790.567623][T32173]  ? hash_futex+0x10/0x200
[ 1790.572044][T32173]  ? futex_wake+0x153/0x480
[ 1790.576535][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1790.582491][T32173]  ? do_wp_page+0x512/0x1440
[ 1790.587077][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1790.593035][T32173]  do_futex+0x15f/0x1ad0
[ 1790.597262][T32173]  ? find_held_lock+0x2d/0x110
[ 1790.602006][T32173]  ? futex_exit_release+0x60/0x60
[ 1790.607008][T32173]  ? lock_downgrade+0x840/0x840
[ 1790.611836][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1790.616663][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1790.622624][T32173]  ? __might_fault+0x190/0x1d0
[ 1790.627366][T32173]  ? _copy_to_user+0x126/0x160
[ 1790.632111][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1790.636854][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1790.641337][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1790.646791][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1790.652748][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1790.657399][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1790.663363][T32173]  do_syscall_64+0xf6/0x7d0
[ 1790.667846][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1790.673715][T32173] RIP: 0033:0x45ca59
[ 1790.677586][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1790.697162][T32173] RSP: 002b:00007f656341ecf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1790.705560][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1790.713507][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1790.721454][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1790.729400][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1790.737379][T32173] R13: 0000000000c9fb6f R14: 00007f656341f9c0 R15: 000000000078bf0c
[ 1790.745365][T32173] syz-executor.4  S29824  9359   7358 0x00000000
[ 1790.751695][T32173] Call Trace:
[ 1790.754967][T32173]  __schedule+0x8f3/0x1fc0
[ 1790.759361][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1790.764728][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1790.769991][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1790.775430][T32173]  schedule+0xd0/0x2a0
[ 1790.779478][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1790.784566][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1790.790016][T32173]  ? find_held_lock+0x2d/0x110
[ 1790.794777][T32173]  futex_wait+0x1e2/0x550
[ 1790.799087][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1790.804088][T32173]  ? print_usage_bug+0x240/0x240
[ 1790.809001][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1790.814177][T32173]  ? futex_wake+0x153/0x480
[ 1790.818666][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1790.824624][T32173]  ? do_wp_page+0x512/0x1440
[ 1790.829192][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1790.835163][T32173]  do_futex+0x15f/0x1ad0
[ 1790.839389][T32173]  ? find_held_lock+0x2d/0x110
[ 1790.844131][T32173]  ? futex_exit_release+0x60/0x60
[ 1790.849133][T32173]  ? lock_downgrade+0x840/0x840
[ 1790.853963][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1790.858790][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1790.864759][T32173]  ? __might_fault+0x190/0x1d0
[ 1790.869512][T32173]  ? _copy_to_user+0x126/0x160
[ 1790.874264][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1790.879008][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1790.883493][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1790.888925][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1790.894881][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1790.899548][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1790.905508][T32173]  do_syscall_64+0xf6/0x7d0
[ 1790.909988][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1790.915855][T32173] RIP: 0033:0x45ca59
[ 1790.919725][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1790.939323][T32173] RSP: 002b:00007fc7e9ef2cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1790.947708][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1790.955656][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1790.963617][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1790.971569][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1790.979517][T32173] R13: 0000000000c9fb6f R14: 00007fc7e9ef39c0 R15: 000000000078bf0c
[ 1790.987495][T32173] syz-executor.1  S29824  9369   6929 0x00000000
[ 1790.993805][T32173] Call Trace:
[ 1790.997092][T32173]  __schedule+0x8f3/0x1fc0
[ 1791.001485][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1791.006747][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1791.012030][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1791.017466][T32173]  schedule+0xd0/0x2a0
[ 1791.021515][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1791.026620][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1791.032061][T32173]  futex_wait+0x1e2/0x550
[ 1791.036368][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1791.041370][T32173]  ? print_usage_bug+0x240/0x240
[ 1791.046285][T32173]  ? hash_futex+0x10/0x200
[ 1791.050698][T32173]  ? futex_wake+0x153/0x480
[ 1791.055187][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1791.061143][T32173]  ? do_wp_page+0x512/0x1440
[ 1791.065813][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1791.071788][T32173]  do_futex+0x15f/0x1ad0
[ 1791.076015][T32173]  ? find_held_lock+0x2d/0x110
[ 1791.080754][T32173]  ? futex_exit_release+0x60/0x60
[ 1791.085755][T32173]  ? lock_downgrade+0x840/0x840
[ 1791.090582][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1791.095408][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1791.101372][T32173]  ? __might_fault+0x190/0x1d0
[ 1791.106111][T32173]  ? _copy_to_user+0x126/0x160
[ 1791.110964][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1791.115706][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1791.120187][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1791.125640][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1791.131596][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1791.136248][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1791.142207][T32173]  do_syscall_64+0xf6/0x7d0
[ 1791.146687][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1791.152552][T32173] RIP: 0033:0x45ca59
[ 1791.156422][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1791.176000][T32173] RSP: 002b:00007f7591596cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1791.184412][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1791.192378][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1791.200340][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1791.208352][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1791.216448][T32173] R13: 0000000000c9fb6f R14: 00007f75915979c0 R15: 000000000078bf0c
[ 1791.224416][T32173] syz-executor.4  S29824  9382   7358 0x00000000
[ 1791.230728][T32173] Call Trace:
[ 1791.234012][T32173]  __schedule+0x8f3/0x1fc0
[ 1791.238409][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1791.243689][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1791.249012][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1791.254503][T32173]  schedule+0xd0/0x2a0
[ 1791.258557][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1791.263649][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1791.269087][T32173]  ? find_held_lock+0x2d/0x110
[ 1791.273885][T32173]  futex_wait+0x1e2/0x550
[ 1791.278207][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1791.283214][T32173]  ? print_usage_bug+0x240/0x240
[ 1791.288132][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1791.293310][T32173]  ? futex_wake+0x153/0x480
[ 1791.297801][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1791.303804][T32173]  ? do_wp_page+0x512/0x1440
[ 1791.308370][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1791.314371][T32173]  do_futex+0x15f/0x1ad0
[ 1791.318599][T32173]  ? find_held_lock+0x2d/0x110
[ 1791.323343][T32173]  ? futex_exit_release+0x60/0x60
[ 1791.328346][T32173]  ? lock_downgrade+0x840/0x840
[ 1791.333174][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1791.338055][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1791.344040][T32173]  ? __might_fault+0x190/0x1d0
[ 1791.348781][T32173]  ? _copy_to_user+0x126/0x160
[ 1791.353542][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1791.358374][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1791.362859][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1791.368291][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1791.374266][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1791.378920][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1791.384880][T32173]  do_syscall_64+0xf6/0x7d0
[ 1791.389362][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1791.395242][T32173] RIP: 0033:0x45ca59
[ 1791.399118][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1791.418752][T32173] RSP: 002b:00007fc7e9ef2cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1791.427147][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1791.435101][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1791.443051][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1791.451036][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1791.458988][T32173] R13: 0000000000c9fb6f R14: 00007fc7e9ef39c0 R15: 000000000078bf0c
[ 1791.466962][T32173] syz-executor.1  S29824  9388   6929 0x00000000
[ 1791.473315][T32173] Call Trace:
[ 1791.476589][T32173]  __schedule+0x8f3/0x1fc0
[ 1791.480985][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1791.486254][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1791.491521][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1791.496957][T32173]  schedule+0xd0/0x2a0
[ 1791.501004][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1791.506212][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1791.511666][T32173]  futex_wait+0x1e2/0x550
[ 1791.515978][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1791.521037][T32173]  ? print_usage_bug+0x240/0x240
[ 1791.526002][T32173]  ? hash_futex+0x10/0x200
[ 1791.530449][T32173]  ? futex_wake+0x153/0x480
[ 1791.534943][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1791.540904][T32173]  ? do_wp_page+0x512/0x1440
[ 1791.545475][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1791.551434][T32173]  do_futex+0x15f/0x1ad0
[ 1791.555726][T32173]  ? find_held_lock+0x2d/0x110
[ 1791.560469][T32173]  ? futex_exit_release+0x60/0x60
[ 1791.565473][T32173]  ? lock_downgrade+0x840/0x840
[ 1791.570301][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1791.575142][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1791.581174][T32173]  ? __might_fault+0x190/0x1d0
[ 1791.585977][T32173]  ? _copy_to_user+0x126/0x160
[ 1791.590741][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1791.595485][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1791.599965][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1791.605398][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1791.611358][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1791.616013][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1791.621990][T32173]  do_syscall_64+0xf6/0x7d0
[ 1791.626477][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1791.632346][T32173] RIP: 0033:0x45ca59
[ 1791.636220][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1791.655813][T32173] RSP: 002b:00007f7591596cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1791.664200][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1791.672151][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1791.680096][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1791.688041][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1791.696004][T32173] R13: 0000000000c9fb6f R14: 00007f75915979c0 R15: 000000000078bf0c
[ 1791.703972][T32173] syz-executor.1  S29824  9682   6929 0x00000000
[ 1791.710280][T32173] Call Trace:
[ 1791.713551][T32173]  __schedule+0x8f3/0x1fc0
[ 1791.717951][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1791.723217][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1791.728497][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1791.733934][T32173]  schedule+0xd0/0x2a0
[ 1791.737998][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1791.743085][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1791.748523][T32173]  futex_wait+0x1e2/0x550
[ 1791.752850][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1791.757852][T32173]  ? print_usage_bug+0x240/0x240
[ 1791.762780][T32173]  ? hash_futex+0x10/0x200
[ 1791.767172][T32173]  ? futex_wake+0x153/0x480
[ 1791.771667][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1791.777620][T32173]  ? mark_lock+0x11f/0xdd0
[ 1791.782030][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1791.787985][T32173]  do_futex+0x15f/0x1ad0
[ 1791.792215][T32173]  ? find_held_lock+0x2d/0x110
[ 1791.796956][T32173]  ? futex_exit_release+0x60/0x60
[ 1791.801959][T32173]  ? lock_downgrade+0x840/0x840
[ 1791.806787][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1791.811614][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1791.817595][T32173]  ? __might_fault+0x190/0x1d0
[ 1791.822353][T32173]  ? _copy_to_user+0x126/0x160
[ 1791.827096][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1791.831841][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1791.836321][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1791.841755][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1791.847728][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1791.852384][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1791.858341][T32173]  do_syscall_64+0xf6/0x7d0
[ 1791.862824][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1791.868718][T32173] RIP: 0033:0x45ca59
[ 1791.872590][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1791.892170][T32173] RSP: 002b:00007f7591596cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1791.900554][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1791.908518][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1791.916464][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1791.924410][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1791.932357][T32173] R13: 0000000000c9fb6f R14: 00007f75915979c0 R15: 000000000078bf0c
[ 1791.940319][T32173] syz-executor.1  S28120  9744   6929 0x00000000
[ 1791.946642][T32173] Call Trace:
[ 1791.949915][T32173]  __schedule+0x8f3/0x1fc0
[ 1791.954323][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1791.959586][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1791.964852][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1791.970287][T32173]  schedule+0xd0/0x2a0
[ 1791.974335][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1791.979422][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1791.984871][T32173]  ? find_held_lock+0x2d/0x110
[ 1791.989628][T32173]  futex_wait+0x1e2/0x550
[ 1791.993941][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1791.998941][T32173]  ? print_usage_bug+0x240/0x240
[ 1792.003858][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1792.009032][T32173]  ? futex_wake+0x153/0x480
[ 1792.013520][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1792.019477][T32173]  ? trace_hardirqs_off+0x50/0x220
[ 1792.024569][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1792.034279][T32173]  do_futex+0x15f/0x1ad0
[ 1792.038522][T32173]  ? find_held_lock+0x2d/0x110
[ 1792.043265][T32173]  ? futex_exit_release+0x60/0x60
[ 1792.048284][T32173]  ? compat_rw_copy_check_uvector+0x4a0/0x4a0
[ 1792.054344][T32173]  ? lock_downgrade+0x840/0x840
[ 1792.059186][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1792.064013][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1792.069991][T32173]  ? __might_fault+0x190/0x1d0
[ 1792.074732][T32173]  ? _copy_to_user+0x126/0x160
[ 1792.079480][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1792.084225][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1792.088704][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1792.094138][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1792.100096][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1792.104751][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1792.110711][T32173]  do_syscall_64+0xf6/0x7d0
[ 1792.115208][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1792.121073][T32173] RIP: 0033:0x45ca59
[ 1792.124957][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1792.144535][T32173] RSP: 002b:00007f7591596cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1792.152935][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1792.160883][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1792.168850][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1792.176796][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1792.184744][T32173] R13: 0000000000c9fb6f R14: 00007f75915979c0 R15: 000000000078bf0c
[ 1792.192721][T32173] syz-executor.4  T29832 10278   7358 0x00004004
[ 1792.199028][T32173] Call Trace:
[ 1792.202297][T32173]  __schedule+0x8f3/0x1fc0
[ 1792.206694][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1792.211957][T32173]  ? _raw_spin_unlock_irq+0x1f/0x80
[ 1792.217130][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1792.223110][T32173]  schedule+0xd0/0x2a0
[ 1792.227158][T32173]  do_signal_stop+0x31d/0x840
[ 1792.231818][T32173]  get_signal+0x100d/0x2510
[ 1792.236324][T32173]  do_signal+0x81/0x2240
[ 1792.240549][T32173]  ? check_kill_permission+0x53/0x540
[ 1792.245912][T32173]  ? copy_siginfo_to_user32+0xa0/0xa0
[ 1792.251269][T32173]  ? do_rt_tgsigqueueinfo+0xab/0x100
[ 1792.256547][T32173]  ? exit_to_usermode_loop+0x36/0x360
[ 1792.261913][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1792.267876][T32173]  exit_to_usermode_loop+0x26c/0x360
[ 1792.273144][T32173]  do_syscall_64+0x6b1/0x7d0
[ 1792.277716][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1792.283586][T32173] RIP: 0033:0x45ca59
[ 1792.287459][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1792.307038][T32173] RSP: 002b:00007fc7e9ef2c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000129
[ 1792.315425][T32173] RAX: 0000000000000000 RBX: 00000000004fc6a0 RCX: 000000000045ca59
[ 1792.323381][T32173] RDX: 0000000000000014 RSI: 0000000000000dd0 RDI: 0000000000000dd0
[ 1792.331415][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1792.339363][T32173] R10: 0000000020001180 R11: 0000000000000246 R12: 00000000ffffffff
[ 1792.347363][T32173] R13: 00000000000008d0 R14: 00000000004cba6f R15: 00007fc7e9ef36d4
[ 1792.355384][T32173] syz-executor.4  T29832 10288   7358 0x00004004
[ 1792.361704][T32173] Call Trace:
[ 1792.364983][T32173]  __schedule+0x8f3/0x1fc0
[ 1792.369441][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1792.374707][T32173]  ? _raw_spin_unlock_irq+0x1f/0x80
[ 1792.379886][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1792.385848][T32173]  schedule+0xd0/0x2a0
[ 1792.389895][T32173]  do_signal_stop+0x31d/0x840
[ 1792.394554][T32173]  get_signal+0x100d/0x2510
[ 1792.399379][T32173]  do_signal+0x81/0x2240
[ 1792.403600][T32173]  ? check_kill_permission+0x53/0x540
[ 1792.408995][T32173]  ? copy_siginfo_to_user32+0xa0/0xa0
[ 1792.414411][T32173]  ? do_rt_tgsigqueueinfo+0xab/0x100
[ 1792.419698][T32173]  ? exit_to_usermode_loop+0x36/0x360
[ 1792.425061][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1792.431072][T32173]  exit_to_usermode_loop+0x26c/0x360
[ 1792.436382][T32173]  do_syscall_64+0x6b1/0x7d0
[ 1792.440994][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1792.446865][T32173] RIP: 0033:0x45ca59
[ 1792.450736][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1792.470317][T32173] RSP: 002b:00007fc7e9ef2c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000129
[ 1792.478717][T32173] RAX: 0000000000000000 RBX: 00000000004fc6a0 RCX: 000000000045ca59
[ 1792.486677][T32173] RDX: 0000000000000014 RSI: 0000000000000dd5 RDI: 0000000000000dd5
[ 1792.494633][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1792.502694][T32173] R10: 0000000020001180 R11: 0000000000000246 R12: 00000000ffffffff
[ 1792.510649][T32173] R13: 00000000000008d0 R14: 00000000004cba6f R15: 00007fc7e9ef36d4
[ 1792.518621][T32173] syz-executor.4  T29832 10312   7358 0x00004004
[ 1792.524970][T32173] Call Trace:
[ 1792.528264][T32173]  __schedule+0x8f3/0x1fc0
[ 1792.532712][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1792.537974][T32173]  ? _raw_spin_unlock_irq+0x1f/0x80
[ 1792.543153][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1792.549113][T32173]  schedule+0xd0/0x2a0
[ 1792.553181][T32173]  do_signal_stop+0x31d/0x840
[ 1792.557840][T32173]  get_signal+0x100d/0x2510
[ 1792.562334][T32173]  do_signal+0x81/0x2240
[ 1792.566556][T32173]  ? check_kill_permission+0x53/0x540
[ 1792.571911][T32173]  ? copy_siginfo_to_user32+0xa0/0xa0
[ 1792.577309][T32173]  ? do_rt_tgsigqueueinfo+0xab/0x100
[ 1792.582582][T32173]  ? exit_to_usermode_loop+0x36/0x360
[ 1792.587931][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1792.593891][T32173]  exit_to_usermode_loop+0x26c/0x360
[ 1792.599155][T32173]  do_syscall_64+0x6b1/0x7d0
[ 1792.603724][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1792.609604][T32173] RIP: 0033:0x45ca59
[ 1792.613517][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1792.633097][T32173] RSP: 002b:00007fc7e9ef2c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000129
[ 1792.641486][T32173] RAX: 0000000000000000 RBX: 00000000004fc6a0 RCX: 000000000045ca59
[ 1792.649482][T32173] RDX: 0000000000000014 RSI: 0000000000000ddb RDI: 0000000000000ddb
[ 1792.657437][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1792.665393][T32173] R10: 0000000020001180 R11: 0000000000000246 R12: 00000000ffffffff
[ 1792.673345][T32173] R13: 00000000000008d0 R14: 00000000004cba6f R15: 00007fc7e9ef36d4
[ 1792.681311][T32173] syz-executor.4  T29832 10316   7358 0x00004004
[ 1792.687623][T32173] Call Trace:
[ 1792.690939][T32173]  __schedule+0x8f3/0x1fc0
[ 1792.695342][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1792.700604][T32173]  ? _raw_spin_unlock_irq+0x1f/0x80
[ 1792.705786][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1792.711747][T32173]  schedule+0xd0/0x2a0
[ 1792.715794][T32173]  do_signal_stop+0x31d/0x840
[ 1792.720451][T32173]  get_signal+0x100d/0x2510
[ 1792.724942][T32173]  do_signal+0x81/0x2240
[ 1792.729181][T32173]  ? check_kill_permission+0x53/0x540
[ 1792.734534][T32173]  ? copy_siginfo_to_user32+0xa0/0xa0
[ 1792.739886][T32173]  ? do_rt_tgsigqueueinfo+0xab/0x100
[ 1792.745159][T32173]  ? exit_to_usermode_loop+0x36/0x360
[ 1792.750509][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1792.756469][T32173]  exit_to_usermode_loop+0x26c/0x360
[ 1792.761762][T32173]  do_syscall_64+0x6b1/0x7d0
[ 1792.766331][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1792.772198][T32173] RIP: 0033:0x45ca59
[ 1792.776070][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1792.795752][T32173] RSP: 002b:00007fc7e9ef2c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000129
[ 1792.804136][T32173] RAX: 0000000000000000 RBX: 00000000004fc6a0 RCX: 000000000045ca59
[ 1792.812082][T32173] RDX: 0000000000000014 RSI: 0000000000000dde RDI: 0000000000000dde
[ 1792.820026][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1792.827973][T32173] R10: 0000000020001180 R11: 0000000000000246 R12: 00000000ffffffff
[ 1792.835921][T32173] R13: 00000000000008d0 R14: 00000000004cba6f R15: 00007fc7e9ef36d4
[ 1792.843901][T32173] syz-executor.4  T29856 10327   7358 0x00004004
[ 1792.850211][T32173] Call Trace:
[ 1792.853497][T32173]  __schedule+0x8f3/0x1fc0
[ 1792.857895][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1792.863172][T32173]  ? _raw_spin_unlock_irq+0x1f/0x80
[ 1792.868348][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1792.874307][T32173]  schedule+0xd0/0x2a0
[ 1792.878372][T32173]  do_signal_stop+0x31d/0x840
[ 1792.883031][T32173]  get_signal+0x100d/0x2510
[ 1792.887521][T32173]  do_signal+0x81/0x2240
[ 1792.891752][T32173]  ? copy_siginfo_to_user32+0xa0/0xa0
[ 1792.897101][T32173]  ? do_rt_tgsigqueueinfo+0xab/0x100
[ 1792.902370][T32173]  ? exit_to_usermode_loop+0x36/0x360
[ 1792.907717][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1792.913695][T32173]  exit_to_usermode_loop+0x26c/0x360
[ 1792.918960][T32173]  do_syscall_64+0x6b1/0x7d0
[ 1792.923533][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1792.929398][T32173] RIP: 0033:0x45ca59
[ 1792.933271][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1792.952849][T32173] RSP: 002b:00007fc7e9ef2c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000129
[ 1792.961236][T32173] RAX: 0000000000000000 RBX: 00000000004fc6a0 RCX: 000000000045ca59
[ 1792.969181][T32173] RDX: 0000000000000014 RSI: 0000000000000de1 RDI: 0000000000000de1
[ 1792.977129][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1792.985076][T32173] R10: 0000000020001180 R11: 0000000000000246 R12: 00000000ffffffff
[ 1792.993024][T32173] R13: 00000000000008d0 R14: 00000000004cba6f R15: 00007fc7e9ef36d4
[ 1793.001003][T32173] syz-executor.2  S29928 11126   7087 0x00000000
[ 1793.007480][T32173] Call Trace:
[ 1793.010762][T32173]  __schedule+0x8f3/0x1fc0
[ 1793.015160][T32173]  ? _raw_spin_unlock_irqrestore+0x62/0xe0
[ 1793.020954][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1793.026227][T32173]  ? wait_for_completion+0x270/0x270
[ 1793.031535][T32173]  schedule+0xd0/0x2a0
[ 1793.035586][T32173]  pipe_wait+0x155/0x240
[ 1793.039806][T32173]  ? pipe_double_lock+0x1e0/0x1e0
[ 1793.044809][T32173]  ? finish_wait+0x260/0x260
[ 1793.049379][T32173]  ? __mutex_lock+0x460/0x13c0
[ 1793.054135][T32173]  ? finish_wait+0x260/0x260
[ 1793.058718][T32173]  ? lock_downgrade+0x840/0x840
[ 1793.063602][T32173]  splice_from_pipe_next.part.0+0xde/0x350
[ 1793.069393][T32173]  __splice_from_pipe+0x119/0x7c0
[ 1793.074417][T32173]  ? iter_to_pipe+0x5c0/0x5c0
[ 1793.079074][T32173]  do_vmsplice.part.0+0x223/0x280
[ 1793.084076][T32173]  ? __splice_from_pipe+0x7c0/0x7c0
[ 1793.089252][T32173]  ? lock_downgrade+0x840/0x840
[ 1793.094098][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1793.098930][T32173]  __do_sys_vmsplice+0x1bc/0x210
[ 1793.103864][T32173]  ? do_vmsplice.part.0+0x280/0x280
[ 1793.109040][T32173]  ? _copy_to_user+0x126/0x160
[ 1793.113782][T32173]  ? put_timespec64+0xcb/0x120
[ 1793.118520][T32173]  ? ns_to_kernel_old_timeval+0x100/0x100
[ 1793.124216][T32173]  ? __x64_sys_futex+0x380/0x4f0
[ 1793.129137][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1793.134588][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1793.140545][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1793.145215][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1793.151175][T32173]  do_syscall_64+0xf6/0x7d0
[ 1793.155684][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1793.161560][T32173] RIP: 0033:0x45ca59
[ 1793.165438][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1793.185039][T32173] RSP: 002b:00007f8cd7fe7c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000116
[ 1793.193432][T32173] RAX: ffffffffffffffda RBX: 000000000050b120 RCX: 000000000045ca59
[ 1793.201923][T32173] RDX: 0000000000000001 RSI: 0000000020000040 RDI: 0000000000000003
[ 1793.209886][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1793.217833][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff
[ 1793.225800][T32173] R13: 0000000000000c7a R14: 00000000004cece4 R15: 00007f8cd7fe86d4
[ 1793.233765][T32173] syz-executor.2  S29824 11191   7087 0x00000000
[ 1793.240076][T32173] Call Trace:
[ 1793.243351][T32173]  __schedule+0x8f3/0x1fc0
[ 1793.247768][T32173]  ? _raw_spin_unlock_irqrestore+0x62/0xe0
[ 1793.253573][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1793.258846][T32173]  ? wait_for_completion+0x270/0x270
[ 1793.264113][T32173]  schedule+0xd0/0x2a0
[ 1793.268164][T32173]  pipe_wait+0x155/0x240
[ 1793.272385][T32173]  ? pipe_double_lock+0x1e0/0x1e0
[ 1793.277388][T32173]  ? finish_wait+0x260/0x260
[ 1793.281962][T32173]  ? __mutex_lock+0x460/0x13c0
[ 1793.286703][T32173]  ? finish_wait+0x260/0x260
[ 1793.291272][T32173]  ? lock_downgrade+0x840/0x840
[ 1793.296106][T32173]  splice_from_pipe_next.part.0+0xde/0x350
[ 1793.301934][T32173]  __splice_from_pipe+0x119/0x7c0
[ 1793.306943][T32173]  ? iter_to_pipe+0x5c0/0x5c0
[ 1793.311604][T32173]  do_vmsplice.part.0+0x223/0x280
[ 1793.316605][T32173]  ? __splice_from_pipe+0x7c0/0x7c0
[ 1793.321859][T32173]  ? lock_downgrade+0x840/0x840
[ 1793.326687][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1793.331558][T32173]  __do_sys_vmsplice+0x1bc/0x210
[ 1793.336489][T32173]  ? do_vmsplice.part.0+0x280/0x280
[ 1793.341680][T32173]  ? _copy_to_user+0x126/0x160
[ 1793.346420][T32173]  ? put_timespec64+0xcb/0x120
[ 1793.351180][T32173]  ? ns_to_kernel_old_timeval+0x100/0x100
[ 1793.356877][T32173]  ? __x64_sys_futex+0x380/0x4f0
[ 1793.361819][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1793.367252][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1793.373210][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1793.377861][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1793.383823][T32173]  do_syscall_64+0xf6/0x7d0
[ 1793.388304][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1793.394173][T32173] RIP: 0033:0x45ca59
[ 1793.398046][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1793.417631][T32173] RSP: 002b:00007f8cd7fe7c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000116
[ 1793.426027][T32173] RAX: ffffffffffffffda RBX: 000000000050b120 RCX: 000000000045ca59
[ 1793.434020][T32173] RDX: 0000000000000001 RSI: 0000000020000040 RDI: 0000000000000003
[ 1793.441975][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1793.449925][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff
[ 1793.457894][T32173] R13: 0000000000000c7a R14: 00000000004cece4 R15: 00007f8cd7fe86d4
[ 1793.465867][T32173] syz-executor.1  S27344 11199   6929 0x00000000
[ 1793.472203][T32173] Call Trace:
[ 1793.475477][T32173]  __schedule+0x8f3/0x1fc0
[ 1793.479872][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1793.485139][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1793.490400][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1793.495841][T32173]  schedule+0xd0/0x2a0
[ 1793.499887][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1793.504975][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1793.510443][T32173]  futex_wait+0x1e2/0x550
[ 1793.514784][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1793.519786][T32173]  ? wake_up_q+0xc1/0x140
[ 1793.524092][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1793.529268][T32173]  ? futex_wake+0x153/0x480
[ 1793.533762][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1793.539723][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1793.545681][T32173]  do_futex+0x15f/0x1ad0
[ 1793.549908][T32173]  ? find_held_lock+0x2d/0x110
[ 1793.554652][T32173]  ? futex_exit_release+0x60/0x60
[ 1793.559663][T32173]  ? lock_downgrade+0x840/0x840
[ 1793.564494][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1793.569322][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1793.575287][T32173]  ? __might_fault+0x190/0x1d0
[ 1793.580028][T32173]  ? debug_smp_processor_id+0x2f/0x185
[ 1793.585468][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1793.590230][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1793.594730][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1793.600182][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1793.606140][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1793.610807][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1793.616770][T32173]  do_syscall_64+0xf6/0x7d0
[ 1793.621252][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1793.627117][T32173] RIP: 0033:0x45ca59
[ 1793.631009][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1793.650598][T32173] RSP: 002b:00007f7591596cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1793.658991][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1793.666938][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1793.674887][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1793.682860][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1793.690808][T32173] R13: 0000000000c9fb6f R14: 00007f75915979c0 R15: 000000000078bf0c
[ 1793.698771][T32173] syz-executor.1  S29928 11215   6929 0x00000000
[ 1793.705080][T32173] Call Trace:
[ 1793.708353][T32173]  __schedule+0x8f3/0x1fc0
[ 1793.712747][T32173]  ? _raw_spin_unlock_irqrestore+0x62/0xe0
[ 1793.718533][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1793.723930][T32173]  ? wait_for_completion+0x270/0x270
[ 1793.729215][T32173]  schedule+0xd0/0x2a0
[ 1793.733275][T32173]  pipe_wait+0x155/0x240
[ 1793.737553][T32173]  ? pipe_double_lock+0x1e0/0x1e0
[ 1793.742559][T32173]  ? finish_wait+0x260/0x260
[ 1793.747132][T32173]  ? __mutex_lock+0x460/0x13c0
[ 1793.751879][T32173]  ? finish_wait+0x260/0x260
[ 1793.756453][T32173]  ? lock_downgrade+0x840/0x840
[ 1793.761291][T32173]  splice_from_pipe_next.part.0+0xde/0x350
[ 1793.767127][T32173]  __splice_from_pipe+0x119/0x7c0
[ 1793.772147][T32173]  ? iter_to_pipe+0x5c0/0x5c0
[ 1793.776824][T32173]  do_vmsplice.part.0+0x223/0x280
[ 1793.781828][T32173]  ? __splice_from_pipe+0x7c0/0x7c0
[ 1793.787009][T32173]  ? lock_downgrade+0x840/0x840
[ 1793.791839][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1793.796688][T32173]  __do_sys_vmsplice+0x1bc/0x210
[ 1793.801605][T32173]  ? do_vmsplice.part.0+0x280/0x280
[ 1793.806798][T32173]  ? _copy_to_user+0x126/0x160
[ 1793.811540][T32173]  ? put_timespec64+0xcb/0x120
[ 1793.816281][T32173]  ? ns_to_kernel_old_timeval+0x100/0x100
[ 1793.821977][T32173]  ? __x64_sys_futex+0x380/0x4f0
[ 1793.826897][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1793.832330][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1793.838286][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1793.842942][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1793.848912][T32173]  do_syscall_64+0xf6/0x7d0
[ 1793.853415][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1793.859282][T32173] RIP: 0033:0x45ca59
[ 1793.863154][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1793.882737][T32173] RSP: 002b:00007f7591596c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000116
[ 1793.891127][T32173] RAX: ffffffffffffffda RBX: 000000000050b120 RCX: 000000000045ca59
[ 1793.899088][T32173] RDX: 0000000000000001 RSI: 0000000020000040 RDI: 0000000000000003
[ 1793.907051][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1793.915008][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff
[ 1793.922969][T32173] R13: 0000000000000c7a R14: 00000000004cece4 R15: 00007f75915976d4
[ 1793.930941][T32173] syz-executor.2  S29928 11216   7087 0x00000000
[ 1793.937259][T32173] Call Trace:
[ 1793.940531][T32173]  __schedule+0x8f3/0x1fc0
[ 1793.944926][T32173]  ? _raw_spin_unlock_irqrestore+0x62/0xe0
[ 1793.950713][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1793.955979][T32173]  ? wait_for_completion+0x270/0x270
[ 1793.961244][T32173]  schedule+0xd0/0x2a0
[ 1793.965294][T32173]  pipe_wait+0x155/0x240
[ 1793.969511][T32173]  ? pipe_double_lock+0x1e0/0x1e0
[ 1793.974516][T32173]  ? finish_wait+0x260/0x260
[ 1793.979084][T32173]  ? __mutex_lock+0x460/0x13c0
[ 1793.983826][T32173]  ? finish_wait+0x260/0x260
[ 1793.988414][T32173]  ? lock_downgrade+0x840/0x840
[ 1793.993250][T32173]  splice_from_pipe_next.part.0+0xde/0x350
[ 1793.999038][T32173]  __splice_from_pipe+0x119/0x7c0
[ 1794.004044][T32173]  ? iter_to_pipe+0x5c0/0x5c0
[ 1794.008701][T32173]  do_vmsplice.part.0+0x223/0x280
[ 1794.013702][T32173]  ? __splice_from_pipe+0x7c0/0x7c0
[ 1794.018880][T32173]  ? lock_downgrade+0x840/0x840
[ 1794.023708][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1794.028553][T32173]  __do_sys_vmsplice+0x1bc/0x210
[ 1794.033485][T32173]  ? do_vmsplice.part.0+0x280/0x280
[ 1794.038669][T32173]  ? _copy_to_user+0x126/0x160
[ 1794.043410][T32173]  ? put_timespec64+0xcb/0x120
[ 1794.048147][T32173]  ? ns_to_kernel_old_timeval+0x100/0x100
[ 1794.053860][T32173]  ? __x64_sys_futex+0x380/0x4f0
[ 1794.058779][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1794.064213][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1794.070187][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1794.074873][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1794.080854][T32173]  do_syscall_64+0xf6/0x7d0
[ 1794.085357][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1794.091233][T32173] RIP: 0033:0x45ca59
[ 1794.095734][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1794.115315][T32173] RSP: 002b:00007f8cd7fe7c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000116
[ 1794.123721][T32173] RAX: ffffffffffffffda RBX: 000000000050b120 RCX: 000000000045ca59
[ 1794.131691][T32173] RDX: 0000000000000001 RSI: 0000000020000040 RDI: 0000000000000003
[ 1794.139640][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1794.147588][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff
[ 1794.155550][T32173] R13: 0000000000000c7a R14: 00000000004cece4 R15: 00007f8cd7fe86d4
[ 1794.163540][T32173] syz-executor.4  S29928 11222   7358 0x00000000
[ 1794.169864][T32173] Call Trace:
[ 1794.173141][T32173]  __schedule+0x8f3/0x1fc0
[ 1794.177542][T32173]  ? _raw_spin_unlock_irqrestore+0x62/0xe0
[ 1794.183338][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1794.188605][T32173]  ? wait_for_completion+0x270/0x270
[ 1794.193887][T32173]  schedule+0xd0/0x2a0
[ 1794.197941][T32173]  pipe_wait+0x155/0x240
[ 1794.202166][T32173]  ? pipe_double_lock+0x1e0/0x1e0
[ 1794.207167][T32173]  ? finish_wait+0x260/0x260
[ 1794.211744][T32173]  ? __mutex_lock+0x460/0x13c0
[ 1794.216486][T32173]  ? finish_wait+0x260/0x260
[ 1794.221072][T32173]  ? lock_downgrade+0x840/0x840
[ 1794.225912][T32173]  splice_from_pipe_next.part.0+0xde/0x350
[ 1794.231711][T32173]  __splice_from_pipe+0x119/0x7c0
[ 1794.236732][T32173]  ? iter_to_pipe+0x5c0/0x5c0
[ 1794.241392][T32173]  do_vmsplice.part.0+0x223/0x280
[ 1794.246411][T32173]  ? __splice_from_pipe+0x7c0/0x7c0
[ 1794.251643][T32173]  ? lock_downgrade+0x840/0x840
[ 1794.256477][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1794.261313][T32173]  __do_sys_vmsplice+0x1bc/0x210
[ 1794.266246][T32173]  ? do_vmsplice.part.0+0x280/0x280
[ 1794.271442][T32173]  ? _copy_to_user+0x126/0x160
[ 1794.276184][T32173]  ? put_timespec64+0xcb/0x120
[ 1794.280927][T32173]  ? ns_to_kernel_old_timeval+0x100/0x100
[ 1794.286648][T32173]  ? __x64_sys_futex+0x380/0x4f0
[ 1794.291570][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1794.297008][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1794.302984][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1794.307650][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1794.313608][T32173]  do_syscall_64+0xf6/0x7d0
[ 1794.318091][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1794.323962][T32173] RIP: 0033:0x45ca59
[ 1794.327837][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1794.347414][T32173] RSP: 002b:00007fc7e9ef2c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000116
[ 1794.355800][T32173] RAX: ffffffffffffffda RBX: 000000000050b120 RCX: 000000000045ca59
[ 1794.363766][T32173] RDX: 0000000000000001 RSI: 0000000020000040 RDI: 0000000000000003
[ 1794.371715][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1794.379663][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff
[ 1794.387626][T32173] R13: 0000000000000c7a R14: 00000000004cece4 R15: 00007fc7e9ef36d4
[ 1794.395589][T32173] syz-executor.4  S29928 11240   7358 0x00000000
[ 1794.401921][T32173] Call Trace:
[ 1794.405207][T32173]  __schedule+0x8f3/0x1fc0
[ 1794.409605][T32173]  ? _raw_spin_unlock_irqrestore+0x62/0xe0
[ 1794.415396][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1794.420664][T32173]  ? wait_for_completion+0x270/0x270
[ 1794.425933][T32173]  schedule+0xd0/0x2a0
[ 1794.429983][T32173]  pipe_wait+0x155/0x240
[ 1794.434213][T32173]  ? pipe_double_lock+0x1e0/0x1e0
[ 1794.439218][T32173]  ? finish_wait+0x260/0x260
[ 1794.443794][T32173]  ? __mutex_lock+0x460/0x13c0
[ 1794.448537][T32173]  ? finish_wait+0x260/0x260
[ 1794.453122][T32173]  ? lock_downgrade+0x840/0x840
[ 1794.457957][T32173]  splice_from_pipe_next.part.0+0xde/0x350
[ 1794.463766][T32173]  __splice_from_pipe+0x119/0x7c0
[ 1794.468772][T32173]  ? iter_to_pipe+0x5c0/0x5c0
[ 1794.473431][T32173]  do_vmsplice.part.0+0x223/0x280
[ 1794.478438][T32173]  ? __splice_from_pipe+0x7c0/0x7c0
[ 1794.483628][T32173]  ? lock_downgrade+0x840/0x840
[ 1794.488460][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1794.493306][T32173]  __do_sys_vmsplice+0x1bc/0x210
[ 1794.498222][T32173]  ? do_vmsplice.part.0+0x280/0x280
[ 1794.503418][T32173]  ? _copy_to_user+0x126/0x160
[ 1794.508172][T32173]  ? put_timespec64+0xcb/0x120
[ 1794.512914][T32173]  ? ns_to_kernel_old_timeval+0x100/0x100
[ 1794.518611][T32173]  ? __x64_sys_futex+0x380/0x4f0
[ 1794.523533][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1794.528965][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1794.534924][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1794.539594][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1794.545554][T32173]  do_syscall_64+0xf6/0x7d0
[ 1794.550037][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1794.555905][T32173] RIP: 0033:0x45ca59
[ 1794.559775][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1794.579367][T32173] RSP: 002b:00007fc7e9ef2c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000116
[ 1794.587754][T32173] RAX: ffffffffffffffda RBX: 000000000050b120 RCX: 000000000045ca59
[ 1794.595718][T32173] RDX: 0000000000000001 RSI: 0000000020000040 RDI: 0000000000000003
[ 1794.603667][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1794.611613][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff
[ 1794.619566][T32173] R13: 0000000000000c7a R14: 00000000004cece4 R15: 00007fc7e9ef36d4
[ 1794.627805][T32173] syz-executor.1  S29600 11241   6929 0x00000000
[ 1794.634115][T32173] Call Trace:
[ 1794.637399][T32173]  __schedule+0x8f3/0x1fc0
[ 1794.641794][T32173]  ? _raw_spin_unlock_irqrestore+0x62/0xe0
[ 1794.647580][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1794.652844][T32173]  ? wait_for_completion+0x270/0x270
[ 1794.658126][T32173]  schedule+0xd0/0x2a0
[ 1794.662176][T32173]  pipe_wait+0x155/0x240
[ 1794.666409][T32173]  ? pipe_double_lock+0x1e0/0x1e0
[ 1794.671427][T32173]  ? finish_wait+0x260/0x260
[ 1794.676000][T32173]  ? __mutex_lock+0x460/0x13c0
[ 1794.680738][T32173]  ? finish_wait+0x260/0x260
[ 1794.685308][T32173]  ? lock_downgrade+0x840/0x840
[ 1794.690142][T32173]  splice_from_pipe_next.part.0+0xde/0x350
[ 1794.695950][T32173]  __splice_from_pipe+0x119/0x7c0
[ 1794.700974][T32173]  ? iter_to_pipe+0x5c0/0x5c0
[ 1794.705752][T32173]  do_vmsplice.part.0+0x223/0x280
[ 1794.710761][T32173]  ? __splice_from_pipe+0x7c0/0x7c0
[ 1794.715944][T32173]  ? lock_downgrade+0x840/0x840
[ 1794.720777][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1794.726738][T32173]  __do_sys_vmsplice+0x1bc/0x210
[ 1794.731661][T32173]  ? do_vmsplice.part.0+0x280/0x280
[ 1794.736840][T32173]  ? _copy_to_user+0x126/0x160
[ 1794.741593][T32173]  ? put_timespec64+0xcb/0x120
[ 1794.746334][T32173]  ? ns_to_kernel_old_timeval+0x100/0x100
[ 1794.752051][T32173]  ? __x64_sys_futex+0x380/0x4f0
[ 1794.756972][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1794.762421][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1794.768393][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1794.773065][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1794.779041][T32173]  do_syscall_64+0xf6/0x7d0
[ 1794.783527][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1794.789394][T32173] RIP: 0033:0x45ca59
[ 1794.793354][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1794.812931][T32173] RSP: 002b:00007f7591596c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000116
[ 1794.821333][T32173] RAX: ffffffffffffffda RBX: 000000000050b120 RCX: 000000000045ca59
[ 1794.829280][T32173] RDX: 0000000000000001 RSI: 0000000020000040 RDI: 0000000000000003
[ 1794.837228][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1794.845190][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff
[ 1794.853152][T32173] R13: 0000000000000c7a R14: 00000000004cece4 R15: 00007f75915976d4
[ 1794.861131][T32173] syz-executor.2  S29824 11243   7087 0x00000000
[ 1794.867443][T32173] Call Trace:
[ 1794.870714][T32173]  __schedule+0x8f3/0x1fc0
[ 1794.875109][T32173]  ? _raw_spin_unlock_irqrestore+0x62/0xe0
[ 1794.880910][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1794.886179][T32173]  ? wait_for_completion+0x270/0x270
[ 1794.891462][T32173]  schedule+0xd0/0x2a0
[ 1794.895529][T32173]  pipe_wait+0x155/0x240
[ 1794.899769][T32173]  ? pipe_double_lock+0x1e0/0x1e0
[ 1794.904772][T32173]  ? finish_wait+0x260/0x260
[ 1794.909354][T32173]  ? __mutex_lock+0x460/0x13c0
[ 1794.914113][T32173]  ? finish_wait+0x260/0x260
[ 1794.918681][T32173]  ? lock_downgrade+0x840/0x840
[ 1794.923530][T32173]  splice_from_pipe_next.part.0+0xde/0x350
[ 1794.929334][T32173]  __splice_from_pipe+0x119/0x7c0
[ 1794.934342][T32173]  ? iter_to_pipe+0x5c0/0x5c0
[ 1794.939021][T32173]  do_vmsplice.part.0+0x223/0x280
[ 1794.944022][T32173]  ? __splice_from_pipe+0x7c0/0x7c0
[ 1794.949199][T32173]  ? lock_downgrade+0x840/0x840
[ 1794.954027][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1794.958859][T32173]  __do_sys_vmsplice+0x1bc/0x210
[ 1794.963778][T32173]  ? do_vmsplice.part.0+0x280/0x280
[ 1794.968958][T32173]  ? _copy_to_user+0x126/0x160
[ 1794.973701][T32173]  ? put_timespec64+0xcb/0x120
[ 1794.978442][T32173]  ? ns_to_kernel_old_timeval+0x100/0x100
[ 1794.984162][T32173]  ? __x64_sys_futex+0x380/0x4f0
[ 1794.989097][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1794.994532][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1795.000495][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1795.005151][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1795.011110][T32173]  do_syscall_64+0xf6/0x7d0
[ 1795.015595][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1795.021477][T32173] RIP: 0033:0x45ca59
[ 1795.025363][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1795.044941][T32173] RSP: 002b:00007f8cd7fe7c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000116
[ 1795.053326][T32173] RAX: ffffffffffffffda RBX: 000000000050b120 RCX: 000000000045ca59
[ 1795.061273][T32173] RDX: 0000000000000001 RSI: 0000000020000040 RDI: 0000000000000003
[ 1795.069222][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1795.077185][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff
[ 1795.085236][T32173] R13: 0000000000000c7a R14: 00000000004cece4 R15: 00007f8cd7fe86d4
[ 1795.093199][T32173] syz-executor.1  S29824 11364   6929 0x00000000
[ 1795.099508][T32173] Call Trace:
[ 1795.102777][T32173]  __schedule+0x8f3/0x1fc0
[ 1795.107169][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1795.112434][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1795.117696][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1795.123135][T32173]  schedule+0xd0/0x2a0
[ 1795.127180][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1795.132268][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1795.137707][T32173]  futex_wait+0x1e2/0x550
[ 1795.142033][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1795.147033][T32173]  ? print_usage_bug+0x240/0x240
[ 1795.151963][T32173]  ? hash_futex+0x10/0x200
[ 1795.156357][T32173]  ? futex_wake+0x153/0x480
[ 1795.160848][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1795.166804][T32173]  ? do_wp_page+0x512/0x1440
[ 1795.171375][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1795.177332][T32173]  do_futex+0x15f/0x1ad0
[ 1795.181559][T32173]  ? find_held_lock+0x2d/0x110
[ 1795.186300][T32173]  ? futex_exit_release+0x60/0x60
[ 1795.191320][T32173]  ? lock_downgrade+0x840/0x840
[ 1795.196149][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1795.200978][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1795.206938][T32173]  ? __might_fault+0x190/0x1d0
[ 1795.211703][T32173]  ? _copy_to_user+0x126/0x160
[ 1795.216462][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1795.221207][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1795.225698][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1795.231148][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1795.237122][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1795.241836][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1795.247822][T32173]  do_syscall_64+0xf6/0x7d0
[ 1795.252314][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1795.258186][T32173] RIP: 0033:0x45ca59
[ 1795.262063][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1795.281645][T32173] RSP: 002b:00007f7591596cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1795.290033][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1795.297998][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1795.305945][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1795.313893][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1795.321841][T32173] R13: 0000000000c9fb6f R14: 00007f75915979c0 R15: 000000000078bf0c
[ 1795.329804][T32173] syz-executor.1  S28976 11379   6929 0x00000000
[ 1795.336112][T32173] Call Trace:
[ 1795.339381][T32173]  __schedule+0x8f3/0x1fc0
[ 1795.343779][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1795.349042][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1795.354305][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1795.359759][T32173]  schedule+0xd0/0x2a0
[ 1795.363828][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1795.368932][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1795.374367][T32173]  ? find_held_lock+0x2d/0x110
[ 1795.379110][T32173]  futex_wait+0x1e2/0x550
[ 1795.383420][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1795.388423][T32173]  ? print_usage_bug+0x240/0x240
[ 1795.393339][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1795.398513][T32173]  ? futex_wake+0x153/0x480
[ 1795.403003][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1795.408970][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1795.414950][T32173]  do_futex+0x15f/0x1ad0
[ 1795.419226][T32173]  ? find_held_lock+0x2d/0x110
[ 1795.424016][T32173]  ? futex_exit_release+0x60/0x60
[ 1795.429027][T32173]  ? lock_downgrade+0x840/0x840
[ 1795.433909][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1795.438788][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1795.445019][T32173]  ? __might_fault+0x190/0x1d0
[ 1795.449766][T32173]  ? _copy_to_user+0x126/0x160
[ 1795.454543][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1795.459314][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1795.463798][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1795.469233][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1795.475192][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1795.479845][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1795.485820][T32173]  do_syscall_64+0xf6/0x7d0
[ 1795.490303][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1795.496171][T32173] RIP: 0033:0x45ca59
[ 1795.500044][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1795.519636][T32173] RSP: 002b:00007f7591596cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1795.528037][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1795.535987][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1795.543941][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1795.551887][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1795.559833][T32173] R13: 0000000000c9fb6f R14: 00007f75915979c0 R15: 000000000078bf0c
[ 1795.567812][T32173] syz-executor.1  S28904 11410   6929 0x00000000
[ 1795.574124][T32173] Call Trace:
[ 1795.577394][T32173]  __schedule+0x8f3/0x1fc0
[ 1795.581788][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1795.587068][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1795.592331][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1795.597771][T32173]  schedule+0xd0/0x2a0
[ 1795.601817][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1795.606932][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1795.612374][T32173]  futex_wait+0x1e2/0x550
[ 1795.616700][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1795.621705][T32173]  ? print_usage_bug+0x240/0x240
[ 1795.626640][T32173]  ? hash_futex+0x10/0x200
[ 1795.631034][T32173]  ? futex_wake+0x153/0x480
[ 1795.635525][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1795.641488][T32173]  ? do_wp_page+0x512/0x1440
[ 1795.646073][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1795.652049][T32173]  do_futex+0x15f/0x1ad0
[ 1795.656279][T32173]  ? find_held_lock+0x2d/0x110
[ 1795.661037][T32173]  ? futex_exit_release+0x60/0x60
[ 1795.666055][T32173]  ? lock_downgrade+0x840/0x840
[ 1795.670911][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1795.675763][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1795.681726][T32173]  ? __might_fault+0x190/0x1d0
[ 1795.686466][T32173]  ? _copy_to_user+0x126/0x160
[ 1795.691232][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1795.695977][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1795.700457][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1795.705907][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1795.711874][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1795.716529][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1795.722504][T32173]  do_syscall_64+0xf6/0x7d0
[ 1795.726999][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1795.732876][T32173] RIP: 0033:0x45ca59
[ 1795.736756][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1795.756349][T32173] RSP: 002b:00007f7591596cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1795.764744][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1795.772706][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1795.780665][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1795.788632][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1795.796589][T32173] R13: 0000000000c9fb6f R14: 00007f75915979c0 R15: 000000000078bf0c
[ 1795.804562][T32173] syz-executor.2  S29824 11411   7087 0x00000000
[ 1795.810882][T32173] Call Trace:
[ 1795.814163][T32173]  __schedule+0x8f3/0x1fc0
[ 1795.818560][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1795.823876][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1795.829144][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1795.834585][T32173]  schedule+0xd0/0x2a0
[ 1795.838633][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1795.843724][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1795.849161][T32173]  futex_wait+0x1e2/0x550
[ 1795.853471][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1795.858472][T32173]  ? print_usage_bug+0x240/0x240
[ 1795.863416][T32173]  ? hash_futex+0x10/0x200
[ 1795.867814][T32173]  ? futex_wake+0x153/0x480
[ 1795.872304][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1795.878260][T32173]  ? do_wp_page+0x512/0x1440
[ 1795.882829][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1795.888809][T32173]  do_futex+0x15f/0x1ad0
[ 1795.893037][T32173]  ? find_held_lock+0x2d/0x110
[ 1795.897786][T32173]  ? futex_exit_release+0x60/0x60
[ 1795.902811][T32173]  ? lock_downgrade+0x840/0x840
[ 1795.907640][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1795.912467][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1795.918430][T32173]  ? __might_fault+0x190/0x1d0
[ 1795.923172][T32173]  ? _copy_to_user+0x126/0x160
[ 1795.927918][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1795.932659][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1795.937158][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1795.942593][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1795.948550][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1795.953219][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1795.959180][T32173]  do_syscall_64+0xf6/0x7d0
[ 1795.963664][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1795.969530][T32173] RIP: 0033:0x45ca59
[ 1795.973403][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1795.992982][T32173] RSP: 002b:00007f8cd7fe7cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1796.001384][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1796.009331][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1796.017295][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1796.025257][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1796.033206][T32173] R13: 0000000000c9fb6f R14: 00007f8cd7fe89c0 R15: 000000000078bf0c
[ 1796.041169][T32173] syz-executor.5  S29824 11414   7376 0x00000000
[ 1796.047478][T32173] Call Trace:
[ 1796.050746][T32173]  __schedule+0x8f3/0x1fc0
[ 1796.055141][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1796.060403][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1796.065665][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1796.071104][T32173]  schedule+0xd0/0x2a0
[ 1796.075169][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1796.080256][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1796.085695][T32173]  futex_wait+0x1e2/0x550
[ 1796.090003][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1796.095007][T32173]  ? print_usage_bug+0x240/0x240
[ 1796.099923][T32173]  ? hash_futex+0x10/0x200
[ 1796.104316][T32173]  ? futex_wake+0x153/0x480
[ 1796.108806][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1796.114767][T32173]  ? do_wp_page+0x512/0x1440
[ 1796.119333][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1796.125307][T32173]  do_futex+0x15f/0x1ad0
[ 1796.129533][T32173]  ? find_held_lock+0x2d/0x110
[ 1796.134277][T32173]  ? futex_exit_release+0x60/0x60
[ 1796.139281][T32173]  ? lock_downgrade+0x840/0x840
[ 1796.144108][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1796.148934][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1796.154897][T32173]  ? __might_fault+0x190/0x1d0
[ 1796.159637][T32173]  ? _copy_to_user+0x126/0x160
[ 1796.164382][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1796.169139][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1796.173639][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1796.179088][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1796.185045][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1796.189696][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1796.195656][T32173]  do_syscall_64+0xf6/0x7d0
[ 1796.200136][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1796.206002][T32173] RIP: 0033:0x45ca59
[ 1796.209874][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1796.229451][T32173] RSP: 002b:00007f656341ecf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1796.237837][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1796.245785][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1796.253732][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1796.261682][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1796.269628][T32173] R13: 0000000000c9fb6f R14: 00007f656341f9c0 R15: 000000000078bf0c
[ 1796.277606][T32173] syz-executor.5  S29824 11462   7376 0x00000000
[ 1796.284089][T32173] Call Trace:
[ 1796.287359][T32173]  __schedule+0x8f3/0x1fc0
[ 1796.291757][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1796.297023][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1796.302286][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1796.307738][T32173]  schedule+0xd0/0x2a0
[ 1796.311793][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1796.316881][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1796.322314][T32173]  ? find_held_lock+0x2d/0x110
[ 1796.327058][T32173]  futex_wait+0x1e2/0x550
[ 1796.331368][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1796.336368][T32173]  ? print_usage_bug+0x240/0x240
[ 1796.341302][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1796.346480][T32173]  ? futex_wake+0x153/0x480
[ 1796.350970][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1796.356927][T32173]  ? do_wp_page+0x512/0x1440
[ 1796.361495][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1796.367474][T32173]  do_futex+0x15f/0x1ad0
[ 1796.371704][T32173]  ? find_held_lock+0x2d/0x110
[ 1796.376450][T32173]  ? futex_exit_release+0x60/0x60
[ 1796.381456][T32173]  ? lock_downgrade+0x840/0x840
[ 1796.386284][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1796.391124][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1796.397443][T32173]  ? __might_fault+0x190/0x1d0
[ 1796.402192][T32173]  ? _copy_to_user+0x126/0x160
[ 1796.406943][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1796.411699][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1796.416201][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1796.421702][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1796.427709][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1796.432366][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1796.438330][T32173]  do_syscall_64+0xf6/0x7d0
[ 1796.442821][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1796.448703][T32173] RIP: 0033:0x45ca59
[ 1796.452577][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1796.472158][T32173] RSP: 002b:00007f656341ecf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1796.480645][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1796.488599][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1796.496546][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1796.504543][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1796.512489][T32173] R13: 0000000000c9fb6f R14: 00007f656341f9c0 R15: 000000000078bf0c
[ 1796.520451][T32173] syz-executor.1  S29824 11479   6929 0x00000000
[ 1796.526887][T32173] Call Trace:
[ 1796.530157][T32173]  __schedule+0x8f3/0x1fc0
[ 1796.534549][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1796.539840][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1796.545119][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1796.550573][T32173]  schedule+0xd0/0x2a0
[ 1796.554622][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1796.559709][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1796.565141][T32173]  ? find_held_lock+0x2d/0x110
[ 1796.569881][T32173]  futex_wait+0x1e2/0x550
[ 1796.574192][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1796.579207][T32173]  ? print_usage_bug+0x240/0x240
[ 1796.584140][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1796.589331][T32173]  ? futex_wake+0x153/0x480
[ 1796.593820][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1796.599777][T32173]  ? do_wp_page+0x512/0x1440
[ 1796.604345][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1796.610301][T32173]  do_futex+0x15f/0x1ad0
[ 1796.614528][T32173]  ? find_held_lock+0x2d/0x110
[ 1796.619270][T32173]  ? futex_exit_release+0x60/0x60
[ 1796.624272][T32173]  ? lock_downgrade+0x840/0x840
[ 1796.629102][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1796.633927][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1796.639890][T32173]  ? __might_fault+0x190/0x1d0
[ 1796.644631][T32173]  ? _copy_to_user+0x126/0x160
[ 1796.649378][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1796.654123][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1796.658605][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1796.664039][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1796.670010][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1796.674693][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1796.680669][T32173]  do_syscall_64+0xf6/0x7d0
[ 1796.685152][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1796.691036][T32173] RIP: 0033:0x45ca59
[ 1796.694920][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1796.714499][T32173] RSP: 002b:00007f7591596cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1796.722901][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1796.731302][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1796.739248][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1796.747195][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1796.755142][T32173] R13: 0000000000c9fb6f R14: 00007f75915979c0 R15: 000000000078bf0c
[ 1796.763103][T32173] syz-executor.2  S28904 11480   7087 0x00000000
[ 1796.769426][T32173] Call Trace:
[ 1796.772747][T32173]  __schedule+0x8f3/0x1fc0
[ 1796.777148][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1796.782421][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1796.787694][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1796.793137][T32173]  schedule+0xd0/0x2a0
[ 1796.797187][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1796.802278][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1796.807756][T32173]  ? find_held_lock+0x2d/0x110
[ 1796.812503][T32173]  futex_wait+0x1e2/0x550
[ 1796.816813][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1796.821815][T32173]  ? print_usage_bug+0x240/0x240
[ 1796.826754][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1796.831931][T32173]  ? futex_wake+0x153/0x480
[ 1796.836421][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1796.842378][T32173]  ? do_wp_page+0x512/0x1440
[ 1796.846987][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1796.852945][T32173]  do_futex+0x15f/0x1ad0
[ 1796.857189][T32173]  ? find_held_lock+0x2d/0x110
[ 1796.861932][T32173]  ? futex_exit_release+0x60/0x60
[ 1796.866937][T32173]  ? lock_downgrade+0x840/0x840
[ 1796.871766][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1796.876593][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1796.882555][T32173]  ? __might_fault+0x190/0x1d0
[ 1796.887294][T32173]  ? _copy_to_user+0x126/0x160
[ 1796.892040][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1796.896785][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1796.901266][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1796.906732][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1796.912809][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1796.917463][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1796.923438][T32173]  do_syscall_64+0xf6/0x7d0
[ 1796.927920][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1796.933789][T32173] RIP: 0033:0x45ca59
[ 1796.937682][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1796.957261][T32173] RSP: 002b:00007f8cd7fe7cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1796.965653][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1796.973599][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1796.981549][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1796.989494][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1796.997452][T32173] R13: 0000000000c9fb6f R14: 00007f8cd7fe89c0 R15: 000000000078bf0c
[ 1797.005416][T32173] syz-executor.2  S29824 11517   7087 0x00000000
[ 1797.011726][T32173] Call Trace:
[ 1797.014995][T32173]  __schedule+0x8f3/0x1fc0
[ 1797.019473][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1797.024759][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1797.030039][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1797.035477][T32173]  schedule+0xd0/0x2a0
[ 1797.039539][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1797.044629][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1797.050065][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1797.056040][T32173]  futex_wait+0x1e2/0x550
[ 1797.060350][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1797.065355][T32173]  ? print_usage_bug+0x240/0x240
[ 1797.070272][T32173]  ? hash_futex+0x10/0x200
[ 1797.074665][T32173]  ? futex_wake+0x153/0x480
[ 1797.079152][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1797.085129][T32173]  ? do_wp_page+0x512/0x1440
[ 1797.089697][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1797.095682][T32173]  do_futex+0x15f/0x1ad0
[ 1797.099924][T32173]  ? find_held_lock+0x2d/0x110
[ 1797.104666][T32173]  ? futex_exit_release+0x60/0x60
[ 1797.109677][T32173]  ? lock_downgrade+0x840/0x840
[ 1797.114522][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1797.119363][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1797.125327][T32173]  ? __might_fault+0x190/0x1d0
[ 1797.130066][T32173]  ? _copy_to_user+0x126/0x160
[ 1797.134830][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1797.139576][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1797.144058][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1797.149492][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1797.155452][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1797.160103][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1797.166063][T32173]  do_syscall_64+0xf6/0x7d0
[ 1797.170546][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1797.176417][T32173] RIP: 0033:0x45ca59
[ 1797.180290][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1797.199868][T32173] RSP: 002b:00007f8cd7fe7cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1797.208255][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1797.216201][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1797.224149][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1797.232097][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1797.240048][T32173] R13: 0000000000c9fb6f R14: 00007f8cd7fe89c0 R15: 000000000078bf0c
[ 1797.248016][T32173] syz-executor.5  S29824 11518   7376 0x00000000
[ 1797.254327][T32173] Call Trace:
[ 1797.257607][T32173]  __schedule+0x8f3/0x1fc0
[ 1797.262000][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1797.267266][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1797.272547][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1797.278028][T32173]  schedule+0xd0/0x2a0
[ 1797.282077][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1797.287165][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1797.292618][T32173]  futex_wait+0x1e2/0x550
[ 1797.296931][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1797.301936][T32173]  ? print_usage_bug+0x240/0x240
[ 1797.306859][T32173]  ? hash_futex+0x10/0x200
[ 1797.311259][T32173]  ? futex_wake+0x153/0x480
[ 1797.315752][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1797.321835][T32173]  ? do_wp_page+0x512/0x1440
[ 1797.326405][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1797.332367][T32173]  do_futex+0x15f/0x1ad0
[ 1797.336596][T32173]  ? find_held_lock+0x2d/0x110
[ 1797.341341][T32173]  ? futex_exit_release+0x60/0x60
[ 1797.346345][T32173]  ? lock_downgrade+0x840/0x840
[ 1797.351176][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1797.356005][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1797.361968][T32173]  ? __might_fault+0x190/0x1d0
[ 1797.366707][T32173]  ? _copy_to_user+0x126/0x160
[ 1797.371453][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1797.376198][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1797.380680][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1797.386118][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1797.392075][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1797.396731][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1797.402690][T32173]  do_syscall_64+0xf6/0x7d0
[ 1797.407194][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1797.413075][T32173] RIP: 0033:0x45ca59
[ 1797.416960][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1797.436582][T32173] RSP: 002b:00007f656341ecf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1797.444978][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1797.452928][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1797.460878][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1797.468826][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1797.476775][T32173] R13: 0000000000c9fb6f R14: 00007f656341f9c0 R15: 000000000078bf0c
[ 1797.484741][T32173] syz-executor.1  S29824 11520   6929 0x00000000
[ 1797.491052][T32173] Call Trace:
[ 1797.494335][T32173]  __schedule+0x8f3/0x1fc0
[ 1797.498731][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1797.503995][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1797.509276][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1797.514715][T32173]  schedule+0xd0/0x2a0
[ 1797.518763][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1797.523853][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1797.529300][T32173]  ? find_held_lock+0x2d/0x110
[ 1797.534063][T32173]  futex_wait+0x1e2/0x550
[ 1797.538373][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1797.543374][T32173]  ? print_usage_bug+0x240/0x240
[ 1797.548287][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1797.553480][T32173]  ? futex_wake+0x153/0x480
[ 1797.557984][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1797.563959][T32173]  ? do_wp_page+0x512/0x1440
[ 1797.568525][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1797.574483][T32173]  do_futex+0x15f/0x1ad0
[ 1797.578710][T32173]  ? find_held_lock+0x2d/0x110
[ 1797.583467][T32173]  ? futex_exit_release+0x60/0x60
[ 1797.588478][T32173]  ? lock_downgrade+0x840/0x840
[ 1797.593307][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1797.598132][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1797.604095][T32173]  ? __might_fault+0x190/0x1d0
[ 1797.608836][T32173]  ? _copy_to_user+0x126/0x160
[ 1797.613598][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1797.618342][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1797.622823][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1797.628271][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1797.634228][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1797.638897][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1797.644873][T32173]  do_syscall_64+0xf6/0x7d0
[ 1797.649371][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1797.655239][T32173] RIP: 0033:0x45ca59
[ 1797.659110][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1797.678702][T32173] RSP: 002b:00007f7591596cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1797.687088][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1797.695034][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1797.702981][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1797.710926][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1797.718870][T32173] R13: 0000000000c9fb6f R14: 00007f75915979c0 R15: 000000000078bf0c
[ 1797.726846][T32173] syz-executor.4  S29368 12020   7358 0x00000000
[ 1797.733171][T32173] Call Trace:
[ 1797.736455][T32173]  __schedule+0x8f3/0x1fc0
[ 1797.740863][T32173]  ? do_wait+0x581/0xa00
[ 1797.745088][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1797.750345][T32173]  ? release_task+0x15a0/0x15a0
[ 1797.755173][T32173]  ? _raw_spin_unlock_irqrestore+0x62/0xe0
[ 1797.760959][T32173]  schedule+0xd0/0x2a0
[ 1797.765003][T32173]  do_wait+0x63c/0xa00
[ 1797.769050][T32173]  ? wait_consider_task+0x37a0/0x37a0
[ 1797.774400][T32173]  kernel_wait4+0x14c/0x260
[ 1797.778895][T32173]  ? __ia32_sys_waitid+0x150/0x150
[ 1797.784032][T32173]  ? _do_fork+0x265/0x1010
[ 1797.788428][T32173]  ? task_stopped_code+0x180/0x180
[ 1797.793527][T32173]  __do_sys_wait4+0x147/0x160
[ 1797.798182][T32173]  ? kernel_wait4+0x260/0x260
[ 1797.802853][T32173]  ? put_timespec64+0xcb/0x120
[ 1797.807591][T32173]  ? ns_to_kernel_old_timeval+0x100/0x100
[ 1797.813287][T32173]  ? __x64_sys_futex+0x380/0x4f0
[ 1797.818205][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1797.823640][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1797.829610][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1797.834264][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1797.840246][T32173]  do_syscall_64+0xf6/0x7d0
[ 1797.844727][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1797.850594][T32173] RIP: 0033:0x45ca59
[ 1797.854465][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1797.874044][T32173] RSP: 002b:00007fc7e9ef2c78 EFLAGS: 00000246 ORIG_RAX: 000000000000003d
[ 1797.882430][T32173] RAX: ffffffffffffffda RBX: 000000000050b160 RCX: 000000000045ca59
[ 1797.890396][T32173] RDX: 000000006000000a RSI: 0000000000000000 RDI: 0000000000000000
[ 1797.898344][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1797.906290][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff
[ 1797.914236][T32173] R13: 0000000000000c7b R14: 00000000004ceced R15: 00007fc7e9ef36d4
[ 1797.922215][T32173] syz-executor.4  S29824 12023  12020 0x00000000
[ 1797.928523][T32173] Call Trace:
[ 1797.931795][T32173]  __schedule+0x8f3/0x1fc0
[ 1797.936189][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1797.941473][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1797.946735][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1797.952174][T32173]  schedule+0xd0/0x2a0
[ 1797.956219][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1797.961307][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1797.966740][T32173]  ? find_held_lock+0x2d/0x110
[ 1797.971484][T32173]  futex_wait+0x1e2/0x550
[ 1797.975793][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1797.980812][T32173]  ? print_usage_bug+0x240/0x240
[ 1797.985726][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1797.990902][T32173]  ? futex_wake+0x153/0x480
[ 1797.995391][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1798.001346][T32173]  ? mark_lock+0x11f/0xdd0
[ 1798.005742][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1798.011700][T32173]  do_futex+0x15f/0x1ad0
[ 1798.015925][T32173]  ? find_held_lock+0x2d/0x110
[ 1798.020666][T32173]  ? futex_exit_release+0x60/0x60
[ 1798.025685][T32173]  ? lock_downgrade+0x840/0x840
[ 1798.030511][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1798.035339][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1798.041303][T32173]  ? __might_fault+0x190/0x1d0
[ 1798.046044][T32173]  ? _copy_to_user+0x126/0x160
[ 1798.050791][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1798.055539][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1798.060020][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1798.065453][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1798.071425][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1798.076078][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1798.082039][T32173]  do_syscall_64+0xf6/0x7d0
[ 1798.086543][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1798.092409][T32173] RIP: 0033:0x45ca59
[ 1798.096278][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1798.115967][T32173] RSP: 002b:00007fc7e9ef2cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1798.124368][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1798.132315][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1798.140264][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1798.148212][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1798.156174][T32173] R13: 0000000000c9fb6f R14: 00007fc7e9ef39c0 R15: 000000000078bf0c
[ 1798.164135][T32173] syz-executor.4  S29824 12053   7358 0x00000000
[ 1798.170445][T32173] Call Trace:
[ 1798.173730][T32173]  __schedule+0x8f3/0x1fc0
[ 1798.178123][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1798.183386][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1798.188652][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1798.194089][T32173]  schedule+0xd0/0x2a0
[ 1798.198164][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1798.203267][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1798.208720][T32173]  futex_wait+0x1e2/0x550
[ 1798.213030][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1798.218045][T32173]  ? wake_up_q+0xc1/0x140
[ 1798.222350][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1798.227558][T32173]  ? futex_wake+0x153/0x480
[ 1798.232066][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1798.238035][T32173]  ? mark_lock+0x11f/0xdd0
[ 1798.242455][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1798.248430][T32173]  do_futex+0x15f/0x1ad0
[ 1798.252670][T32173]  ? find_held_lock+0x2d/0x110
[ 1798.257465][T32173]  ? futex_exit_release+0x60/0x60
[ 1798.262519][T32173]  ? lock_downgrade+0x840/0x840
[ 1798.267350][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1798.272179][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1798.278143][T32173]  ? __might_fault+0x190/0x1d0
[ 1798.282886][T32173]  ? _copy_to_user+0x126/0x160
[ 1798.287630][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1798.292375][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1798.296859][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1798.302295][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1798.308250][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1798.312941][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1798.318934][T32173]  do_syscall_64+0xf6/0x7d0
[ 1798.323419][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1798.329285][T32173] RIP: 0033:0x45ca59
[ 1798.333159][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1798.352775][T32173] RSP: 002b:00007fc7e9ef2cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1798.361163][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1798.369126][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1798.377074][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1798.385020][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1798.392985][T32173] R13: 0000000000c9fb6f R14: 00007fc7e9ef39c0 R15: 000000000078bf0c
[ 1798.400948][T32173] syz-executor.4  S29824 12063   7358 0x00000000
[ 1798.407257][T32173] Call Trace:
[ 1798.410528][T32173]  __schedule+0x8f3/0x1fc0
[ 1798.414926][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1798.420207][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1798.425486][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1798.430930][T32173]  schedule+0xd0/0x2a0
[ 1798.434991][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1798.440077][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1798.445544][T32173]  futex_wait+0x1e2/0x550
[ 1798.449870][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1798.454872][T32173]  ? wake_up_q+0xc1/0x140
[ 1798.459177][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1798.464352][T32173]  ? futex_wake+0x153/0x480
[ 1798.468840][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1798.474796][T32173]  ? mark_lock+0x11f/0xdd0
[ 1798.479215][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1798.485193][T32173]  do_futex+0x15f/0x1ad0
[ 1798.489429][T32173]  ? find_held_lock+0x2d/0x110
[ 1798.494182][T32173]  ? futex_exit_release+0x60/0x60
[ 1798.499627][T32173]  ? lock_downgrade+0x840/0x840
[ 1798.504491][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1798.509322][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1798.515287][T32173]  ? __might_fault+0x190/0x1d0
[ 1798.520031][T32173]  ? _copy_to_user+0x126/0x160
[ 1798.524779][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1798.529524][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1798.534007][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1798.539441][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1798.545399][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1798.550054][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1798.556014][T32173]  do_syscall_64+0xf6/0x7d0
[ 1798.560497][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1798.566383][T32173] RIP: 0033:0x45ca59
[ 1798.570257][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1798.589838][T32173] RSP: 002b:00007fc7e9ef2cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1798.598696][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1798.606645][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1798.614595][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1798.622542][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1798.630490][T32173] R13: 0000000000c9fb6f R14: 00007fc7e9ef39c0 R15: 000000000078bf0c
[ 1798.638477][T32173] syz-executor.2  S29824 12065   7087 0x00000000
[ 1798.644789][T32173] Call Trace:
[ 1798.648059][T32173]  __schedule+0x8f3/0x1fc0
[ 1798.652479][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1798.657744][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1798.663009][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1798.668446][T32173]  schedule+0xd0/0x2a0
[ 1798.672516][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1798.677605][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1798.683046][T32173]  futex_wait+0x1e2/0x550
[ 1798.687357][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1798.692360][T32173]  ? wake_up_q+0xc1/0x140
[ 1798.697085][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1798.702263][T32173]  ? futex_wake+0x153/0x480
[ 1798.706754][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1798.712708][T32173]  ? mark_lock+0x11f/0xdd0
[ 1798.717101][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1798.723070][T32173]  do_futex+0x15f/0x1ad0
[ 1798.727306][T32173]  ? find_held_lock+0x2d/0x110
[ 1798.732061][T32173]  ? futex_exit_release+0x60/0x60
[ 1798.737077][T32173]  ? lock_downgrade+0x840/0x840
[ 1798.741931][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1798.746767][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1798.752733][T32173]  ? __might_fault+0x190/0x1d0
[ 1798.757520][T32173]  ? debug_smp_processor_id+0x2f/0x185
[ 1798.762979][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1798.767724][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1798.772209][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1798.777641][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1798.783598][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1798.788252][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1798.794235][T32173]  do_syscall_64+0xf6/0x7d0
[ 1798.798719][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1798.804586][T32173] RIP: 0033:0x45ca59
[ 1798.808462][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1798.828043][T32173] RSP: 002b:00007f8cd7fe7cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1798.836445][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1798.844397][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1798.852344][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1798.860291][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1798.868241][T32173] R13: 0000000000c9fb6f R14: 00007f8cd7fe89c0 R15: 000000000078bf0c
[ 1798.876204][T32173] syz-executor.3  S29824 12073   7107 0x00000000
[ 1798.882514][T32173] Call Trace:
[ 1798.885784][T32173]  __schedule+0x8f3/0x1fc0
[ 1798.890178][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1798.895468][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1798.900753][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1798.906190][T32173]  schedule+0xd0/0x2a0
[ 1798.910251][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1798.915357][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1798.920798][T32173]  futex_wait+0x1e2/0x550
[ 1798.925107][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1798.930111][T32173]  ? wake_up_q+0xc1/0x140
[ 1798.934519][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1798.939709][T32173]  ? futex_wake+0x153/0x480
[ 1798.944216][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1798.950170][T32173]  ? mark_lock+0x11f/0xdd0
[ 1798.954568][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1798.960545][T32173]  do_futex+0x15f/0x1ad0
[ 1798.964773][T32173]  ? find_held_lock+0x2d/0x110
[ 1798.969516][T32173]  ? futex_exit_release+0x60/0x60
[ 1798.974527][T32173]  ? lock_downgrade+0x840/0x840
[ 1798.979355][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1798.984184][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1798.990152][T32173]  ? __might_fault+0x190/0x1d0
[ 1798.994894][T32173]  ? _copy_to_user+0x126/0x160
[ 1798.999638][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1799.004399][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1799.008883][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1799.014319][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1799.020294][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1799.024947][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1799.030908][T32173]  do_syscall_64+0xf6/0x7d0
[ 1799.035393][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1799.041260][T32173] RIP: 0033:0x45ca59
[ 1799.045134][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1799.064714][T32173] RSP: 002b:00007f65fad0acf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1799.073098][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1799.081063][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1799.089010][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1799.096957][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1799.104923][T32173] R13: 0000000000c9fb6f R14: 00007f65fad0b9c0 R15: 000000000078bf0c
[ 1799.112901][T32173] syz-executor.2  S29824 12081   7087 0x00000000
[ 1799.119210][T32173] Call Trace:
[ 1799.122480][T32173]  __schedule+0x8f3/0x1fc0
[ 1799.126871][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1799.132136][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1799.137398][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1799.142853][T32173]  schedule+0xd0/0x2a0
[ 1799.146903][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1799.151999][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1799.157445][T32173]  futex_wait+0x1e2/0x550
[ 1799.161757][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1799.166761][T32173]  ? wake_up_q+0xc1/0x140
[ 1799.171066][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1799.176259][T32173]  ? futex_wake+0x153/0x480
[ 1799.180752][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1799.186704][T32173]  ? mark_lock+0x11f/0xdd0
[ 1799.191100][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1799.197073][T32173]  do_futex+0x15f/0x1ad0
[ 1799.201301][T32173]  ? find_held_lock+0x2d/0x110
[ 1799.206059][T32173]  ? futex_exit_release+0x60/0x60
[ 1799.211060][T32173]  ? lock_downgrade+0x840/0x840
[ 1799.215888][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1799.220734][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1799.226696][T32173]  ? __might_fault+0x190/0x1d0
[ 1799.231440][T32173]  ? _copy_to_user+0x126/0x160
[ 1799.236249][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1799.241026][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1799.245518][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1799.250959][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1799.256940][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1799.261616][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1799.267587][T32173]  do_syscall_64+0xf6/0x7d0
[ 1799.272083][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1799.277956][T32173] RIP: 0033:0x45ca59
[ 1799.281833][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1799.301418][T32173] RSP: 002b:00007f8cd7fe7cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1799.309822][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1799.317770][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1799.325736][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1799.333700][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1799.341684][T32173] R13: 0000000000c9fb6f R14: 00007f8cd7fe89c0 R15: 000000000078bf0c
[ 1799.349648][T32173] syz-executor.4  S29824 12229   7358 0x00000000
[ 1799.355959][T32173] Call Trace:
[ 1799.359289][T32173]  __schedule+0x8f3/0x1fc0
[ 1799.363738][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1799.369028][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1799.374348][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1799.379791][T32173]  schedule+0xd0/0x2a0
[ 1799.383876][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1799.388989][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1799.394487][T32173]  ? find_held_lock+0x2d/0x110
[ 1799.399245][T32173]  futex_wait+0x1e2/0x550
[ 1799.403618][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1799.408622][T32173]  ? print_usage_bug+0x240/0x240
[ 1799.413607][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1799.418791][T32173]  ? futex_wake+0x153/0x480
[ 1799.423350][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1799.429305][T32173]  ? mark_lock+0x11f/0xdd0
[ 1799.433701][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1799.439660][T32173]  do_futex+0x15f/0x1ad0
[ 1799.443891][T32173]  ? find_held_lock+0x2d/0x110
[ 1799.448631][T32173]  ? futex_exit_release+0x60/0x60
[ 1799.453766][T32173]  ? lock_downgrade+0x840/0x840
[ 1799.458594][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1799.463424][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1799.469389][T32173]  ? __might_fault+0x190/0x1d0
[ 1799.474157][T32173]  ? _copy_to_user+0x126/0x160
[ 1799.478902][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1799.483646][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1799.488147][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1799.493583][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1799.499539][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1799.504196][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1799.510175][T32173]  do_syscall_64+0xf6/0x7d0
[ 1799.514658][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1799.520525][T32173] RIP: 0033:0x45ca59
[ 1799.524400][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1799.543994][T32173] RSP: 002b:00007fc7e9ef2cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1799.552396][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1799.560343][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1799.568306][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1799.576254][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1799.584204][T32173] R13: 0000000000c9fb6f R14: 00007fc7e9ef39c0 R15: 000000000078bf0c
[ 1799.592183][T32173] syz-executor.3  S28120 12671   7107 0x00000000
[ 1799.598493][T32173] Call Trace:
[ 1799.601767][T32173]  __schedule+0x8f3/0x1fc0
[ 1799.606163][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1799.611447][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1799.616710][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1799.622149][T32173]  schedule+0xd0/0x2a0
[ 1799.626196][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1799.631306][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1799.636744][T32173]  futex_wait+0x1e2/0x550
[ 1799.641058][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1799.646073][T32173]  ? print_usage_bug+0x240/0x240
[ 1799.650989][T32173]  ? hash_futex+0x10/0x200
[ 1799.655384][T32173]  ? futex_wake+0x153/0x480
[ 1799.659890][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1799.665848][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1799.671805][T32173]  do_futex+0x15f/0x1ad0
[ 1799.676031][T32173]  ? find_held_lock+0x2d/0x110
[ 1799.680775][T32173]  ? futex_exit_release+0x60/0x60
[ 1799.685793][T32173]  ? lock_downgrade+0x840/0x840
[ 1799.690633][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1799.695493][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1799.701472][T32173]  ? __might_fault+0x190/0x1d0
[ 1799.706214][T32173]  ? _copy_to_user+0x126/0x160
[ 1799.710976][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1799.715722][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1799.720203][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1799.725638][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1799.731608][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1799.736263][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1799.742224][T32173]  do_syscall_64+0xf6/0x7d0
[ 1799.746709][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1799.752576][T32173] RIP: 0033:0x45ca59
[ 1799.756449][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1799.776037][T32173] RSP: 002b:00007f65fad0acf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1799.784431][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1799.792392][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1799.800359][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1799.808310][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1799.816259][T32173] R13: 0000000000c9fb6f R14: 00007f65fad0b9c0 R15: 000000000078bf0c
[ 1799.824225][T32173] syz-executor.3  S29256 13592   7107 0x00000000
[ 1799.830535][T32173] Call Trace:
[ 1799.833809][T32173]  __schedule+0x8f3/0x1fc0
[ 1799.838206][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1799.843473][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1799.848737][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1799.854175][T32173]  schedule+0xd0/0x2a0
[ 1799.858223][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1799.863313][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1799.868753][T32173]  futex_wait+0x1e2/0x550
[ 1799.873066][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1799.878067][T32173]  ? print_usage_bug+0x240/0x240
[ 1799.882979][T32173]  ? mark_lock+0x11f/0xdd0
[ 1799.887392][T32173]  ? hash_futex+0x10/0x200
[ 1799.891786][T32173]  ? futex_wake+0x153/0x480
[ 1799.896276][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1799.902235][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1799.908207][T32173]  do_futex+0x15f/0x1ad0
[ 1799.912452][T32173]  ? find_held_lock+0x2d/0x110
[ 1799.917194][T32173]  ? futex_exit_release+0x60/0x60
[ 1799.922214][T32173]  ? lock_downgrade+0x840/0x840
[ 1799.927055][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1799.931883][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1799.937852][T32173]  ? __might_fault+0x190/0x1d0
[ 1799.942594][T32173]  ? _copy_to_user+0x126/0x160
[ 1799.947337][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1799.952082][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1799.956564][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1799.961998][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1799.968044][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1799.972698][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1799.978671][T32173]  do_syscall_64+0xf6/0x7d0
[ 1799.983161][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1799.989028][T32173] RIP: 0033:0x45ca59
[ 1799.992900][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1800.012481][T32173] RSP: 002b:00007f65fad0acf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1800.020883][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1800.028832][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1800.036793][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1800.044756][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1800.052706][T32173] R13: 0000000000c9fb6f R14: 00007f65fad0b9c0 R15: 000000000078bf0c
[ 1800.060670][T32173] syz-executor.3  S29256 13631   7107 0x00000000
[ 1800.067006][T32173] Call Trace:
[ 1800.070277][T32173]  __schedule+0x8f3/0x1fc0
[ 1800.074683][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1800.079947][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1800.085211][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1800.090648][T32173]  schedule+0xd0/0x2a0
[ 1800.094710][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1800.099797][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1800.105235][T32173]  futex_wait+0x1e2/0x550
[ 1800.109543][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1800.114545][T32173]  ? print_usage_bug+0x240/0x240
[ 1800.119457][T32173]  ? mark_lock+0x11f/0xdd0
[ 1800.123850][T32173]  ? hash_futex+0x10/0x200
[ 1800.128243][T32173]  ? futex_wake+0x153/0x480
[ 1800.132733][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1800.138691][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1800.144651][T32173]  do_futex+0x15f/0x1ad0
[ 1800.148876][T32173]  ? find_held_lock+0x2d/0x110
[ 1800.153618][T32173]  ? futex_exit_release+0x60/0x60
[ 1800.158638][T32173]  ? lock_downgrade+0x840/0x840
[ 1800.163467][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1800.168293][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1800.174256][T32173]  ? __might_fault+0x190/0x1d0
[ 1800.179000][T32173]  ? _copy_to_user+0x126/0x160
[ 1800.183755][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1800.188497][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1800.192986][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1800.198436][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1800.204413][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1800.209066][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1800.215027][T32173]  do_syscall_64+0xf6/0x7d0
[ 1800.219525][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1800.225394][T32173] RIP: 0033:0x45ca59
[ 1800.229266][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1800.248856][T32173] RSP: 002b:00007f65fad0acf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1800.257271][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1800.265221][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1800.273185][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1800.281148][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1800.289094][T32173] R13: 0000000000c9fb6f R14: 00007f65fad0b9c0 R15: 000000000078bf0c
[ 1800.297058][T32173] syz-executor.3  S29256 13644   7107 0x00000000
[ 1800.303370][T32173] Call Trace:
[ 1800.306641][T32173]  __schedule+0x8f3/0x1fc0
[ 1800.311038][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1800.316304][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1800.321566][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1800.327018][T32173]  schedule+0xd0/0x2a0
[ 1800.331067][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1800.336241][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1800.341696][T32173]  ? find_held_lock+0x2d/0x110
[ 1800.346456][T32173]  futex_wait+0x1e2/0x550
[ 1800.350774][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1800.355790][T32173]  ? print_usage_bug+0x240/0x240
[ 1800.360720][T32173]  ? mark_lock+0x11f/0xdd0
[ 1800.365129][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1800.370320][T32173]  ? futex_wake+0x153/0x480
[ 1800.374811][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1800.380768][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1800.386739][T32173]  do_futex+0x15f/0x1ad0
[ 1800.390965][T32173]  ? find_held_lock+0x2d/0x110
[ 1800.395724][T32173]  ? futex_exit_release+0x60/0x60
[ 1800.400738][T32173]  ? lock_downgrade+0x840/0x840
[ 1800.405649][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1800.410487][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1800.416469][T32173]  ? __might_fault+0x190/0x1d0
[ 1800.421258][T32173]  ? _copy_to_user+0x126/0x160
[ 1800.426057][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1800.430808][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1800.435344][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1800.440831][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1800.446841][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1800.451517][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1800.457492][T32173]  do_syscall_64+0xf6/0x7d0
[ 1800.461977][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1800.467862][T32173] RIP: 0033:0x45ca59
[ 1800.471752][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1800.491331][T32173] RSP: 002b:00007f65fad0acf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1800.499736][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1800.507700][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1800.515648][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1800.523596][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1800.531544][T32173] R13: 0000000000c9fb6f R14: 00007f65fad0b9c0 R15: 000000000078bf0c
[ 1800.539507][T32173] syz-executor.3  S29256 13654   7107 0x00000000
[ 1800.545818][T32173] Call Trace:
[ 1800.549089][T32173]  __schedule+0x8f3/0x1fc0
[ 1800.553484][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1800.558766][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1800.564028][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1800.569464][T32173]  schedule+0xd0/0x2a0
[ 1800.573512][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1800.578615][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1800.584071][T32173]  futex_wait+0x1e2/0x550
[ 1800.588382][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1800.593384][T32173]  ? print_usage_bug+0x240/0x240
[ 1800.598300][T32173]  ? mark_lock+0x11f/0xdd0
[ 1800.602710][T32173]  ? hash_futex+0x10/0x200
[ 1800.607103][T32173]  ? futex_wake+0x153/0x480
[ 1800.611592][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1800.617548][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1800.623505][T32173]  do_futex+0x15f/0x1ad0
[ 1800.627730][T32173]  ? find_held_lock+0x2d/0x110
[ 1800.632471][T32173]  ? futex_exit_release+0x60/0x60
[ 1800.637474][T32173]  ? lock_downgrade+0x840/0x840
[ 1800.642306][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1800.647137][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1800.653104][T32173]  ? __might_fault+0x190/0x1d0
[ 1800.657850][T32173]  ? _copy_to_user+0x126/0x160
[ 1800.662594][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1800.667338][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1800.671819][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1800.677269][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1800.683230][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1800.687881][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1800.693840][T32173]  do_syscall_64+0xf6/0x7d0
[ 1800.698323][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1800.704191][T32173] RIP: 0033:0x45ca59
[ 1800.708063][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1800.727642][T32173] RSP: 002b:00007f65fad0acf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1800.736029][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1800.743975][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1800.751941][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1800.759903][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1800.767863][T32173] R13: 0000000000c9fb6f R14: 00007f65fad0b9c0 R15: 000000000078bf0c
[ 1800.775844][T32173] syz-executor.2  S29256 13657   7087 0x00000000
[ 1800.782155][T32173] Call Trace:
[ 1800.785423][T32173]  __schedule+0x8f3/0x1fc0
[ 1800.789814][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1800.795078][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1800.800339][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1800.805864][T32173]  schedule+0xd0/0x2a0
[ 1800.809926][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1800.815014][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1800.820461][T32173]  ? find_held_lock+0x2d/0x110
[ 1800.825205][T32173]  futex_wait+0x1e2/0x550
[ 1800.829514][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1800.834527][T32173]  ? print_usage_bug+0x240/0x240
[ 1800.839438][T32173]  ? mark_lock+0x11f/0xdd0
[ 1800.843835][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1800.849023][T32173]  ? futex_wake+0x153/0x480
[ 1800.853529][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1800.859486][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1800.865450][T32173]  do_futex+0x15f/0x1ad0
[ 1800.869693][T32173]  ? find_held_lock+0x2d/0x110
[ 1800.874462][T32173]  ? futex_exit_release+0x60/0x60
[ 1800.879464][T32173]  ? lock_downgrade+0x840/0x840
[ 1800.884294][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1800.889120][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1800.895082][T32173]  ? __might_fault+0x190/0x1d0
[ 1800.899826][T32173]  ? _copy_to_user+0x126/0x160
[ 1800.904572][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1800.909334][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1800.913818][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1800.919251][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1800.925211][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1800.929862][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1800.935822][T32173]  do_syscall_64+0xf6/0x7d0
[ 1800.940323][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1800.946190][T32173] RIP: 0033:0x45ca59
[ 1800.950062][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1800.969641][T32173] RSP: 002b:00007f8cd7fe7cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1800.978027][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1800.985991][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1800.993938][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1801.001887][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1801.009830][T32173] R13: 0000000000c9fb6f R14: 00007f8cd7fe89c0 R15: 000000000078bf0c
[ 1801.017810][T32173] syz-executor.2  S29256 13678   7087 0x00000000
[ 1801.024156][T32173] Call Trace:
[ 1801.027441][T32173]  __schedule+0x8f3/0x1fc0
[ 1801.031835][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1801.037117][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1801.042397][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1801.047832][T32173]  schedule+0xd0/0x2a0
[ 1801.051878][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1801.056967][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1801.062400][T32173]  ? find_held_lock+0x2d/0x110
[ 1801.067142][T32173]  futex_wait+0x1e2/0x550
[ 1801.071470][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1801.076469][T32173]  ? print_usage_bug+0x240/0x240
[ 1801.081381][T32173]  ? mark_lock+0x11f/0xdd0
[ 1801.085784][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1801.090958][T32173]  ? futex_wake+0x153/0x480
[ 1801.095618][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1801.101575][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1801.107531][T32173]  do_futex+0x15f/0x1ad0
[ 1801.111759][T32173]  ? find_held_lock+0x2d/0x110
[ 1801.116517][T32173]  ? futex_exit_release+0x60/0x60
[ 1801.121522][T32173]  ? lock_downgrade+0x840/0x840
[ 1801.126349][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1801.131197][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1801.137174][T32173]  ? __might_fault+0x190/0x1d0
[ 1801.141937][T32173]  ? _copy_to_user+0x126/0x160
[ 1801.146703][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1801.151448][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1801.155931][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1801.161366][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1801.167323][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1801.171993][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1801.177951][T32173]  do_syscall_64+0xf6/0x7d0
[ 1801.182452][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1801.188334][T32173] RIP: 0033:0x45ca59
[ 1801.192212][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1801.211793][T32173] RSP: 002b:00007f8cd7fe7cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1801.220178][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1801.228126][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1801.236080][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1801.244039][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1801.252000][T32173] R13: 0000000000c9fb6f R14: 00007f8cd7fe89c0 R15: 000000000078bf0c
[ 1801.260005][T32173] syz-executor.3  S29256 13679   7107 0x00000000
[ 1801.266384][T32173] Call Trace:
[ 1801.269750][T32173]  __schedule+0x8f3/0x1fc0
[ 1801.274151][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1801.279418][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1801.284684][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1801.290166][T32173]  schedule+0xd0/0x2a0
[ 1801.294216][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1801.299346][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1801.304793][T32173]  futex_wait+0x1e2/0x550
[ 1801.309105][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1801.314107][T32173]  ? print_usage_bug+0x240/0x240
[ 1801.319020][T32173]  ? mark_lock+0x11f/0xdd0
[ 1801.323414][T32173]  ? hash_futex+0x10/0x200
[ 1801.327811][T32173]  ? futex_wake+0x153/0x480
[ 1801.332300][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1801.338260][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1801.344246][T32173]  do_futex+0x15f/0x1ad0
[ 1801.348472][T32173]  ? find_held_lock+0x2d/0x110
[ 1801.353215][T32173]  ? futex_exit_release+0x60/0x60
[ 1801.358237][T32173]  ? lock_downgrade+0x840/0x840
[ 1801.363065][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1801.367892][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1801.373873][T32173]  ? __might_fault+0x190/0x1d0
[ 1801.378654][T32173]  ? _copy_to_user+0x126/0x160
[ 1801.383413][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1801.388161][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1801.392688][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1801.398125][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1801.404084][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1801.408761][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1801.414732][T32173]  do_syscall_64+0xf6/0x7d0
[ 1801.419220][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1801.425113][T32173] RIP: 0033:0x45ca59
[ 1801.428988][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1801.448570][T32173] RSP: 002b:00007f65fad0acf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1801.456959][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1801.464962][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1801.472912][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1801.480860][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1801.488807][T32173] R13: 0000000000c9fb6f R14: 00007f65fad0b9c0 R15: 000000000078bf0c
[ 1801.496786][T32173] syz-executor.3  S29256 13694   7107 0x00000000
[ 1801.503114][T32173] Call Trace:
[ 1801.506384][T32173]  __schedule+0x8f3/0x1fc0
[ 1801.510797][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1801.516062][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1801.521326][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1801.526764][T32173]  schedule+0xd0/0x2a0
[ 1801.530816][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1801.535903][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1801.541346][T32173]  futex_wait+0x1e2/0x550
[ 1801.545656][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1801.550674][T32173]  ? print_usage_bug+0x240/0x240
[ 1801.555587][T32173]  ? mark_lock+0x11f/0xdd0
[ 1801.559984][T32173]  ? hash_futex+0x10/0x200
[ 1801.564378][T32173]  ? futex_wake+0x153/0x480
[ 1801.568867][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1801.574832][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1801.580809][T32173]  do_futex+0x15f/0x1ad0
[ 1801.585056][T32173]  ? find_held_lock+0x2d/0x110
[ 1801.589883][T32173]  ? futex_exit_release+0x60/0x60
[ 1801.594887][T32173]  ? lock_downgrade+0x840/0x840
[ 1801.599811][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1801.604637][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1801.610600][T32173]  ? __might_fault+0x190/0x1d0
[ 1801.615339][T32173]  ? _copy_to_user+0x126/0x160
[ 1801.620083][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1801.624847][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1801.629326][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1801.634775][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1801.640734][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1801.645390][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1801.651456][T32173]  do_syscall_64+0xf6/0x7d0
[ 1801.655938][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1801.661824][T32173] RIP: 0033:0x45ca59
[ 1801.665699][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1801.685292][T32173] RSP: 002b:00007f65fad0acf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1801.693678][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1801.701647][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1801.709611][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1801.717558][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1801.725506][T32173] R13: 0000000000c9fb6f R14: 00007f65fad0b9c0 R15: 000000000078bf0c
[ 1801.733468][T32173] syz-executor.3  S29256 13705   7107 0x00000000
[ 1801.739780][T32173] Call Trace:
[ 1801.743050][T32173]  __schedule+0x8f3/0x1fc0
[ 1801.747458][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1801.752721][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1801.757983][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1801.763422][T32173]  schedule+0xd0/0x2a0
[ 1801.767488][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1801.772577][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1801.778017][T32173]  futex_wait+0x1e2/0x550
[ 1801.782328][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1801.787328][T32173]  ? print_usage_bug+0x240/0x240
[ 1801.792270][T32173]  ? mark_lock+0x11f/0xdd0
[ 1801.796681][T32173]  ? hash_futex+0x10/0x200
[ 1801.801091][T32173]  ? futex_wake+0x153/0x480
[ 1801.805581][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1801.811557][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1801.817532][T32173]  do_futex+0x15f/0x1ad0
[ 1801.821773][T32173]  ? find_held_lock+0x2d/0x110
[ 1801.826524][T32173]  ? futex_exit_release+0x60/0x60
[ 1801.831533][T32173]  ? lock_downgrade+0x840/0x840
[ 1801.836366][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1801.841258][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1801.847226][T32173]  ? __might_fault+0x190/0x1d0
[ 1801.851972][T32173]  ? _copy_to_user+0x126/0x160
[ 1801.856731][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1801.861478][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1801.865964][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1801.871398][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1801.877356][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1801.882012][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1801.887987][T32173]  do_syscall_64+0xf6/0x7d0
[ 1801.892489][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1801.898356][T32173] RIP: 0033:0x45ca59
[ 1801.902229][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1801.921917][T32173] RSP: 002b:00007f65fad0acf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1801.930318][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1801.938281][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1801.946229][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1801.954175][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1801.962123][T32173] R13: 0000000000c9fb6f R14: 00007f65fad0b9c0 R15: 000000000078bf0c
[ 1801.970083][T32173] syz-executor.2  S29256 13713   7087 0x00000000
[ 1801.976392][T32173] Call Trace:
[ 1801.979660][T32173]  __schedule+0x8f3/0x1fc0
[ 1801.984053][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1801.989338][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1801.994601][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1802.000055][T32173]  schedule+0xd0/0x2a0
[ 1802.004103][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1802.009196][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1802.014635][T32173]  futex_wait+0x1e2/0x550
[ 1802.018941][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1802.023940][T32173]  ? print_usage_bug+0x240/0x240
[ 1802.028851][T32173]  ? mark_lock+0x11f/0xdd0
[ 1802.033245][T32173]  ? hash_futex+0x10/0x200
[ 1802.037639][T32173]  ? futex_wake+0x153/0x480
[ 1802.042147][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1802.048131][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1802.054115][T32173]  do_futex+0x15f/0x1ad0
[ 1802.058339][T32173]  ? find_held_lock+0x2d/0x110
[ 1802.063081][T32173]  ? futex_exit_release+0x60/0x60
[ 1802.068084][T32173]  ? lock_downgrade+0x840/0x840
[ 1802.072913][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1802.077755][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1802.083718][T32173]  ? __might_fault+0x190/0x1d0
[ 1802.088474][T32173]  ? _copy_to_user+0x126/0x160
[ 1802.093218][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1802.097977][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1802.102460][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1802.107894][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1802.113857][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1802.118509][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1802.124469][T32173]  do_syscall_64+0xf6/0x7d0
[ 1802.128968][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1802.134838][T32173] RIP: 0033:0x45ca59
[ 1802.138728][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1802.158323][T32173] RSP: 002b:00007f8cd7fe7cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1802.166709][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1802.174656][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1802.182604][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1802.190552][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1802.198497][T32173] R13: 0000000000c9fb6f R14: 00007f8cd7fe89c0 R15: 000000000078bf0c
[ 1802.206472][T32173] syz-executor.3  S29256 13723   7107 0x00000000
[ 1802.212780][T32173] Call Trace:
[ 1802.216066][T32173]  __schedule+0x8f3/0x1fc0
[ 1802.220494][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1802.225774][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1802.231039][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1802.236497][T32173]  schedule+0xd0/0x2a0
[ 1802.240556][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1802.245647][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1802.251110][T32173]  futex_wait+0x1e2/0x550
[ 1802.255426][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1802.260458][T32173]  ? print_usage_bug+0x240/0x240
[ 1802.265403][T32173]  ? mark_lock+0x11f/0xdd0
[ 1802.269830][T32173]  ? hash_futex+0x10/0x200
[ 1802.274237][T32173]  ? futex_wake+0x153/0x480
[ 1802.278726][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1802.284702][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1802.290661][T32173]  do_futex+0x15f/0x1ad0
[ 1802.294888][T32173]  ? find_held_lock+0x2d/0x110
[ 1802.299629][T32173]  ? futex_exit_release+0x60/0x60
[ 1802.304632][T32173]  ? lock_downgrade+0x840/0x840
[ 1802.309458][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1802.314307][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1802.320269][T32173]  ? __might_fault+0x190/0x1d0
[ 1802.325012][T32173]  ? _copy_to_user+0x126/0x160
[ 1802.329862][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1802.334605][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1802.339085][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1802.344537][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1802.350496][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1802.355148][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1802.361110][T32173]  do_syscall_64+0xf6/0x7d0
[ 1802.365593][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1802.371462][T32173] RIP: 0033:0x45ca59
[ 1802.375333][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1802.394929][T32173] RSP: 002b:00007f65fad0acf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1802.403330][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1802.411290][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1802.419246][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1802.427254][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1802.435263][T32173] R13: 0000000000c9fb6f R14: 00007f65fad0b9c0 R15: 000000000078bf0c
[ 1802.443278][T32173] syz-executor.3  S29256 13738   7107 0x00000000
[ 1802.449605][T32173] Call Trace:
[ 1802.452882][T32173]  __schedule+0x8f3/0x1fc0
[ 1802.457294][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1802.462577][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1802.467858][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1802.473311][T32173]  schedule+0xd0/0x2a0
[ 1802.477359][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1802.482448][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1802.487897][T32173]  ? find_held_lock+0x2d/0x110
[ 1802.492643][T32173]  futex_wait+0x1e2/0x550
[ 1802.496953][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1802.501954][T32173]  ? print_usage_bug+0x240/0x240
[ 1802.506883][T32173]  ? mark_lock+0x11f/0xdd0
[ 1802.511276][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1802.516453][T32173]  ? futex_wake+0x153/0x480
[ 1802.520965][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1802.526925][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1802.532884][T32173]  do_futex+0x15f/0x1ad0
[ 1802.537112][T32173]  ? find_held_lock+0x2d/0x110
[ 1802.541854][T32173]  ? futex_exit_release+0x60/0x60
[ 1802.546876][T32173]  ? lock_downgrade+0x840/0x840
[ 1802.551704][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1802.556546][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1802.562506][T32173]  ? __might_fault+0x190/0x1d0
[ 1802.567249][T32173]  ? _copy_to_user+0x126/0x160
[ 1802.571996][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1802.576754][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1802.581236][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1802.586669][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1802.592626][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1802.597280][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1802.603239][T32173]  do_syscall_64+0xf6/0x7d0
[ 1802.607722][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1802.613590][T32173] RIP: 0033:0x45ca59
[ 1802.617478][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1802.637057][T32173] RSP: 002b:00007f65fad0acf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1802.645445][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1802.653403][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1802.661400][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1802.669372][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1802.677325][T32173] R13: 0000000000c9fb6f R14: 00007f65fad0b9c0 R15: 000000000078bf0c
[ 1802.685304][T32173] syz-executor.3  S29256 13752   7107 0x00000000
[ 1802.691622][T32173] Call Trace:
[ 1802.694949][T32173]  __schedule+0x8f3/0x1fc0
[ 1802.699388][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1802.704662][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1802.709982][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1802.715474][T32173]  schedule+0xd0/0x2a0
[ 1802.719521][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1802.724613][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1802.730053][T32173]  futex_wait+0x1e2/0x550
[ 1802.734366][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1802.739369][T32173]  ? print_usage_bug+0x240/0x240
[ 1802.744284][T32173]  ? mark_lock+0x11f/0xdd0
[ 1802.748696][T32173]  ? hash_futex+0x10/0x200
[ 1802.753090][T32173]  ? futex_wake+0x153/0x480
[ 1802.757578][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1802.763538][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1802.769495][T32173]  do_futex+0x15f/0x1ad0
[ 1802.773721][T32173]  ? find_held_lock+0x2d/0x110
[ 1802.778465][T32173]  ? futex_exit_release+0x60/0x60
[ 1802.783470][T32173]  ? lock_downgrade+0x840/0x840
[ 1802.788322][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1802.793149][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1802.799118][T32173]  ? __might_fault+0x190/0x1d0
[ 1802.803862][T32173]  ? _copy_to_user+0x126/0x160
[ 1802.808622][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1802.813369][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1802.817850][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1802.823284][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1802.829266][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1802.833920][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1802.839892][T32173]  do_syscall_64+0xf6/0x7d0
[ 1802.844375][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1802.850246][T32173] RIP: 0033:0x45ca59
[ 1802.854117][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1802.873698][T32173] RSP: 002b:00007f65fad0acf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1802.882092][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1802.890039][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1802.897990][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1802.905937][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1802.913884][T32173] R13: 0000000000c9fb6f R14: 00007f65fad0b9c0 R15: 000000000078bf0c
[ 1802.921848][T32173] syz-executor.1  S29928 13778   6929 0x00000000
[ 1802.928158][T32173] Call Trace:
[ 1802.931431][T32173]  __schedule+0x8f3/0x1fc0
[ 1802.935823][T32173]  ? _raw_spin_unlock_irqrestore+0x62/0xe0
[ 1802.941627][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1802.946897][T32173]  ? wait_for_completion+0x270/0x270
[ 1802.952163][T32173]  schedule+0xd0/0x2a0
[ 1802.956209][T32173]  pipe_wait+0x155/0x240
[ 1802.960433][T32173]  ? pipe_double_lock+0x1e0/0x1e0
[ 1802.965435][T32173]  ? finish_wait+0x260/0x260
[ 1802.970001][T32173]  ? __mutex_lock+0x460/0x13c0
[ 1802.974756][T32173]  ? finish_wait+0x260/0x260
[ 1802.979324][T32173]  ? lock_downgrade+0x840/0x840
[ 1802.984157][T32173]  splice_from_pipe_next.part.0+0xde/0x350
[ 1802.989943][T32173]  __splice_from_pipe+0x119/0x7c0
[ 1802.994965][T32173]  ? iter_to_pipe+0x5c0/0x5c0
[ 1802.999623][T32173]  do_vmsplice.part.0+0x223/0x280
[ 1803.004625][T32173]  ? __splice_from_pipe+0x7c0/0x7c0
[ 1803.009805][T32173]  ? lock_downgrade+0x840/0x840
[ 1803.014635][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1803.019465][T32173]  __do_sys_vmsplice+0x1bc/0x210
[ 1803.024382][T32173]  ? do_vmsplice.part.0+0x280/0x280
[ 1803.029557][T32173]  ? _copy_to_user+0x126/0x160
[ 1803.034297][T32173]  ? put_timespec64+0xcb/0x120
[ 1803.039049][T32173]  ? ns_to_kernel_old_timeval+0x100/0x100
[ 1803.044745][T32173]  ? __x64_sys_futex+0x380/0x4f0
[ 1803.049666][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1803.055101][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1803.061073][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1803.065726][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1803.071687][T32173]  do_syscall_64+0xf6/0x7d0
[ 1803.076168][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1803.082034][T32173] RIP: 0033:0x45ca59
[ 1803.085905][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1803.105484][T32173] RSP: 002b:00007f7591596c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000116
[ 1803.113870][T32173] RAX: ffffffffffffffda RBX: 000000000050b120 RCX: 000000000045ca59
[ 1803.121819][T32173] RDX: 0000000000000001 RSI: 0000000020000040 RDI: 0000000000000003
[ 1803.129765][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1803.137714][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff
[ 1803.145661][T32173] R13: 0000000000000c7a R14: 00000000004cece4 R15: 00007f75915976d4
[ 1803.153622][T32173] syz-executor.1  S29824 13798   6929 0x00000000
[ 1803.159931][T32173] Call Trace:
[ 1803.163226][T32173]  __schedule+0x8f3/0x1fc0
[ 1803.167621][T32173]  ? _raw_spin_unlock_irqrestore+0x62/0xe0
[ 1803.173406][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1803.178668][T32173]  ? wait_for_completion+0x270/0x270
[ 1803.183933][T32173]  schedule+0xd0/0x2a0
[ 1803.187979][T32173]  pipe_wait+0x155/0x240
[ 1803.192229][T32173]  ? pipe_double_lock+0x1e0/0x1e0
[ 1803.197297][T32173]  ? finish_wait+0x260/0x260
[ 1803.201879][T32173]  ? __mutex_lock+0x460/0x13c0
[ 1803.206669][T32173]  ? finish_wait+0x260/0x260
[ 1803.211252][T32173]  ? lock_downgrade+0x840/0x840
[ 1803.216092][T32173]  splice_from_pipe_next.part.0+0xde/0x350
[ 1803.221940][T32173]  __splice_from_pipe+0x119/0x7c0
[ 1803.226957][T32173]  ? iter_to_pipe+0x5c0/0x5c0
[ 1803.231623][T32173]  do_vmsplice.part.0+0x223/0x280
[ 1803.236635][T32173]  ? __splice_from_pipe+0x7c0/0x7c0
[ 1803.241818][T32173]  ? lock_downgrade+0x840/0x840
[ 1803.246649][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1803.251503][T32173]  __do_sys_vmsplice+0x1bc/0x210
[ 1803.256420][T32173]  ? do_vmsplice.part.0+0x280/0x280
[ 1803.261615][T32173]  ? _copy_to_user+0x126/0x160
[ 1803.266357][T32173]  ? put_timespec64+0xcb/0x120
[ 1803.271095][T32173]  ? ns_to_kernel_old_timeval+0x100/0x100
[ 1803.276793][T32173]  ? __x64_sys_futex+0x380/0x4f0
[ 1803.281736][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1803.287184][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1803.293144][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1803.297798][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1803.303863][T32173]  do_syscall_64+0xf6/0x7d0
[ 1803.308365][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1803.314232][T32173] RIP: 0033:0x45ca59
[ 1803.318103][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1803.337684][T32173] RSP: 002b:00007f7591596c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000116
[ 1803.346072][T32173] RAX: ffffffffffffffda RBX: 000000000050b120 RCX: 000000000045ca59
[ 1803.354019][T32173] RDX: 0000000000000001 RSI: 0000000020000040 RDI: 0000000000000003
[ 1803.361984][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1803.369948][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff
[ 1803.377895][T32173] R13: 0000000000000c7a R14: 00000000004cece4 R15: 00007f75915976d4
[ 1803.385926][T32173] syz-executor.1  S29824 13816   6929 0x00000000
[ 1803.392250][T32173] Call Trace:
[ 1803.395572][T32173]  __schedule+0x8f3/0x1fc0
[ 1803.399986][T32173]  ? _raw_spin_unlock_irqrestore+0x62/0xe0
[ 1803.405817][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1803.411097][T32173]  ? wait_for_completion+0x270/0x270
[ 1803.416452][T32173]  schedule+0xd0/0x2a0
[ 1803.420503][T32173]  pipe_wait+0x155/0x240
[ 1803.424727][T32173]  ? pipe_double_lock+0x1e0/0x1e0
[ 1803.429747][T32173]  ? finish_wait+0x260/0x260
[ 1803.434322][T32173]  ? __mutex_lock+0x460/0x13c0
[ 1803.439132][T32173]  ? finish_wait+0x260/0x260
[ 1803.443704][T32173]  ? lock_downgrade+0x840/0x840
[ 1803.448539][T32173]  splice_from_pipe_next.part.0+0xde/0x350
[ 1803.454344][T32173]  __splice_from_pipe+0x119/0x7c0
[ 1803.459370][T32173]  ? iter_to_pipe+0x5c0/0x5c0
[ 1803.464028][T32173]  do_vmsplice.part.0+0x223/0x280
[ 1803.469029][T32173]  ? __splice_from_pipe+0x7c0/0x7c0
[ 1803.474228][T32173]  ? lock_downgrade+0x840/0x840
[ 1803.479084][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1803.483933][T32173]  __do_sys_vmsplice+0x1bc/0x210
[ 1803.488848][T32173]  ? do_vmsplice.part.0+0x280/0x280
[ 1803.494023][T32173]  ? _copy_to_user+0x126/0x160
[ 1803.498764][T32173]  ? put_timespec64+0xcb/0x120
[ 1803.503510][T32173]  ? ns_to_kernel_old_timeval+0x100/0x100
[ 1803.509205][T32173]  ? __x64_sys_futex+0x380/0x4f0
[ 1803.514126][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1803.519577][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1803.525551][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1803.530223][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1803.536183][T32173]  do_syscall_64+0xf6/0x7d0
[ 1803.540686][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1803.546554][T32173] RIP: 0033:0x45ca59
[ 1803.550429][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1803.570007][T32173] RSP: 002b:00007f7591596c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000116
[ 1803.578393][T32173] RAX: ffffffffffffffda RBX: 000000000050b120 RCX: 000000000045ca59
[ 1803.586343][T32173] RDX: 0000000000000001 RSI: 0000000020000040 RDI: 0000000000000003
[ 1803.594308][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1803.602269][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff
[ 1803.610241][T32173] R13: 0000000000000c7a R14: 00000000004cece4 R15: 00007f75915976d4
[ 1803.618203][T32173] syz-executor.2  S29824 14121   7087 0x00000000
[ 1803.624527][T32173] Call Trace:
[ 1803.627812][T32173]  __schedule+0x8f3/0x1fc0
[ 1803.632230][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1803.637496][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1803.642759][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1803.648196][T32173]  schedule+0xd0/0x2a0
[ 1803.652243][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1803.657346][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1803.662780][T32173]  ? find_held_lock+0x2d/0x110
[ 1803.667548][T32173]  futex_wait+0x1e2/0x550
[ 1803.671857][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1803.676860][T32173]  ? print_usage_bug+0x240/0x240
[ 1803.681778][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1803.687043][T32173]  ? futex_wake+0x153/0x480
[ 1803.691550][T32173]  ? do_wp_page+0x512/0x1440
[ 1803.696135][T32173]  do_futex+0x15f/0x1ad0
[ 1803.700371][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1803.705567][T32173]  ? _raw_spin_unlock+0x24/0x40
[ 1803.710395][T32173]  ? futex_exit_release+0x60/0x60
[ 1803.715400][T32173]  ? do_page_fault+0x5ad/0x13d4
[ 1803.720230][T32173]  ? lock_downgrade+0x840/0x840
[ 1803.725054][T32173]  ? handle_mm_fault+0xcbc/0x3c10
[ 1803.730065][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1803.734827][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1803.739308][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1803.744742][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1803.750698][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1803.755351][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1803.761329][T32173]  do_syscall_64+0xf6/0x7d0
[ 1803.765828][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1803.771713][T32173] RIP: 0033:0x45ca59
[ 1803.775600][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1803.795203][T32173] RSP: 002b:00007f8cd7fc6cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1803.803615][T32173] RAX: ffffffffffffffda RBX: 000000000078bfa8 RCX: 000000000045ca59
[ 1803.811566][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bfa8
[ 1803.819526][T32173] RBP: 000000000078bfa0 R08: 0000000000000000 R09: 0000000000000000
[ 1803.827491][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bfac
[ 1803.835453][T32173] R13: 0000000000c9fb6f R14: 00007f8cd7fc79c0 R15: 000000000078bfac
[ 1803.843441][T32173] syz-executor.5  S29824 14123   7376 0x00000000
[ 1803.849757][T32173] Call Trace:
[ 1803.853036][T32173]  __schedule+0x8f3/0x1fc0
[ 1803.857431][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1803.862699][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1803.867967][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1803.873407][T32173]  schedule+0xd0/0x2a0
[ 1803.877455][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1803.882546][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1803.887985][T32173]  futex_wait+0x1e2/0x550
[ 1803.892297][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1803.897300][T32173]  ? print_usage_bug+0x240/0x240
[ 1803.902235][T32173]  ? hash_futex+0x10/0x200
[ 1803.906631][T32173]  ? futex_wake+0x153/0x480
[ 1803.911122][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1803.917075][T32173]  ? mark_lock+0x11f/0xdd0
[ 1803.921487][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1803.927443][T32173]  do_futex+0x15f/0x1ad0
[ 1803.931675][T32173]  ? find_held_lock+0x2d/0x110
[ 1803.936439][T32173]  ? futex_exit_release+0x60/0x60
[ 1803.941443][T32173]  ? lock_downgrade+0x840/0x840
[ 1803.946287][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1803.951117][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1803.957080][T32173]  ? __might_fault+0x190/0x1d0
[ 1803.961820][T32173]  ? _copy_to_user+0x126/0x160
[ 1803.966564][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1803.971314][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1803.975816][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1803.981251][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1803.987208][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1803.991862][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1803.997927][T32173]  do_syscall_64+0xf6/0x7d0
[ 1804.002428][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1804.008312][T32173] RIP: 0033:0x45ca59
[ 1804.012186][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1804.031781][T32173] RSP: 002b:00007f656341ecf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1804.040165][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1804.048128][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1804.056080][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1804.064042][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1804.072012][T32173] R13: 0000000000c9fb6f R14: 00007f656341f9c0 R15: 000000000078bf0c
[ 1804.079975][T32173] syz-executor.5  S27984 14137   7376 0x00000000
[ 1804.086290][T32173] Call Trace:
[ 1804.089560][T32173]  __schedule+0x8f3/0x1fc0
[ 1804.093955][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1804.099219][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1804.104481][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1804.109921][T32173]  schedule+0xd0/0x2a0
[ 1804.113967][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1804.119073][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1804.124514][T32173]  futex_wait+0x1e2/0x550
[ 1804.128839][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1804.133842][T32173]  ? wake_up_q+0xc1/0x140
[ 1804.138145][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1804.143339][T32173]  ? futex_wake+0x153/0x480
[ 1804.147843][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1804.153798][T32173]  ? mark_lock+0x11f/0xdd0
[ 1804.158191][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1804.164151][T32173]  do_futex+0x15f/0x1ad0
[ 1804.168377][T32173]  ? find_held_lock+0x2d/0x110
[ 1804.173119][T32173]  ? futex_exit_release+0x60/0x60
[ 1804.178122][T32173]  ? lock_downgrade+0x840/0x840
[ 1804.182970][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1804.187804][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1804.193788][T32173]  ? __might_fault+0x190/0x1d0
[ 1804.198530][T32173]  ? debug_smp_processor_id+0x2f/0x185
[ 1804.203996][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1804.208739][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1804.213221][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1804.218675][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1804.224633][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1804.229284][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1804.235243][T32173]  do_syscall_64+0xf6/0x7d0
[ 1804.239746][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1804.245673][T32173] RIP: 0033:0x45ca59
[ 1804.249548][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1804.269183][T32173] RSP: 002b:00007f656341ecf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1804.277597][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1804.285550][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1804.293526][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1804.301474][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1804.309422][T32173] R13: 0000000000c9fb6f R14: 00007f656341f9c0 R15: 000000000078bf0c
[ 1804.317385][T32173] syz-executor.2  S29584 14142   7087 0x00000000
[ 1804.323697][T32173] Call Trace:
[ 1804.326995][T32173]  __schedule+0x8f3/0x1fc0
[ 1804.331392][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1804.336657][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1804.341942][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1804.347378][T32173]  schedule+0xd0/0x2a0
[ 1804.351435][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1804.356540][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1804.361984][T32173]  futex_wait+0x1e2/0x550
[ 1804.366313][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1804.371313][T32173]  ? print_usage_bug+0x240/0x240
[ 1804.376233][T32173]  ? hash_futex+0x10/0x200
[ 1804.380657][T32173]  ? futex_wake+0x153/0x480
[ 1804.385147][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1804.391104][T32173]  ? do_wp_page+0x512/0x1440
[ 1804.395669][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1804.401655][T32173]  do_futex+0x15f/0x1ad0
[ 1804.405893][T32173]  ? find_held_lock+0x2d/0x110
[ 1804.410701][T32173]  ? futex_exit_release+0x60/0x60
[ 1804.415735][T32173]  ? lock_downgrade+0x840/0x840
[ 1804.420567][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1804.425408][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1804.431473][T32173]  ? __might_fault+0x190/0x1d0
[ 1804.436230][T32173]  ? _copy_to_user+0x126/0x160
[ 1804.441065][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1804.445811][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1804.450302][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1804.455765][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1804.461725][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1804.466395][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1804.472355][T32173]  do_syscall_64+0xf6/0x7d0
[ 1804.476840][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1804.482708][T32173] RIP: 0033:0x45ca59
[ 1804.486609][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1804.506188][T32173] RSP: 002b:00007f8cd7fa5cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1804.514575][T32173] RAX: ffffffffffffffda RBX: 000000000078c048 RCX: 000000000045ca59
[ 1804.522521][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078c048
[ 1804.530586][T32173] RBP: 000000000078c040 R08: 0000000000000000 R09: 0000000000000000
[ 1804.538531][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078c04c
[ 1804.546477][T32173] R13: 0000000000c9fb6f R14: 00007f8cd7fa69c0 R15: 000000000078c04c
[ 1804.554439][T32173] syz-executor.5  S27760 14154   7376 0x00000000
[ 1804.560748][T32173] Call Trace:
[ 1804.564036][T32173]  __schedule+0x8f3/0x1fc0
[ 1804.568450][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1804.573736][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1804.578997][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1804.584435][T32173]  schedule+0xd0/0x2a0
[ 1804.588482][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1804.593585][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1804.599039][T32173]  futex_wait+0x1e2/0x550
[ 1804.603367][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1804.608369][T32173]  ? wake_up_q+0xc1/0x140
[ 1804.612689][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1804.617864][T32173]  ? futex_wake+0x153/0x480
[ 1804.622373][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1804.628330][T32173]  ? mark_lock+0x11f/0xdd0
[ 1804.632729][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1804.638704][T32173]  do_futex+0x15f/0x1ad0
[ 1804.642949][T32173]  ? find_held_lock+0x2d/0x110
[ 1804.647716][T32173]  ? futex_exit_release+0x60/0x60
[ 1804.652721][T32173]  ? lock_downgrade+0x840/0x840
[ 1804.657563][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1804.662390][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1804.668351][T32173]  ? __might_fault+0x190/0x1d0
[ 1804.673091][T32173]  ? debug_smp_processor_id+0x2f/0x185
[ 1804.678538][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1804.683299][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1804.687796][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1804.693230][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1804.699192][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1804.703867][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1804.709825][T32173]  do_syscall_64+0xf6/0x7d0
[ 1804.714324][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1804.720192][T32173] RIP: 0033:0x45ca59
[ 1804.724062][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1804.743638][T32173] RSP: 002b:00007f656341ecf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1804.752039][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1804.759985][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1804.767933][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1804.775885][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1804.783833][T32173] R13: 0000000000c9fb6f R14: 00007f656341f9c0 R15: 000000000078bf0c
[ 1804.791812][T32173] syz-executor.2  S29824 14165   7087 0x00000000
[ 1804.798121][T32173] Call Trace:
[ 1804.801389][T32173]  __schedule+0x8f3/0x1fc0
[ 1804.805790][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1804.811056][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1804.816319][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1804.821764][T32173]  schedule+0xd0/0x2a0
[ 1804.825812][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1804.830899][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1804.836347][T32173]  ? find_held_lock+0x2d/0x110
[ 1804.841093][T32173]  futex_wait+0x1e2/0x550
[ 1804.845403][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1804.850406][T32173]  ? print_usage_bug+0x240/0x240
[ 1804.855321][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1804.860516][T32173]  ? futex_wake+0x153/0x480
[ 1804.865039][T32173]  ? do_wp_page+0x512/0x1440
[ 1804.869609][T32173]  do_futex+0x15f/0x1ad0
[ 1804.873835][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1804.879010][T32173]  ? _raw_spin_unlock+0x24/0x40
[ 1804.883840][T32173]  ? futex_exit_release+0x60/0x60
[ 1804.888845][T32173]  ? do_page_fault+0x5ad/0x13d4
[ 1804.893695][T32173]  ? lock_downgrade+0x840/0x840
[ 1804.898519][T32173]  ? handle_mm_fault+0xcbc/0x3c10
[ 1804.903531][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1804.908289][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1804.912772][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1804.918206][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1804.924164][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1804.928834][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1804.934795][T32173]  do_syscall_64+0xf6/0x7d0
[ 1804.939275][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1804.945146][T32173] RIP: 0033:0x45ca59
[ 1804.949020][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1804.968613][T32173] RSP: 002b:00007f8cd7fc6cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1804.976997][T32173] RAX: ffffffffffffffda RBX: 000000000078bfa8 RCX: 000000000045ca59
[ 1804.984946][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bfa8
[ 1804.992911][T32173] RBP: 000000000078bfa0 R08: 0000000000000000 R09: 0000000000000000
[ 1805.000871][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bfac
[ 1805.008821][T32173] R13: 0000000000c9fb6f R14: 00007f8cd7fc79c0 R15: 000000000078bfac
[ 1805.016803][T32173] syz-executor.5  S29824 14194   7376 0x00000000
[ 1805.023131][T32173] Call Trace:
[ 1805.026398][T32173]  __schedule+0x8f3/0x1fc0
[ 1805.030791][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1805.036057][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1805.041339][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1805.046776][T32173]  schedule+0xd0/0x2a0
[ 1805.050824][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1805.055914][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1805.061362][T32173]  futex_wait+0x1e2/0x550
[ 1805.065672][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1805.070675][T32173]  ? print_usage_bug+0x240/0x240
[ 1805.075592][T32173]  ? hash_futex+0x10/0x200
[ 1805.079987][T32173]  ? futex_wake+0x153/0x480
[ 1805.084479][T32173]  ? do_wp_page+0x512/0x1440
[ 1805.089047][T32173]  do_futex+0x15f/0x1ad0
[ 1805.093271][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1805.098446][T32173]  ? _raw_spin_unlock+0x24/0x40
[ 1805.103292][T32173]  ? futex_exit_release+0x60/0x60
[ 1805.108298][T32173]  ? do_page_fault+0x5ad/0x13d4
[ 1805.113129][T32173]  ? lock_downgrade+0x840/0x840
[ 1805.117969][T32173]  ? handle_mm_fault+0xcbc/0x3c10
[ 1805.122993][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1805.127743][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1805.132231][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1805.137720][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1805.143684][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1805.148387][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1805.154352][T32173]  do_syscall_64+0xf6/0x7d0
[ 1805.158880][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1805.164749][T32173] RIP: 0033:0x45ca59
[ 1805.168620][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1805.188214][T32173] RSP: 002b:00007f65633fdcf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1805.196601][T32173] RAX: ffffffffffffffda RBX: 000000000078bfa8 RCX: 000000000045ca59
[ 1805.204569][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bfa8
[ 1805.212516][T32173] RBP: 000000000078bfa0 R08: 0000000000000000 R09: 0000000000000000
[ 1805.220464][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bfac
[ 1805.228465][T32173] R13: 0000000000c9fb6f R14: 00007f65633fe9c0 R15: 000000000078bfac
[ 1805.236441][T32173] syz-executor.2  S29824 14195   7087 0x00000000
[ 1805.242805][T32173] Call Trace:
[ 1805.246123][T32173]  __schedule+0x8f3/0x1fc0
[ 1805.250525][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1805.255795][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1805.261065][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1805.266504][T32173]  schedule+0xd0/0x2a0
[ 1805.270552][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1805.275640][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1805.281075][T32173]  ? find_held_lock+0x2d/0x110
[ 1805.285819][T32173]  futex_wait+0x1e2/0x550
[ 1805.290142][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1805.295146][T32173]  ? print_usage_bug+0x240/0x240
[ 1805.300089][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1805.305267][T32173]  ? futex_wake+0x153/0x480
[ 1805.309760][T32173]  ? do_wp_page+0x512/0x1440
[ 1805.314349][T32173]  do_futex+0x15f/0x1ad0
[ 1805.318574][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1805.323754][T32173]  ? _raw_spin_unlock+0x24/0x40
[ 1805.328580][T32173]  ? futex_exit_release+0x60/0x60
[ 1805.333587][T32173]  ? do_page_fault+0x5ad/0x13d4
[ 1805.338430][T32173]  ? lock_downgrade+0x840/0x840
[ 1805.343277][T32173]  ? handle_mm_fault+0xcbc/0x3c10
[ 1805.348288][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1805.353033][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1805.357515][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1805.362951][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1805.368911][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1805.373566][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1805.379523][T32173]  do_syscall_64+0xf6/0x7d0
[ 1805.384007][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1805.389874][T32173] RIP: 0033:0x45ca59
[ 1805.393755][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1805.413345][T32173] RSP: 002b:00007f8cd7fc6cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1805.421738][T32173] RAX: ffffffffffffffda RBX: 000000000078bfa8 RCX: 000000000045ca59
[ 1805.429690][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bfa8
[ 1805.437644][T32173] RBP: 000000000078bfa0 R08: 0000000000000000 R09: 0000000000000000
[ 1805.445619][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bfac
[ 1805.453607][T32173] R13: 0000000000c9fb6f R14: 00007f8cd7fc79c0 R15: 000000000078bfac
[ 1805.461591][T32173] syz-executor.5  S29824 14235   7376 0x00000000
[ 1805.467902][T32173] Call Trace:
[ 1805.471189][T32173]  __schedule+0x8f3/0x1fc0
[ 1805.475636][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1805.480911][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1805.486183][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1805.491625][T32173]  schedule+0xd0/0x2a0
[ 1805.495725][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1805.500816][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1805.506273][T32173]  futex_wait+0x1e2/0x550
[ 1805.510622][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1805.515768][T32173]  ? print_usage_bug+0x240/0x240
[ 1805.520743][T32173]  ? hash_futex+0x10/0x200
[ 1805.525144][T32173]  ? futex_wake+0x153/0x480
[ 1805.529643][T32173]  ? do_wp_page+0x512/0x1440
[ 1805.534222][T32173]  do_futex+0x15f/0x1ad0
[ 1805.538454][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1805.543663][T32173]  ? _raw_spin_unlock+0x24/0x40
[ 1805.548538][T32173]  ? futex_exit_release+0x60/0x60
[ 1805.553545][T32173]  ? do_page_fault+0x5ad/0x13d4
[ 1805.558377][T32173]  ? lock_downgrade+0x840/0x840
[ 1805.563243][T32173]  ? handle_mm_fault+0xcbc/0x3c10
[ 1805.568254][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1805.573000][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1805.577482][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1805.582918][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1805.588874][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1805.593532][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1805.599509][T32173]  do_syscall_64+0xf6/0x7d0
[ 1805.604010][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1805.609882][T32173] RIP: 0033:0x45ca59
[ 1805.613754][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1805.633332][T32173] RSP: 002b:00007f65633fdcf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1805.641718][T32173] RAX: ffffffffffffffda RBX: 000000000078bfa8 RCX: 000000000045ca59
[ 1805.649666][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bfa8
[ 1805.657616][T32173] RBP: 000000000078bfa0 R08: 0000000000000000 R09: 0000000000000000
[ 1805.665563][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bfac
[ 1805.673511][T32173] R13: 0000000000c9fb6f R14: 00007f65633fe9c0 R15: 000000000078bfac
[ 1805.681492][T32173] syz-executor.2  S29824 14236   7087 0x00000000
[ 1805.687801][T32173] Call Trace:
[ 1805.691087][T32173]  __schedule+0x8f3/0x1fc0
[ 1805.695482][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1805.700747][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1805.706027][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1805.711466][T32173]  schedule+0xd0/0x2a0
[ 1805.715514][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1805.720629][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1805.726092][T32173]  ? find_held_lock+0x2d/0x110
[ 1805.730853][T32173]  futex_wait+0x1e2/0x550
[ 1805.735169][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1805.740192][T32173]  ? print_usage_bug+0x240/0x240
[ 1805.745118][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1805.750294][T32173]  ? futex_wake+0x153/0x480
[ 1805.754785][T32173]  ? do_wp_page+0x512/0x1440
[ 1805.759353][T32173]  do_futex+0x15f/0x1ad0
[ 1805.763581][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1805.768757][T32173]  ? _raw_spin_unlock+0x24/0x40
[ 1805.773618][T32173]  ? futex_exit_release+0x60/0x60
[ 1805.778624][T32173]  ? do_page_fault+0x5ad/0x13d4
[ 1805.783453][T32173]  ? lock_downgrade+0x840/0x840
[ 1805.788277][T32173]  ? handle_mm_fault+0xcbc/0x3c10
[ 1805.793287][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1805.798030][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1805.802530][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1805.807963][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1805.813931][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1805.818585][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1805.824544][T32173]  do_syscall_64+0xf6/0x7d0
[ 1805.829024][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1805.834908][T32173] RIP: 0033:0x45ca59
[ 1805.838778][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1805.858370][T32173] RSP: 002b:00007f8cd7fc6cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1805.866777][T32173] RAX: ffffffffffffffda RBX: 000000000078bfa8 RCX: 000000000045ca59
[ 1805.874725][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bfa8
[ 1805.882671][T32173] RBP: 000000000078bfa0 R08: 0000000000000000 R09: 0000000000000000
[ 1805.890640][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bfac
[ 1805.898586][T32173] R13: 0000000000c9fb6f R14: 00007f8cd7fc79c0 R15: 000000000078bfac
[ 1805.906567][T32173] syz-executor.5  S29432 14281   7376 0x00000000
[ 1805.912894][T32173] Call Trace:
[ 1805.916165][T32173]  __schedule+0x8f3/0x1fc0
[ 1805.920558][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1805.925821][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1805.931084][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1805.936521][T32173]  schedule+0xd0/0x2a0
[ 1805.940571][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1805.945658][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1805.951097][T32173]  futex_wait+0x1e2/0x550
[ 1805.955405][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1805.960408][T32173]  ? print_usage_bug+0x240/0x240
[ 1805.965321][T32173]  ? hash_futex+0x10/0x200
[ 1805.969712][T32173]  ? futex_wake+0x153/0x480
[ 1805.974205][T32173]  ? do_wp_page+0x512/0x1440
[ 1805.978776][T32173]  do_futex+0x15f/0x1ad0
[ 1805.983019][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1805.988210][T32173]  ? _raw_spin_unlock+0x24/0x40
[ 1805.993040][T32173]  ? futex_exit_release+0x60/0x60
[ 1805.998045][T32173]  ? do_page_fault+0x5ad/0x13d4
[ 1806.002876][T32173]  ? lock_downgrade+0x840/0x840
[ 1806.007702][T32173]  ? handle_mm_fault+0xcbc/0x3c10
[ 1806.012714][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1806.017456][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1806.021938][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1806.027390][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1806.033345][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1806.037999][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1806.043957][T32173]  do_syscall_64+0xf6/0x7d0
[ 1806.048439][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1806.054307][T32173] RIP: 0033:0x45ca59
[ 1806.058197][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1806.077793][T32173] RSP: 002b:00007f65633fdcf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1806.086178][T32173] RAX: ffffffffffffffda RBX: 000000000078bfa8 RCX: 000000000045ca59
[ 1806.094127][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bfa8
[ 1806.102091][T32173] RBP: 000000000078bfa0 R08: 0000000000000000 R09: 0000000000000000
[ 1806.110036][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bfac
[ 1806.117999][T32173] R13: 0000000000c9fb6f R14: 00007f65633fe9c0 R15: 000000000078bfac
[ 1806.125960][T32173] kworker/0:0     I23392 14990      2 0x80004000
[ 1806.132336][T32173] Workqueue:  0x0 (wg-crypt-wg2)
[ 1806.137247][T32173] Call Trace:
[ 1806.140535][T32173]  __schedule+0x8f3/0x1fc0
[ 1806.144928][T32173]  ? worker_thread+0x240/0xe20
[ 1806.149672][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1806.154937][T32173]  ? _raw_spin_unlock_irq+0x1f/0x80
[ 1806.160109][T32173]  schedule+0xd0/0x2a0
[ 1806.164157][T32173]  worker_thread+0x245/0xe20
[ 1806.168732][T32173]  ? process_one_work+0x16a0/0x16a0
[ 1806.173907][T32173]  kthread+0x388/0x470
[ 1806.177951][T32173]  ? kthread_mod_delayed_work+0x1a0/0x1a0
[ 1806.183665][T32173]  ? kthread_mod_delayed_work+0x1a0/0x1a0
[ 1806.189360][T32173]  ret_from_fork+0x24/0x30
[ 1806.193779][T32173] kworker/0:1     I27456 14991      2 0x80004000
[ 1806.200127][T32173] Workqueue:  0x0 (events)
[ 1806.204520][T32173] Call Trace:
[ 1806.207784][T32173]  __schedule+0x8f3/0x1fc0
[ 1806.212180][T32173]  ? worker_thread+0x240/0xe20
[ 1806.216930][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1806.222193][T32173]  ? _raw_spin_unlock_irq+0x1f/0x80
[ 1806.227450][T32173]  schedule+0xd0/0x2a0
[ 1806.231558][T32173]  worker_thread+0x245/0xe20
[ 1806.236142][T32173]  ? process_one_work+0x16a0/0x16a0
[ 1806.241432][T32173]  kthread+0x388/0x470
[ 1806.245489][T32173]  ? kthread_mod_delayed_work+0x1a0/0x1a0
[ 1806.251189][T32173]  ? kthread_mod_delayed_work+0x1a0/0x1a0
[ 1806.257019][T32173]  ret_from_fork+0x24/0x30
[ 1806.261427][T32173] kworker/1:7     D26800 15030      2 0x80004000
[ 1806.267754][T32173] Workqueue: events pwq_unbound_release_workfn
[ 1806.273924][T32173] Call Trace:
[ 1806.277195][T32173]  __schedule+0x8f3/0x1fc0
[ 1806.281596][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1806.286909][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1806.292873][T32173]  schedule+0xd0/0x2a0
[ 1806.296928][T32173]  schedule_timeout+0x55b/0x850
[ 1806.301760][T32173]  ? usleep_range+0x160/0x160
[ 1806.306458][T32173]  ? wait_for_completion+0x162/0x270
[ 1806.311725][T32173]  ? mark_held_locks+0x9f/0xe0
[ 1806.316467][T32173]  ? _raw_spin_unlock_irq+0x1f/0x80
[ 1806.321703][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1806.327662][T32173]  wait_for_completion+0x16a/0x270
[ 1806.332755][T32173]  ? wait_for_completion_interruptible+0x2e0/0x2e0
[ 1806.339247][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1806.345220][T32173]  __wait_rcu_gp+0x217/0x2d0
[ 1806.349803][T32173]  synchronize_rcu.part.0+0xda/0xf0
[ 1806.355024][T32173]  ? synchronize_rcu_expedited+0x620/0x620
[ 1806.360810][T32173]  ? invoke_rcu_core+0x230/0x230
[ 1806.365782][T32173]  ? rcu_tasks_pregp_step+0x10/0x10
[ 1806.370972][T32173]  lockdep_unregister_key+0x48a/0x800
[ 1806.376368][T32173]  ? lockdep_register_key+0x800/0x800
[ 1806.381728][T32173]  pwq_unbound_release_workfn+0x227/0x2d0
[ 1806.387445][T32173]  process_one_work+0x965/0x16a0
[ 1806.392379][T32173]  ? lock_release+0x800/0x800
[ 1806.397042][T32173]  ? pwq_dec_nr_in_flight+0x310/0x310
[ 1806.402400][T32173]  ? rwlock_bug.part.0+0x90/0x90
[ 1806.407328][T32173]  worker_thread+0x96/0xe20
[ 1806.411869][T32173]  ? process_one_work+0x16a0/0x16a0
[ 1806.417050][T32173]  kthread+0x388/0x470
[ 1806.421097][T32173]  ? kthread_mod_delayed_work+0x1a0/0x1a0
[ 1806.426790][T32173]  ? kthread_mod_delayed_work+0x1a0/0x1a0
[ 1806.432506][T32173]  ret_from_fork+0x24/0x30
[ 1806.436909][T32173] kworker/1:8     I27536 15031      2 0x80004000
[ 1806.443244][T32173] Workqueue:  0x0 (wg-crypt-wg1)
[ 1806.448154][T32173] Call Trace:
[ 1806.451422][T32173]  __schedule+0x8f3/0x1fc0
[ 1806.455837][T32173]  ? worker_thread+0x240/0xe20
[ 1806.460581][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1806.465847][T32173]  ? _raw_spin_unlock_irq+0x1f/0x80
[ 1806.471022][T32173]  schedule+0xd0/0x2a0
[ 1806.475069][T32173]  worker_thread+0x245/0xe20
[ 1806.479642][T32173]  ? process_one_work+0x16a0/0x16a0
[ 1806.484817][T32173]  kthread+0x388/0x470
[ 1806.488862][T32173]  ? kthread_mod_delayed_work+0x1a0/0x1a0
[ 1806.494556][T32173]  ? kthread_mod_delayed_work+0x1a0/0x1a0
[ 1806.500251][T32173]  ret_from_fork+0x24/0x30
[ 1806.504665][T32173] kworker/1:13    I23648 15032      2 0x80004000
[ 1806.510994][T32173] Workqueue:  0x0 (events)
[ 1806.515407][T32173] Call Trace:
[ 1806.518678][T32173]  __schedule+0x8f3/0x1fc0
[ 1806.523096][T32173]  ? worker_thread+0x240/0xe20
[ 1806.527841][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1806.533104][T32173]  ? _raw_spin_unlock_irq+0x1f/0x80
[ 1806.538280][T32173]  schedule+0xd0/0x2a0
[ 1806.542327][T32173]  worker_thread+0x245/0xe20
[ 1806.546903][T32173]  ? process_one_work+0x16a0/0x16a0
[ 1806.552078][T32173]  kthread+0x388/0x470
[ 1806.556122][T32173]  ? kthread_mod_delayed_work+0x1a0/0x1a0
[ 1806.561839][T32173]  ? kthread_mod_delayed_work+0x1a0/0x1a0
[ 1806.567558][T32173]  ret_from_fork+0x24/0x30
[ 1806.571959][T32173] kworker/1:14    D23104 15033      2 0x80004000
[ 1806.578275][T32173] Workqueue: events pwq_unbound_release_workfn
[ 1806.584417][T32173] Call Trace:
[ 1806.587687][T32173]  __schedule+0x8f3/0x1fc0
[ 1806.592086][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1806.597346][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1806.603307][T32173]  schedule+0xd0/0x2a0
[ 1806.607352][T32173]  schedule_timeout+0x55b/0x850
[ 1806.612181][T32173]  ? usleep_range+0x160/0x160
[ 1806.616832][T32173]  ? wait_for_completion+0x162/0x270
[ 1806.622099][T32173]  ? mark_held_locks+0x9f/0xe0
[ 1806.626836][T32173]  ? _raw_spin_unlock_irq+0x1f/0x80
[ 1806.632011][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1806.637970][T32173]  wait_for_completion+0x16a/0x270
[ 1806.643077][T32173]  ? wait_for_completion_interruptible+0x2e0/0x2e0
[ 1806.649553][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1806.655522][T32173]  __wait_rcu_gp+0x217/0x2d0
[ 1806.660090][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1806.665524][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1806.671484][T32173]  synchronize_rcu.part.0+0xda/0xf0
[ 1806.676658][T32173]  ? synchronize_rcu_expedited+0x620/0x620
[ 1806.682442][T32173]  ? invoke_rcu_core+0x230/0x230
[ 1806.687354][T32173]  ? preempt_schedule_irq+0xee/0x150
[ 1806.692616][T32173]  ? rcu_tasks_pregp_step+0x10/0x10
[ 1806.697833][T32173]  lockdep_unregister_key+0x48a/0x800
[ 1806.703181][T32173]  ? lockdep_register_key+0x800/0x800
[ 1806.708543][T32173]  pwq_unbound_release_workfn+0x227/0x2d0
[ 1806.714258][T32173]  process_one_work+0x965/0x16a0
[ 1806.719176][T32173]  ? lock_release+0x800/0x800
[ 1806.723829][T32173]  ? pwq_dec_nr_in_flight+0x310/0x310
[ 1806.729204][T32173]  ? rwlock_bug.part.0+0x90/0x90
[ 1806.734126][T32173]  worker_thread+0x96/0xe20
[ 1806.738627][T32173]  ? process_one_work+0x16a0/0x16a0
[ 1806.743807][T32173]  kthread+0x388/0x470
[ 1806.747851][T32173]  ? kthread_mod_delayed_work+0x1a0/0x1a0
[ 1806.753544][T32173]  ? kthread_mod_delayed_work+0x1a0/0x1a0
[ 1806.759255][T32173]  ret_from_fork+0x24/0x30
[ 1806.763655][T32173] kworker/1:15    I23360 15034      2 0x80004000
[ 1806.769985][T32173] Workqueue:  0x0 (wg-crypt-wg1)
[ 1806.774895][T32173] Call Trace:
[ 1806.778162][T32173]  __schedule+0x8f3/0x1fc0
[ 1806.782554][T32173]  ? worker_thread+0x240/0xe20
[ 1806.787297][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1806.792558][T32173]  ? _raw_spin_unlock_irq+0x1f/0x80
[ 1806.797734][T32173]  schedule+0xd0/0x2a0
[ 1806.801805][T32173]  worker_thread+0x245/0xe20
[ 1806.806397][T32173]  ? process_one_work+0x16a0/0x16a0
[ 1806.811572][T32173]  kthread+0x388/0x470
[ 1806.815616][T32173]  ? kthread_mod_delayed_work+0x1a0/0x1a0
[ 1806.821310][T32173]  ? kthread_mod_delayed_work+0x1a0/0x1a0
[ 1806.827006][T32173]  ret_from_fork+0x24/0x30
[ 1806.831409][T32173] kworker/0:2     I22800 15035      2 0x80004000
[ 1806.837757][T32173] Workqueue:  0x0 (wg-crypt-wg1)
[ 1806.842669][T32173] Call Trace:
[ 1806.845934][T32173]  __schedule+0x8f3/0x1fc0
[ 1806.850325][T32173]  ? worker_thread+0x240/0xe20
[ 1806.855073][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1806.860334][T32173]  ? _raw_spin_unlock_irq+0x1f/0x80
[ 1806.865555][T32173]  schedule+0xd0/0x2a0
[ 1806.869599][T32173]  worker_thread+0x245/0xe20
[ 1806.874175][T32173]  ? process_one_work+0x16a0/0x16a0
[ 1806.879349][T32173]  kthread+0x388/0x470
[ 1806.883395][T32173]  ? kthread_mod_delayed_work+0x1a0/0x1a0
[ 1806.889107][T32173]  ? kthread_mod_delayed_work+0x1a0/0x1a0
[ 1806.894819][T32173]  ret_from_fork+0x24/0x30
[ 1806.899220][T32173] syz-executor.1  S28896 15389   6929 0x00000000
[ 1806.905535][T32173] Call Trace:
[ 1806.908804][T32173]  __schedule+0x8f3/0x1fc0
[ 1806.913213][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1806.918492][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1806.923756][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1806.929190][T32173]  schedule+0xd0/0x2a0
[ 1806.933238][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1806.938326][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1806.943759][T32173]  ? update_curr+0x3d7/0x8a0
[ 1806.948326][T32173]  futex_wait+0x1e2/0x550
[ 1806.952636][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1806.957638][T32173]  ? print_usage_bug+0x240/0x240
[ 1806.962554][T32173]  ? update_load_avg+0x1bb/0x1c30
[ 1806.967554][T32173]  ? hash_futex+0x10/0x200
[ 1806.971946][T32173]  ? futex_wake+0x153/0x480
[ 1806.976436][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1806.982409][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1806.988364][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1806.994323][T32173]  do_futex+0x15f/0x1ad0
[ 1806.998554][T32173]  ? find_held_lock+0x2d/0x110
[ 1807.003298][T32173]  ? futex_exit_release+0x60/0x60
[ 1807.008314][T32173]  ? _do_fork+0x265/0x1010
[ 1807.012706][T32173]  ? lock_downgrade+0x840/0x840
[ 1807.017533][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1807.022361][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1807.028340][T32173]  ? __might_fault+0x190/0x1d0
[ 1807.033091][T32173]  ? _copy_to_user+0x126/0x160
[ 1807.037841][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1807.042588][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1807.047073][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1807.052512][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1807.058516][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1807.063172][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1807.069134][T32173]  do_syscall_64+0xf6/0x7d0
[ 1807.073622][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1807.079534][T32173] RIP: 0033:0x45ca59
[ 1807.083412][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1807.103129][T32173] RSP: 002b:00007f7591596cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1807.111541][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1807.119504][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1807.127453][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1807.135544][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1807.143545][T32173] R13: 0000000000c9fb6f R14: 00007f75915979c0 R15: 000000000078bf0c
[ 1807.151518][T32173] syz-executor.1  S29816 15406   6929 0x00000000
[ 1807.157878][T32173] Call Trace:
[ 1807.161153][T32173]  __schedule+0x8f3/0x1fc0
[ 1807.165552][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1807.170872][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1807.176170][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1807.181614][T32173]  schedule+0xd0/0x2a0
[ 1807.185664][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1807.190799][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1807.196239][T32173]  futex_wait+0x1e2/0x550
[ 1807.200552][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1807.205554][T32173]  ? wake_up_q+0xc1/0x140
[ 1807.209860][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1807.215062][T32173]  ? futex_wake+0x153/0x480
[ 1807.219552][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1807.225505][T32173]  ? mark_lock+0x11f/0xdd0
[ 1807.229900][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1807.235871][T32173]  do_futex+0x15f/0x1ad0
[ 1807.240117][T32173]  ? find_held_lock+0x2d/0x110
[ 1807.244871][T32173]  ? futex_exit_release+0x60/0x60
[ 1807.249879][T32173]  ? lock_downgrade+0x840/0x840
[ 1807.254713][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1807.259545][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1807.265541][T32173]  ? __might_fault+0x190/0x1d0
[ 1807.270286][T32173]  ? debug_smp_processor_id+0x2f/0x185
[ 1807.275727][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1807.280475][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1807.284961][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1807.290396][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1807.296352][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1807.301005][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1807.306966][T32173]  do_syscall_64+0xf6/0x7d0
[ 1807.311469][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1807.317335][T32173] RIP: 0033:0x45ca59
[ 1807.321229][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1807.340806][T32173] RSP: 002b:00007f7591596cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1807.349212][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1807.357249][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1807.365210][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1807.373172][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1807.381166][T32173] R13: 0000000000c9fb6f R14: 00007f75915979c0 R15: 000000000078bf0c
[ 1807.389135][T32173] syz-executor.1  S28400 16288   6929 0x00000000
[ 1807.395493][T32173] Call Trace:
[ 1807.398770][T32173]  __schedule+0x8f3/0x1fc0
[ 1807.403166][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1807.408430][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1807.413719][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1807.419154][T32173]  schedule+0xd0/0x2a0
[ 1807.423228][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1807.428315][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1807.433773][T32173]  futex_wait+0x1e2/0x550
[ 1807.438082][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1807.443083][T32173]  ? print_usage_bug+0x240/0x240
[ 1807.448014][T32173]  ? hash_futex+0x10/0x200
[ 1807.452406][T32173]  ? futex_wake+0x153/0x480
[ 1807.456894][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1807.462854][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1807.468810][T32173]  do_futex+0x15f/0x1ad0
[ 1807.473037][T32173]  ? find_held_lock+0x2d/0x110
[ 1807.477778][T32173]  ? futex_exit_release+0x60/0x60
[ 1807.482781][T32173]  ? lock_downgrade+0x840/0x840
[ 1807.487608][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1807.492464][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1807.498427][T32173]  ? __might_fault+0x190/0x1d0
[ 1807.503169][T32173]  ? _copy_to_user+0x126/0x160
[ 1807.507914][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1807.512661][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1807.517141][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1807.522661][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1807.528633][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1807.533289][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1807.539264][T32173]  do_syscall_64+0xf6/0x7d0
[ 1807.543747][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1807.549611][T32173] RIP: 0033:0x45ca59
[ 1807.553485][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1807.573063][T32173] RSP: 002b:00007f7591596cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1807.581446][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1807.589395][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1807.597342][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1807.605289][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1807.613256][T32173] R13: 0000000000c9fb6f R14: 00007f75915979c0 R15: 000000000078bf0c
[ 1807.621216][T32173] syz-executor.1  S28296 16307   6929 0x00000000
[ 1807.627526][T32173] Call Trace:
[ 1807.630817][T32173]  __schedule+0x8f3/0x1fc0
[ 1807.635210][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1807.640476][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1807.645748][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1807.651185][T32173]  schedule+0xd0/0x2a0
[ 1807.655231][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1807.660319][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1807.665758][T32173]  futex_wait+0x1e2/0x550
[ 1807.670087][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1807.675094][T32173]  ? print_usage_bug+0x240/0x240
[ 1807.680025][T32173]  ? hash_futex+0x10/0x200
[ 1807.684424][T32173]  ? futex_wake+0x153/0x480
[ 1807.688911][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1807.694869][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1807.700845][T32173]  do_futex+0x15f/0x1ad0
[ 1807.705070][T32173]  ? find_held_lock+0x2d/0x110
[ 1807.709812][T32173]  ? futex_exit_release+0x60/0x60
[ 1807.714815][T32173]  ? lock_downgrade+0x840/0x840
[ 1807.719640][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1807.724486][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1807.730469][T32173]  ? __might_fault+0x190/0x1d0
[ 1807.735210][T32173]  ? _copy_to_user+0x126/0x160
[ 1807.739956][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1807.744713][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1807.749196][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1807.754632][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1807.760588][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1807.765258][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1807.771235][T32173]  do_syscall_64+0xf6/0x7d0
[ 1807.775717][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1807.781603][T32173] RIP: 0033:0x45ca59
[ 1807.785482][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1807.805060][T32173] RSP: 002b:00007f7591596cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1807.813462][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1807.821409][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1807.829373][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1807.837322][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1807.845268][T32173] R13: 0000000000c9fb6f R14: 00007f75915979c0 R15: 000000000078bf0c
[ 1807.853230][T32173] syz-executor.1  S28400 16332   6929 0x00000000
[ 1807.859536][T32173] Call Trace:
[ 1807.862803][T32173]  __schedule+0x8f3/0x1fc0
[ 1807.867237][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1807.872524][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1807.877803][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1807.883243][T32173]  schedule+0xd0/0x2a0
[ 1807.887289][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1807.892380][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1807.897836][T32173]  futex_wait+0x1e2/0x550
[ 1807.902146][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1807.907162][T32173]  ? wake_up_q+0xc1/0x140
[ 1807.911468][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1807.916644][T32173]  ? futex_wake+0x153/0x480
[ 1807.921138][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1807.927097][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1807.933072][T32173]  do_futex+0x15f/0x1ad0
[ 1807.937333][T32173]  ? find_held_lock+0x2d/0x110
[ 1807.942076][T32173]  ? futex_exit_release+0x60/0x60
[ 1807.947077][T32173]  ? lock_downgrade+0x840/0x840
[ 1807.951905][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1807.956750][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1807.962713][T32173]  ? __might_fault+0x190/0x1d0
[ 1807.967455][T32173]  ? debug_smp_processor_id+0x2f/0x185
[ 1807.972894][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1807.977639][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1807.982125][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1807.987558][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1807.993515][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1807.998176][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1808.004134][T32173]  do_syscall_64+0xf6/0x7d0
[ 1808.008614][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1808.014482][T32173] RIP: 0033:0x45ca59
[ 1808.018352][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1808.037947][T32173] RSP: 002b:00007f7591596cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1808.046681][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1808.054628][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1808.062580][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1808.070548][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1808.078512][T32173] R13: 0000000000c9fb6f R14: 00007f75915979c0 R15: 000000000078bf0c
[ 1808.086491][T32173] syz-executor.1  S28400 16341   6929 0x00000000
[ 1808.092801][T32173] Call Trace:
[ 1808.096068][T32173]  __schedule+0x8f3/0x1fc0
[ 1808.100465][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1808.105748][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1808.111016][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1808.116480][T32173]  schedule+0xd0/0x2a0
[ 1808.120529][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1808.125615][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1808.131076][T32173]  futex_wait+0x1e2/0x550
[ 1808.135405][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1808.140409][T32173]  ? wake_up_q+0xc1/0x140
[ 1808.144713][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1808.149904][T32173]  ? futex_wake+0x153/0x480
[ 1808.154415][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1808.160375][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1808.166331][T32173]  do_futex+0x15f/0x1ad0
[ 1808.170558][T32173]  ? find_held_lock+0x2d/0x110
[ 1808.175301][T32173]  ? futex_exit_release+0x60/0x60
[ 1808.180306][T32173]  ? lock_downgrade+0x840/0x840
[ 1808.185135][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1808.189962][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1808.195930][T32173]  ? __might_fault+0x190/0x1d0
[ 1808.200671][T32173]  ? debug_smp_processor_id+0x2f/0x185
[ 1808.206131][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1808.210874][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1808.215373][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1808.220806][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1808.226761][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1808.231425][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1808.237442][T32173]  do_syscall_64+0xf6/0x7d0
[ 1808.241956][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1808.247829][T32173] RIP: 0033:0x45ca59
[ 1808.251708][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1808.271308][T32173] RSP: 002b:00007f7591596cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1808.279698][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1808.287645][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1808.295594][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1808.303541][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1808.311505][T32173] R13: 0000000000c9fb6f R14: 00007f75915979c0 R15: 000000000078bf0c
[ 1808.319468][T32173] syz-executor.2  S29368 16836   7087 0x00000000
[ 1808.325780][T32173] Call Trace:
[ 1808.329065][T32173]  __schedule+0x8f3/0x1fc0
[ 1808.333480][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1808.338746][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1808.344009][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1808.349447][T32173]  schedule+0xd0/0x2a0
[ 1808.353497][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1808.358585][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1808.364020][T32173]  ? find_held_lock+0x2d/0x110
[ 1808.368762][T32173]  futex_wait+0x1e2/0x550
[ 1808.373074][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1808.378075][T32173]  ? print_usage_bug+0x240/0x240
[ 1808.382990][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1808.388178][T32173]  ? futex_wake+0x153/0x480
[ 1808.392730][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1808.398696][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1808.404664][T32173]  do_futex+0x15f/0x1ad0
[ 1808.408894][T32173]  ? find_held_lock+0x2d/0x110
[ 1808.413643][T32173]  ? futex_exit_release+0x60/0x60
[ 1808.418662][T32173]  ? lock_downgrade+0x840/0x840
[ 1808.423497][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1808.428398][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1808.434367][T32173]  ? __might_fault+0x190/0x1d0
[ 1808.439108][T32173]  ? _copy_to_user+0x126/0x160
[ 1808.443855][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1808.448627][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1808.453153][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1808.458645][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1808.464612][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1808.469304][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1808.475269][T32173]  do_syscall_64+0xf6/0x7d0
[ 1808.479754][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1808.485622][T32173] RIP: 0033:0x45ca59
[ 1808.489496][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1808.509090][T32173] RSP: 002b:00007f8cd7fe7cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1808.517491][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1808.525447][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1808.533394][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1808.541342][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1808.549287][T32173] R13: 0000000000c9fb6f R14: 00007f8cd7fe89c0 R15: 000000000078bf0c
[ 1808.557253][T32173] syz-executor.2  S29824 16852   7087 0x00000000
[ 1808.563584][T32173] Call Trace:
[ 1808.566855][T32173]  __schedule+0x8f3/0x1fc0
[ 1808.571249][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1808.576513][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1808.581796][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1808.587242][T32173]  schedule+0xd0/0x2a0
[ 1808.591289][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1808.596379][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1808.601835][T32173]  futex_wait+0x1e2/0x550
[ 1808.606145][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1808.611147][T32173]  ? wake_up_q+0xc1/0x140
[ 1808.615452][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1808.620629][T32173]  ? futex_wake+0x153/0x480
[ 1808.625119][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1808.631073][T32173]  ? mark_lock+0x11f/0xdd0
[ 1808.635469][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1808.641429][T32173]  do_futex+0x15f/0x1ad0
[ 1808.645680][T32173]  ? find_held_lock+0x2d/0x110
[ 1808.650447][T32173]  ? futex_exit_release+0x60/0x60
[ 1808.655451][T32173]  ? lock_downgrade+0x840/0x840
[ 1808.660298][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1808.665125][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1808.671088][T32173]  ? __might_fault+0x190/0x1d0
[ 1808.675827][T32173]  ? _copy_to_user+0x126/0x160
[ 1808.680573][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1808.685315][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1808.689795][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1808.695228][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1808.701184][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1808.705859][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1808.711831][T32173]  do_syscall_64+0xf6/0x7d0
[ 1808.716314][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1808.722180][T32173] RIP: 0033:0x45ca59
[ 1808.726052][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1808.745646][T32173] RSP: 002b:00007f8cd7fe7cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1808.754032][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1808.762013][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1808.769959][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1808.777951][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1808.785919][T32173] R13: 0000000000c9fb6f R14: 00007f8cd7fe89c0 R15: 000000000078bf0c
[ 1808.793921][T32173] syz-executor.2  S29824 16871   7087 0x00000000
[ 1808.800230][T32173] Call Trace:
[ 1808.803501][T32173]  __schedule+0x8f3/0x1fc0
[ 1808.807893][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1808.813181][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1808.818461][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1808.823898][T32173]  schedule+0xd0/0x2a0
[ 1808.827942][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1808.833029][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1808.838501][T32173]  futex_wait+0x1e2/0x550
[ 1808.842811][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1808.847829][T32173]  ? wake_up_q+0xc1/0x140
[ 1808.852132][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1808.857311][T32173]  ? futex_wake+0x153/0x480
[ 1808.861801][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1808.867758][T32173]  ? mark_lock+0x11f/0xdd0
[ 1808.872152][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1808.878109][T32173]  do_futex+0x15f/0x1ad0
[ 1808.882337][T32173]  ? find_held_lock+0x2d/0x110
[ 1808.887079][T32173]  ? futex_exit_release+0x60/0x60
[ 1808.892080][T32173]  ? lock_downgrade+0x840/0x840
[ 1808.896907][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1808.901734][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1808.907753][T32173]  ? __might_fault+0x190/0x1d0
[ 1808.912499][T32173]  ? debug_smp_processor_id+0x2f/0x185
[ 1808.917942][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1808.922688][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1808.927301][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1808.932737][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1808.938697][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1808.943387][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1808.949356][T32173]  do_syscall_64+0xf6/0x7d0
[ 1808.953841][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1808.959709][T32173] RIP: 0033:0x45ca59
[ 1808.963583][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1808.983161][T32173] RSP: 002b:00007f8cd7fe7cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1808.991546][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1808.999529][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1809.007491][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1809.015438][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1809.023386][T32173] R13: 0000000000c9fb6f R14: 00007f8cd7fe89c0 R15: 000000000078bf0c
[ 1809.031350][T32173] syz-executor.3  S29368 17419   7107 0x00000000
[ 1809.037660][T32173] Call Trace:
[ 1809.040929][T32173]  __schedule+0x8f3/0x1fc0
[ 1809.045321][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1809.050585][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1809.055865][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1809.061301][T32173]  schedule+0xd0/0x2a0
[ 1809.065347][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1809.070436][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1809.075868][T32173]  ? find_held_lock+0x2d/0x110
[ 1809.080636][T32173]  futex_wait+0x1e2/0x550
[ 1809.084947][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1809.089954][T32173]  ? print_usage_bug+0x240/0x240
[ 1809.094878][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1809.100055][T32173]  ? futex_wake+0x153/0x480
[ 1809.104544][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1809.110503][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1809.116460][T32173]  do_futex+0x15f/0x1ad0
[ 1809.120686][T32173]  ? find_held_lock+0x2d/0x110
[ 1809.125428][T32173]  ? futex_exit_release+0x60/0x60
[ 1809.130434][T32173]  ? lock_downgrade+0x840/0x840
[ 1809.135259][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1809.140086][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1809.146047][T32173]  ? __might_fault+0x190/0x1d0
[ 1809.150790][T32173]  ? _copy_to_user+0x126/0x160
[ 1809.155534][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1809.160278][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1809.164772][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1809.170208][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1809.176163][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1809.180816][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1809.186773][T32173]  do_syscall_64+0xf6/0x7d0
[ 1809.191256][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1809.197120][T32173] RIP: 0033:0x45ca59
[ 1809.200993][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1809.220627][T32173] RSP: 002b:00007f65fad0acf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1809.229031][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1809.236980][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1809.244972][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1809.252925][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1809.260920][T32173] R13: 0000000000c9fb6f R14: 00007f65fad0b9c0 R15: 000000000078bf0c
[ 1809.268893][T32173] syz-executor.2  S28896 17424   7087 0x00000000
[ 1809.275207][T32173] Call Trace:
[ 1809.278491][T32173]  __schedule+0x8f3/0x1fc0
[ 1809.282887][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1809.288189][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1809.293455][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1809.298912][T32173]  schedule+0xd0/0x2a0
[ 1809.302960][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1809.308049][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1809.313502][T32173]  ? alloc_empty_file+0x6d/0x170
[ 1809.318427][T32173]  futex_wait+0x1e2/0x550
[ 1809.322737][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1809.327739][T32173]  ? print_usage_bug+0x240/0x240
[ 1809.332656][T32173]  ? hash_futex+0x10/0x200
[ 1809.337051][T32173]  ? futex_wake+0x153/0x480
[ 1809.341544][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1809.347519][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1809.353485][T32173]  do_futex+0x15f/0x1ad0
[ 1809.357718][T32173]  ? find_held_lock+0x2d/0x110
[ 1809.362466][T32173]  ? futex_exit_release+0x60/0x60
[ 1809.367517][T32173]  ? lock_downgrade+0x840/0x840
[ 1809.372350][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1809.377181][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1809.383147][T32173]  ? __might_fault+0x190/0x1d0
[ 1809.387888][T32173]  ? _copy_to_user+0x126/0x160
[ 1809.392648][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1809.397403][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1809.401895][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1809.407333][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1809.413295][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1809.417950][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1809.423911][T32173]  do_syscall_64+0xf6/0x7d0
[ 1809.428395][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1809.434269][T32173] RIP: 0033:0x45ca59
[ 1809.438140][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1809.457719][T32173] RSP: 002b:00007f8cd7fe7cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1809.466106][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1809.474052][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1809.482000][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1809.489955][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1809.498010][T32173] R13: 0000000000c9fb6f R14: 00007f8cd7fe89c0 R15: 000000000078bf0c
[ 1809.505994][T32173] syz-executor.2  S29824 17435   7087 0x00000000
[ 1809.512308][T32173] Call Trace:
[ 1809.515581][T32173]  __schedule+0x8f3/0x1fc0
[ 1809.519979][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1809.525243][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1809.530505][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1809.535942][T32173]  schedule+0xd0/0x2a0
[ 1809.540008][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1809.545096][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1809.550536][T32173]  futex_wait+0x1e2/0x550
[ 1809.554848][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1809.559864][T32173]  ? wake_up_q+0xc1/0x140
[ 1809.564170][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1809.569344][T32173]  ? futex_wake+0x153/0x480
[ 1809.573836][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1809.579794][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1809.585774][T32173]  do_futex+0x15f/0x1ad0
[ 1809.589999][T32173]  ? find_held_lock+0x2d/0x110
[ 1809.594738][T32173]  ? futex_exit_release+0x60/0x60
[ 1809.599756][T32173]  ? lock_downgrade+0x840/0x840
[ 1809.604583][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1809.609431][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1809.615392][T32173]  ? __might_fault+0x190/0x1d0
[ 1809.620134][T32173]  ? debug_smp_processor_id+0x2f/0x185
[ 1809.625575][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1809.630320][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1809.634803][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1809.640238][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1809.646193][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1809.650847][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1809.656807][T32173]  do_syscall_64+0xf6/0x7d0
[ 1809.661293][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1809.667179][T32173] RIP: 0033:0x45ca59
[ 1809.671051][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1809.690631][T32173] RSP: 002b:00007f8cd7fe7cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1809.699013][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1809.706960][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1809.714923][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1809.722869][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1809.730816][T32173] R13: 0000000000c9fb6f R14: 00007f8cd7fe89c0 R15: 000000000078bf0c
[ 1809.738776][T32173] syz-executor.3  S29816 17442   7107 0x00000000
[ 1809.745191][T32173] Call Trace:
[ 1809.748459][T32173]  __schedule+0x8f3/0x1fc0
[ 1809.752852][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1809.758132][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1809.763397][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1809.768833][T32173]  schedule+0xd0/0x2a0
[ 1809.772881][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1809.777970][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1809.783410][T32173]  futex_wait+0x1e2/0x550
[ 1809.787719][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1809.792723][T32173]  ? wake_up_q+0xc1/0x140
[ 1809.797045][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1809.802238][T32173]  ? futex_wake+0x153/0x480
[ 1809.806727][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1809.812696][T32173]  ? mark_lock+0x11f/0xdd0
[ 1809.817112][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1809.823073][T32173]  do_futex+0x15f/0x1ad0
[ 1809.827300][T32173]  ? find_held_lock+0x2d/0x110
[ 1809.832042][T32173]  ? futex_exit_release+0x60/0x60
[ 1809.837059][T32173]  ? lock_downgrade+0x840/0x840
[ 1809.841903][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1809.846728][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1809.852691][T32173]  ? __might_fault+0x190/0x1d0
[ 1809.857430][T32173]  ? debug_smp_processor_id+0x2f/0x185
[ 1809.862871][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1809.867663][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1809.872145][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1809.877579][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1809.883539][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1809.888192][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1809.894149][T32173]  do_syscall_64+0xf6/0x7d0
[ 1809.898629][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1809.904496][T32173] RIP: 0033:0x45ca59
[ 1809.908391][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1809.927970][T32173] RSP: 002b:00007f65fad0acf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1809.936357][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1809.944314][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1809.952262][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1809.960229][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1809.968278][T32173] R13: 0000000000c9fb6f R14: 00007f65fad0b9c0 R15: 000000000078bf0c
[ 1809.976241][T32173] syz-executor.2  S29824 17447   7087 0x00000000
[ 1809.982552][T32173] Call Trace:
[ 1809.985842][T32173]  __schedule+0x8f3/0x1fc0
[ 1809.990237][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1809.995502][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1810.000769][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1810.006225][T32173]  schedule+0xd0/0x2a0
[ 1810.010275][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1810.015365][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1810.020803][T32173]  futex_wait+0x1e2/0x550
[ 1810.025110][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1810.030131][T32173]  ? wake_up_q+0xc1/0x140
[ 1810.034434][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1810.039626][T32173]  ? futex_wake+0x153/0x480
[ 1810.044117][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1810.050088][T32173]  ? mark_lock+0x11f/0xdd0
[ 1810.054486][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1810.060465][T32173]  do_futex+0x15f/0x1ad0
[ 1810.064693][T32173]  ? find_held_lock+0x2d/0x110
[ 1810.069433][T32173]  ? futex_exit_release+0x60/0x60
[ 1810.074436][T32173]  ? lock_downgrade+0x840/0x840
[ 1810.079264][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1810.084093][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1810.090073][T32173]  ? __might_fault+0x190/0x1d0
[ 1810.094812][T32173]  ? _copy_to_user+0x126/0x160
[ 1810.099556][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1810.104300][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1810.108787][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1810.114221][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1810.120203][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1810.124856][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1810.130814][T32173]  do_syscall_64+0xf6/0x7d0
[ 1810.135315][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1810.141181][T32173] RIP: 0033:0x45ca59
[ 1810.145053][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1810.164647][T32173] RSP: 002b:00007f8cd7fe7cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1810.173031][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1810.180997][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1810.188962][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1810.196908][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1810.204854][T32173] R13: 0000000000c9fb6f R14: 00007f8cd7fe89c0 R15: 000000000078bf0c
[ 1810.212816][T32173] syz-executor.2  S29824 17459   7087 0x00000000
[ 1810.219141][T32173] Call Trace:
[ 1810.222473][T32173]  __schedule+0x8f3/0x1fc0
[ 1810.226888][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1810.232166][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1810.237488][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1810.242978][T32173]  schedule+0xd0/0x2a0
[ 1810.247030][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1810.252166][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1810.257656][T32173]  futex_wait+0x1e2/0x550
[ 1810.261972][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1810.266982][T32173]  ? wake_up_q+0xc1/0x140
[ 1810.271293][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1810.276500][T32173]  ? futex_wake+0x153/0x480
[ 1810.280995][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1810.286951][T32173]  ? mark_lock+0x11f/0xdd0
[ 1810.291347][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1810.297307][T32173]  do_futex+0x15f/0x1ad0
[ 1810.301537][T32173]  ? find_held_lock+0x2d/0x110
[ 1810.306278][T32173]  ? futex_exit_release+0x60/0x60
[ 1810.311282][T32173]  ? lock_downgrade+0x840/0x840
[ 1810.316109][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1810.320935][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1810.326900][T32173]  ? __might_fault+0x190/0x1d0
[ 1810.331640][T32173]  ? _copy_to_user+0x126/0x160
[ 1810.336389][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1810.341133][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1810.345615][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1810.351049][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1810.357005][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1810.361665][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1810.367642][T32173]  do_syscall_64+0xf6/0x7d0
[ 1810.372124][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1810.378006][T32173] RIP: 0033:0x45ca59
[ 1810.381877][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1810.401468][T32173] RSP: 002b:00007f8cd7fe7cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1810.409871][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1810.417864][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1810.425812][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1810.433760][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1810.441707][T32173] R13: 0000000000c9fb6f R14: 00007f8cd7fe89c0 R15: 000000000078bf0c
[ 1810.449673][T32173] syz-executor.3  S29816 17462   7107 0x00000000
[ 1810.455986][T32173] Call Trace:
[ 1810.459259][T32173]  __schedule+0x8f3/0x1fc0
[ 1810.463655][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1810.468921][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1810.474203][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1810.479639][T32173]  schedule+0xd0/0x2a0
[ 1810.483689][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1810.488775][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1810.494216][T32173]  futex_wait+0x1e2/0x550
[ 1810.498546][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1810.503548][T32173]  ? wake_up_q+0xc1/0x140
[ 1810.507850][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1810.513025][T32173]  ? futex_wake+0x153/0x480
[ 1810.517517][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1810.523471][T32173]  ? mark_lock+0x11f/0xdd0
[ 1810.527869][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1810.533828][T32173]  do_futex+0x15f/0x1ad0
[ 1810.538054][T32173]  ? find_held_lock+0x2d/0x110
[ 1810.542795][T32173]  ? futex_exit_release+0x60/0x60
[ 1810.547797][T32173]  ? lock_downgrade+0x840/0x840
[ 1810.552626][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1810.557453][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1810.563417][T32173]  ? __might_fault+0x190/0x1d0
[ 1810.568157][T32173]  ? debug_smp_processor_id+0x2f/0x185
[ 1810.573616][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1810.578359][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1810.582844][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1810.588276][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1810.594234][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1810.598885][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1810.604872][T32173]  do_syscall_64+0xf6/0x7d0
[ 1810.609370][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1810.615236][T32173] RIP: 0033:0x45ca59
[ 1810.619133][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1810.638726][T32173] RSP: 002b:00007f65fad0acf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1810.647127][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1810.655075][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1810.663039][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1810.670986][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1810.678933][T32173] R13: 0000000000c9fb6f R14: 00007f65fad0b9c0 R15: 000000000078bf0c
[ 1810.686894][T32173] syz-executor.3  S29816 17479   7107 0x00000000
[ 1810.693209][T32173] Call Trace:
[ 1810.696501][T32173]  __schedule+0x8f3/0x1fc0
[ 1810.700894][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1810.706159][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1810.711425][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1810.716877][T32173]  schedule+0xd0/0x2a0
[ 1810.720941][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1810.726046][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1810.731502][T32173]  futex_wait+0x1e2/0x550
[ 1810.735826][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1810.740842][T32173]  ? wake_up_q+0xc1/0x140
[ 1810.745146][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1810.750321][T32173]  ? futex_wake+0x153/0x480
[ 1810.754810][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1810.760762][T32173]  ? mark_lock+0x11f/0xdd0
[ 1810.765154][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1810.771112][T32173]  do_futex+0x15f/0x1ad0
[ 1810.775355][T32173]  ? find_held_lock+0x2d/0x110
[ 1810.780097][T32173]  ? futex_exit_release+0x60/0x60
[ 1810.785098][T32173]  ? lock_downgrade+0x840/0x840
[ 1810.789945][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1810.794779][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1810.800746][T32173]  ? __might_fault+0x190/0x1d0
[ 1810.805503][T32173]  ? debug_smp_processor_id+0x2f/0x185
[ 1810.810958][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1810.815716][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1810.820215][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1810.825650][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1810.831620][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1810.836290][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1810.842249][T32173]  do_syscall_64+0xf6/0x7d0
[ 1810.846729][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1810.852615][T32173] RIP: 0033:0x45ca59
[ 1810.856488][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1810.876068][T32173] RSP: 002b:00007f65fad0acf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1810.884456][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1810.892404][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1810.900351][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1810.908296][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1810.916243][T32173] R13: 0000000000c9fb6f R14: 00007f65fad0b9c0 R15: 000000000078bf0c
[ 1810.924212][T32173] syz-executor.3  S28976 17689   7107 0x00000000
[ 1810.930522][T32173] Call Trace:
[ 1810.933792][T32173]  __schedule+0x8f3/0x1fc0
[ 1810.938184][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1810.943452][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1810.948715][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1810.954168][T32173]  schedule+0xd0/0x2a0
[ 1810.958214][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1810.963316][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1810.968747][T32173]  ? update_curr+0x3d7/0x8a0
[ 1810.973317][T32173]  futex_wait+0x1e2/0x550
[ 1810.977626][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1810.982627][T32173]  ? print_usage_bug+0x240/0x240
[ 1810.987539][T32173]  ? update_load_avg+0x1bb/0x1c30
[ 1810.992539][T32173]  ? hash_futex+0x10/0x200
[ 1810.996933][T32173]  ? futex_wake+0x153/0x480
[ 1811.001437][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1811.007416][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1811.013380][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1811.019339][T32173]  do_futex+0x15f/0x1ad0
[ 1811.023581][T32173]  ? find_held_lock+0x2d/0x110
[ 1811.028322][T32173]  ? futex_exit_release+0x60/0x60
[ 1811.033344][T32173]  ? lock_downgrade+0x840/0x840
[ 1811.038171][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1811.042999][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1811.048976][T32173]  ? __might_fault+0x190/0x1d0
[ 1811.053718][T32173]  ? _copy_to_user+0x126/0x160
[ 1811.058465][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1811.063211][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1811.067692][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1811.073133][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1811.079088][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1811.083757][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1811.089715][T32173]  do_syscall_64+0xf6/0x7d0
[ 1811.094202][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1811.100084][T32173] RIP: 0033:0x45ca59
[ 1811.103954][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1811.123545][T32173] RSP: 002b:00007f65fad0acf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1811.132046][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1811.139991][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1811.147936][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1811.155883][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1811.163830][T32173] R13: 0000000000c9fb6f R14: 00007f65fad0b9c0 R15: 000000000078bf0c
[ 1811.171793][T32173] syz-executor.3  S29824 17711   7107 0x00000000
[ 1811.178122][T32173] Call Trace:
[ 1811.181410][T32173]  __schedule+0x8f3/0x1fc0
[ 1811.185827][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1811.191091][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1811.196371][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1811.201826][T32173]  schedule+0xd0/0x2a0
[ 1811.205872][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1811.210973][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1811.216419][T32173]  futex_wait+0x1e2/0x550
[ 1811.220737][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1811.225747][T32173]  ? wake_up_q+0xc1/0x140
[ 1811.230058][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1811.235256][T32173]  ? futex_wake+0x153/0x480
[ 1811.239759][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1811.245730][T32173]  do_futex+0x15f/0x1ad0
[ 1811.249961][T32173]  ? find_held_lock+0x2d/0x110
[ 1811.254748][T32173]  ? finish_task_switch+0x147/0x750
[ 1811.259928][T32173]  ? futex_exit_release+0x60/0x60
[ 1811.265010][T32173]  ? lock_downgrade+0x840/0x840
[ 1811.269860][T32173]  ? perf_sched_cb_inc+0x250/0x250
[ 1811.274964][T32173]  ? _raw_spin_unlock_irq+0x1f/0x80
[ 1811.280148][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1811.286125][T32173]  ? _raw_spin_unlock_irq+0x55/0x80
[ 1811.291302][T32173]  ? finish_task_switch+0x147/0x750
[ 1811.296476][T32173]  ? finish_task_switch+0x119/0x750
[ 1811.301806][T32173]  ? debug_smp_processor_id+0x2f/0x185
[ 1811.307263][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1811.312011][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1811.316492][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1811.321925][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1811.327898][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1811.332553][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1811.338538][T32173]  do_syscall_64+0xf6/0x7d0
[ 1811.343164][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1811.349030][T32173] RIP: 0033:0x45ca59
[ 1811.352902][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1811.372480][T32173] RSP: 002b:00007f65fad0acf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1811.380866][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1811.388868][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1811.396824][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1811.404827][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1811.412782][T32173] R13: 0000000000c9fb6f R14: 00007f65fad0b9c0 R15: 000000000078bf0c
[ 1811.420749][T32173] syz-executor.5  S29616 19203   7376 0x00000000
[ 1811.427064][T32173] Call Trace:
[ 1811.430337][T32173]  __schedule+0x8f3/0x1fc0
[ 1811.434758][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1811.441154][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1811.446419][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1811.451973][T32173]  schedule+0xd0/0x2a0
[ 1811.456022][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1811.461127][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1811.466560][T32173]  ? find_held_lock+0x2d/0x110
[ 1811.471316][T32173]  futex_wait+0x1e2/0x550
[ 1811.475625][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1811.480626][T32173]  ? print_usage_bug+0x240/0x240
[ 1811.485540][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1811.490718][T32173]  ? futex_wake+0x153/0x480
[ 1811.495206][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1811.501163][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1811.507144][T32173]  do_futex+0x15f/0x1ad0
[ 1811.511415][T32173]  ? find_held_lock+0x2d/0x110
[ 1811.516170][T32173]  ? futex_exit_release+0x60/0x60
[ 1811.521179][T32173]  ? lock_downgrade+0x840/0x840
[ 1811.526012][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1811.530944][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1811.536909][T32173]  ? __might_fault+0x190/0x1d0
[ 1811.541659][T32173]  ? _copy_to_user+0x126/0x160
[ 1811.546406][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1811.551176][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1811.555658][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1811.561092][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1811.567065][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1811.571721][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1811.577681][T32173]  do_syscall_64+0xf6/0x7d0
[ 1811.582179][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1811.588046][T32173] RIP: 0033:0x45ca59
[ 1811.591935][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1811.611513][T32173] RSP: 002b:00007f656341ecf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1811.619946][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1811.627899][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1811.635889][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1811.643893][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1811.651849][T32173] R13: 0000000000c9fb6f R14: 00007f656341f9c0 R15: 000000000078bf0c
[ 1811.659828][T32173] syz-executor.5  S29816 19206   7376 0x00000000
[ 1811.666141][T32173] Call Trace:
[ 1811.669419][T32173]  __schedule+0x8f3/0x1fc0
[ 1811.673818][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1811.679124][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1811.684431][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1811.689911][T32173]  schedule+0xd0/0x2a0
[ 1811.694048][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1811.699162][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1811.704619][T32173]  futex_wait+0x1e2/0x550
[ 1811.708927][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1811.713930][T32173]  ? wake_up_q+0xc1/0x140
[ 1811.718234][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1811.723409][T32173]  ? futex_wake+0x153/0x480
[ 1811.727897][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1811.733853][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1811.739818][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1811.745777][T32173]  do_futex+0x15f/0x1ad0
[ 1811.750005][T32173]  ? find_held_lock+0x2d/0x110
[ 1811.754766][T32173]  ? futex_exit_release+0x60/0x60
[ 1811.759777][T32173]  ? lock_downgrade+0x840/0x840
[ 1811.764617][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1811.769444][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1811.775406][T32173]  ? __might_fault+0x190/0x1d0
[ 1811.780148][T32173]  ? debug_smp_processor_id+0x2f/0x185
[ 1811.785597][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1811.790347][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1811.794830][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1811.800263][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1811.806219][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1811.810888][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1811.816845][T32173]  do_syscall_64+0xf6/0x7d0
[ 1811.821333][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1811.827198][T32173] RIP: 0033:0x45ca59
[ 1811.831070][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1811.850647][T32173] RSP: 002b:00007f65633fdcf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1811.859030][T32173] RAX: ffffffffffffffda RBX: 000000000078bfa8 RCX: 000000000045ca59
[ 1811.866980][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bfa8
[ 1811.874928][T32173] RBP: 000000000078bfa0 R08: 0000000000000000 R09: 0000000000000000
[ 1811.882892][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bfac
[ 1811.890857][T32173] R13: 0000000000c9fb6f R14: 00007f65633fe9c0 R15: 000000000078bfac
[ 1811.898818][T32173] syz-executor.5  S29824 19215   7376 0x00000000
[ 1811.905128][T32173] Call Trace:
[ 1811.908397][T32173]  __schedule+0x8f3/0x1fc0
[ 1811.912808][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1811.918086][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1811.924496][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1811.929951][T32173]  schedule+0xd0/0x2a0
[ 1811.934008][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1811.939096][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1811.944553][T32173]  futex_wait+0x1e2/0x550
[ 1811.948861][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1811.953863][T32173]  ? wake_up_q+0xc1/0x140
[ 1811.958168][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1811.963360][T32173]  ? futex_wake+0x153/0x480
[ 1811.967857][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1811.973822][T32173]  ? mark_lock+0x11f/0xdd0
[ 1811.978229][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1811.984197][T32173]  do_futex+0x15f/0x1ad0
[ 1811.988426][T32173]  ? find_held_lock+0x2d/0x110
[ 1811.993173][T32173]  ? futex_exit_release+0x60/0x60
[ 1811.998191][T32173]  ? lock_downgrade+0x840/0x840
[ 1812.003023][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1812.007852][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1812.013817][T32173]  ? __might_fault+0x190/0x1d0
[ 1812.018559][T32173]  ? debug_smp_processor_id+0x2f/0x185
[ 1812.024014][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1812.028758][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1812.033243][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1812.038676][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1812.044633][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1812.049286][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1812.055261][T32173]  do_syscall_64+0xf6/0x7d0
[ 1812.059747][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1812.065645][T32173] RIP: 0033:0x45ca59
[ 1812.069517][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1812.089096][T32173] RSP: 002b:00007f656341ecf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1812.097481][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1812.105428][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1812.113393][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1812.121341][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1812.129406][T32173] R13: 0000000000c9fb6f R14: 00007f656341f9c0 R15: 000000000078bf0c
[ 1812.137369][T32173] syz-executor.5  S29816 19225   7376 0x00000000
[ 1812.143697][T32173] Call Trace:
[ 1812.146968][T32173]  __schedule+0x8f3/0x1fc0
[ 1812.151363][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1812.156630][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1812.161909][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1812.167345][T32173]  schedule+0xd0/0x2a0
[ 1812.171393][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1812.176481][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1812.181923][T32173]  futex_wait+0x1e2/0x550
[ 1812.186256][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1812.191273][T32173]  ? wake_up_q+0xc1/0x140
[ 1812.195580][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1812.200757][T32173]  ? futex_wake+0x153/0x480
[ 1812.205251][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1812.211230][T32173]  ? mark_lock+0x11f/0xdd0
[ 1812.215626][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1812.221592][T32173]  do_futex+0x15f/0x1ad0
[ 1812.225818][T32173]  ? find_held_lock+0x2d/0x110
[ 1812.230564][T32173]  ? futex_exit_release+0x60/0x60
[ 1812.235567][T32173]  ? lock_downgrade+0x840/0x840
[ 1812.240416][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1812.245262][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1812.251283][T32173]  ? __might_fault+0x190/0x1d0
[ 1812.256029][T32173]  ? debug_smp_processor_id+0x2f/0x185
[ 1812.261472][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1812.266217][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1812.270701][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1812.276144][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1812.282106][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1812.286772][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1812.292735][T32173]  do_syscall_64+0xf6/0x7d0
[ 1812.297228][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1812.303100][T32173] RIP: 0033:0x45ca59
[ 1812.306972][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1812.326569][T32173] RSP: 002b:00007f656341ecf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1812.334957][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1812.342917][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1812.350864][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1812.358828][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1812.366775][T32173] R13: 0000000000c9fb6f R14: 00007f656341f9c0 R15: 000000000078bf0c
[ 1812.374737][T32173] syz-executor.1  S29824 19594   6929 0x00000000
[ 1812.381049][T32173] Call Trace:
[ 1812.384318][T32173]  __schedule+0x8f3/0x1fc0
[ 1812.388709][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1812.393974][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1812.399244][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1812.404680][T32173]  schedule+0xd0/0x2a0
[ 1812.408729][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1812.413834][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1812.419273][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1812.425237][T32173]  futex_wait+0x1e2/0x550
[ 1812.429552][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1812.434597][T32173]  ? print_usage_bug+0x240/0x240
[ 1812.439532][T32173]  ? hash_futex+0x10/0x200
[ 1812.443932][T32173]  ? futex_wake+0x153/0x480
[ 1812.448422][T32173]  ? perf_trace_lock+0xe2/0x4b0
[ 1812.453252][T32173]  ? do_wp_page+0x512/0x1440
[ 1812.457820][T32173]  ? debug_smp_processor_id+0x2f/0x185
[ 1812.463261][T32173]  do_futex+0x15f/0x1ad0
[ 1812.467576][T32173]  ? find_held_lock+0x2d/0x110
[ 1812.472338][T32173]  ? futex_exit_release+0x60/0x60
[ 1812.477343][T32173]  ? lock_downgrade+0x840/0x840
[ 1812.482174][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1812.487041][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1812.493010][T32173]  ? __might_fault+0x190/0x1d0
[ 1812.497751][T32173]  ? _copy_to_user+0x126/0x160
[ 1812.502499][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1812.507362][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1812.511846][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1812.517296][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1812.523252][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1812.527904][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1812.533862][T32173]  do_syscall_64+0xf6/0x7d0
[ 1812.538345][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1812.544215][T32173] RIP: 0033:0x45ca59
[ 1812.548086][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1812.567666][T32173] RSP: 002b:00007f7591596cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1812.576053][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1812.584022][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1812.591968][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1812.599944][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1812.607907][T32173] R13: 0000000000c9fb6f R14: 00007f75915979c0 R15: 000000000078bf0c
[ 1812.615870][T32173] syz-executor.1  S29824 19606   6929 0x00000000
[ 1812.622180][T32173] Call Trace:
[ 1812.625453][T32173]  __schedule+0x8f3/0x1fc0
[ 1812.629845][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1812.635109][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1812.640372][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1812.645808][T32173]  schedule+0xd0/0x2a0
[ 1812.649856][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1812.654944][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1812.660384][T32173]  futex_wait+0x1e2/0x550
[ 1812.664692][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1812.669716][T32173]  ? print_usage_bug+0x240/0x240
[ 1812.674641][T32173]  ? hash_futex+0x10/0x200
[ 1812.679032][T32173]  ? futex_wake+0x153/0x480
[ 1812.683522][T32173]  ? perf_trace_lock+0xe2/0x4b0
[ 1812.688349][T32173]  ? do_wp_page+0x512/0x1440
[ 1812.692915][T32173]  ? debug_smp_processor_id+0x2f/0x185
[ 1812.698364][T32173]  do_futex+0x15f/0x1ad0
[ 1812.702598][T32173]  ? find_held_lock+0x2d/0x110
[ 1812.707340][T32173]  ? futex_exit_release+0x60/0x60
[ 1812.712344][T32173]  ? lock_downgrade+0x840/0x840
[ 1812.717186][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1812.722037][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1812.727999][T32173]  ? __might_fault+0x190/0x1d0
[ 1812.732740][T32173]  ? _copy_to_user+0x126/0x160
[ 1812.737486][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1812.742230][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1812.746708][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1812.752143][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1812.758099][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1812.762755][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1812.768716][T32173]  do_syscall_64+0xf6/0x7d0
[ 1812.773204][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1812.779089][T32173] RIP: 0033:0x45ca59
[ 1812.782961][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1812.802539][T32173] RSP: 002b:00007f7591596cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1812.810925][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1812.818886][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1812.826848][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1812.834812][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1812.842773][T32173] R13: 0000000000c9fb6f R14: 00007f75915979c0 R15: 000000000078bf0c
[ 1812.850751][T32173] syz-executor.1  S29824 19634   6929 0x00000000
[ 1812.857061][T32173] Call Trace:
[ 1812.860328][T32173]  __schedule+0x8f3/0x1fc0
[ 1812.864772][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1812.870039][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1812.875319][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1812.880757][T32173]  schedule+0xd0/0x2a0
[ 1812.884819][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1812.889907][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1812.895342][T32173]  ? find_held_lock+0x2d/0x110
[ 1812.900104][T32173]  futex_wait+0x1e2/0x550
[ 1812.904429][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1812.909445][T32173]  ? print_usage_bug+0x240/0x240
[ 1812.914358][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1812.919549][T32173]  ? futex_wake+0x153/0x480
[ 1812.924037][T32173]  ? perf_trace_lock+0xe2/0x4b0
[ 1812.928887][T32173]  ? do_wp_page+0x512/0x1440
[ 1812.933572][T32173]  ? debug_smp_processor_id+0x2f/0x185
[ 1812.939008][T32173]  do_futex+0x15f/0x1ad0
[ 1812.943235][T32173]  ? find_held_lock+0x2d/0x110
[ 1812.947975][T32173]  ? futex_exit_release+0x60/0x60
[ 1812.952980][T32173]  ? lock_downgrade+0x840/0x840
[ 1812.957807][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1812.962634][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1812.968596][T32173]  ? __might_fault+0x190/0x1d0
[ 1812.973352][T32173]  ? _copy_to_user+0x126/0x160
[ 1812.978113][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1812.982856][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1812.987338][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1812.992789][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1812.998743][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1813.003396][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1813.009372][T32173]  do_syscall_64+0xf6/0x7d0
[ 1813.013876][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1813.019748][T32173] RIP: 0033:0x45ca59
[ 1813.023638][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1813.043217][T32173] RSP: 002b:00007f7591596cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1813.051617][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1813.060447][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1813.068409][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1813.076358][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1813.084307][T32173] R13: 0000000000c9fb6f R14: 00007f75915979c0 R15: 000000000078bf0c
[ 1813.092270][T32173] syz-executor.5  S29824 19650   7376 0x00000000
[ 1813.098594][T32173] Call Trace:
[ 1813.101864][T32173]  __schedule+0x8f3/0x1fc0
[ 1813.106258][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1813.111540][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1813.116803][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1813.122240][T32173]  schedule+0xd0/0x2a0
[ 1813.126288][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1813.131379][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1813.136812][T32173]  ? find_held_lock+0x2d/0x110
[ 1813.141559][T32173]  futex_wait+0x1e2/0x550
[ 1813.145883][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1813.150884][T32173]  ? print_usage_bug+0x240/0x240
[ 1813.155812][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1813.160987][T32173]  ? futex_wake+0x153/0x480
[ 1813.165474][T32173]  ? perf_trace_lock+0xe2/0x4b0
[ 1813.170301][T32173]  ? do_wp_page+0x512/0x1440
[ 1813.174866][T32173]  ? debug_smp_processor_id+0x2f/0x185
[ 1813.180303][T32173]  do_futex+0x15f/0x1ad0
[ 1813.184528][T32173]  ? find_held_lock+0x2d/0x110
[ 1813.189267][T32173]  ? futex_exit_release+0x60/0x60
[ 1813.194270][T32173]  ? lock_downgrade+0x840/0x840
[ 1813.199097][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1813.203922][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1813.209885][T32173]  ? __might_fault+0x190/0x1d0
[ 1813.214623][T32173]  ? _copy_to_user+0x126/0x160
[ 1813.219370][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1813.224129][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1813.228615][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1813.234051][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1813.240023][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1813.244683][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1813.250652][T32173]  do_syscall_64+0xf6/0x7d0
[ 1813.255144][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1813.261023][T32173] RIP: 0033:0x45ca59
[ 1813.264897][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1813.284477][T32173] RSP: 002b:00007f656341ecf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1813.292867][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1813.300845][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1813.308794][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1813.316745][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1813.324693][T32173] R13: 0000000000c9fb6f R14: 00007f656341f9c0 R15: 000000000078bf0c
[ 1813.332684][T32173] syz-executor.1  S29824 19653   6929 0x00000000
[ 1813.338995][T32173] Call Trace:
[ 1813.342268][T32173]  __schedule+0x8f3/0x1fc0
[ 1813.346665][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1813.351932][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1813.357194][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1813.362638][T32173]  schedule+0xd0/0x2a0
[ 1813.366703][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1813.371811][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1813.377250][T32173]  futex_wait+0x1e2/0x550
[ 1813.381558][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1813.386557][T32173]  ? print_usage_bug+0x240/0x240
[ 1813.391491][T32173]  ? hash_futex+0x10/0x200
[ 1813.395885][T32173]  ? futex_wake+0x153/0x480
[ 1813.400375][T32173]  ? perf_trace_lock+0xe2/0x4b0
[ 1813.405220][T32173]  ? do_wp_page+0x512/0x1440
[ 1813.409789][T32173]  ? debug_smp_processor_id+0x2f/0x185
[ 1813.415229][T32173]  do_futex+0x15f/0x1ad0
[ 1813.419456][T32173]  ? find_held_lock+0x2d/0x110
[ 1813.424201][T32173]  ? futex_exit_release+0x60/0x60
[ 1813.429207][T32173]  ? lock_downgrade+0x840/0x840
[ 1813.434062][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1813.438897][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1813.444863][T32173]  ? __might_fault+0x190/0x1d0
[ 1813.449609][T32173]  ? _copy_to_user+0x126/0x160
[ 1813.454359][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1813.459106][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1813.463609][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1813.469088][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1813.475045][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1813.479705][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1813.485667][T32173]  do_syscall_64+0xf6/0x7d0
[ 1813.490267][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1813.496155][T32173] RIP: 0033:0x45ca59
[ 1813.500057][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1813.519659][T32173] RSP: 002b:00007f7591596cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1813.528058][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1813.536026][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1813.543998][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1813.551970][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1813.559940][T32173] R13: 0000000000c9fb6f R14: 00007f75915979c0 R15: 000000000078bf0c
[ 1813.567934][T32173] syz-executor.5  S29824 19662   7376 0x00000000
[ 1813.574270][T32173] Call Trace:
[ 1813.577571][T32173]  __schedule+0x8f3/0x1fc0
[ 1813.581990][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1813.587283][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1813.592574][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1813.598039][T32173]  schedule+0xd0/0x2a0
[ 1813.602115][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1813.607224][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1813.612666][T32173]  futex_wait+0x1e2/0x550
[ 1813.616977][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1813.621979][T32173]  ? print_usage_bug+0x240/0x240
[ 1813.626894][T32173]  ? hash_futex+0x10/0x200
[ 1813.631302][T32173]  ? futex_wake+0x153/0x480
[ 1813.635807][T32173]  ? perf_trace_lock+0xe2/0x4b0
[ 1813.640636][T32173]  ? do_wp_page+0x512/0x1440
[ 1813.645203][T32173]  ? debug_smp_processor_id+0x2f/0x185
[ 1813.650646][T32173]  do_futex+0x15f/0x1ad0
[ 1813.654876][T32173]  ? find_held_lock+0x2d/0x110
[ 1813.659640][T32173]  ? futex_exit_release+0x60/0x60
[ 1813.664652][T32173]  ? lock_downgrade+0x840/0x840
[ 1813.669495][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1813.674337][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1813.680300][T32173]  ? __might_fault+0x190/0x1d0
[ 1813.685043][T32173]  ? _copy_to_user+0x126/0x160
[ 1813.689791][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1813.694534][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1813.699016][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1813.704468][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1813.710425][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1813.715077][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1813.721036][T32173]  do_syscall_64+0xf6/0x7d0
[ 1813.725521][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1813.731389][T32173] RIP: 0033:0x45ca59
[ 1813.735277][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1813.754859][T32173] RSP: 002b:00007f656341ecf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1813.763246][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1813.771197][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1813.779145][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1813.787093][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1813.795040][T32173] R13: 0000000000c9fb6f R14: 00007f656341f9c0 R15: 000000000078bf0c
[ 1813.803038][T32173] syz-executor.5  S29824 19671   7376 0x00000000
[ 1813.809358][T32173] Call Trace:
[ 1813.812630][T32173]  __schedule+0x8f3/0x1fc0
[ 1813.817021][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1813.822311][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1813.827597][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1813.833036][T32173]  schedule+0xd0/0x2a0
[ 1813.837084][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1813.842171][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1813.847609][T32173]  futex_wait+0x1e2/0x550
[ 1813.851919][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1813.856936][T32173]  ? print_usage_bug+0x240/0x240
[ 1813.861851][T32173]  ? hash_futex+0x10/0x200
[ 1813.866291][T32173]  ? futex_wake+0x153/0x480
[ 1813.870782][T32173]  ? perf_trace_lock+0xe2/0x4b0
[ 1813.875623][T32173]  ? do_wp_page+0x512/0x1440
[ 1813.880190][T32173]  ? debug_smp_processor_id+0x2f/0x185
[ 1813.885627][T32173]  do_futex+0x15f/0x1ad0
[ 1813.889856][T32173]  ? find_held_lock+0x2d/0x110
[ 1813.894598][T32173]  ? futex_exit_release+0x60/0x60
[ 1813.899620][T32173]  ? lock_downgrade+0x840/0x840
[ 1813.904454][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1813.909280][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1813.915258][T32173]  ? __might_fault+0x190/0x1d0
[ 1813.920000][T32173]  ? _copy_to_user+0x126/0x160
[ 1813.924746][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1813.929507][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1813.933989][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1813.939437][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1813.945396][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1813.950050][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1813.956026][T32173]  do_syscall_64+0xf6/0x7d0
[ 1813.960509][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1813.966389][T32173] RIP: 0033:0x45ca59
[ 1813.970261][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1813.989841][T32173] RSP: 002b:00007f656341ecf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1813.998226][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1814.006173][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1814.014130][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1814.022084][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1814.030037][T32173] R13: 0000000000c9fb6f R14: 00007f656341f9c0 R15: 000000000078bf0c
[ 1814.038009][T32173] syz-executor.2  T29728 19888   7087 0x00004004
[ 1814.044370][T32173] Call Trace:
[ 1814.047645][T32173]  __schedule+0x8f3/0x1fc0
[ 1814.052047][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1814.057319][T32173]  ? _raw_spin_unlock_irq+0x1f/0x80
[ 1814.062499][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1814.068460][T32173]  schedule+0xd0/0x2a0
[ 1814.072510][T32173]  do_signal_stop+0x31d/0x840
[ 1814.077170][T32173]  get_signal+0x100d/0x2510
[ 1814.081655][T32173]  ? do_send_specific+0x12b/0x240
[ 1814.086662][T32173]  do_signal+0x81/0x2240
[ 1814.090934][T32173]  ? check_kill_permission+0x53/0x540
[ 1814.096285][T32173]  ? copy_siginfo_to_user32+0xa0/0xa0
[ 1814.101635][T32173]  ? do_send_specific+0x14d/0x240
[ 1814.106637][T32173]  ? do_tkill+0x186/0x1f0
[ 1814.110950][T32173]  ? exit_to_usermode_loop+0x36/0x360
[ 1814.116298][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1814.122259][T32173]  exit_to_usermode_loop+0x26c/0x360
[ 1814.127524][T32173]  do_syscall_64+0x6b1/0x7d0
[ 1814.132092][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1814.137957][T32173] RIP: 0033:0x45ca59
[ 1814.141847][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1814.161424][T32173] RSP: 002b:00007f8cd7fe7c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000c8
[ 1814.169824][T32173] RAX: 0000000000000000 RBX: 000000000050ade0 RCX: 000000000045ca59
[ 1814.177785][T32173] RDX: 0000000000000000 RSI: 0001000000000016 RDI: 0000000000001188
[ 1814.185749][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1814.193697][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff
[ 1814.201652][T32173] R13: 0000000000000c6d R14: 00000000004cec8f R15: 00007f8cd7fe86d4
[ 1814.209626][T32173] syz-executor.2  T29608 19926   7087 0x00004004
[ 1814.215943][T32173] Call Trace:
[ 1814.219227][T32173]  __schedule+0x8f3/0x1fc0
[ 1814.223633][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1814.228891][T32173]  ? _raw_spin_unlock_irq+0x1f/0x80
[ 1814.234074][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1814.241214][T32173]  schedule+0xd0/0x2a0
[ 1814.245278][T32173]  do_signal_stop+0x31d/0x840
[ 1814.249979][T32173]  get_signal+0x100d/0x2510
[ 1814.254518][T32173]  ? do_send_specific+0x12b/0x240
[ 1814.259545][T32173]  do_signal+0x81/0x2240
[ 1814.263770][T32173]  ? check_kill_permission+0x53/0x540
[ 1814.269124][T32173]  ? copy_siginfo_to_user32+0xa0/0xa0
[ 1814.274489][T32173]  ? do_send_specific+0x14d/0x240
[ 1814.279507][T32173]  ? do_tkill+0x186/0x1f0
[ 1814.283840][T32173]  ? exit_to_usermode_loop+0x36/0x360
[ 1814.289205][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1814.295173][T32173]  exit_to_usermode_loop+0x26c/0x360
[ 1814.300438][T32173]  do_syscall_64+0x6b1/0x7d0
[ 1814.305026][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1814.310900][T32173] RIP: 0033:0x45ca59
[ 1814.314771][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1814.334356][T32173] RSP: 002b:00007f8cd7fe7c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000c8
[ 1814.342757][T32173] RAX: 0000000000000000 RBX: 000000000050ade0 RCX: 000000000045ca59
[ 1814.350721][T32173] RDX: 0000000000000000 RSI: 0001000000000016 RDI: 000000000000118c
[ 1814.358673][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1814.366791][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff
[ 1814.374748][T32173] R13: 0000000000000c6d R14: 00000000004cec8f R15: 00007f8cd7fe86d4
[ 1814.382810][T32173] syz-executor.2  T29856 19959   7087 0x00004004
[ 1814.389120][T32173] Call Trace:
[ 1814.392396][T32173]  __schedule+0x8f3/0x1fc0
[ 1814.396799][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1814.402076][T32173]  ? _raw_spin_unlock_irq+0x1f/0x80
[ 1814.407269][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1814.413236][T32173]  schedule+0xd0/0x2a0
[ 1814.417290][T32173]  do_signal_stop+0x31d/0x840
[ 1814.421950][T32173]  get_signal+0x100d/0x2510
[ 1814.426435][T32173]  ? do_send_specific+0x12b/0x240
[ 1814.431443][T32173]  do_signal+0x81/0x2240
[ 1814.435669][T32173]  ? check_kill_permission+0x53/0x540
[ 1814.441040][T32173]  ? copy_siginfo_to_user32+0xa0/0xa0
[ 1814.446391][T32173]  ? do_send_specific+0x14d/0x240
[ 1814.451490][T32173]  ? do_tkill+0x186/0x1f0
[ 1814.455804][T32173]  ? exit_to_usermode_loop+0x36/0x360
[ 1814.461194][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1814.467154][T32173]  exit_to_usermode_loop+0x26c/0x360
[ 1814.472420][T32173]  do_syscall_64+0x6b1/0x7d0
[ 1814.476988][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1814.482858][T32173] RIP: 0033:0x45ca59
[ 1814.486730][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1814.506348][T32173] RSP: 002b:00007f8cd7fe7c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000c8
[ 1814.514736][T32173] RAX: 0000000000000000 RBX: 000000000050ade0 RCX: 000000000045ca59
[ 1814.522683][T32173] RDX: 0000000000000000 RSI: 0001000000000016 RDI: 0000000000001190
[ 1814.530631][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1814.538593][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff
[ 1814.546541][T32173] R13: 0000000000000c6d R14: 00000000004cec8f R15: 00007f8cd7fe86d4
[ 1814.554502][T32173] syz-executor.2  T29792 19985   7087 0x00004004
[ 1814.560830][T32173] Call Trace:
[ 1814.564098][T32173]  __schedule+0x8f3/0x1fc0
[ 1814.568512][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1814.573775][T32173]  ? _raw_spin_unlock_irq+0x1f/0x80
[ 1814.578951][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1814.584910][T32173]  schedule+0xd0/0x2a0
[ 1814.588956][T32173]  do_signal_stop+0x31d/0x840
[ 1814.593614][T32173]  get_signal+0x100d/0x2510
[ 1814.598099][T32173]  ? do_send_specific+0x12b/0x240
[ 1814.603105][T32173]  do_signal+0x81/0x2240
[ 1814.607329][T32173]  ? copy_siginfo_to_user32+0xa0/0xa0
[ 1814.612675][T32173]  ? do_send_specific+0x14d/0x240
[ 1814.617674][T32173]  ? do_tkill+0x186/0x1f0
[ 1814.621986][T32173]  ? exit_to_usermode_loop+0x36/0x360
[ 1814.627333][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1814.633376][T32173]  exit_to_usermode_loop+0x26c/0x360
[ 1814.638657][T32173]  do_syscall_64+0x6b1/0x7d0
[ 1814.643239][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1814.649130][T32173] RIP: 0033:0x45ca59
[ 1814.653013][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1814.672631][T32173] RSP: 002b:00007f8cd7fe7c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000c8
[ 1814.681022][T32173] RAX: 0000000000000000 RBX: 000000000050ade0 RCX: 000000000045ca59
[ 1814.688968][T32173] RDX: 0000000000000000 RSI: 0001000000000016 RDI: 0000000000001194
[ 1814.696917][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1814.704905][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff
[ 1814.712859][T32173] R13: 0000000000000c6d R14: 00000000004cec8f R15: 00007f8cd7fe86d4
[ 1814.720881][T32173] syz-executor.2  T29856 20021   7087 0x00004004
[ 1814.727205][T32173] Call Trace:
[ 1814.730521][T32173]  __schedule+0x8f3/0x1fc0
[ 1814.734963][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1814.740230][T32173]  ? _raw_spin_unlock_irq+0x1f/0x80
[ 1814.745409][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1814.751374][T32173]  schedule+0xd0/0x2a0
[ 1814.755425][T32173]  do_signal_stop+0x31d/0x840
[ 1814.760086][T32173]  get_signal+0x100d/0x2510
[ 1814.764573][T32173]  ? do_send_specific+0x12b/0x240
[ 1814.769594][T32173]  do_signal+0x81/0x2240
[ 1814.773824][T32173]  ? check_kill_permission+0x53/0x540
[ 1814.779189][T32173]  ? copy_siginfo_to_user32+0xa0/0xa0
[ 1814.784599][T32173]  ? do_send_specific+0x14d/0x240
[ 1814.789610][T32173]  ? do_tkill+0x186/0x1f0
[ 1814.793926][T32173]  ? exit_to_usermode_loop+0x36/0x360
[ 1814.799287][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1814.805248][T32173]  exit_to_usermode_loop+0x26c/0x360
[ 1814.810515][T32173]  do_syscall_64+0x6b1/0x7d0
[ 1814.815084][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1814.820967][T32173] RIP: 0033:0x45ca59
[ 1814.824856][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1814.844450][T32173] RSP: 002b:00007f8cd7fe7c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000c8
[ 1814.852839][T32173] RAX: 0000000000000000 RBX: 000000000050ade0 RCX: 000000000045ca59
[ 1814.860790][T32173] RDX: 0000000000000000 RSI: 0001000000000016 RDI: 0000000000001198
[ 1814.868752][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1814.876700][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff
[ 1814.884650][T32173] R13: 0000000000000c6d R14: 00000000004cec8f R15: 00007f8cd7fe86d4
[ 1814.892712][T32173] syz-executor.2  T29824 20059   7087 0x00004004
[ 1814.899049][T32173] Call Trace:
[ 1814.902348][T32173]  __schedule+0x8f3/0x1fc0
[ 1814.906747][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1814.912011][T32173]  ? _raw_spin_unlock_irq+0x1f/0x80
[ 1814.917187][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1814.923151][T32173]  schedule+0xd0/0x2a0
[ 1814.927206][T32173]  do_signal_stop+0x31d/0x840
[ 1814.931868][T32173]  get_signal+0x100d/0x2510
[ 1814.936356][T32173]  ? do_send_specific+0x12b/0x240
[ 1814.941404][T32173]  do_signal+0x81/0x2240
[ 1814.945735][T32173]  ? check_kill_permission+0x53/0x540
[ 1814.951090][T32173]  ? copy_siginfo_to_user32+0xa0/0xa0
[ 1814.956440][T32173]  ? do_send_specific+0x14d/0x240
[ 1814.961443][T32173]  ? do_tkill+0x186/0x1f0
[ 1814.965756][T32173]  ? exit_to_usermode_loop+0x36/0x360
[ 1814.971106][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1814.977067][T32173]  exit_to_usermode_loop+0x26c/0x360
[ 1814.982347][T32173]  do_syscall_64+0x6b1/0x7d0
[ 1814.986915][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1814.992872][T32173] RIP: 0033:0x45ca59
[ 1814.996747][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1815.016325][T32173] RSP: 002b:00007f8cd7fe7c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000c8
[ 1815.024731][T32173] RAX: 0000000000000000 RBX: 000000000050ade0 RCX: 000000000045ca59
[ 1815.032695][T32173] RDX: 0000000000000000 RSI: 0001000000000016 RDI: 000000000000119c
[ 1815.040650][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1815.048596][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff
[ 1815.056543][T32173] R13: 0000000000000c6d R14: 00000000004cec8f R15: 00007f8cd7fe86d4
[ 1815.064505][T32173] syz-executor.3  S29824 21104   7107 0x00000000
[ 1815.070831][T32173] Call Trace:
[ 1815.074102][T32173]  __schedule+0x8f3/0x1fc0
[ 1815.078496][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1815.083763][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1815.089027][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1815.094485][T32173]  schedule+0xd0/0x2a0
[ 1815.098534][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1815.103622][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1815.109061][T32173]  futex_wait+0x1e2/0x550
[ 1815.113388][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1815.118389][T32173]  ? print_usage_bug+0x240/0x240
[ 1815.123306][T32173]  ? hash_futex+0x10/0x200
[ 1815.127698][T32173]  ? futex_wake+0x153/0x480
[ 1815.132185][T32173]  ? perf_trace_lock+0xe2/0x4b0
[ 1815.137024][T32173]  ? mark_lock+0x11f/0xdd0
[ 1815.141419][T32173]  ? debug_smp_processor_id+0x2f/0x185
[ 1815.146876][T32173]  do_futex+0x15f/0x1ad0
[ 1815.151100][T32173]  ? find_held_lock+0x2d/0x110
[ 1815.155844][T32173]  ? futex_exit_release+0x60/0x60
[ 1815.160845][T32173]  ? lock_downgrade+0x840/0x840
[ 1815.165672][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1815.170499][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1815.176461][T32173]  ? __might_fault+0x190/0x1d0
[ 1815.181202][T32173]  ? _copy_to_user+0x126/0x160
[ 1815.185944][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1815.190690][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1815.195172][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1815.200607][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1815.206562][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1815.211215][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1815.217174][T32173]  do_syscall_64+0xf6/0x7d0
[ 1815.221656][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1815.227522][T32173] RIP: 0033:0x45ca59
[ 1815.231394][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1815.250976][T32173] RSP: 002b:00007f65face9cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1815.259361][T32173] RAX: ffffffffffffffda RBX: 000000000078bfa8 RCX: 000000000045ca59
[ 1815.267308][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bfa8
[ 1815.275255][T32173] RBP: 000000000078bfa0 R08: 0000000000000000 R09: 0000000000000000
[ 1815.283209][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bfac
[ 1815.291156][T32173] R13: 0000000000c9fb6f R14: 00007f65facea9c0 R15: 000000000078bfac
[ 1815.299119][T32173] syz-executor.3  S29824 21315   7107 0x00000000
[ 1815.305443][T32173] Call Trace:
[ 1815.308712][T32173]  __schedule+0x8f3/0x1fc0
[ 1815.313105][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1815.318367][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1815.323636][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1815.329072][T32173]  schedule+0xd0/0x2a0
[ 1815.333122][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1815.338209][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1815.343647][T32173]  futex_wait+0x1e2/0x550
[ 1815.347979][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1815.352980][T32173]  ? print_usage_bug+0x240/0x240
[ 1815.357896][T32173]  ? hash_futex+0x10/0x200
[ 1815.362290][T32173]  ? futex_wake+0x153/0x480
[ 1815.366794][T32173]  ? perf_trace_lock+0xe2/0x4b0
[ 1815.371623][T32173]  ? do_wp_page+0x512/0x1440
[ 1815.376187][T32173]  ? debug_smp_processor_id+0x2f/0x185
[ 1815.381627][T32173]  do_futex+0x15f/0x1ad0
[ 1815.385854][T32173]  ? find_held_lock+0x2d/0x110
[ 1815.390613][T32173]  ? futex_exit_release+0x60/0x60
[ 1815.395614][T32173]  ? lock_downgrade+0x840/0x840
[ 1815.400441][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1815.405288][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1815.411263][T32173]  ? __might_fault+0x190/0x1d0
[ 1815.416009][T32173]  ? _copy_to_user+0x126/0x160
[ 1815.420761][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1815.425512][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1815.430000][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1815.435491][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1815.441453][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1815.446110][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1815.452073][T32173]  do_syscall_64+0xf6/0x7d0
[ 1815.456562][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1815.462429][T32173] RIP: 0033:0x45ca59
[ 1815.466301][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1815.485881][T32173] RSP: 002b:00007f65fad0acf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1815.494284][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1815.502234][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1815.510182][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1815.518128][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1815.526162][T32173] R13: 0000000000c9fb6f R14: 00007f65fad0b9c0 R15: 000000000078bf0c
[ 1815.534125][T32173] syz-executor.3  S29824 21318   7107 0x00000000
[ 1815.540437][T32173] Call Trace:
[ 1815.543709][T32173]  __schedule+0x8f3/0x1fc0
[ 1815.548104][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1815.553369][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1815.558633][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1815.564074][T32173]  schedule+0xd0/0x2a0
[ 1815.568122][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1815.573210][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1815.578646][T32173]  ? find_held_lock+0x2d/0x110
[ 1815.583391][T32173]  futex_wait+0x1e2/0x550
[ 1815.587701][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1815.592703][T32173]  ? print_usage_bug+0x240/0x240
[ 1815.597631][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1815.602807][T32173]  ? futex_wake+0x153/0x480
[ 1815.607313][T32173]  ? do_wp_page+0x512/0x1440
[ 1815.611882][T32173]  do_futex+0x15f/0x1ad0
[ 1815.616104][T32173]  ? perf_trace_lock+0xe2/0x4b0
[ 1815.620934][T32173]  ? __bfs+0x520/0x520
[ 1815.624980][T32173]  ? _raw_spin_unlock+0x24/0x40
[ 1815.629807][T32173]  ? futex_exit_release+0x60/0x60
[ 1815.634831][T32173]  ? do_page_fault+0x5ad/0x13d4
[ 1815.639665][T32173]  ? lock_downgrade+0x840/0x840
[ 1815.644492][T32173]  ? handle_mm_fault+0xcbc/0x3c10
[ 1815.649515][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1815.654287][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1815.658788][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1815.664223][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1815.670201][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1815.674855][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1815.680830][T32173]  do_syscall_64+0xf6/0x7d0
[ 1815.685311][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1815.691184][T32173] RIP: 0033:0x45ca59
[ 1815.695054][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1815.714655][T32173] RSP: 002b:00007f65face9cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1815.723040][T32173] RAX: ffffffffffffffda RBX: 000000000078bfa8 RCX: 000000000045ca59
[ 1815.730990][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bfa8
[ 1815.738952][T32173] RBP: 000000000078bfa0 R08: 0000000000000000 R09: 0000000000000000
[ 1815.746916][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bfac
[ 1815.754863][T32173] R13: 0000000000c9fb6f R14: 00007f65facea9c0 R15: 000000000078bfac
[ 1815.762840][T32173] syz-executor.3  S29824 21319   7107 0x00000000
[ 1815.769150][T32173] Call Trace:
[ 1815.772420][T32173]  __schedule+0x8f3/0x1fc0
[ 1815.776814][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1815.782081][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1815.787344][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1815.792782][T32173]  schedule+0xd0/0x2a0
[ 1815.796828][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1815.801932][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1815.807370][T32173]  futex_wait+0x1e2/0x550
[ 1815.811684][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1815.816684][T32173]  ? print_usage_bug+0x240/0x240
[ 1815.821599][T32173]  ? hash_futex+0x10/0x200
[ 1815.825991][T32173]  ? futex_wake+0x153/0x480
[ 1815.830481][T32173]  ? perf_trace_lock+0xe2/0x4b0
[ 1815.835315][T32173]  ? debug_smp_processor_id+0x2f/0x185
[ 1815.840755][T32173]  do_futex+0x15f/0x1ad0
[ 1815.844998][T32173]  ? find_held_lock+0x2d/0x110
[ 1815.849743][T32173]  ? futex_exit_release+0x60/0x60
[ 1815.854743][T32173]  ? lock_downgrade+0x840/0x840
[ 1815.859571][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1815.864399][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1815.870365][T32173]  ? __might_fault+0x190/0x1d0
[ 1815.875211][T32173]  ? _copy_to_user+0x126/0x160
[ 1815.879956][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1815.884713][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1815.889194][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1815.894628][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1815.900586][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1815.905239][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1815.911214][T32173]  do_syscall_64+0xf6/0x7d0
[ 1815.915716][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1815.921600][T32173] RIP: 0033:0x45ca59
[ 1815.925473][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1815.945061][T32173] RSP: 002b:00007f65fad0acf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1815.953462][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1815.961409][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1815.969355][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1815.977303][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1815.985269][T32173] R13: 0000000000c9fb6f R14: 00007f65fad0b9c0 R15: 000000000078bf0c
[ 1815.993231][T32173] syz-executor.3  S29824 21321   7107 0x00000000
[ 1815.999543][T32173] Call Trace:
[ 1816.002815][T32173]  __schedule+0x8f3/0x1fc0
[ 1816.007207][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1816.012471][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1816.017733][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1816.023189][T32173]  schedule+0xd0/0x2a0
[ 1816.027236][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1816.032338][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1816.037776][T32173]  futex_wait+0x1e2/0x550
[ 1816.042101][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1816.047101][T32173]  ? print_usage_bug+0x240/0x240
[ 1816.052017][T32173]  ? hash_futex+0x10/0x200
[ 1816.056414][T32173]  ? futex_wake+0x153/0x480
[ 1816.060904][T32173]  ? do_wp_page+0x512/0x1440
[ 1816.065474][T32173]  do_futex+0x15f/0x1ad0
[ 1816.069696][T32173]  ? perf_trace_lock+0xe2/0x4b0
[ 1816.074526][T32173]  ? __bfs+0x520/0x520
[ 1816.078571][T32173]  ? _raw_spin_unlock+0x24/0x40
[ 1816.083401][T32173]  ? futex_exit_release+0x60/0x60
[ 1816.088406][T32173]  ? do_page_fault+0x5ad/0x13d4
[ 1816.093255][T32173]  ? lock_downgrade+0x840/0x840
[ 1816.098080][T32173]  ? handle_mm_fault+0xcbc/0x3c10
[ 1816.103091][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1816.107833][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1816.112315][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1816.117747][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1816.123704][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1816.128355][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1816.134313][T32173]  do_syscall_64+0xf6/0x7d0
[ 1816.138794][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1816.144662][T32173] RIP: 0033:0x45ca59
[ 1816.148534][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1816.168112][T32173] RSP: 002b:00007f65face9cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1816.176497][T32173] RAX: ffffffffffffffda RBX: 000000000078bfa8 RCX: 000000000045ca59
[ 1816.184461][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bfa8
[ 1816.192410][T32173] RBP: 000000000078bfa0 R08: 0000000000000000 R09: 0000000000000000
[ 1816.200368][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bfac
[ 1816.208324][T32173] R13: 0000000000c9fb6f R14: 00007f65facea9c0 R15: 000000000078bfac
[ 1816.216292][T32173] syz-executor.3  S29824 21343   7107 0x00000000
[ 1816.222658][T32173] Call Trace:
[ 1816.225938][T32173]  __schedule+0x8f3/0x1fc0
[ 1816.230338][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1816.235647][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1816.240915][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1816.246370][T32173]  schedule+0xd0/0x2a0
[ 1816.250426][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1816.255517][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1816.260958][T32173]  futex_wait+0x1e2/0x550
[ 1816.265273][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1816.270280][T32173]  ? print_usage_bug+0x240/0x240
[ 1816.275202][T32173]  ? hash_futex+0x10/0x200
[ 1816.279602][T32173]  ? futex_wake+0x153/0x480
[ 1816.284095][T32173]  ? perf_trace_lock+0xe2/0x4b0
[ 1816.288926][T32173]  ? do_wp_page+0x512/0x1440
[ 1816.293512][T32173]  ? debug_smp_processor_id+0x2f/0x185
[ 1816.298952][T32173]  do_futex+0x15f/0x1ad0
[ 1816.303180][T32173]  ? find_held_lock+0x2d/0x110
[ 1816.307922][T32173]  ? futex_exit_release+0x60/0x60
[ 1816.312928][T32173]  ? lock_downgrade+0x840/0x840
[ 1816.317762][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1816.322590][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1816.328571][T32173]  ? __might_fault+0x190/0x1d0
[ 1816.333314][T32173]  ? _copy_to_user+0x126/0x160
[ 1816.338078][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1816.342823][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1816.347307][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1816.352766][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1816.358723][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1816.363381][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1816.369340][T32173]  do_syscall_64+0xf6/0x7d0
[ 1816.373824][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1816.379692][T32173] RIP: 0033:0x45ca59
[ 1816.383564][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1816.403159][T32173] RSP: 002b:00007f65fad0acf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1816.411561][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1816.419523][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1816.427503][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1816.435449][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1816.443450][T32173] R13: 0000000000c9fb6f R14: 00007f65fad0b9c0 R15: 000000000078bf0c
[ 1816.451459][T32173] syz-executor.3  S28904 21345   7107 0x00000000
[ 1816.457786][T32173] Call Trace:
[ 1816.461104][T32173]  __schedule+0x8f3/0x1fc0
[ 1816.465500][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1816.470769][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1816.476094][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1816.481582][T32173]  schedule+0xd0/0x2a0
[ 1816.485639][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1816.490736][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1816.496182][T32173]  futex_wait+0x1e2/0x550
[ 1816.500496][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1816.505499][T32173]  ? print_usage_bug+0x240/0x240
[ 1816.510418][T32173]  ? hash_futex+0x10/0x200
[ 1816.514813][T32173]  ? futex_wake+0x153/0x480
[ 1816.519307][T32173]  ? do_wp_page+0x512/0x1440
[ 1816.523880][T32173]  do_futex+0x15f/0x1ad0
[ 1816.528104][T32173]  ? perf_trace_lock+0xe2/0x4b0
[ 1816.532944][T32173]  ? __bfs+0x520/0x520
[ 1816.536989][T32173]  ? _raw_spin_unlock+0x24/0x40
[ 1816.541817][T32173]  ? futex_exit_release+0x60/0x60
[ 1816.546823][T32173]  ? do_page_fault+0x5ad/0x13d4
[ 1816.551661][T32173]  ? lock_downgrade+0x840/0x840
[ 1816.556503][T32173]  ? handle_mm_fault+0xcbc/0x3c10
[ 1816.561513][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1816.566254][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1816.570755][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1816.576190][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1816.582147][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1816.586799][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1816.592755][T32173]  do_syscall_64+0xf6/0x7d0
[ 1816.597238][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1816.603106][T32173] RIP: 0033:0x45ca59
[ 1816.606978][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1816.626576][T32173] RSP: 002b:00007f65face9cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1816.634978][T32173] RAX: ffffffffffffffda RBX: 000000000078bfa8 RCX: 000000000045ca59
[ 1816.642925][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bfa8
[ 1816.650887][T32173] RBP: 000000000078bfa0 R08: 0000000000000000 R09: 0000000000000000
[ 1816.658841][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bfac
[ 1816.666817][T32173] R13: 0000000000c9fb6f R14: 00007f65facea9c0 R15: 000000000078bfac
[ 1816.674784][T32173] syz-executor.2  S29824 21380   7087 0x00000000
[ 1816.681096][T32173] Call Trace:
[ 1816.684365][T32173]  __schedule+0x8f3/0x1fc0
[ 1816.688758][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1816.694023][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1816.699304][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1816.704743][T32173]  schedule+0xd0/0x2a0
[ 1816.708789][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1816.713879][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1816.719325][T32173]  ? find_held_lock+0x2d/0x110
[ 1816.724068][T32173]  futex_wait+0x1e2/0x550
[ 1816.728481][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1816.733482][T32173]  ? print_usage_bug+0x240/0x240
[ 1816.738414][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1816.743614][T32173]  ? futex_wake+0x153/0x480
[ 1816.748101][T32173]  ? perf_trace_lock+0xe2/0x4b0
[ 1816.752947][T32173]  ? do_wp_page+0x512/0x1440
[ 1816.757514][T32173]  ? debug_smp_processor_id+0x2f/0x185
[ 1816.762954][T32173]  do_futex+0x15f/0x1ad0
[ 1816.767179][T32173]  ? find_held_lock+0x2d/0x110
[ 1816.771937][T32173]  ? futex_exit_release+0x60/0x60
[ 1816.776940][T32173]  ? lock_downgrade+0x840/0x840
[ 1816.781770][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1816.786613][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1816.792586][T32173]  ? __might_fault+0x190/0x1d0
[ 1816.797346][T32173]  ? _copy_to_user+0x126/0x160
[ 1816.802092][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1816.806835][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1816.811316][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1816.816765][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1816.822722][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1816.827374][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1816.833337][T32173]  do_syscall_64+0xf6/0x7d0
[ 1816.837821][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1816.843687][T32173] RIP: 0033:0x45ca59
[ 1816.847595][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1816.867191][T32173] RSP: 002b:00007f8cd7fe7cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1816.875582][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1816.883556][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1816.891502][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1816.899453][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1816.907417][T32173] R13: 0000000000c9fb6f R14: 00007f8cd7fe89c0 R15: 000000000078bf0c
[ 1816.915397][T32173] syz-executor.2  S29824 21383   7087 0x00000000
[ 1816.921709][T32173] Call Trace:
[ 1816.924979][T32173]  __schedule+0x8f3/0x1fc0
[ 1816.929374][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1816.934654][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1816.939918][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1816.945356][T32173]  schedule+0xd0/0x2a0
[ 1816.949442][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1816.954542][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1816.959992][T32173]  ? find_held_lock+0x2d/0x110
[ 1816.964736][T32173]  futex_wait+0x1e2/0x550
[ 1816.969045][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1816.974046][T32173]  ? print_usage_bug+0x240/0x240
[ 1816.978963][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1816.984138][T32173]  ? futex_wake+0x153/0x480
[ 1816.988629][T32173]  ? do_wp_page+0x512/0x1440
[ 1816.993199][T32173]  do_futex+0x15f/0x1ad0
[ 1816.997421][T32173]  ? perf_trace_lock+0xe2/0x4b0
[ 1817.002266][T32173]  ? __bfs+0x520/0x520
[ 1817.006311][T32173]  ? _raw_spin_unlock+0x24/0x40
[ 1817.011138][T32173]  ? futex_exit_release+0x60/0x60
[ 1817.016162][T32173]  ? do_page_fault+0x5ad/0x13d4
[ 1817.021009][T32173]  ? lock_downgrade+0x840/0x840
[ 1817.025837][T32173]  ? handle_mm_fault+0xcbc/0x3c10
[ 1817.030871][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1817.035628][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1817.040109][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1817.045559][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1817.051516][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1817.056168][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1817.062127][T32173]  do_syscall_64+0xf6/0x7d0
[ 1817.066607][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1817.072474][T32173] RIP: 0033:0x45ca59
[ 1817.076344][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1817.095940][T32173] RSP: 002b:00007f8cd7fc6cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1817.104339][T32173] RAX: ffffffffffffffda RBX: 000000000078bfa8 RCX: 000000000045ca59
[ 1817.112305][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bfa8
[ 1817.120273][T32173] RBP: 000000000078bfa0 R08: 0000000000000000 R09: 0000000000000000
[ 1817.128218][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bfac
[ 1817.136165][T32173] R13: 0000000000c9fb6f R14: 00007f8cd7fc79c0 R15: 000000000078bfac
[ 1817.144142][T32173] syz-executor.3  S29824 21388   7107 0x00000000
[ 1817.150452][T32173] Call Trace:
[ 1817.153732][T32173]  __schedule+0x8f3/0x1fc0
[ 1817.158122][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1817.163387][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1817.168649][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1817.174085][T32173]  schedule+0xd0/0x2a0
[ 1817.178132][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1817.183221][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1817.188677][T32173]  futex_wait+0x1e2/0x550
[ 1817.192988][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1817.197987][T32173]  ? print_usage_bug+0x240/0x240
[ 1817.202903][T32173]  ? hash_futex+0x10/0x200
[ 1817.207296][T32173]  ? futex_wake+0x153/0x480
[ 1817.211786][T32173]  ? perf_trace_lock+0xe2/0x4b0
[ 1817.216612][T32173]  ? debug_smp_processor_id+0x2f/0x185
[ 1817.222065][T32173]  do_futex+0x15f/0x1ad0
[ 1817.226306][T32173]  ? find_held_lock+0x2d/0x110
[ 1817.231048][T32173]  ? futex_exit_release+0x60/0x60
[ 1817.236052][T32173]  ? lock_downgrade+0x840/0x840
[ 1817.240895][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1817.245728][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1817.251709][T32173]  ? __might_fault+0x190/0x1d0
[ 1817.256451][T32173]  ? _copy_to_user+0x126/0x160
[ 1817.261214][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1817.265958][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1817.270442][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1817.275891][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1817.281870][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1817.286522][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1817.292499][T32173]  do_syscall_64+0xf6/0x7d0
[ 1817.297000][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1817.302867][T32173] RIP: 0033:0x45ca59
[ 1817.306738][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1817.326328][T32173] RSP: 002b:00007f65fad0acf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1817.334730][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1817.342686][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1817.350636][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1817.358598][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1817.366561][T32173] R13: 0000000000c9fb6f R14: 00007f65fad0b9c0 R15: 000000000078bf0c
[ 1817.374540][T32173] syz-executor.3  S29824 21389   7107 0x00000000
[ 1817.384684][T32173] Call Trace:
[ 1817.387974][T32173]  __schedule+0x8f3/0x1fc0
[ 1817.392384][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1817.397658][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1817.402931][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1817.408381][T32173]  schedule+0xd0/0x2a0
[ 1817.412433][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1817.417524][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1817.422968][T32173]  futex_wait+0x1e2/0x550
[ 1817.427277][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1817.432279][T32173]  ? print_usage_bug+0x240/0x240
[ 1817.437199][T32173]  ? hash_futex+0x10/0x200
[ 1817.441591][T32173]  ? futex_wake+0x153/0x480
[ 1817.446101][T32173]  ? do_wp_page+0x512/0x1440
[ 1817.450673][T32173]  do_futex+0x15f/0x1ad0
[ 1817.454895][T32173]  ? perf_trace_lock+0xe2/0x4b0
[ 1817.459723][T32173]  ? __bfs+0x520/0x520
[ 1817.463769][T32173]  ? _raw_spin_unlock+0x24/0x40
[ 1817.468597][T32173]  ? futex_exit_release+0x60/0x60
[ 1817.473603][T32173]  ? do_page_fault+0x5ad/0x13d4
[ 1817.478434][T32173]  ? lock_downgrade+0x840/0x840
[ 1817.483259][T32173]  ? handle_mm_fault+0xcbc/0x3c10
[ 1817.488271][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1817.493016][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1817.497499][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1817.502936][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1817.508944][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1817.513598][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1817.519558][T32173]  do_syscall_64+0xf6/0x7d0
[ 1817.524038][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1817.529905][T32173] RIP: 0033:0x45ca59
[ 1817.533780][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1817.553358][T32173] RSP: 002b:00007f65face9cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1817.561744][T32173] RAX: ffffffffffffffda RBX: 000000000078bfa8 RCX: 000000000045ca59
[ 1817.569692][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bfa8
[ 1817.577640][T32173] RBP: 000000000078bfa0 R08: 0000000000000000 R09: 0000000000000000
[ 1817.585606][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bfac
[ 1817.593553][T32173] R13: 0000000000c9fb6f R14: 00007f65facea9c0 R15: 000000000078bfac
[ 1817.601515][T32173] syz-executor.3  S29824 21422   7107 0x00000000
[ 1817.607833][T32173] Call Trace:
[ 1817.611101][T32173]  __schedule+0x8f3/0x1fc0
[ 1817.615617][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1817.620882][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1817.626145][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1817.631590][T32173]  schedule+0xd0/0x2a0
[ 1817.635637][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1817.640741][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1817.646187][T32173]  ? find_held_lock+0x2d/0x110
[ 1817.650939][T32173]  futex_wait+0x1e2/0x550
[ 1817.655248][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1817.660268][T32173]  ? print_usage_bug+0x240/0x240
[ 1817.665199][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1817.670390][T32173]  ? futex_wake+0x153/0x480
[ 1817.674892][T32173]  ? do_wp_page+0x512/0x1440
[ 1817.679474][T32173]  do_futex+0x15f/0x1ad0
[ 1817.683706][T32173]  ? perf_trace_lock+0xe2/0x4b0
[ 1817.688543][T32173]  ? __bfs+0x520/0x520
[ 1817.692599][T32173]  ? _raw_spin_unlock+0x24/0x40
[ 1817.697430][T32173]  ? futex_exit_release+0x60/0x60
[ 1817.702457][T32173]  ? do_page_fault+0x5ad/0x13d4
[ 1817.707305][T32173]  ? lock_downgrade+0x840/0x840
[ 1817.712132][T32173]  ? handle_mm_fault+0xcbc/0x3c10
[ 1817.717143][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1817.721889][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1817.726372][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1817.731820][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1817.737789][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1817.742496][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1817.748494][T32173]  do_syscall_64+0xf6/0x7d0
[ 1817.752978][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1817.759976][T32173] RIP: 0033:0x45ca59
[ 1817.763852][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1817.783433][T32173] RSP: 002b:00007f65face9cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1817.791994][T32173] RAX: ffffffffffffffda RBX: 000000000078bfa8 RCX: 000000000045ca59
[ 1817.799957][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bfa8
[ 1817.807957][T32173] RBP: 000000000078bfa0 R08: 0000000000000000 R09: 0000000000000000
[ 1817.815913][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bfac
[ 1817.823868][T32173] R13: 0000000000c9fb6f R14: 00007f65facea9c0 R15: 000000000078bfac
[ 1817.831837][T32173] syz-executor.3  S29824 21423   7107 0x00000000
[ 1817.838151][T32173] Call Trace:
[ 1817.841464][T32173]  __schedule+0x8f3/0x1fc0
[ 1817.845867][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1817.851155][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1817.856429][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1817.861877][T32173]  schedule+0xd0/0x2a0
[ 1817.865938][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1817.871085][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1817.876543][T32173]  futex_wait+0x1e2/0x550
[ 1817.880859][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1817.885863][T32173]  ? print_usage_bug+0x240/0x240
[ 1817.890808][T32173]  ? hash_futex+0x10/0x200
[ 1817.895203][T32173]  ? futex_wake+0x153/0x480
[ 1817.899691][T32173]  ? perf_trace_lock+0xe2/0x4b0
[ 1817.904559][T32173]  ? debug_smp_processor_id+0x2f/0x185
[ 1817.909999][T32173]  do_futex+0x15f/0x1ad0
[ 1817.914225][T32173]  ? find_held_lock+0x2d/0x110
[ 1817.918967][T32173]  ? futex_exit_release+0x60/0x60
[ 1817.923971][T32173]  ? lock_downgrade+0x840/0x840
[ 1817.928800][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1817.933629][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1817.939593][T32173]  ? __might_fault+0x190/0x1d0
[ 1817.944334][T32173]  ? _copy_to_user+0x126/0x160
[ 1817.949113][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1817.953861][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1817.958343][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1817.963775][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1817.969773][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1817.974428][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1817.980411][T32173]  do_syscall_64+0xf6/0x7d0
[ 1817.984896][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1817.990763][T32173] RIP: 0033:0x45ca59
[ 1817.994635][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1818.014212][T32173] RSP: 002b:00007f65fad0acf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1818.022598][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1818.030546][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1818.038494][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1818.046441][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1818.054404][T32173] R13: 0000000000c9fb6f R14: 00007f65fad0b9c0 R15: 000000000078bf0c
[ 1818.062366][T32173] syz-executor.2  S29824 21428   7087 0x00000000
[ 1818.068673][T32173] Call Trace:
[ 1818.071945][T32173]  __schedule+0x8f3/0x1fc0
[ 1818.076339][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1818.081606][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1818.086886][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1818.092449][T32173]  schedule+0xd0/0x2a0
[ 1818.096496][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1818.101584][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1818.107020][T32173]  futex_wait+0x1e2/0x550
[ 1818.111329][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1818.116331][T32173]  ? print_usage_bug+0x240/0x240
[ 1818.121258][T32173]  ? hash_futex+0x10/0x200
[ 1818.125649][T32173]  ? futex_wake+0x153/0x480
[ 1818.130136][T32173]  ? perf_trace_lock+0xe2/0x4b0
[ 1818.134982][T32173]  ? debug_smp_processor_id+0x2f/0x185
[ 1818.140420][T32173]  do_futex+0x15f/0x1ad0
[ 1818.144643][T32173]  ? find_held_lock+0x2d/0x110
[ 1818.149386][T32173]  ? futex_exit_release+0x60/0x60
[ 1818.154390][T32173]  ? lock_downgrade+0x840/0x840
[ 1818.159217][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1818.164042][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1818.170021][T32173]  ? __might_fault+0x190/0x1d0
[ 1818.174773][T32173]  ? _copy_to_user+0x126/0x160
[ 1818.179575][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1818.184330][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1818.188820][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1818.194261][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1818.200222][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1818.204877][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1818.210840][T32173]  do_syscall_64+0xf6/0x7d0
[ 1818.215371][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1818.221240][T32173] RIP: 0033:0x45ca59
[ 1818.225113][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1818.244722][T32173] RSP: 002b:00007f8cd7fe7cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1818.253110][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1818.261058][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1818.269544][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1818.277490][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1818.285439][T32173] R13: 0000000000c9fb6f R14: 00007f8cd7fe89c0 R15: 000000000078bf0c
[ 1818.293411][T32173] syz-executor.2  S29824 21429   7087 0x00000000
[ 1818.299728][T32173] Call Trace:
[ 1818.302997][T32173]  __schedule+0x8f3/0x1fc0
[ 1818.307410][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1818.312690][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1818.317975][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1818.323413][T32173]  schedule+0xd0/0x2a0
[ 1818.327460][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1818.332566][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1818.338018][T32173]  futex_wait+0x1e2/0x550
[ 1818.342345][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1818.347346][T32173]  ? print_usage_bug+0x240/0x240
[ 1818.352262][T32173]  ? hash_futex+0x10/0x200
[ 1818.356657][T32173]  ? futex_wake+0x153/0x480
[ 1818.361157][T32173]  ? do_wp_page+0x512/0x1440
[ 1818.365730][T32173]  do_futex+0x15f/0x1ad0
[ 1818.369954][T32173]  ? perf_trace_lock+0xe2/0x4b0
[ 1818.374784][T32173]  ? __bfs+0x520/0x520
[ 1818.378830][T32173]  ? _raw_spin_unlock+0x24/0x40
[ 1818.383678][T32173]  ? futex_exit_release+0x60/0x60
[ 1818.388699][T32173]  ? do_page_fault+0x5ad/0x13d4
[ 1818.393539][T32173]  ? lock_downgrade+0x840/0x840
[ 1818.398391][T32173]  ? handle_mm_fault+0xcbc/0x3c10
[ 1818.403416][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1818.408181][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1818.412717][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1818.418174][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1818.424179][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1818.428839][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1818.434805][T32173]  do_syscall_64+0xf6/0x7d0
[ 1818.439419][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1818.445287][T32173] RIP: 0033:0x45ca59
[ 1818.449201][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1818.468781][T32173] RSP: 002b:00007f8cd7fc6cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1818.477183][T32173] RAX: ffffffffffffffda RBX: 000000000078bfa8 RCX: 000000000045ca59
[ 1818.485142][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bfa8
[ 1818.493096][T32173] RBP: 000000000078bfa0 R08: 0000000000000000 R09: 0000000000000000
[ 1818.501046][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bfac
[ 1818.509038][T32173] R13: 0000000000c9fb6f R14: 00007f8cd7fc79c0 R15: 000000000078bfac
[ 1818.517003][T32173] syz-executor.2  S28904 21445   7087 0x00000000
[ 1818.523332][T32173] Call Trace:
[ 1818.526608][T32173]  __schedule+0x8f3/0x1fc0
[ 1818.531023][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1818.536296][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1818.541564][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1818.547002][T32173]  schedule+0xd0/0x2a0
[ 1818.551052][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1818.556139][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1818.561580][T32173]  futex_wait+0x1e2/0x550
[ 1818.565889][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1818.570891][T32173]  ? print_usage_bug+0x240/0x240
[ 1818.575807][T32173]  ? hash_futex+0x10/0x200
[ 1818.580202][T32173]  ? futex_wake+0x153/0x480
[ 1818.584696][T32173]  ? perf_trace_lock+0xe2/0x4b0
[ 1818.589526][T32173]  ? do_wp_page+0x512/0x1440
[ 1818.594091][T32173]  ? debug_smp_processor_id+0x2f/0x185
[ 1818.599529][T32173]  do_futex+0x15f/0x1ad0
[ 1818.603756][T32173]  ? find_held_lock+0x2d/0x110
[ 1818.608495][T32173]  ? futex_exit_release+0x60/0x60
[ 1818.613498][T32173]  ? lock_downgrade+0x840/0x840
[ 1818.618344][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1818.623171][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1818.629148][T32173]  ? __might_fault+0x190/0x1d0
[ 1818.633903][T32173]  ? _copy_to_user+0x126/0x160
[ 1818.638665][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1818.643416][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1818.647899][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1818.653347][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1818.659313][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1818.663973][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1818.669949][T32173]  do_syscall_64+0xf6/0x7d0
[ 1818.674431][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1818.680319][T32173] RIP: 0033:0x45ca59
[ 1818.684207][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1818.703786][T32173] RSP: 002b:00007f8cd7fe7cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1818.712171][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1818.720133][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1818.728080][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1818.736042][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1818.744005][T32173] R13: 0000000000c9fb6f R14: 00007f8cd7fe89c0 R15: 000000000078bf0c
[ 1818.751969][T32173] syz-executor.2  S29824 21451   7087 0x00000000
[ 1818.758296][T32173] Call Trace:
[ 1818.761566][T32173]  __schedule+0x8f3/0x1fc0
[ 1818.765975][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1818.771257][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1818.776535][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1818.781973][T32173]  schedule+0xd0/0x2a0
[ 1818.786034][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1818.791140][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1818.796579][T32173]  futex_wait+0x1e2/0x550
[ 1818.800889][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1818.805890][T32173]  ? print_usage_bug+0x240/0x240
[ 1818.810824][T32173]  ? hash_futex+0x10/0x200
[ 1818.815219][T32173]  ? futex_wake+0x153/0x480
[ 1818.819711][T32173]  ? do_wp_page+0x512/0x1440
[ 1818.824280][T32173]  do_futex+0x15f/0x1ad0
[ 1818.828518][T32173]  ? perf_trace_lock+0xe2/0x4b0
[ 1818.833427][T32173]  ? __bfs+0x520/0x520
[ 1818.837531][T32173]  ? _raw_spin_unlock+0x24/0x40
[ 1818.842420][T32173]  ? futex_exit_release+0x60/0x60
[ 1818.847436][T32173]  ? do_page_fault+0x5ad/0x13d4
[ 1818.852274][T32173]  ? lock_downgrade+0x840/0x840
[ 1818.857105][T32173]  ? handle_mm_fault+0xcbc/0x3c10
[ 1818.862173][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1818.866926][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1818.871463][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1818.876901][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1818.882875][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1818.887530][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1818.893499][T32173]  do_syscall_64+0xf6/0x7d0
[ 1818.897982][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1818.903854][T32173] RIP: 0033:0x45ca59
[ 1818.907741][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1818.927320][T32173] RSP: 002b:00007f8cd7fc6cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1818.935707][T32173] RAX: ffffffffffffffda RBX: 000000000078bfa8 RCX: 000000000045ca59
[ 1818.943655][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bfa8
[ 1818.951603][T32173] RBP: 000000000078bfa0 R08: 0000000000000000 R09: 0000000000000000
[ 1818.959554][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bfac
[ 1818.967500][T32173] R13: 0000000000c9fb6f R14: 00007f8cd7fc79c0 R15: 000000000078bfac
[ 1818.975464][T32173] syz-executor.5  S28880 21727   7376 0x00000000
[ 1818.981894][T32173] Call Trace:
[ 1818.985165][T32173]  __schedule+0x8f3/0x1fc0
[ 1818.989559][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1818.994824][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1819.000090][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1819.005546][T32173]  schedule+0xd0/0x2a0
[ 1819.009594][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1819.014687][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1819.020131][T32173]  futex_wait+0x1e2/0x550
[ 1819.024442][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1819.029447][T32173]  ? wake_up_q+0xc1/0x140
[ 1819.033751][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1819.038930][T32173]  ? futex_wake+0x153/0x480
[ 1819.043424][T32173]  ? perf_trace_lock+0xe2/0x4b0
[ 1819.048251][T32173]  ? debug_smp_processor_id+0x2f/0x185
[ 1819.053709][T32173]  do_futex+0x15f/0x1ad0
[ 1819.057950][T32173]  ? find_held_lock+0x2d/0x110
[ 1819.062693][T32173]  ? futex_exit_release+0x60/0x60
[ 1819.067697][T32173]  ? lock_downgrade+0x840/0x840
[ 1819.072542][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1819.077384][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1819.083347][T32173]  ? __might_fault+0x190/0x1d0
[ 1819.088094][T32173]  ? _copy_to_user+0x126/0x160
[ 1819.092857][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1819.097604][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1819.102088][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1819.107523][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1819.113497][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1819.118152][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1819.124128][T32173]  do_syscall_64+0xf6/0x7d0
[ 1819.128612][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1819.134480][T32173] RIP: 0033:0x45ca59
[ 1819.138353][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1819.157945][T32173] RSP: 002b:00007f656341ecf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1819.166446][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1819.174412][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1819.182365][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1819.190313][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1819.198273][T32173] R13: 0000000000c9fb6f R14: 00007f656341f9c0 R15: 000000000078bf0c
[ 1819.206248][T32173] syz-executor.5  S28880 21795   7376 0x00000000
[ 1819.212560][T32173] Call Trace:
[ 1819.215834][T32173]  __schedule+0x8f3/0x1fc0
[ 1819.220247][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1819.225511][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1819.230778][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1819.236218][T32173]  schedule+0xd0/0x2a0
[ 1819.240268][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1819.245357][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1819.250790][T32173]  ? find_held_lock+0x2d/0x110
[ 1819.255533][T32173]  futex_wait+0x1e2/0x550
[ 1819.259862][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1819.264864][T32173]  ? print_usage_bug+0x240/0x240
[ 1819.269786][T32173]  ? entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1819.275851][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1819.281028][T32173]  ? futex_wake+0x153/0x480
[ 1819.285523][T32173]  ? perf_trace_lock+0xe2/0x4b0
[ 1819.290352][T32173]  ? debug_smp_processor_id+0x2f/0x185
[ 1819.295789][T32173]  do_futex+0x15f/0x1ad0
[ 1819.300017][T32173]  ? find_held_lock+0x2d/0x110
[ 1819.304758][T32173]  ? futex_exit_release+0x60/0x60
[ 1819.309763][T32173]  ? lock_downgrade+0x840/0x840
[ 1819.314601][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1819.319430][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1819.325393][T32173]  ? __might_fault+0x190/0x1d0
[ 1819.330135][T32173]  ? _copy_to_user+0x126/0x160
[ 1819.334879][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1819.339639][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1819.344138][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1819.349637][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1819.355601][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1819.360263][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1819.366230][T32173]  do_syscall_64+0xf6/0x7d0
[ 1819.370719][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1819.376588][T32173] RIP: 0033:0x45ca59
[ 1819.380461][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1819.400089][T32173] RSP: 002b:00007f656341ecf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1819.408476][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1819.416432][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1819.424383][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1819.432419][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1819.440372][T32173] R13: 0000000000c9fb6f R14: 00007f656341f9c0 R15: 000000000078bf0c
[ 1819.448390][T32173] syz-executor.5  S28880 21813   7376 0x00000000
[ 1819.454708][T32173] Call Trace:
[ 1819.457989][T32173]  __schedule+0x8f3/0x1fc0
[ 1819.462424][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1819.467692][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1819.472957][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1819.478396][T32173]  schedule+0xd0/0x2a0
[ 1819.482446][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1819.487531][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1819.492963][T32173]  ? stack_trace_consume_entry+0x160/0x160
[ 1819.498749][T32173]  futex_wait+0x1e2/0x550
[ 1819.503058][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1819.508059][T32173]  ? print_usage_bug+0x240/0x240
[ 1819.512972][T32173]  ? entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1819.519019][T32173]  ? hash_futex+0x10/0x200
[ 1819.523424][T32173]  ? futex_wake+0x153/0x480
[ 1819.527959][T32173]  ? perf_trace_lock+0xe2/0x4b0
[ 1819.532786][T32173]  ? debug_smp_processor_id+0x2f/0x185
[ 1819.538259][T32173]  do_futex+0x15f/0x1ad0
[ 1819.542492][T32173]  ? find_held_lock+0x2d/0x110
[ 1819.547249][T32173]  ? futex_exit_release+0x60/0x60
[ 1819.552270][T32173]  ? lock_downgrade+0x840/0x840
[ 1819.557099][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1819.562044][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1819.568005][T32173]  ? __might_fault+0x190/0x1d0
[ 1819.572764][T32173]  ? _copy_to_user+0x126/0x160
[ 1819.577509][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1819.582253][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1819.586738][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1819.592176][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1819.598151][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1819.602806][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1819.608767][T32173]  do_syscall_64+0xf6/0x7d0
[ 1819.613249][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1819.619116][T32173] RIP: 0033:0x45ca59
[ 1819.623003][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1819.642597][T32173] RSP: 002b:00007f656341ecf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1819.650984][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1819.658931][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1819.666879][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1819.674825][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1819.682774][T32173] R13: 0000000000c9fb6f R14: 00007f656341f9c0 R15: 000000000078bf0c
[ 1819.690738][T32173] syz-executor.5  S28880 21860   7376 0x00000000
[ 1819.697061][T32173] Call Trace:
[ 1819.700333][T32173]  __schedule+0x8f3/0x1fc0
[ 1819.704726][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1819.709991][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1819.715268][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1819.720708][T32173]  schedule+0xd0/0x2a0
[ 1819.724754][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1819.729841][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1819.735279][T32173]  futex_wait+0x1e2/0x550
[ 1819.739588][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1819.744592][T32173]  ? print_usage_bug+0x240/0x240
[ 1819.749506][T32173]  ? entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1819.755550][T32173]  ? hash_futex+0x10/0x200
[ 1819.759942][T32173]  ? futex_wake+0x153/0x480
[ 1819.764431][T32173]  ? perf_trace_lock+0xe2/0x4b0
[ 1819.769265][T32173]  ? debug_smp_processor_id+0x2f/0x185
[ 1819.774709][T32173]  do_futex+0x15f/0x1ad0
[ 1819.778937][T32173]  ? find_held_lock+0x2d/0x110
[ 1819.783703][T32173]  ? futex_exit_release+0x60/0x60
[ 1819.788709][T32173]  ? lock_downgrade+0x840/0x840
[ 1819.793554][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1819.798380][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1819.804358][T32173]  ? __might_fault+0x190/0x1d0
[ 1819.809100][T32173]  ? _copy_to_user+0x126/0x160
[ 1819.813846][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1819.818588][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1819.823071][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1819.828502][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1819.834461][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1819.839113][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1819.845071][T32173]  do_syscall_64+0xf6/0x7d0
[ 1819.849553][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1819.855420][T32173] RIP: 0033:0x45ca59
[ 1819.859293][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1819.878887][T32173] RSP: 002b:00007f656341ecf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1819.887275][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1819.895224][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1819.903187][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1819.911135][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1819.919081][T32173] R13: 0000000000c9fb6f R14: 00007f656341f9c0 R15: 000000000078bf0c
[ 1819.927045][T32173] syz-executor.5  S28880 21889   7376 0x00000000
[ 1819.933357][T32173] Call Trace:
[ 1819.936627][T32173]  __schedule+0x8f3/0x1fc0
[ 1819.941023][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1819.946300][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1819.951585][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1819.957049][T32173]  schedule+0xd0/0x2a0
[ 1819.961099][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1819.966188][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1819.971624][T32173]  ? find_held_lock+0x2d/0x110
[ 1819.976369][T32173]  futex_wait+0x1e2/0x550
[ 1819.980704][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1819.985706][T32173]  ? print_usage_bug+0x240/0x240
[ 1819.990636][T32173]  ? entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1819.996687][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1820.001864][T32173]  ? futex_wake+0x153/0x480
[ 1820.006368][T32173]  ? perf_trace_lock+0xe2/0x4b0
[ 1820.011194][T32173]  ? debug_smp_processor_id+0x2f/0x185
[ 1820.016631][T32173]  do_futex+0x15f/0x1ad0
[ 1820.020871][T32173]  ? find_held_lock+0x2d/0x110
[ 1820.025615][T32173]  ? futex_exit_release+0x60/0x60
[ 1820.030617][T32173]  ? lock_downgrade+0x840/0x840
[ 1820.035458][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1820.040289][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1820.046250][T32173]  ? __might_fault+0x190/0x1d0
[ 1820.051009][T32173]  ? _copy_to_user+0x126/0x160
[ 1820.055754][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1820.060498][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1820.064995][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1820.070431][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1820.076387][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1820.081041][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1820.087001][T32173]  do_syscall_64+0xf6/0x7d0
[ 1820.091501][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1820.097369][T32173] RIP: 0033:0x45ca59
[ 1820.101243][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1820.120820][T32173] RSP: 002b:00007f656341ecf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1820.129211][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1820.137161][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1820.145108][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1820.153054][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1820.161001][T32173] R13: 0000000000c9fb6f R14: 00007f656341f9c0 R15: 000000000078bf0c
[ 1820.168963][T32173] syz-executor.5  S28880 21905   7376 0x00000000
[ 1820.175293][T32173] Call Trace:
[ 1820.178565][T32173]  __schedule+0x8f3/0x1fc0
[ 1820.182976][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1820.188240][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1820.193581][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1820.199029][T32173]  schedule+0xd0/0x2a0
[ 1820.203093][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1820.208189][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1820.213636][T32173]  futex_wait+0x1e2/0x550
[ 1820.217948][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1820.222977][T32173]  ? wake_up_q+0xc1/0x140
[ 1820.227295][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1820.232488][T32173]  ? futex_wake+0x153/0x480
[ 1820.236984][T32173]  ? perf_trace_lock+0xe2/0x4b0
[ 1820.241816][T32173]  ? debug_smp_processor_id+0x2f/0x185
[ 1820.247255][T32173]  do_futex+0x15f/0x1ad0
[ 1820.251484][T32173]  ? find_held_lock+0x2d/0x110
[ 1820.256247][T32173]  ? futex_exit_release+0x60/0x60
[ 1820.261290][T32173]  ? lock_downgrade+0x840/0x840
[ 1820.266120][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1820.270948][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1820.277035][T32173]  ? __might_fault+0x190/0x1d0
[ 1820.281778][T32173]  ? _copy_to_user+0x126/0x160
[ 1820.286523][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1820.291270][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1820.295754][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1820.301205][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1820.307161][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1820.311814][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1820.317772][T32173]  do_syscall_64+0xf6/0x7d0
[ 1820.322271][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1820.328137][T32173] RIP: 0033:0x45ca59
[ 1820.332009][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1820.351615][T32173] RSP: 002b:00007f656341ecf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1820.360053][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1820.368003][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1820.375950][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1820.383897][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1820.391847][T32173] R13: 0000000000c9fb6f R14: 00007f656341f9c0 R15: 000000000078bf0c
[ 1820.399811][T32173] syz-executor.4  S28880 21920   7358 0x00000000
[ 1820.406166][T32173] Call Trace:
[ 1820.409440][T32173]  __schedule+0x8f3/0x1fc0
[ 1820.413835][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1820.419101][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1820.424366][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1820.429804][T32173]  schedule+0xd0/0x2a0
[ 1820.433850][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1820.438934][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1820.444378][T32173]  ? stack_trace_consume_entry+0x160/0x160
[ 1820.450180][T32173]  futex_wait+0x1e2/0x550
[ 1820.454493][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1820.459511][T32173]  ? print_usage_bug+0x240/0x240
[ 1820.464443][T32173]  ? entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1820.470487][T32173]  ? hash_futex+0x10/0x200
[ 1820.474879][T32173]  ? futex_wake+0x153/0x480
[ 1820.479367][T32173]  ? perf_trace_lock+0xe2/0x4b0
[ 1820.484194][T32173]  ? debug_smp_processor_id+0x2f/0x185
[ 1820.489631][T32173]  do_futex+0x15f/0x1ad0
[ 1820.493854][T32173]  ? find_held_lock+0x2d/0x110
[ 1820.498592][T32173]  ? futex_exit_release+0x60/0x60
[ 1820.503594][T32173]  ? lock_downgrade+0x840/0x840
[ 1820.508423][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1820.513252][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1820.519223][T32173]  ? __might_fault+0x190/0x1d0
[ 1820.523963][T32173]  ? _copy_to_user+0x126/0x160
[ 1820.528713][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1820.533458][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1820.537940][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1820.543376][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1820.549333][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1820.553985][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1820.559947][T32173]  do_syscall_64+0xf6/0x7d0
[ 1820.564429][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1820.570384][T32173] RIP: 0033:0x45ca59
[ 1820.574256][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1820.593834][T32173] RSP: 002b:00007fc7e9ef2cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1820.602220][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1820.610167][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1820.618113][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1820.626060][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1820.634006][T32173] R13: 0000000000c9fb6f R14: 00007fc7e9ef39c0 R15: 000000000078bf0c
[ 1820.641968][T32173] syz-executor.4  S29824 21948   7358 0x00000000
[ 1820.648293][T32173] Call Trace:
[ 1820.651580][T32173]  __schedule+0x8f3/0x1fc0
[ 1820.655973][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1820.661240][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1820.666503][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1820.671959][T32173]  schedule+0xd0/0x2a0
[ 1820.676017][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1820.681105][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1820.686541][T32173]  futex_wait+0x1e2/0x550
[ 1820.690852][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1820.695853][T32173]  ? wake_up_q+0xc1/0x140
[ 1820.700174][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1820.705364][T32173]  ? futex_wake+0x153/0x480
[ 1820.709856][T32173]  ? perf_trace_lock+0xe2/0x4b0
[ 1820.714684][T32173]  ? mark_lock+0x11f/0xdd0
[ 1820.719092][T32173]  ? debug_smp_processor_id+0x2f/0x185
[ 1820.724535][T32173]  do_futex+0x15f/0x1ad0
[ 1820.728778][T32173]  ? find_held_lock+0x2d/0x110
[ 1820.733521][T32173]  ? futex_exit_release+0x60/0x60
[ 1820.738533][T32173]  ? lock_downgrade+0x840/0x840
[ 1820.743362][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1820.748189][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1820.754152][T32173]  ? __might_fault+0x190/0x1d0
[ 1820.758891][T32173]  ? debug_smp_processor_id+0x2f/0x185
[ 1820.764331][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1820.769075][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1820.773557][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1820.778989][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1820.784944][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1820.789600][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1820.795561][T32173]  do_syscall_64+0xf6/0x7d0
[ 1820.800043][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1820.805908][T32173] RIP: 0033:0x45ca59
[ 1820.809779][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1820.829372][T32173] RSP: 002b:00007fc7e9ed1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1820.837757][T32173] RAX: ffffffffffffffda RBX: 000000000078bfa8 RCX: 000000000045ca59
[ 1820.845705][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bfa8
[ 1820.853652][T32173] RBP: 000000000078bfa0 R08: 0000000000000000 R09: 0000000000000000
[ 1820.861620][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bfac
[ 1820.869568][T32173] R13: 0000000000c9fb6f R14: 00007fc7e9ed29c0 R15: 000000000078bfac
[ 1820.877529][T32173] syz-executor.4  S29816 22159   7358 0x00000000
[ 1820.883851][T32173] Call Trace:
[ 1820.887120][T32173]  __schedule+0x8f3/0x1fc0
[ 1820.891512][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1820.896791][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1820.902054][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1820.907489][T32173]  schedule+0xd0/0x2a0
[ 1820.911536][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1820.916622][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1820.922061][T32173]  futex_wait+0x1e2/0x550
[ 1820.926387][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1820.931410][T32173]  ? wake_up_q+0xc1/0x140
[ 1820.935728][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1820.940905][T32173]  ? futex_wake+0x153/0x480
[ 1820.945391][T32173]  ? perf_trace_lock+0xe2/0x4b0
[ 1820.950233][T32173]  ? mark_lock+0x11f/0xdd0
[ 1820.954625][T32173]  ? debug_smp_processor_id+0x2f/0x185
[ 1820.960066][T32173]  do_futex+0x15f/0x1ad0
[ 1820.964291][T32173]  ? find_held_lock+0x2d/0x110
[ 1820.969029][T32173]  ? futex_exit_release+0x60/0x60
[ 1820.974032][T32173]  ? lock_downgrade+0x840/0x840
[ 1820.978858][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1820.983699][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1820.989678][T32173]  ? __might_fault+0x190/0x1d0
[ 1820.994420][T32173]  ? debug_smp_processor_id+0x2f/0x185
[ 1820.999859][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1821.004600][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1821.009079][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1821.014510][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1821.020467][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1821.025121][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1821.031079][T32173]  do_syscall_64+0xf6/0x7d0
[ 1821.035560][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1821.041429][T32173] RIP: 0033:0x45ca59
[ 1821.045302][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1821.064896][T32173] RSP: 002b:00007fc7e9ef2cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1821.073279][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1821.081225][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1821.089175][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1821.097122][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1821.105069][T32173] R13: 0000000000c9fb6f R14: 00007fc7e9ef39c0 R15: 000000000078bf0c
[ 1821.113044][T32173] syz-executor.4  S29824 22166   7358 0x00000000
[ 1821.119353][T32173] Call Trace:
[ 1821.122623][T32173]  __schedule+0x8f3/0x1fc0
[ 1821.127035][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1821.132302][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1821.137565][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1821.143003][T32173]  schedule+0xd0/0x2a0
[ 1821.147050][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1821.152137][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1821.157582][T32173]  futex_wait+0x1e2/0x550
[ 1821.161893][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1821.166893][T32173]  ? wake_up_q+0xc1/0x140
[ 1821.171211][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1821.176396][T32173]  ? futex_wake+0x153/0x480
[ 1821.180891][T32173]  ? perf_trace_lock+0xe2/0x4b0
[ 1821.185767][T32173]  ? lockdep_hardirqs_on_prepare+0x590/0x590
[ 1821.191768][T32173]  ? debug_smp_processor_id+0x2f/0x185
[ 1821.197211][T32173]  do_futex+0x15f/0x1ad0
[ 1821.201446][T32173]  ? find_held_lock+0x2d/0x110
[ 1821.206194][T32173]  ? futex_exit_release+0x60/0x60
[ 1821.211197][T32173]  ? lock_downgrade+0x840/0x840
[ 1821.216024][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1821.220852][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1821.226858][T32173]  ? __might_fault+0x190/0x1d0
[ 1821.231601][T32173]  ? debug_smp_processor_id+0x2f/0x185
[ 1821.237040][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1821.241797][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1821.246281][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1821.251723][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1821.257692][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1821.262398][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1821.268365][T32173]  do_syscall_64+0xf6/0x7d0
[ 1821.272854][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1821.278725][T32173] RIP: 0033:0x45ca59
[ 1821.282601][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1821.302182][T32173] RSP: 002b:00007fc7e9ef2cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1821.310571][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1821.318521][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1821.326470][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1821.334436][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1821.342397][T32173] R13: 0000000000c9fb6f R14: 00007fc7e9ef39c0 R15: 000000000078bf0c
[ 1821.350361][T32173] syz-executor.2  S29448 22352   7087 0x00000000
[ 1821.356672][T32173] Call Trace:
[ 1821.359941][T32173]  __schedule+0x8f3/0x1fc0
[ 1821.364338][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1821.369603][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1821.374866][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1821.380322][T32173]  schedule+0xd0/0x2a0
[ 1821.384369][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1821.389456][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1821.394896][T32173]  futex_wait+0x1e2/0x550
[ 1821.399227][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1821.404256][T32173]  ? print_usage_bug+0x240/0x240
[ 1821.409187][T32173]  ? hash_futex+0x10/0x200
[ 1821.413589][T32173]  ? futex_wake+0x153/0x480
[ 1821.418082][T32173]  ? perf_trace_lock+0xe2/0x4b0
[ 1821.422917][T32173]  ? do_wp_page+0x512/0x1440
[ 1821.427486][T32173]  ? debug_smp_processor_id+0x2f/0x185
[ 1821.432930][T32173]  do_futex+0x15f/0x1ad0
[ 1821.437163][T32173]  ? find_held_lock+0x2d/0x110
[ 1821.441910][T32173]  ? futex_exit_release+0x60/0x60
[ 1821.446916][T32173]  ? lock_downgrade+0x840/0x840
[ 1821.451801][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1821.456630][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1821.462594][T32173]  ? __might_fault+0x190/0x1d0
[ 1821.467339][T32173]  ? _copy_to_user+0x126/0x160
[ 1821.472086][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1821.476833][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1821.481318][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1821.486753][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1821.492726][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1821.497386][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1821.503363][T32173]  do_syscall_64+0xf6/0x7d0
[ 1821.507855][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1821.513738][T32173] RIP: 0033:0x45ca59
[ 1821.517611][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1821.537188][T32173] RSP: 002b:00007f8cd7fe7cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1821.545575][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1821.553523][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1821.561472][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1821.569419][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1821.577372][T32173] R13: 0000000000c9fb6f R14: 00007f8cd7fe89c0 R15: 000000000078bf0c
[ 1821.585352][T32173] wg-crypt-wiregu I30816 22360      2 0x80004000
[ 1821.591699][T32173] Call Trace:
[ 1821.594970][T32173]  __schedule+0x8f3/0x1fc0
[ 1821.599371][T32173]  ? rescuer_thread+0x691/0xbc0
[ 1821.604223][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1821.609500][T32173]  ? do_raw_spin_lock+0x129/0x2e0
[ 1821.614503][T32173]  ? _raw_spin_unlock_irq+0x1f/0x80
[ 1821.619696][T32173]  schedule+0xd0/0x2a0
[ 1821.623744][T32173]  rescuer_thread+0x6ed/0xbc0
[ 1821.628405][T32173]  ? worker_thread+0xe20/0xe20
[ 1821.633154][T32173]  ? __kthread_parkme+0x13f/0x1e0
[ 1821.638177][T32173]  ? worker_thread+0xe20/0xe20
[ 1821.642939][T32173]  kthread+0x388/0x470
[ 1821.646984][T32173]  ? kthread_mod_delayed_work+0x1a0/0x1a0
[ 1821.652676][T32173]  ? kthread_mod_delayed_work+0x1a0/0x1a0
[ 1821.658397][T32173]  ret_from_fork+0x24/0x30
[ 1821.662800][T32173] syz-executor.2  S29824 22402   7087 0x00000000
[ 1821.669135][T32173] Call Trace:
[ 1821.672406][T32173]  __schedule+0x8f3/0x1fc0
[ 1821.676800][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1821.682070][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1821.687333][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1821.692772][T32173]  schedule+0xd0/0x2a0
[ 1821.696821][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1821.701910][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1821.707342][T32173]  ? find_held_lock+0x2d/0x110
[ 1821.712089][T32173]  futex_wait+0x1e2/0x550
[ 1821.716413][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1821.721413][T32173]  ? print_usage_bug+0x240/0x240
[ 1821.726327][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1821.731515][T32173]  ? futex_wake+0x153/0x480
[ 1821.736007][T32173]  ? perf_trace_lock+0xe2/0x4b0
[ 1821.740843][T32173]  ? do_wp_page+0x512/0x1440
[ 1821.745412][T32173]  ? debug_smp_processor_id+0x2f/0x185
[ 1821.750857][T32173]  do_futex+0x15f/0x1ad0
[ 1821.755107][T32173]  ? find_held_lock+0x2d/0x110
[ 1821.759853][T32173]  ? futex_exit_release+0x60/0x60
[ 1821.764858][T32173]  ? lock_downgrade+0x840/0x840
[ 1821.769689][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1821.774552][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1821.780514][T32173]  ? __might_fault+0x190/0x1d0
[ 1821.785255][T32173]  ? _copy_to_user+0x126/0x160
[ 1821.790017][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1821.794759][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1821.799257][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1821.804689][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1821.810660][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1821.815312][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1821.821288][T32173]  do_syscall_64+0xf6/0x7d0
[ 1821.825769][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1821.831636][T32173] RIP: 0033:0x45ca59
[ 1821.835510][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1821.855088][T32173] RSP: 002b:00007f8cd7fe7cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1821.863472][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1821.871421][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1821.879372][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1821.887331][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1821.895298][T32173] R13: 0000000000c9fb6f R14: 00007f8cd7fe89c0 R15: 000000000078bf0c
[ 1821.903260][T32173] syz-executor.5  S29824 22403   7376 0x00000000
[ 1821.909570][T32173] Call Trace:
[ 1821.912858][T32173]  __schedule+0x8f3/0x1fc0
[ 1821.917249][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1821.922516][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1821.927779][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1821.933219][T32173]  schedule+0xd0/0x2a0
[ 1821.937263][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1821.942355][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1821.947791][T32173]  futex_wait+0x1e2/0x550
[ 1821.952111][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1821.957114][T32173]  ? print_usage_bug+0x240/0x240
[ 1821.962029][T32173]  ? hash_futex+0x10/0x200
[ 1821.966423][T32173]  ? futex_wake+0x153/0x480
[ 1821.970909][T32173]  ? perf_trace_lock+0xe2/0x4b0
[ 1821.975737][T32173]  ? do_wp_page+0x512/0x1440
[ 1821.980302][T32173]  ? debug_smp_processor_id+0x2f/0x185
[ 1821.985739][T32173]  do_futex+0x15f/0x1ad0
[ 1821.989968][T32173]  ? find_held_lock+0x2d/0x110
[ 1821.994710][T32173]  ? futex_exit_release+0x60/0x60
[ 1821.999730][T32173]  ? lock_downgrade+0x840/0x840
[ 1822.004571][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1822.009399][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1822.015391][T32173]  ? __might_fault+0x190/0x1d0
[ 1822.020132][T32173]  ? _copy_to_user+0x126/0x160
[ 1822.024876][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1822.029618][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1822.034099][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1822.039533][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1822.045488][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1822.050159][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1822.056141][T32173]  do_syscall_64+0xf6/0x7d0
[ 1822.060622][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1822.066490][T32173] RIP: 0033:0x45ca59
[ 1822.070362][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1822.089941][T32173] RSP: 002b:00007f656341ecf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1822.098326][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1822.106294][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1822.114240][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1822.122188][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1822.130135][T32173] R13: 0000000000c9fb6f R14: 00007f656341f9c0 R15: 000000000078bf0c
[ 1822.138096][T32173] wg-crypt-wiregu I29888 22418      2 0x80004000
[ 1822.144429][T32173] Call Trace:
[ 1822.147697][T32173]  __schedule+0x8f3/0x1fc0
[ 1822.152098][T32173]  ? rescuer_thread+0x691/0xbc0
[ 1822.156928][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1822.162191][T32173]  ? do_raw_spin_lock+0x129/0x2e0
[ 1822.167191][T32173]  ? _raw_spin_unlock_irq+0x1f/0x80
[ 1822.172368][T32173]  schedule+0xd0/0x2a0
[ 1822.176433][T32173]  rescuer_thread+0x6ed/0xbc0
[ 1822.181106][T32173]  ? worker_thread+0xe20/0xe20
[ 1822.185849][T32173]  ? __kthread_parkme+0x13f/0x1e0
[ 1822.190851][T32173]  ? worker_thread+0xe20/0xe20
[ 1822.195605][T32173]  kthread+0x388/0x470
[ 1822.199651][T32173]  ? kthread_mod_delayed_work+0x1a0/0x1a0
[ 1822.205346][T32173]  ? kthread_mod_delayed_work+0x1a0/0x1a0
[ 1822.211045][T32173]  ret_from_fork+0x24/0x30
[ 1822.215446][T32173] syz-executor.5  S29824 22446   7376 0x00000000
[ 1822.221753][T32173] Call Trace:
[ 1822.225023][T32173]  __schedule+0x8f3/0x1fc0
[ 1822.229415][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1822.234694][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1822.239959][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1822.245414][T32173]  schedule+0xd0/0x2a0
[ 1822.249471][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1822.254567][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1822.260013][T32173]  futex_wait+0x1e2/0x550
[ 1822.264380][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1822.269437][T32173]  ? print_usage_bug+0x240/0x240
[ 1822.274357][T32173]  ? hash_futex+0x10/0x200
[ 1822.278800][T32173]  ? futex_wake+0x153/0x480
[ 1822.283335][T32173]  ? perf_trace_lock+0xe2/0x4b0
[ 1822.288163][T32173]  ? do_wp_page+0x512/0x1440
[ 1822.292731][T32173]  ? debug_smp_processor_id+0x2f/0x185
[ 1822.298187][T32173]  do_futex+0x15f/0x1ad0
[ 1822.302416][T32173]  ? find_held_lock+0x2d/0x110
[ 1822.307156][T32173]  ? futex_exit_release+0x60/0x60
[ 1822.312160][T32173]  ? lock_downgrade+0x840/0x840
[ 1822.316986][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1822.321832][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1822.327818][T32173]  ? __might_fault+0x190/0x1d0
[ 1822.332560][T32173]  ? _copy_to_user+0x126/0x160
[ 1822.337306][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1822.342053][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1822.346537][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1822.351974][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1822.357928][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1822.362582][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1822.368570][T32173]  do_syscall_64+0xf6/0x7d0
[ 1822.373062][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1822.378931][T32173] RIP: 0033:0x45ca59
[ 1822.382823][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1822.402402][T32173] RSP: 002b:00007f656341ecf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1822.410798][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1822.418767][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1822.426927][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1822.434880][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1822.442845][T32173] R13: 0000000000c9fb6f R14: 00007f656341f9c0 R15: 000000000078bf0c
[ 1822.450812][T32173] syz-executor.2  S29824 22450   7087 0x00000000
[ 1822.457133][T32173] Call Trace:
[ 1822.460407][T32173]  __schedule+0x8f3/0x1fc0
[ 1822.464811][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1822.470096][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1822.475360][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1822.480797][T32173]  schedule+0xd0/0x2a0
[ 1822.484844][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1822.489957][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1822.495410][T32173]  futex_wait+0x1e2/0x550
[ 1822.499730][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1822.504729][T32173]  ? print_usage_bug+0x240/0x240
[ 1822.509660][T32173]  ? hash_futex+0x10/0x200
[ 1822.514055][T32173]  ? futex_wake+0x153/0x480
[ 1822.518541][T32173]  ? perf_trace_lock+0xe2/0x4b0
[ 1822.523370][T32173]  ? do_wp_page+0x512/0x1440
[ 1822.527951][T32173]  ? debug_smp_processor_id+0x2f/0x185
[ 1822.533405][T32173]  do_futex+0x15f/0x1ad0
[ 1822.537638][T32173]  ? find_held_lock+0x2d/0x110
[ 1822.542442][T32173]  ? futex_exit_release+0x60/0x60
[ 1822.547447][T32173]  ? lock_downgrade+0x840/0x840
[ 1822.552281][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1822.557118][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1822.563105][T32173]  ? __might_fault+0x190/0x1d0
[ 1822.567853][T32173]  ? _copy_to_user+0x126/0x160
[ 1822.572622][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1822.577371][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1822.581855][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1822.587290][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1822.593252][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1822.597905][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1822.603863][T32173]  do_syscall_64+0xf6/0x7d0
[ 1822.608346][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1822.614216][T32173] RIP: 0033:0x45ca59
[ 1822.618105][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1822.637702][T32173] RSP: 002b:00007f8cd7fe7cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1822.646103][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1822.654052][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1822.662014][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1822.669981][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1822.677927][T32173] R13: 0000000000c9fb6f R14: 00007f8cd7fe89c0 R15: 000000000078bf0c
[ 1822.685905][T32173] wg-crypt-wiregu I30816 22452      2 0x80004000
[ 1822.692250][T32173] Call Trace:
[ 1822.695546][T32173]  __schedule+0x8f3/0x1fc0
[ 1822.699941][T32173]  ? rescuer_thread+0x691/0xbc0
[ 1822.704772][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1822.710033][T32173]  ? do_raw_spin_lock+0x129/0x2e0
[ 1822.715034][T32173]  ? _raw_spin_unlock_irq+0x1f/0x80
[ 1822.720214][T32173]  schedule+0xd0/0x2a0
[ 1822.724263][T32173]  rescuer_thread+0x6ed/0xbc0
[ 1822.728927][T32173]  ? worker_thread+0xe20/0xe20
[ 1822.733675][T32173]  ? __kthread_parkme+0x13f/0x1e0
[ 1822.738674][T32173]  ? worker_thread+0xe20/0xe20
[ 1822.743414][T32173]  kthread+0x388/0x470
[ 1822.747459][T32173]  ? kthread_mod_delayed_work+0x1a0/0x1a0
[ 1822.753154][T32173]  ? kthread_mod_delayed_work+0x1a0/0x1a0
[ 1822.758850][T32173]  ret_from_fork+0x24/0x30
[ 1822.763253][T32173] syz-executor.5  S29824 22473   7376 0x00000000
[ 1822.769564][T32173] Call Trace:
[ 1822.772848][T32173]  __schedule+0x8f3/0x1fc0
[ 1822.777239][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1822.782512][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1822.787774][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1822.793211][T32173]  schedule+0xd0/0x2a0
[ 1822.797259][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1822.802351][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1822.807784][T32173]  ? find_held_lock+0x2d/0x110
[ 1822.812528][T32173]  futex_wait+0x1e2/0x550
[ 1822.816836][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1822.821862][T32173]  ? print_usage_bug+0x240/0x240
[ 1822.826778][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1822.831954][T32173]  ? futex_wake+0x153/0x480
[ 1822.836440][T32173]  ? perf_trace_lock+0xe2/0x4b0
[ 1822.841269][T32173]  ? do_wp_page+0x512/0x1440
[ 1822.845835][T32173]  ? debug_smp_processor_id+0x2f/0x185
[ 1822.851277][T32173]  do_futex+0x15f/0x1ad0
[ 1822.855523][T32173]  ? find_held_lock+0x2d/0x110
[ 1822.860265][T32173]  ? futex_exit_release+0x60/0x60
[ 1822.865279][T32173]  ? lock_downgrade+0x840/0x840
[ 1822.870106][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1822.874934][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1822.880901][T32173]  ? __might_fault+0x190/0x1d0
[ 1822.885642][T32173]  ? _copy_to_user+0x126/0x160
[ 1822.890388][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1822.895148][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1822.899630][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1822.905065][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1822.911022][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1822.915691][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1822.921674][T32173]  do_syscall_64+0xf6/0x7d0
[ 1822.926159][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1822.932142][T32173] RIP: 0033:0x45ca59
[ 1822.936030][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1822.955611][T32173] RSP: 002b:00007f656341ecf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1822.963996][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1822.971955][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1822.979902][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1822.987849][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1822.995795][T32173] R13: 0000000000c9fb6f R14: 00007f656341f9c0 R15: 000000000078bf0c
[ 1823.003757][T32173] wg-crypt-wiregu I30816 22477      2 0x80004000
[ 1823.010090][T32173] Call Trace:
[ 1823.013359][T32173]  __schedule+0x8f3/0x1fc0
[ 1823.017751][T32173]  ? rescuer_thread+0x691/0xbc0
[ 1823.022582][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1823.027842][T32173]  ? do_raw_spin_lock+0x129/0x2e0
[ 1823.032842][T32173]  ? _raw_spin_unlock_irq+0x1f/0x80
[ 1823.038017][T32173]  schedule+0xd0/0x2a0
[ 1823.042085][T32173]  rescuer_thread+0x6ed/0xbc0
[ 1823.046876][T32173]  ? worker_thread+0xe20/0xe20
[ 1823.051622][T32173]  ? __kthread_parkme+0x13f/0x1e0
[ 1823.056638][T32173]  ? worker_thread+0xe20/0xe20
[ 1823.061381][T32173]  kthread+0x388/0x470
[ 1823.065426][T32173]  ? kthread_mod_delayed_work+0x1a0/0x1a0
[ 1823.071120][T32173]  ? kthread_mod_delayed_work+0x1a0/0x1a0
[ 1823.076815][T32173]  ret_from_fork+0x24/0x30
[ 1823.081217][T32173] syz-executor.1  S29824 22478   6929 0x00000000
[ 1823.087527][T32173] Call Trace:
[ 1823.090796][T32173]  __schedule+0x8f3/0x1fc0
[ 1823.095189][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1823.100457][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1823.105719][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1823.111155][T32173]  schedule+0xd0/0x2a0
[ 1823.115203][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1823.120291][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1823.125752][T32173]  futex_wait+0x1e2/0x550
[ 1823.130087][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1823.135089][T32173]  ? print_usage_bug+0x240/0x240
[ 1823.140008][T32173]  ? hash_futex+0x10/0x200
[ 1823.144413][T32173]  ? futex_wake+0x153/0x480
[ 1823.148915][T32173]  ? perf_trace_lock+0xe2/0x4b0
[ 1823.153758][T32173]  ? do_wp_page+0x512/0x1440
[ 1823.158322][T32173]  ? debug_smp_processor_id+0x2f/0x185
[ 1823.163874][T32173]  do_futex+0x15f/0x1ad0
[ 1823.168100][T32173]  ? find_held_lock+0x2d/0x110
[ 1823.172859][T32173]  ? futex_exit_release+0x60/0x60
[ 1823.177865][T32173]  ? lock_downgrade+0x840/0x840
[ 1823.182694][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1823.187547][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1823.193540][T32173]  ? __might_fault+0x190/0x1d0
[ 1823.198280][T32173]  ? _copy_to_user+0x126/0x160
[ 1823.203027][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1823.207770][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1823.212270][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1823.217702][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1823.223657][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1823.228311][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1823.234271][T32173]  do_syscall_64+0xf6/0x7d0
[ 1823.238879][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1823.244816][T32173] RIP: 0033:0x45ca59
[ 1823.248691][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1823.268280][T32173] RSP: 002b:00007f7591596cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1823.276690][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1823.284645][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1823.292634][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1823.300585][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1823.308532][T32173] R13: 0000000000c9fb6f R14: 00007f75915979c0 R15: 000000000078bf0c
[ 1823.316497][T32173] syz-executor.2  S29824 22482   7087 0x00000000
[ 1823.322809][T32173] Call Trace:
[ 1823.326080][T32173]  __schedule+0x8f3/0x1fc0
[ 1823.330528][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1823.335792][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1823.341055][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1823.346492][T32173]  schedule+0xd0/0x2a0
[ 1823.350540][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1823.355627][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1823.361065][T32173]  futex_wait+0x1e2/0x550
[ 1823.365375][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1823.370376][T32173]  ? print_usage_bug+0x240/0x240
[ 1823.375294][T32173]  ? hash_futex+0x10/0x200
[ 1823.379710][T32173]  ? futex_wake+0x153/0x480
[ 1823.384197][T32173]  ? perf_trace_lock+0xe2/0x4b0
[ 1823.389047][T32173]  ? do_wp_page+0x512/0x1440
[ 1823.393625][T32173]  ? debug_smp_processor_id+0x2f/0x185
[ 1823.399074][T32173]  do_futex+0x15f/0x1ad0
[ 1823.403304][T32173]  ? find_held_lock+0x2d/0x110
[ 1823.408056][T32173]  ? futex_exit_release+0x60/0x60
[ 1823.413075][T32173]  ? lock_downgrade+0x840/0x840
[ 1823.417908][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1823.422739][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1823.428704][T32173]  ? __might_fault+0x190/0x1d0
[ 1823.433446][T32173]  ? _copy_to_user+0x126/0x160
[ 1823.438193][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1823.442939][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1823.447424][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1823.452905][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1823.458865][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1823.463522][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1823.469552][T32173]  do_syscall_64+0xf6/0x7d0
[ 1823.474045][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1823.479964][T32173] RIP: 0033:0x45ca59
[ 1823.483842][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1823.503476][T32173] RSP: 002b:00007f8cd7fe7cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1823.511867][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1823.519856][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1823.527801][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1823.535785][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1823.543770][T32173] R13: 0000000000c9fb6f R14: 00007f8cd7fe89c0 R15: 000000000078bf0c
[ 1823.551734][T32173] syz-executor.1  S28904 22502   6929 0x00000000
[ 1823.558041][T32173] Call Trace:
[ 1823.561312][T32173]  __schedule+0x8f3/0x1fc0
[ 1823.565708][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1823.570973][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1823.576258][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1823.581696][T32173]  schedule+0xd0/0x2a0
[ 1823.585745][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1823.591007][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1823.596441][T32173]  ? find_held_lock+0x2d/0x110
[ 1823.601192][T32173]  futex_wait+0x1e2/0x550
[ 1823.605503][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1823.610503][T32173]  ? print_usage_bug+0x240/0x240
[ 1823.615442][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1823.620635][T32173]  ? futex_wake+0x153/0x480
[ 1823.625122][T32173]  ? perf_trace_lock+0xe2/0x4b0
[ 1823.629951][T32173]  ? do_wp_page+0x512/0x1440
[ 1823.634515][T32173]  ? debug_smp_processor_id+0x2f/0x185
[ 1823.639953][T32173]  do_futex+0x15f/0x1ad0
[ 1823.644287][T32173]  ? find_held_lock+0x2d/0x110
[ 1823.649030][T32173]  ? futex_exit_release+0x60/0x60
[ 1823.654035][T32173]  ? lock_downgrade+0x840/0x840
[ 1823.658860][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1823.663705][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1823.669669][T32173]  ? __might_fault+0x190/0x1d0
[ 1823.674411][T32173]  ? _copy_to_user+0x126/0x160
[ 1823.679156][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1823.683900][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1823.688384][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1823.693818][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1823.699776][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1823.704428][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1823.710389][T32173]  do_syscall_64+0xf6/0x7d0
[ 1823.714887][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1823.720772][T32173] RIP: 0033:0x45ca59
[ 1823.724643][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1823.744307][T32173] RSP: 002b:00007f7591533cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1823.752694][T32173] RAX: ffffffffffffffda RBX: 000000000078c0e8 RCX: 000000000045ca59
[ 1823.760643][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078c0e8
[ 1823.768604][T32173] RBP: 000000000078c0e0 R08: 0000000000000000 R09: 0000000000000000
[ 1823.776567][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078c0ec
[ 1823.784524][T32173] R13: 0000000000c9fb6f R14: 00007f75915349c0 R15: 000000000078c0ec
[ 1823.792491][T32173] syz-executor.1  S29824 22532   6929 0x00000000
[ 1823.798898][T32173] Call Trace:
[ 1823.802181][T32173]  __schedule+0x8f3/0x1fc0
[ 1823.806602][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1823.811877][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1823.817144][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1823.822592][T32173]  schedule+0xd0/0x2a0
[ 1823.826645][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1823.831740][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1823.837195][T32173]  ? find_held_lock+0x2d/0x110
[ 1823.841961][T32173]  futex_wait+0x1e2/0x550
[ 1823.846274][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1823.851278][T32173]  ? print_usage_bug+0x240/0x240
[ 1823.856196][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1823.861393][T32173]  ? futex_wake+0x153/0x480
[ 1823.865886][T32173]  ? perf_trace_lock+0xe2/0x4b0
[ 1823.870718][T32173]  ? do_wp_page+0x512/0x1440
[ 1823.875285][T32173]  ? debug_smp_processor_id+0x2f/0x185
[ 1823.880725][T32173]  do_futex+0x15f/0x1ad0
[ 1823.884966][T32173]  ? find_held_lock+0x2d/0x110
[ 1823.889711][T32173]  ? futex_exit_release+0x60/0x60
[ 1823.894715][T32173]  ? lock_downgrade+0x840/0x840
[ 1823.899544][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1823.904374][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1823.910338][T32173]  ? __might_fault+0x190/0x1d0
[ 1823.915099][T32173]  ? _copy_to_user+0x126/0x160
[ 1823.919845][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1823.924591][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1823.929093][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1823.934527][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1823.940483][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1823.945137][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1823.951099][T32173]  do_syscall_64+0xf6/0x7d0
[ 1823.955584][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1823.961470][T32173] RIP: 0033:0x45ca59
[ 1823.965343][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1823.984922][T32173] RSP: 002b:00007f7591596cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1823.993309][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1824.001258][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1824.009207][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1824.017170][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1824.025119][T32173] R13: 0000000000c9fb6f R14: 00007f75915979c0 R15: 000000000078bf0c
[ 1824.033082][T32173] syz-executor.1  S28904 22563   6929 0x00000000
[ 1824.039408][T32173] Call Trace:
[ 1824.042679][T32173]  __schedule+0x8f3/0x1fc0
[ 1824.047087][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1824.052352][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1824.057617][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1824.063098][T32173]  schedule+0xd0/0x2a0
[ 1824.067168][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1824.072258][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1824.077710][T32173]  futex_wait+0x1e2/0x550
[ 1824.082074][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1824.087079][T32173]  ? print_usage_bug+0x240/0x240
[ 1824.091999][T32173]  ? hash_futex+0x10/0x200
[ 1824.096395][T32173]  ? futex_wake+0x153/0x480
[ 1824.100937][T32173]  ? perf_trace_lock+0xe2/0x4b0
[ 1824.105769][T32173]  ? do_wp_page+0x512/0x1440
[ 1824.110360][T32173]  ? debug_smp_processor_id+0x2f/0x185
[ 1824.115934][T32173]  do_futex+0x15f/0x1ad0
[ 1824.120166][T32173]  ? find_held_lock+0x2d/0x110
[ 1824.124911][T32173]  ? futex_exit_release+0x60/0x60
[ 1824.129917][T32173]  ? lock_downgrade+0x840/0x840
[ 1824.134747][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1824.139711][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1824.145713][T32173]  ? __might_fault+0x190/0x1d0
[ 1824.150468][T32173]  ? _copy_to_user+0x126/0x160
[ 1824.155228][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1824.159971][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1824.164462][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1824.169898][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1824.175855][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1824.180526][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1824.186499][T32173]  do_syscall_64+0xf6/0x7d0
[ 1824.190986][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1824.196852][T32173] RIP: 0033:0x45ca59
[ 1824.200723][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1824.220300][T32173] RSP: 002b:00007f7591596cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1824.228687][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1824.236634][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1824.244580][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1824.252543][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1824.260506][T32173] R13: 0000000000c9fb6f R14: 00007f75915979c0 R15: 000000000078bf0c
[ 1824.268469][T32173] syz-executor.3  S29824 22609   7107 0x00000000
[ 1824.274778][T32173] Call Trace:
[ 1824.279200][T32173]  __schedule+0x8f3/0x1fc0
[ 1824.283611][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1824.288874][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1824.294144][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1824.299582][T32173]  schedule+0xd0/0x2a0
[ 1824.303629][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1824.308713][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1824.314150][T32173]  ? find_held_lock+0x2d/0x110
[ 1824.318895][T32173]  futex_wait+0x1e2/0x550
[ 1824.323316][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1824.328317][T32173]  ? print_usage_bug+0x240/0x240
[ 1824.333234][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1824.338409][T32173]  ? futex_wake+0x153/0x480
[ 1824.342898][T32173]  ? perf_trace_lock+0xe2/0x4b0
[ 1824.347723][T32173]  ? do_wp_page+0x512/0x1440
[ 1824.352307][T32173]  ? debug_smp_processor_id+0x2f/0x185
[ 1824.357745][T32173]  do_futex+0x15f/0x1ad0
[ 1824.361972][T32173]  ? find_held_lock+0x2d/0x110
[ 1824.366712][T32173]  ? futex_exit_release+0x60/0x60
[ 1824.371716][T32173]  ? lock_downgrade+0x840/0x840
[ 1824.376559][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1824.381386][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1824.387367][T32173]  ? __might_fault+0x190/0x1d0
[ 1824.392180][T32173]  ? _copy_to_user+0x126/0x160
[ 1824.396937][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1824.401695][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1824.406181][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1824.411621][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1824.417599][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1824.422296][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1824.428259][T32173]  do_syscall_64+0xf6/0x7d0
[ 1824.432747][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1824.438615][T32173] RIP: 0033:0x45ca59
[ 1824.442515][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1824.462201][T32173] RSP: 002b:00007f65fad0acf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1824.470590][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1824.478539][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1824.486503][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1824.494452][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1824.502400][T32173] R13: 0000000000c9fb6f R14: 00007f65fad0b9c0 R15: 000000000078bf0c
[ 1824.510362][T32173] syz-executor.1  S29824 22613   6929 0x00000000
[ 1824.516672][T32173] Call Trace:
[ 1824.519944][T32173]  __schedule+0x8f3/0x1fc0
[ 1824.524355][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1824.529635][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1824.534915][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1824.540364][T32173]  schedule+0xd0/0x2a0
[ 1824.544420][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1824.549664][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1824.555111][T32173]  futex_wait+0x1e2/0x550
[ 1824.559427][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1824.564434][T32173]  ? print_usage_bug+0x240/0x240
[ 1824.569370][T32173]  ? hash_futex+0x10/0x200
[ 1824.573767][T32173]  ? futex_wake+0x153/0x480
[ 1824.578260][T32173]  ? perf_trace_lock+0xe2/0x4b0
[ 1824.583091][T32173]  ? do_wp_page+0x512/0x1440
[ 1824.587663][T32173]  ? debug_smp_processor_id+0x2f/0x185
[ 1824.593105][T32173]  do_futex+0x15f/0x1ad0
[ 1824.597337][T32173]  ? find_held_lock+0x2d/0x110
[ 1824.602083][T32173]  ? futex_exit_release+0x60/0x60
[ 1824.607086][T32173]  ? lock_downgrade+0x840/0x840
[ 1824.611922][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1824.616750][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1824.622714][T32173]  ? __might_fault+0x190/0x1d0
[ 1824.627454][T32173]  ? _copy_to_user+0x126/0x160
[ 1824.632239][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1824.636982][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1824.641464][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1824.646915][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1824.652886][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1824.657539][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1824.663499][T32173]  do_syscall_64+0xf6/0x7d0
[ 1824.667983][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1824.673851][T32173] RIP: 0033:0x45ca59
[ 1824.677724][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1824.697302][T32173] RSP: 002b:00007f7591596cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1824.705687][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1824.713635][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1824.721581][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1824.729529][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1824.737491][T32173] R13: 0000000000c9fb6f R14: 00007f75915979c0 R15: 000000000078bf0c
[ 1824.745468][T32173] syz-executor.2  S29600 22632   7087 0x00000000
[ 1824.751796][T32173] Call Trace:
[ 1824.755064][T32173]  __schedule+0x8f3/0x1fc0
[ 1824.759456][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1824.764719][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1824.770000][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1824.775539][T32173]  schedule+0xd0/0x2a0
[ 1824.779615][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1824.784707][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1824.790148][T32173]  futex_wait+0x1e2/0x550
[ 1824.794473][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1824.799491][T32173]  ? print_usage_bug+0x240/0x240
[ 1824.804407][T32173]  ? hash_futex+0x10/0x200
[ 1824.808800][T32173]  ? futex_wake+0x153/0x480
[ 1824.813292][T32173]  ? perf_trace_lock+0xe2/0x4b0
[ 1824.818120][T32173]  ? do_wp_page+0x512/0x1440
[ 1824.822687][T32173]  ? debug_smp_processor_id+0x2f/0x185
[ 1824.828124][T32173]  do_futex+0x15f/0x1ad0
[ 1824.832350][T32173]  ? find_held_lock+0x2d/0x110
[ 1824.837094][T32173]  ? futex_exit_release+0x60/0x60
[ 1824.842118][T32173]  ? lock_downgrade+0x840/0x840
[ 1824.846945][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1824.851773][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1824.857736][T32173]  ? __might_fault+0x190/0x1d0
[ 1824.862493][T32173]  ? _copy_to_user+0x126/0x160
[ 1824.867241][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1824.871986][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1824.876476][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1824.881911][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1824.887974][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1824.892644][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1824.898605][T32173]  do_syscall_64+0xf6/0x7d0
[ 1824.903093][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1824.908979][T32173] RIP: 0033:0x45ca59
[ 1824.912857][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1824.932450][T32173] RSP: 002b:00007f8cd7fe7cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1824.940853][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1824.948799][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1824.956747][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1824.964697][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1824.973166][T32173] R13: 0000000000c9fb6f R14: 00007f8cd7fe89c0 R15: 000000000078bf0c
[ 1824.981130][T32173] syz-executor.3  S29824 22664   7107 0x00000000
[ 1824.987453][T32173] Call Trace:
[ 1824.990725][T32173]  __schedule+0x8f3/0x1fc0
[ 1824.995121][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1825.000386][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1825.005652][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1825.011093][T32173]  schedule+0xd0/0x2a0
[ 1825.015142][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1825.020231][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1825.025671][T32173]  futex_wait+0x1e2/0x550
[ 1825.029983][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1825.034984][T32173]  ? print_usage_bug+0x240/0x240
[ 1825.039900][T32173]  ? hash_futex+0x10/0x200
[ 1825.044293][T32173]  ? futex_wake+0x153/0x480
[ 1825.048782][T32173]  ? perf_trace_lock+0xe2/0x4b0
[ 1825.053627][T32173]  ? do_wp_page+0x512/0x1440
[ 1825.058193][T32173]  ? debug_smp_processor_id+0x2f/0x185
[ 1825.063632][T32173]  do_futex+0x15f/0x1ad0
[ 1825.067857][T32173]  ? find_held_lock+0x2d/0x110
[ 1825.072603][T32173]  ? futex_exit_release+0x60/0x60
[ 1825.077605][T32173]  ? lock_downgrade+0x840/0x840
[ 1825.082432][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1825.087258][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1825.093221][T32173]  ? __might_fault+0x190/0x1d0
[ 1825.097959][T32173]  ? _copy_to_user+0x126/0x160
[ 1825.102704][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1825.107463][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1825.111958][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1825.117390][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1825.123347][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1825.128000][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1825.133959][T32173]  do_syscall_64+0xf6/0x7d0
[ 1825.138460][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1825.144342][T32173] RIP: 0033:0x45ca59
[ 1825.148214][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1825.167809][T32173] RSP: 002b:00007f65fad0acf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1825.176210][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1825.184159][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1825.192107][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1825.200077][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1825.208026][T32173] R13: 0000000000c9fb6f R14: 00007f65fad0b9c0 R15: 000000000078bf0c
[ 1825.216003][T32173] syz-executor.2  S29824 22677   7087 0x00000000
[ 1825.222312][T32173] Call Trace:
[ 1825.225582][T32173]  __schedule+0x8f3/0x1fc0
[ 1825.229976][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1825.235242][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1825.240516][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1825.245961][T32173]  schedule+0xd0/0x2a0
[ 1825.250014][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1825.255109][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1825.260551][T32173]  ? find_held_lock+0x2d/0x110
[ 1825.265299][T32173]  futex_wait+0x1e2/0x550
[ 1825.269616][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1825.274620][T32173]  ? print_usage_bug+0x240/0x240
[ 1825.279535][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1825.284712][T32173]  ? futex_wake+0x153/0x480
[ 1825.289203][T32173]  ? perf_trace_lock+0xe2/0x4b0
[ 1825.294034][T32173]  ? debug_smp_processor_id+0x2f/0x185
[ 1825.299513][T32173]  do_futex+0x15f/0x1ad0
[ 1825.303741][T32173]  ? find_held_lock+0x2d/0x110
[ 1825.308482][T32173]  ? futex_exit_release+0x60/0x60
[ 1825.313487][T32173]  ? lock_downgrade+0x840/0x840
[ 1825.318363][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1825.323225][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1825.329190][T32173]  ? __might_fault+0x190/0x1d0
[ 1825.333947][T32173]  ? _copy_to_user+0x126/0x160
[ 1825.338713][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1825.343458][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1825.347942][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1825.353377][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1825.359356][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1825.364009][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1825.369974][T32173]  do_syscall_64+0xf6/0x7d0
[ 1825.374456][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1825.380336][T32173] RIP: 0033:0x45ca59
[ 1825.384227][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1825.403815][T32173] RSP: 002b:00007f8cd7fe7cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1825.412220][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1825.421050][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1825.429005][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1825.437009][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1825.445012][T32173] R13: 0000000000c9fb6f R14: 00007f8cd7fe89c0 R15: 000000000078bf0c
[ 1825.453002][T32173] syz-executor.3  S29824 22702   7107 0x00000000
[ 1825.459316][T32173] Call Trace:
[ 1825.462589][T32173]  __schedule+0x8f3/0x1fc0
[ 1825.466983][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1825.472288][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1825.477603][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1825.483084][T32173]  schedule+0xd0/0x2a0
[ 1825.487180][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1825.492277][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1825.497716][T32173]  futex_wait+0x1e2/0x550
[ 1825.502026][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1825.507027][T32173]  ? print_usage_bug+0x240/0x240
[ 1825.511943][T32173]  ? hash_futex+0x10/0x200
[ 1825.516336][T32173]  ? futex_wake+0x153/0x480
[ 1825.520829][T32173]  ? perf_trace_lock+0xe2/0x4b0
[ 1825.525666][T32173]  ? do_wp_page+0x512/0x1440
[ 1825.530231][T32173]  ? debug_smp_processor_id+0x2f/0x185
[ 1825.535687][T32173]  do_futex+0x15f/0x1ad0
[ 1825.539914][T32173]  ? find_held_lock+0x2d/0x110
[ 1825.544654][T32173]  ? futex_exit_release+0x60/0x60
[ 1825.549659][T32173]  ? lock_downgrade+0x840/0x840
[ 1825.554488][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1825.559316][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1825.565296][T32173]  ? __might_fault+0x190/0x1d0
[ 1825.570037][T32173]  ? _copy_to_user+0x126/0x160
[ 1825.574781][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1825.579526][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1825.584007][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1825.589442][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1825.595398][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1825.600052][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1825.606010][T32173]  do_syscall_64+0xf6/0x7d0
[ 1825.610492][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1825.616358][T32173] RIP: 0033:0x45ca59
[ 1825.620249][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1825.639827][T32173] RSP: 002b:00007f65fad0acf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1825.648211][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1825.656172][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1825.664127][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1825.672090][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1825.680055][T32173] R13: 0000000000c9fb6f R14: 00007f65fad0b9c0 R15: 000000000078bf0c
[ 1825.688033][T32173] syz-executor.2  S28904 22722   7087 0x00000000
[ 1825.694344][T32173] Call Trace:
[ 1825.697613][T32173]  __schedule+0x8f3/0x1fc0
[ 1825.702026][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1825.707292][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1825.712555][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1825.718016][T32173]  schedule+0xd0/0x2a0
[ 1825.722075][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1825.727170][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1825.732643][T32173]  futex_wait+0x1e2/0x550
[ 1825.736963][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1825.742017][T32173]  ? print_usage_bug+0x240/0x240
[ 1825.746936][T32173]  ? hash_futex+0x10/0x200
[ 1825.751331][T32173]  ? futex_wake+0x153/0x480
[ 1825.755821][T32173]  ? perf_trace_lock+0xe2/0x4b0
[ 1825.760650][T32173]  ? do_wp_page+0x512/0x1440
[ 1825.765217][T32173]  ? debug_smp_processor_id+0x2f/0x185
[ 1825.770701][T32173]  do_futex+0x15f/0x1ad0
[ 1825.774929][T32173]  ? find_held_lock+0x2d/0x110
[ 1825.779673][T32173]  ? futex_exit_release+0x60/0x60
[ 1825.784694][T32173]  ? lock_downgrade+0x840/0x840
[ 1825.789593][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1825.794432][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1825.800404][T32173]  ? __might_fault+0x190/0x1d0
[ 1825.805149][T32173]  ? _copy_to_user+0x126/0x160
[ 1825.809901][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1825.814697][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1825.819239][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1825.824677][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1825.830679][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1825.835334][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1825.841334][T32173]  do_syscall_64+0xf6/0x7d0
[ 1825.845822][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1825.851704][T32173] RIP: 0033:0x45ca59
[ 1825.855594][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1825.875181][T32173] RSP: 002b:00007f8cd7fe7cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1825.883586][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1825.891535][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1825.899485][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1825.907431][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1825.915381][T32173] R13: 0000000000c9fb6f R14: 00007f8cd7fe89c0 R15: 000000000078bf0c
[ 1825.923347][T32173] bond5           I30816 24560      2 0x80004000
[ 1825.929680][T32173] Call Trace:
[ 1825.933001][T32173]  __schedule+0x8f3/0x1fc0
[ 1825.937448][T32173]  ? rescuer_thread+0x691/0xbc0
[ 1825.942281][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1825.947540][T32173]  ? do_raw_spin_lock+0x129/0x2e0
[ 1825.952542][T32173]  ? _raw_spin_unlock_irq+0x1f/0x80
[ 1825.957719][T32173]  schedule+0xd0/0x2a0
[ 1825.961769][T32173]  rescuer_thread+0x6ed/0xbc0
[ 1825.966453][T32173]  ? worker_thread+0xe20/0xe20
[ 1825.971199][T32173]  ? __kthread_parkme+0x13f/0x1e0
[ 1825.976213][T32173]  ? worker_thread+0xe20/0xe20
[ 1825.980970][T32173]  kthread+0x388/0x470
[ 1825.985015][T32173]  ? kthread_mod_delayed_work+0x1a0/0x1a0
[ 1825.990709][T32173]  ? kthread_mod_delayed_work+0x1a0/0x1a0
[ 1825.996404][T32173]  ret_from_fork+0x24/0x30
[ 1826.000820][T32173] bond6           I30816 24608      2 0x80004000
[ 1826.007161][T32173] Call Trace:
[ 1826.010429][T32173]  __schedule+0x8f3/0x1fc0
[ 1826.014841][T32173]  ? rescuer_thread+0x691/0xbc0
[ 1826.019672][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1826.024947][T32173]  ? do_raw_spin_lock+0x129/0x2e0
[ 1826.029950][T32173]  ? _raw_spin_unlock_irq+0x1f/0x80
[ 1826.035127][T32173]  schedule+0xd0/0x2a0
[ 1826.039265][T32173]  rescuer_thread+0x6ed/0xbc0
[ 1826.043927][T32173]  ? worker_thread+0xe20/0xe20
[ 1826.048670][T32173]  ? __kthread_parkme+0x13f/0x1e0
[ 1826.053674][T32173]  ? worker_thread+0xe20/0xe20
[ 1826.058438][T32173]  kthread+0x388/0x470
[ 1826.062482][T32173]  ? kthread_mod_delayed_work+0x1a0/0x1a0
[ 1826.068174][T32173]  ? kthread_mod_delayed_work+0x1a0/0x1a0
[ 1826.073958][T32173]  ret_from_fork+0x24/0x30
[ 1826.078359][T32173] bond7           I30816 24667      2 0x80004000
[ 1826.084689][T32173] Call Trace:
[ 1826.087957][T32173]  __schedule+0x8f3/0x1fc0
[ 1826.092354][T32173]  ? rescuer_thread+0x691/0xbc0
[ 1826.097183][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1826.102445][T32173]  ? do_raw_spin_lock+0x129/0x2e0
[ 1826.107462][T32173]  ? _raw_spin_unlock_irq+0x1f/0x80
[ 1826.112640][T32173]  schedule+0xd0/0x2a0
[ 1826.116704][T32173]  rescuer_thread+0x6ed/0xbc0
[ 1826.121386][T32173]  ? worker_thread+0xe20/0xe20
[ 1826.126132][T32173]  ? __kthread_parkme+0x13f/0x1e0
[ 1826.131133][T32173]  ? worker_thread+0xe20/0xe20
[ 1826.135875][T32173]  kthread+0x388/0x470
[ 1826.139922][T32173]  ? kthread_mod_delayed_work+0x1a0/0x1a0
[ 1826.145634][T32173]  ? kthread_mod_delayed_work+0x1a0/0x1a0
[ 1826.151330][T32173]  ret_from_fork+0x24/0x30
[ 1826.155731][T32173] bond8           I30816 24728      2 0x80004000
[ 1826.162060][T32173] Call Trace:
[ 1826.165330][T32173]  __schedule+0x8f3/0x1fc0
[ 1826.169739][T32173]  ? rescuer_thread+0x691/0xbc0
[ 1826.174585][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1826.179846][T32173]  ? do_raw_spin_lock+0x129/0x2e0
[ 1826.184864][T32173]  ? _raw_spin_unlock_irq+0x1f/0x80
[ 1826.190042][T32173]  schedule+0xd0/0x2a0
[ 1826.194088][T32173]  rescuer_thread+0x6ed/0xbc0
[ 1826.198751][T32173]  ? worker_thread+0xe20/0xe20
[ 1826.203516][T32173]  ? __kthread_parkme+0x13f/0x1e0
[ 1826.208534][T32173]  ? worker_thread+0xe20/0xe20
[ 1826.213274][T32173]  kthread+0x388/0x470
[ 1826.217319][T32173]  ? kthread_mod_delayed_work+0x1a0/0x1a0
[ 1826.223028][T32173]  ? kthread_mod_delayed_work+0x1a0/0x1a0
[ 1826.228742][T32173]  ret_from_fork+0x24/0x30
[ 1826.233209][T32173] syz-executor.4  S29824 24797   7358 0x00000000
[ 1826.239532][T32173] Call Trace:
[ 1826.242808][T32173]  __schedule+0x8f3/0x1fc0
[ 1826.247203][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1826.252472][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1826.257749][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1826.263193][T32173]  schedule+0xd0/0x2a0
[ 1826.267244][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1826.272336][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1826.277772][T32173]  ? find_held_lock+0x2d/0x110
[ 1826.282520][T32173]  futex_wait+0x1e2/0x550
[ 1826.286828][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1826.291832][T32173]  ? print_usage_bug+0x240/0x240
[ 1826.296749][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1826.301927][T32173]  ? futex_wake+0x153/0x480
[ 1826.306430][T32173]  ? perf_trace_lock+0xe2/0x4b0
[ 1826.311271][T32173]  ? mark_lock+0x11f/0xdd0
[ 1826.315664][T32173]  ? debug_smp_processor_id+0x2f/0x185
[ 1826.321120][T32173]  do_futex+0x15f/0x1ad0
[ 1826.325374][T32173]  ? find_held_lock+0x2d/0x110
[ 1826.330141][T32173]  ? futex_exit_release+0x60/0x60
[ 1826.335170][T32173]  ? lock_downgrade+0x840/0x840
[ 1826.340009][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1826.344873][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1826.350845][T32173]  ? __might_fault+0x190/0x1d0
[ 1826.355635][T32173]  ? _copy_to_user+0x126/0x160
[ 1826.360388][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1826.365138][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1826.369625][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1826.375062][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1826.381023][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1826.385677][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1826.391691][T32173]  do_syscall_64+0xf6/0x7d0
[ 1826.396179][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1826.402081][T32173] RIP: 0033:0x45ca59
[ 1826.406029][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1826.425628][T32173] RSP: 002b:00007fc7e9eb0cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1826.434038][T32173] RAX: ffffffffffffffda RBX: 000000000078c048 RCX: 000000000045ca59
[ 1826.442034][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078c048
[ 1826.449983][T32173] RBP: 000000000078c040 R08: 0000000000000000 R09: 0000000000000000
[ 1826.457931][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078c04c
[ 1826.465928][T32173] R13: 0000000000c9fb6f R14: 00007fc7e9eb19c0 R15: 000000000078c04c
[ 1826.473894][T32173] bond9           I30816 24820      2 0x80004000
[ 1826.480276][T32173] Call Trace:
[ 1826.483557][T32173]  __schedule+0x8f3/0x1fc0
[ 1826.487958][T32173]  ? rescuer_thread+0x691/0xbc0
[ 1826.492798][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1826.498093][T32173]  ? do_raw_spin_lock+0x129/0x2e0
[ 1826.503101][T32173]  ? _raw_spin_unlock_irq+0x1f/0x80
[ 1826.508285][T32173]  schedule+0xd0/0x2a0
[ 1826.512382][T32173]  rescuer_thread+0x6ed/0xbc0
[ 1826.517049][T32173]  ? worker_thread+0xe20/0xe20
[ 1826.521838][T32173]  ? __kthread_parkme+0x13f/0x1e0
[ 1826.526839][T32173]  ? worker_thread+0xe20/0xe20
[ 1826.531582][T32173]  kthread+0x388/0x470
[ 1826.535670][T32173]  ? kthread_mod_delayed_work+0x1a0/0x1a0
[ 1826.541365][T32173]  ? kthread_mod_delayed_work+0x1a0/0x1a0
[ 1826.547063][T32173]  ret_from_fork+0x24/0x30
[ 1826.551466][T32173] syz-executor.3  S29824 25473   7107 0x00000000
[ 1826.557778][T32173] Call Trace:
[ 1826.561059][T32173]  __schedule+0x8f3/0x1fc0
[ 1826.565455][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1826.570738][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1826.576002][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1826.581461][T32173]  schedule+0xd0/0x2a0
[ 1826.585510][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1826.590598][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1826.596032][T32173]  ? find_held_lock+0x2d/0x110
[ 1826.600776][T32173]  futex_wait+0x1e2/0x550
[ 1826.605085][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1826.610088][T32173]  ? print_usage_bug+0x240/0x240
[ 1826.615003][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1826.620194][T32173]  ? futex_wake+0x153/0x480
[ 1826.624683][T32173]  ? perf_trace_lock+0xe2/0x4b0
[ 1826.629525][T32173]  ? mark_lock+0x11f/0xdd0
[ 1826.633918][T32173]  ? debug_smp_processor_id+0x2f/0x185
[ 1826.639358][T32173]  do_futex+0x15f/0x1ad0
[ 1826.643603][T32173]  ? find_held_lock+0x2d/0x110
[ 1826.648343][T32173]  ? futex_exit_release+0x60/0x60
[ 1826.653362][T32173]  ? lock_downgrade+0x840/0x840
[ 1826.658203][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1826.663030][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1826.668995][T32173]  ? __might_fault+0x190/0x1d0
[ 1826.673755][T32173]  ? _copy_to_user+0x126/0x160
[ 1826.678510][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1826.683261][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1826.687746][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1826.693196][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1826.699327][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1826.703979][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1826.709942][T32173]  do_syscall_64+0xf6/0x7d0
[ 1826.714424][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1826.720366][T32173] RIP: 0033:0x45ca59
[ 1826.724250][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1826.743843][T32173] RSP: 002b:00007f65face9cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1826.752254][T32173] RAX: ffffffffffffffda RBX: 000000000078bfa8 RCX: 000000000045ca59
[ 1826.760203][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bfa8
[ 1826.768251][T32173] RBP: 000000000078bfa0 R08: 0000000000000000 R09: 0000000000000000
[ 1826.776198][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bfac
[ 1826.784146][T32173] R13: 0000000000c9fb6f R14: 00007f65facea9c0 R15: 000000000078bfac
[ 1826.792112][T32173] kworker/u4:0    I25656 25615      2 0x80004000
[ 1826.798447][T32173] Workqueue:  0x0 (wg-kex-wg1)
[ 1826.803203][T32173] Call Trace:
[ 1826.806473][T32173]  __schedule+0x8f3/0x1fc0
[ 1826.810870][T32173]  ? worker_thread+0x240/0xe20
[ 1826.815613][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1826.820876][T32173]  ? _raw_spin_unlock_irq+0x1f/0x80
[ 1826.826050][T32173]  schedule+0xd0/0x2a0
[ 1826.830099][T32173]  worker_thread+0x245/0xe20
[ 1826.834683][T32173]  ? process_one_work+0x16a0/0x16a0
[ 1826.839859][T32173]  kthread+0x388/0x470
[ 1826.843905][T32173]  ? kthread_mod_delayed_work+0x1a0/0x1a0
[ 1826.849616][T32173]  ? kthread_mod_delayed_work+0x1a0/0x1a0
[ 1826.855325][T32173]  ret_from_fork+0x24/0x30
[ 1826.859727][T32173] kworker/u4:7    I30952 25617      2 0x80004000
[ 1826.866063][T32173] Call Trace:
[ 1826.869351][T32173]  __schedule+0x8f3/0x1fc0
[ 1826.873746][T32173]  ? worker_thread+0x240/0xe20
[ 1826.878491][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1826.883752][T32173]  ? do_raw_spin_lock+0x129/0x2e0
[ 1826.888778][T32173]  ? _raw_spin_unlock_irq+0x1f/0x80
[ 1826.893955][T32173]  schedule+0xd0/0x2a0
[ 1826.898007][T32173]  worker_thread+0x245/0xe20
[ 1826.902575][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1826.908538][T32173]  ? process_one_work+0x16a0/0x16a0
[ 1826.913715][T32173]  kthread+0x388/0x470
[ 1826.917779][T32173]  ? kthread_mod_delayed_work+0x1a0/0x1a0
[ 1826.923566][T32173]  ? kthread_mod_delayed_work+0x1a0/0x1a0
[ 1826.929295][T32173]  ret_from_fork+0x24/0x30
[ 1826.933703][T32173] syz-executor.2  S29768 25688   7087 0x00000000
[ 1826.940015][T32173] Call Trace:
[ 1826.943285][T32173]  __schedule+0x8f3/0x1fc0
[ 1826.947681][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1826.952970][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1826.958257][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1826.963713][T32173]  schedule+0xd0/0x2a0
[ 1826.967769][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1826.972885][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1826.978324][T32173]  futex_wait+0x1e2/0x550
[ 1826.982635][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1826.987640][T32173]  ? print_usage_bug+0x240/0x240
[ 1826.992557][T32173]  ? hash_futex+0x10/0x200
[ 1826.996949][T32173]  ? futex_wake+0x153/0x480
[ 1827.001455][T32173]  ? perf_trace_lock+0xe2/0x4b0
[ 1827.006292][T32173]  ? do_wp_page+0x512/0x1440
[ 1827.010860][T32173]  ? debug_smp_processor_id+0x2f/0x185
[ 1827.016312][T32173]  do_futex+0x15f/0x1ad0
[ 1827.020539][T32173]  ? find_held_lock+0x2d/0x110
[ 1827.025282][T32173]  ? futex_exit_release+0x60/0x60
[ 1827.030285][T32173]  ? lock_downgrade+0x840/0x840
[ 1827.035117][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1827.039946][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1827.045908][T32173]  ? __might_fault+0x190/0x1d0
[ 1827.050651][T32173]  ? _copy_to_user+0x126/0x160
[ 1827.055396][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1827.060140][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1827.064620][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1827.070055][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1827.076032][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1827.080686][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1827.086647][T32173]  do_syscall_64+0xf6/0x7d0
[ 1827.091134][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1827.097009][T32173] RIP: 0033:0x45ca59
[ 1827.100895][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1827.120913][T32173] RSP: 002b:00007f8cd7fe7cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1827.129310][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1827.137258][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1827.145220][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1827.153168][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1827.161134][T32173] R13: 0000000000c9fb6f R14: 00007f8cd7fe89c0 R15: 000000000078bf0c
[ 1827.169152][T32173] syz-executor.2  S29824 25693   7087 0x00000000
[ 1827.175466][T32173] Call Trace:
[ 1827.178751][T32173]  __schedule+0x8f3/0x1fc0
[ 1827.183157][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1827.188453][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1827.193724][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1827.199167][T32173]  schedule+0xd0/0x2a0
[ 1827.203244][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1827.208342][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1827.213796][T32173]  ? find_held_lock+0x2d/0x110
[ 1827.218559][T32173]  futex_wait+0x1e2/0x550
[ 1827.222875][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1827.227883][T32173]  ? print_usage_bug+0x240/0x240
[ 1827.232816][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1827.238013][T32173]  ? futex_wake+0x153/0x480
[ 1827.242517][T32173]  ? do_wp_page+0x512/0x1440
[ 1827.247103][T32173]  do_futex+0x15f/0x1ad0
[ 1827.251331][T32173]  ? perf_trace_lock+0xe2/0x4b0
[ 1827.256208][T32173]  ? __bfs+0x520/0x520
[ 1827.260260][T32173]  ? _raw_spin_unlock+0x24/0x40
[ 1827.265089][T32173]  ? futex_exit_release+0x60/0x60
[ 1827.270097][T32173]  ? do_page_fault+0x5ad/0x13d4
[ 1827.274967][T32173]  ? lock_downgrade+0x840/0x840
[ 1827.279795][T32173]  ? handle_mm_fault+0xcbc/0x3c10
[ 1827.284801][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1827.290280][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1827.296323][T32173]  ? retint_kernel+0x2b/0x2b
[ 1827.300924][T32173]  ? trace_hardirqs_on_caller+0x64/0x240
[ 1827.306538][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1827.311284][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1827.315766][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1827.321201][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1827.327159][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1827.331813][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1827.337773][T32173]  do_syscall_64+0xf6/0x7d0
[ 1827.342273][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1827.348149][T32173] RIP: 0033:0x45ca59
[ 1827.352060][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1827.371653][T32173] RSP: 002b:00007f8cd7fc6cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1827.380056][T32173] RAX: ffffffffffffffda RBX: 000000000078bfa8 RCX: 000000000045ca59
[ 1827.388068][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bfa8
[ 1827.396020][T32173] RBP: 000000000078bfa0 R08: 0000000000000000 R09: 0000000000000000
[ 1827.403974][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bfac
[ 1827.411993][T32173] R13: 0000000000c9fb6f R14: 00007f8cd7fc79c0 R15: 000000000078bfac
[ 1827.420028][T32173] syz-executor.2  S29824 25710   7087 0x00000000
[ 1827.426408][T32173] Call Trace:
[ 1827.429689][T32173]  __schedule+0x8f3/0x1fc0
[ 1827.434090][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1827.439362][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1827.444633][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1827.450076][T32173]  schedule+0xd0/0x2a0
[ 1827.454131][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1827.459250][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1827.464708][T32173]  ? find_held_lock+0x2d/0x110
[ 1827.469913][T32173]  futex_wait+0x1e2/0x550
[ 1827.474231][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1827.479293][T32173]  ? print_usage_bug+0x240/0x240
[ 1827.484283][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1827.489468][T32173]  ? futex_wake+0x153/0x480
[ 1827.493963][T32173]  ? perf_trace_lock+0xe2/0x4b0
[ 1827.498802][T32173]  ? do_wp_page+0x512/0x1440
[ 1827.503421][T32173]  ? debug_smp_processor_id+0x2f/0x185
[ 1827.508868][T32173]  do_futex+0x15f/0x1ad0
[ 1827.513118][T32173]  ? find_held_lock+0x2d/0x110
[ 1827.517878][T32173]  ? futex_exit_release+0x60/0x60
[ 1827.522902][T32173]  ? lock_downgrade+0x840/0x840
[ 1827.527912][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1827.532757][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1827.538869][T32173]  ? __might_fault+0x190/0x1d0
[ 1827.543627][T32173]  ? _copy_to_user+0x126/0x160
[ 1827.548388][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1827.553181][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1827.557677][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1827.563128][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1827.569113][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1827.573778][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1827.579748][T32173]  do_syscall_64+0xf6/0x7d0
[ 1827.584274][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1827.590152][T32173] RIP: 0033:0x45ca59
[ 1827.594037][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1827.613660][T32173] RSP: 002b:00007f8cd7fe7cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1827.622091][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1827.630049][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1827.638004][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1827.645961][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1827.653919][T32173] R13: 0000000000c9fb6f R14: 00007f8cd7fe89c0 R15: 000000000078bf0c
[ 1827.661930][T32173] syz-executor.4  S29824 25718   7358 0x00000000
[ 1827.668247][T32173] Call Trace:
[ 1827.671530][T32173]  __schedule+0x8f3/0x1fc0
[ 1827.675969][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1827.681245][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1827.686520][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1827.691966][T32173]  schedule+0xd0/0x2a0
[ 1827.696024][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1827.701159][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1827.706600][T32173]  ? find_held_lock+0x2d/0x110
[ 1827.711355][T32173]  futex_wait+0x1e2/0x550
[ 1827.715673][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1827.720684][T32173]  ? print_usage_bug+0x240/0x240
[ 1827.725610][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1827.730830][T32173]  ? futex_wake+0x153/0x480
[ 1827.735327][T32173]  ? perf_trace_lock+0xe2/0x4b0
[ 1827.740168][T32173]  ? do_wp_page+0x512/0x1440
[ 1827.744780][T32173]  ? debug_smp_processor_id+0x2f/0x185
[ 1827.750246][T32173]  do_futex+0x15f/0x1ad0
[ 1827.754570][T32173]  ? find_held_lock+0x2d/0x110
[ 1827.759447][T32173]  ? futex_exit_release+0x60/0x60
[ 1827.764464][T32173]  ? lock_downgrade+0x840/0x840
[ 1827.769306][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1827.774149][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1827.780132][T32173]  ? __might_fault+0x190/0x1d0
[ 1827.784963][T32173]  ? _copy_to_user+0x126/0x160
[ 1827.789727][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1827.794511][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1827.799005][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1827.804448][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1827.810417][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1827.815080][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1827.821054][T32173]  do_syscall_64+0xf6/0x7d0
[ 1827.825548][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1827.831427][T32173] RIP: 0033:0x45ca59
[ 1827.835308][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1827.854901][T32173] RSP: 002b:00007fc7e9ef2cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1827.863329][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1827.871485][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1827.879495][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1827.887458][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1827.895508][T32173] R13: 0000000000c9fb6f R14: 00007fc7e9ef39c0 R15: 000000000078bf0c
[ 1827.903561][T32173] syz-executor.2  S29824 25730   7087 0x00000000
[ 1827.909885][T32173] Call Trace:
[ 1827.913171][T32173]  __schedule+0x8f3/0x1fc0
[ 1827.917575][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1827.922851][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1827.928127][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1827.933582][T32173]  schedule+0xd0/0x2a0
[ 1827.937641][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1827.942739][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1827.948297][T32173]  ? find_held_lock+0x2d/0x110
[ 1827.953052][T32173]  futex_wait+0x1e2/0x550
[ 1827.957371][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1827.962383][T32173]  ? print_usage_bug+0x240/0x240
[ 1827.967304][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1827.972488][T32173]  ? futex_wake+0x153/0x480
[ 1827.976986][T32173]  ? perf_trace_lock+0xe2/0x4b0
[ 1827.981873][T32173]  ? do_wp_page+0x512/0x1440
[ 1827.986447][T32173]  ? debug_smp_processor_id+0x2f/0x185
[ 1827.991932][T32173]  do_futex+0x15f/0x1ad0
[ 1827.996168][T32173]  ? find_held_lock+0x2d/0x110
[ 1828.000919][T32173]  ? futex_exit_release+0x60/0x60
[ 1828.005929][T32173]  ? lock_downgrade+0x840/0x840
[ 1828.010819][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1828.015655][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1828.021626][T32173]  ? __might_fault+0x190/0x1d0
[ 1828.026375][T32173]  ? _copy_to_user+0x126/0x160
[ 1828.031142][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1828.035895][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1828.040390][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1828.045834][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1828.051825][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1828.056488][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1828.062456][T32173]  do_syscall_64+0xf6/0x7d0
[ 1828.066950][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1828.072826][T32173] RIP: 0033:0x45ca59
[ 1828.076742][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1828.096329][T32173] RSP: 002b:00007f8cd7fe7cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1828.104768][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1828.112735][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1828.120695][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1828.128655][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1828.136620][T32173] R13: 0000000000c9fb6f R14: 00007f8cd7fe89c0 R15: 000000000078bf0c
[ 1828.144591][T32173] syz-executor.4  S28904 25740   7358 0x00000000
[ 1828.150908][T32173] Call Trace:
[ 1828.154188][T32173]  __schedule+0x8f3/0x1fc0
[ 1828.158634][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1828.163918][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1828.169222][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1828.174670][T32173]  schedule+0xd0/0x2a0
[ 1828.178823][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1828.183920][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1828.189377][T32173]  futex_wait+0x1e2/0x550
[ 1828.193699][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1828.198997][T32173]  ? print_usage_bug+0x240/0x240
[ 1828.203927][T32173]  ? hash_futex+0x10/0x200
[ 1828.208338][T32173]  ? futex_wake+0x153/0x480
[ 1828.212844][T32173]  ? perf_trace_lock+0xe2/0x4b0
[ 1828.217695][T32173]  ? do_wp_page+0x512/0x1440
[ 1828.222337][T32173]  ? debug_smp_processor_id+0x2f/0x185
[ 1828.227798][T32173]  do_futex+0x15f/0x1ad0
[ 1828.232045][T32173]  ? find_held_lock+0x2d/0x110
[ 1828.236801][T32173]  ? futex_exit_release+0x60/0x60
[ 1828.241820][T32173]  ? lock_downgrade+0x840/0x840
[ 1828.246755][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1828.251602][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1828.257576][T32173]  ? __might_fault+0x190/0x1d0
[ 1828.262325][T32173]  ? _copy_to_user+0x126/0x160
[ 1828.267081][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1828.271835][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1828.276477][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1828.282064][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1828.288030][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1828.292695][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1828.298675][T32173]  do_syscall_64+0xf6/0x7d0
[ 1828.303179][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1828.309053][T32173] RIP: 0033:0x45ca59
[ 1828.312933][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1828.332522][T32173] RSP: 002b:00007fc7e9e8fcf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1828.341033][T32173] RAX: ffffffffffffffda RBX: 000000000078c0e8 RCX: 000000000045ca59
[ 1828.349141][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078c0e8
[ 1828.357128][T32173] RBP: 000000000078c0e0 R08: 0000000000000000 R09: 0000000000000000
[ 1828.365119][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078c0ec
[ 1828.373075][T32173] R13: 0000000000c9fb6f R14: 00007fc7e9e909c0 R15: 000000000078c0ec
[ 1828.381046][T32173] syz-executor.2  S29824 25752   7087 0x00000000
[ 1828.387478][T32173] Call Trace:
[ 1828.390903][T32173]  __schedule+0x8f3/0x1fc0
[ 1828.395310][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1828.400588][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1828.405865][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1828.411315][T32173]  schedule+0xd0/0x2a0
[ 1828.415409][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1828.420509][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1828.425953][T32173]  ? find_held_lock+0x2d/0x110
[ 1828.430748][T32173]  futex_wait+0x1e2/0x550
[ 1828.435069][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1828.440116][T32173]  ? print_usage_bug+0x240/0x240
[ 1828.445094][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1828.450316][T32173]  ? futex_wake+0x153/0x480
[ 1828.454833][T32173]  ? perf_trace_lock+0xe2/0x4b0
[ 1828.459671][T32173]  ? do_wp_page+0x512/0x1440
[ 1828.464243][T32173]  ? debug_smp_processor_id+0x2f/0x185
[ 1828.469694][T32173]  do_futex+0x15f/0x1ad0
[ 1828.473948][T32173]  ? find_held_lock+0x2d/0x110
[ 1828.478705][T32173]  ? futex_exit_release+0x60/0x60
[ 1828.483715][T32173]  ? lock_downgrade+0x840/0x840
[ 1828.488551][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1828.493425][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1828.499432][T32173]  ? __might_fault+0x190/0x1d0
[ 1828.504181][T32173]  ? _copy_to_user+0x126/0x160
[ 1828.509026][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1828.513810][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1828.518305][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1828.523750][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1828.529737][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1828.534400][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1828.540368][T32173]  do_syscall_64+0xf6/0x7d0
[ 1828.544863][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1828.550761][T32173] RIP: 0033:0x45ca59
[ 1828.554643][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1828.574264][T32173] RSP: 002b:00007f8cd7fe7cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1828.582661][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1828.590653][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1828.598614][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1828.606579][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1828.614536][T32173] R13: 0000000000c9fb6f R14: 00007f8cd7fe89c0 R15: 000000000078bf0c
[ 1828.622509][T32173] syz-executor.4  S29824 25775   7358 0x00000000
[ 1828.628830][T32173] Call Trace:
[ 1828.632112][T32173]  __schedule+0x8f3/0x1fc0
[ 1828.636516][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1828.641792][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1828.647064][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1828.652513][T32173]  schedule+0xd0/0x2a0
[ 1828.656607][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1828.661704][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1828.667184][T32173]  ? find_held_lock+0x2d/0x110
[ 1828.671970][T32173]  futex_wait+0x1e2/0x550
[ 1828.676317][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1828.681332][T32173]  ? print_usage_bug+0x240/0x240
[ 1828.686255][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1828.691440][T32173]  ? futex_wake+0x153/0x480
[ 1828.695940][T32173]  ? perf_trace_lock+0xe2/0x4b0
[ 1828.700777][T32173]  ? do_wp_page+0x512/0x1440
[ 1828.705353][T32173]  ? debug_smp_processor_id+0x2f/0x185
[ 1828.710836][T32173]  do_futex+0x15f/0x1ad0
[ 1828.715072][T32173]  ? find_held_lock+0x2d/0x110
[ 1828.719827][T32173]  ? futex_exit_release+0x60/0x60
[ 1828.724838][T32173]  ? lock_downgrade+0x840/0x840
[ 1828.729677][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1828.734548][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1828.740569][T32173]  ? __might_fault+0x190/0x1d0
[ 1828.745318][T32173]  ? _copy_to_user+0x126/0x160
[ 1828.750113][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1828.754867][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1828.759393][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1828.764837][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1828.770811][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1828.775475][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1828.781451][T32173]  do_syscall_64+0xf6/0x7d0
[ 1828.785983][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1828.791860][T32173] RIP: 0033:0x45ca59
[ 1828.795741][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1828.815329][T32173] RSP: 002b:00007fc7e9ef2cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1828.823727][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1828.831692][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1828.839649][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1828.847633][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1828.855590][T32173] R13: 0000000000c9fb6f R14: 00007fc7e9ef39c0 R15: 000000000078bf0c
[ 1828.863564][T32173] syz-executor.2  S28904 25786   7087 0x00000000
[ 1828.869916][T32173] Call Trace:
[ 1828.873197][T32173]  __schedule+0x8f3/0x1fc0
[ 1828.877600][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1828.882877][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1828.888148][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1828.893594][T32173]  schedule+0xd0/0x2a0
[ 1828.897652][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1828.902748][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1828.908191][T32173]  ? find_held_lock+0x2d/0x110
[ 1828.912942][T32173]  futex_wait+0x1e2/0x550
[ 1828.917258][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1828.922267][T32173]  ? print_usage_bug+0x240/0x240
[ 1828.927187][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1828.932392][T32173]  ? futex_wake+0x153/0x480
[ 1828.936889][T32173]  ? perf_trace_lock+0xe2/0x4b0
[ 1828.941728][T32173]  ? do_wp_page+0x512/0x1440
[ 1828.946318][T32173]  ? debug_smp_processor_id+0x2f/0x185
[ 1828.951764][T32173]  do_futex+0x15f/0x1ad0
[ 1828.956003][T32173]  ? find_held_lock+0x2d/0x110
[ 1828.960757][T32173]  ? futex_exit_release+0x60/0x60
[ 1828.965771][T32173]  ? lock_downgrade+0x840/0x840
[ 1828.970612][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1828.975449][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1828.981425][T32173]  ? __might_fault+0x190/0x1d0
[ 1828.986175][T32173]  ? _copy_to_user+0x126/0x160
[ 1828.990929][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1828.995714][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1829.000251][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1829.005692][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1829.011776][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1829.016492][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1829.022491][T32173]  do_syscall_64+0xf6/0x7d0
[ 1829.027017][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1829.032930][T32173] RIP: 0033:0x45ca59
[ 1829.036810][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1829.056486][T32173] RSP: 002b:00007f8cd7fe7cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1829.064923][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1829.072912][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1829.080909][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1829.088953][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1829.096908][T32173] R13: 0000000000c9fb6f R14: 00007f8cd7fe89c0 R15: 000000000078bf0c
[ 1829.104912][T32173] syz-executor.4  S29792 25809   7358 0x00000000
[ 1829.111234][T32173] Call Trace:
[ 1829.114515][T32173]  __schedule+0x8f3/0x1fc0
[ 1829.118922][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1829.124256][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1829.129531][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1829.134978][T32173]  schedule+0xd0/0x2a0
[ 1829.139035][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1829.144138][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1829.149585][T32173]  futex_wait+0x1e2/0x550
[ 1829.153903][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1829.158914][T32173]  ? print_usage_bug+0x240/0x240
[ 1829.163856][T32173]  ? hash_futex+0x10/0x200
[ 1829.168261][T32173]  ? futex_wake+0x153/0x480
[ 1829.172761][T32173]  ? perf_trace_lock+0xe2/0x4b0
[ 1829.177604][T32173]  ? do_wp_page+0x512/0x1440
[ 1829.182176][T32173]  ? debug_smp_processor_id+0x2f/0x185
[ 1829.187623][T32173]  do_futex+0x15f/0x1ad0
[ 1829.191862][T32173]  ? find_held_lock+0x2d/0x110
[ 1829.196618][T32173]  ? futex_exit_release+0x60/0x60
[ 1829.201628][T32173]  ? lock_downgrade+0x840/0x840
[ 1829.206471][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1829.211306][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1829.217296][T32173]  ? __might_fault+0x190/0x1d0
[ 1829.222056][T32173]  ? _copy_to_user+0x126/0x160
[ 1829.226905][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1829.231676][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1829.236171][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1829.241618][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1829.247585][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1829.252314][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1829.258335][T32173]  do_syscall_64+0xf6/0x7d0
[ 1829.262832][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1829.268712][T32173] RIP: 0033:0x45ca59
[ 1829.272597][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1829.292397][T32173] RSP: 002b:00007fc7e9ef2cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1829.300799][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1829.308875][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1829.316830][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1829.324786][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1829.332743][T32173] R13: 0000000000c9fb6f R14: 00007fc7e9ef39c0 R15: 000000000078bf0c
[ 1829.340716][T32173] syz-executor.4  S29824 25832   7358 0x00000000
[ 1829.347085][T32173] Call Trace:
[ 1829.350424][T32173]  __schedule+0x8f3/0x1fc0
[ 1829.354828][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1829.360102][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1829.365380][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1829.370827][T32173]  schedule+0xd0/0x2a0
[ 1829.374885][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1829.380000][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1829.385448][T32173]  ? find_held_lock+0x2d/0x110
[ 1829.390271][T32173]  futex_wait+0x1e2/0x550
[ 1829.394594][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1829.399608][T32173]  ? print_usage_bug+0x240/0x240
[ 1829.404532][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1829.409729][T32173]  ? futex_wake+0x153/0x480
[ 1829.414312][T32173]  ? perf_trace_lock+0xe2/0x4b0
[ 1829.419154][T32173]  ? do_wp_page+0x512/0x1440
[ 1829.423731][T32173]  ? debug_smp_processor_id+0x2f/0x185
[ 1829.429297][T32173]  do_futex+0x15f/0x1ad0
[ 1829.433548][T32173]  ? find_held_lock+0x2d/0x110
[ 1829.438346][T32173]  ? futex_exit_release+0x60/0x60
[ 1829.443366][T32173]  ? lock_downgrade+0x840/0x840
[ 1829.448208][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1829.453048][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1829.459024][T32173]  ? __might_fault+0x190/0x1d0
[ 1829.463845][T32173]  ? _copy_to_user+0x126/0x160
[ 1829.468612][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1829.473374][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1829.477868][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1829.483456][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1829.489504][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1829.494171][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1829.500146][T32173]  do_syscall_64+0xf6/0x7d0
[ 1829.504643][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1829.510524][T32173] RIP: 0033:0x45ca59
[ 1829.514412][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1829.534236][T32173] RSP: 002b:00007fc7e9ef2cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1829.542705][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1829.550661][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1829.558626][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1829.566583][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1829.574540][T32173] R13: 0000000000c9fb6f R14: 00007fc7e9ef39c0 R15: 000000000078bf0c
[ 1829.582662][T32173] syz-executor.2  S29824 25835   7087 0x00000000
[ 1829.588994][T32173] Call Trace:
[ 1829.592286][T32173]  __schedule+0x8f3/0x1fc0
[ 1829.596695][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1829.601975][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1829.607251][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1829.612734][T32173]  schedule+0xd0/0x2a0
[ 1829.616791][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1829.621889][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1829.627336][T32173]  futex_wait+0x1e2/0x550
[ 1829.631659][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1829.636675][T32173]  ? print_usage_bug+0x240/0x240
[ 1829.641601][T32173]  ? hash_futex+0x10/0x200
[ 1829.646003][T32173]  ? futex_wake+0x153/0x480
[ 1829.650507][T32173]  ? perf_trace_lock+0xe2/0x4b0
[ 1829.655345][T32173]  ? do_wp_page+0x512/0x1440
[ 1829.660040][T32173]  ? debug_smp_processor_id+0x2f/0x185
[ 1829.665489][T32173]  do_futex+0x15f/0x1ad0
[ 1829.669727][T32173]  ? find_held_lock+0x2d/0x110
[ 1829.674480][T32173]  ? futex_exit_release+0x60/0x60
[ 1829.679532][T32173]  ? lock_downgrade+0x840/0x840
[ 1829.684400][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1829.689241][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1829.695215][T32173]  ? __might_fault+0x190/0x1d0
[ 1829.700001][T32173]  ? _copy_to_user+0x126/0x160
[ 1829.704757][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1829.709550][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1829.714072][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1829.719516][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1829.725482][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1829.730157][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1829.736136][T32173]  do_syscall_64+0xf6/0x7d0
[ 1829.740715][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1829.746725][T32173] RIP: 0033:0x45ca59
[ 1829.750665][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1829.770433][T32173] RSP: 002b:00007f8cd7fe7cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1829.778833][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1829.786794][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1829.794874][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1829.802912][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1829.810869][T32173] R13: 0000000000c9fb6f R14: 00007f8cd7fe89c0 R15: 000000000078bf0c
[ 1829.818840][T32173] syz-executor.3  S29448 25838   7107 0x00000000
[ 1829.825277][T32173] Call Trace:
[ 1829.828614][T32173]  __schedule+0x8f3/0x1fc0
[ 1829.833023][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1829.838350][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1829.843625][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1829.849075][T32173]  schedule+0xd0/0x2a0
[ 1829.853132][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1829.858227][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1829.863760][T32173]  ? find_held_lock+0x2d/0x110
[ 1829.868518][T32173]  futex_wait+0x1e2/0x550
[ 1829.872843][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1829.877897][T32173]  ? print_usage_bug+0x240/0x240
[ 1829.882821][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1829.888005][T32173]  ? futex_wake+0x153/0x480
[ 1829.892506][T32173]  ? perf_trace_lock+0xe2/0x4b0
[ 1829.897340][T32173]  ? do_wp_page+0x512/0x1440
[ 1829.901914][T32173]  ? debug_smp_processor_id+0x2f/0x185
[ 1829.907359][T32173]  do_futex+0x15f/0x1ad0
[ 1829.911596][T32173]  ? find_held_lock+0x2d/0x110
[ 1829.916347][T32173]  ? futex_exit_release+0x60/0x60
[ 1829.921360][T32173]  ? lock_downgrade+0x840/0x840
[ 1829.926197][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1829.931076][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1829.937232][T32173]  ? __might_fault+0x190/0x1d0
[ 1829.941986][T32173]  ? _copy_to_user+0x126/0x160
[ 1829.946740][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1829.951495][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1829.955985][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1829.961435][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1829.967617][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1829.972282][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1829.978248][T32173]  do_syscall_64+0xf6/0x7d0
[ 1829.982742][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1829.988623][T32173] RIP: 0033:0x45ca59
[ 1829.992506][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1830.012094][T32173] RSP: 002b:00007f65fad0acf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1830.020488][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1830.028504][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1830.036469][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1830.044427][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1830.052395][T32173] R13: 0000000000c9fb6f R14: 00007f65fad0b9c0 R15: 000000000078bf0c
[ 1830.060377][T32173] syz-executor.2  S29824 25874   7087 0x00000000
[ 1830.066703][T32173] Call Trace:
[ 1830.070039][T32173]  __schedule+0x8f3/0x1fc0
[ 1830.074515][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1830.079910][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1830.085183][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1830.090650][T32173]  schedule+0xd0/0x2a0
[ 1830.094707][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1830.099805][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1830.105246][T32173]  ? find_held_lock+0x2d/0x110
[ 1830.110004][T32173]  futex_wait+0x1e2/0x550
[ 1830.114323][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1830.119335][T32173]  ? print_usage_bug+0x240/0x240
[ 1830.124259][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1830.129444][T32173]  ? futex_wake+0x153/0x480
[ 1830.133943][T32173]  ? perf_trace_lock+0xe2/0x4b0
[ 1830.138781][T32173]  ? do_wp_page+0x512/0x1440
[ 1830.143353][T32173]  ? debug_smp_processor_id+0x2f/0x185
[ 1830.148798][T32173]  do_futex+0x15f/0x1ad0
[ 1830.153047][T32173]  ? find_held_lock+0x2d/0x110
[ 1830.157801][T32173]  ? futex_exit_release+0x60/0x60
[ 1830.162815][T32173]  ? lock_downgrade+0x840/0x840
[ 1830.167704][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1830.172545][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1830.178596][T32173]  ? __might_fault+0x190/0x1d0
[ 1830.183368][T32173]  ? _copy_to_user+0x126/0x160
[ 1830.188134][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1830.192896][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1830.197407][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1830.202862][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1830.208996][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1830.213665][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1830.219639][T32173]  do_syscall_64+0xf6/0x7d0
[ 1830.224136][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1830.230014][T32173] RIP: 0033:0x45ca59
[ 1830.233907][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1830.253505][T32173] RSP: 002b:00007f8cd7fe7cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1830.261905][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1830.270062][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1830.278077][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1830.286045][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1830.294126][T32173] R13: 0000000000c9fb6f R14: 00007f8cd7fe89c0 R15: 000000000078bf0c
[ 1830.302103][T32173] syz-executor.3  S29824 25880   7107 0x00000000
[ 1830.308425][T32173] Call Trace:
[ 1830.311709][T32173]  __schedule+0x8f3/0x1fc0
[ 1830.316115][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1830.321393][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1830.326665][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1830.332116][T32173]  schedule+0xd0/0x2a0
[ 1830.336219][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1830.341318][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1830.346765][T32173]  ? find_held_lock+0x2d/0x110
[ 1830.351537][T32173]  futex_wait+0x1e2/0x550
[ 1830.355855][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1830.360867][T32173]  ? print_usage_bug+0x240/0x240
[ 1830.365792][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1830.371019][T32173]  ? futex_wake+0x153/0x480
[ 1830.375518][T32173]  ? perf_trace_lock+0xe2/0x4b0
[ 1830.380355][T32173]  ? do_wp_page+0x512/0x1440
[ 1830.384959][T32173]  ? debug_smp_processor_id+0x2f/0x185
[ 1830.390441][T32173]  do_futex+0x15f/0x1ad0
[ 1830.394683][T32173]  ? find_held_lock+0x2d/0x110
[ 1830.399439][T32173]  ? futex_exit_release+0x60/0x60
[ 1830.404608][T32173]  ? lock_downgrade+0x840/0x840
[ 1830.409452][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1830.414292][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1830.420270][T32173]  ? __might_fault+0x190/0x1d0
[ 1830.425108][T32173]  ? _copy_to_user+0x126/0x160
[ 1830.429870][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1830.434630][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1830.439124][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1830.444568][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1830.450572][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1830.455234][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1830.461237][T32173]  do_syscall_64+0xf6/0x7d0
[ 1830.465729][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1830.471607][T32173] RIP: 0033:0x45ca59
[ 1830.475488][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1830.495077][T32173] RSP: 002b:00007f65fad0acf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1830.503472][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1830.511431][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1830.519393][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1830.527374][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1830.535332][T32173] R13: 0000000000c9fb6f R14: 00007f65fad0b9c0 R15: 000000000078bf0c
[ 1830.543307][T32173] syz-executor.3  S29824 25931   7107 0x00000000
[ 1830.549628][T32173] Call Trace:
[ 1830.552950][T32173]  __schedule+0x8f3/0x1fc0
[ 1830.557354][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1830.562638][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1830.567910][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1830.573387][T32173]  schedule+0xd0/0x2a0
[ 1830.577522][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1830.582620][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1830.588097][T32173]  ? find_held_lock+0x2d/0x110
[ 1830.592851][T32173]  futex_wait+0x1e2/0x550
[ 1830.597201][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1830.602223][T32173]  ? print_usage_bug+0x240/0x240
[ 1830.607144][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1830.612329][T32173]  ? futex_wake+0x153/0x480
[ 1830.616827][T32173]  ? perf_trace_lock+0xe2/0x4b0
[ 1830.621664][T32173]  ? do_wp_page+0x512/0x1440
[ 1830.626243][T32173]  ? debug_smp_processor_id+0x2f/0x185
[ 1830.631784][T32173]  do_futex+0x15f/0x1ad0
[ 1830.636034][T32173]  ? find_held_lock+0x2d/0x110
[ 1830.640794][T32173]  ? futex_exit_release+0x60/0x60
[ 1830.645817][T32173]  ? lock_downgrade+0x840/0x840
[ 1830.650700][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1830.655603][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1830.661581][T32173]  ? __might_fault+0x190/0x1d0
[ 1830.666332][T32173]  ? _copy_to_user+0x126/0x160
[ 1830.671122][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1830.675877][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1830.680371][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1830.685817][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1830.691784][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1830.696460][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1830.702431][T32173]  do_syscall_64+0xf6/0x7d0
[ 1830.706924][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1830.712803][T32173] RIP: 0033:0x45ca59
[ 1830.716686][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1830.736311][T32173] RSP: 002b:00007f65fad0acf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1830.744710][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1830.752668][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1830.760661][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1830.768616][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1830.776602][T32173] R13: 0000000000c9fb6f R14: 00007f65fad0b9c0 R15: 000000000078bf0c
[ 1830.784597][T32173] syz-executor.5  S29824 26980   7376 0x00000000
[ 1830.790955][T32173] Call Trace:
[ 1830.794267][T32173]  __schedule+0x8f3/0x1fc0
[ 1830.798708][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1830.803983][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1830.809255][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1830.814731][T32173]  schedule+0xd0/0x2a0
[ 1830.818789][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1830.823891][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1830.829343][T32173]  futex_wait+0x1e2/0x550
[ 1830.833697][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1830.838747][T32173]  ? wake_up_q+0xc1/0x140
[ 1830.843210][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1830.848444][T32173]  ? futex_wake+0x153/0x480
[ 1830.852995][T32173]  ? perf_trace_lock+0xe2/0x4b0
[ 1830.857868][T32173]  ? mark_lock+0x11f/0xdd0
[ 1830.862274][T32173]  ? debug_smp_processor_id+0x2f/0x185
[ 1830.867783][T32173]  do_futex+0x15f/0x1ad0
[ 1830.872023][T32173]  ? find_held_lock+0x2d/0x110
[ 1830.876773][T32173]  ? futex_exit_release+0x60/0x60
[ 1830.881790][T32173]  ? lock_downgrade+0x840/0x840
[ 1830.886657][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1830.891495][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1830.897500][T32173]  ? __might_fault+0x190/0x1d0
[ 1830.902253][T32173]  ? _copy_to_user+0x126/0x160
[ 1830.907040][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1830.911822][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1830.916315][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1830.921766][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1830.927817][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1830.932481][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1830.938454][T32173]  do_syscall_64+0xf6/0x7d0
[ 1830.942954][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1830.948830][T32173] RIP: 0033:0x45ca59
[ 1830.952826][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1830.972426][T32173] RSP: 002b:00007f656341ecf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1830.980822][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1830.988780][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1830.996777][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1831.004737][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1831.012704][T32173] R13: 0000000000c9fb6f R14: 00007f656341f9c0 R15: 000000000078bf0c
[ 1831.020679][T32173] syz-executor.4  S29032 26990   7358 0x00000000
[ 1831.027035][T32173] Call Trace:
[ 1831.030316][T32173]  __schedule+0x8f3/0x1fc0
[ 1831.034730][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1831.040006][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1831.045277][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1831.050725][T32173]  schedule+0xd0/0x2a0
[ 1831.054783][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1831.059879][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1831.065413][T32173]  futex_wait+0x1e2/0x550
[ 1831.069818][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1831.074829][T32173]  ? wake_up_q+0xc1/0x140
[ 1831.079140][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1831.084322][T32173]  ? futex_wake+0x153/0x480
[ 1831.088818][T32173]  ? perf_trace_lock+0xe2/0x4b0
[ 1831.093651][T32173]  ? mark_lock+0x11f/0xdd0
[ 1831.098049][T32173]  ? debug_smp_processor_id+0x2f/0x185
[ 1831.103495][T32173]  do_futex+0x15f/0x1ad0
[ 1831.107730][T32173]  ? find_held_lock+0x2d/0x110
[ 1831.112482][T32173]  ? futex_exit_release+0x60/0x60
[ 1831.117492][T32173]  ? lock_downgrade+0x840/0x840
[ 1831.122329][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1831.127171][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1831.133145][T32173]  ? __might_fault+0x190/0x1d0
[ 1831.137925][T32173]  ? debug_smp_processor_id+0x2f/0x185
[ 1831.143374][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1831.148129][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1831.152620][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1831.158094][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1831.164059][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1831.168724][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1831.174709][T32173]  do_syscall_64+0xf6/0x7d0
[ 1831.179210][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1831.185089][T32173] RIP: 0033:0x45ca59
[ 1831.188972][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1831.208769][T32173] RSP: 002b:00007fc7e9ef2cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1831.217167][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1831.225123][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1831.233126][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1831.241090][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1831.249053][T32173] R13: 0000000000c9fb6f R14: 00007fc7e9ef39c0 R15: 000000000078bf0c
[ 1831.257028][T32173] syz-executor.5  S29816 27000   7376 0x00000000
[ 1831.263529][T32173] Call Trace:
[ 1831.266819][T32173]  __schedule+0x8f3/0x1fc0
[ 1831.271223][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1831.276588][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1831.281864][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1831.287461][T32173]  schedule+0xd0/0x2a0
[ 1831.291521][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1831.296888][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1831.302349][T32173]  futex_wait+0x1e2/0x550
[ 1831.306666][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1831.311716][T32173]  ? wake_up_q+0xc1/0x140
[ 1831.316030][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1831.321256][T32173]  ? futex_wake+0x153/0x480
[ 1831.325787][T32173]  ? perf_trace_lock+0xe2/0x4b0
[ 1831.330658][T32173]  ? mark_lock+0x11f/0xdd0
[ 1831.335062][T32173]  ? debug_smp_processor_id+0x2f/0x185
[ 1831.340510][T32173]  do_futex+0x15f/0x1ad0
[ 1831.344756][T32173]  ? find_held_lock+0x2d/0x110
[ 1831.349551][T32173]  ? futex_exit_release+0x60/0x60
[ 1831.354564][T32173]  ? lock_downgrade+0x840/0x840
[ 1831.359401][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1831.364238][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1831.370250][T32173]  ? __might_fault+0x190/0x1d0
[ 1831.374998][T32173]  ? debug_smp_processor_id+0x2f/0x185
[ 1831.380449][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1831.385204][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1831.389694][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1831.395185][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1831.401276][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1831.405943][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1831.411919][T32173]  do_syscall_64+0xf6/0x7d0
[ 1831.416424][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1831.422418][T32173] RIP: 0033:0x45ca59
[ 1831.426301][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1831.445893][T32173] RSP: 002b:00007f656341ecf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1831.454292][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1831.462248][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1831.470206][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1831.478164][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1831.486164][T32173] R13: 0000000000c9fb6f R14: 00007f656341f9c0 R15: 000000000078bf0c
[ 1831.494170][T32173] syz-executor.4  S29824 27011   7358 0x00000000
[ 1831.500490][T32173] Call Trace:
[ 1831.503774][T32173]  __schedule+0x8f3/0x1fc0
[ 1831.508179][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1831.513454][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1831.518730][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1831.524234][T32173]  schedule+0xd0/0x2a0
[ 1831.528292][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1831.533392][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1831.538942][T32173]  futex_wait+0x1e2/0x550
[ 1831.543294][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1831.548324][T32173]  ? wake_up_q+0xc1/0x140
[ 1831.552656][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1831.557846][T32173]  ? futex_wake+0x153/0x480
[ 1831.562346][T32173]  ? perf_trace_lock+0xe2/0x4b0
[ 1831.567182][T32173]  ? mark_lock+0x11f/0xdd0
[ 1831.571588][T32173]  ? debug_smp_processor_id+0x2f/0x185
[ 1831.577039][T32173]  do_futex+0x15f/0x1ad0
[ 1831.581341][T32173]  ? find_held_lock+0x2d/0x110
[ 1831.586092][T32173]  ? futex_exit_release+0x60/0x60
[ 1831.591107][T32173]  ? lock_downgrade+0x840/0x840
[ 1831.595979][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1831.600817][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1831.606788][T32173]  ? __might_fault+0x190/0x1d0
[ 1831.611657][T32173]  ? _copy_to_user+0x126/0x160
[ 1831.616416][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1831.621168][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1831.625723][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1831.631223][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1831.637188][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1831.641850][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1831.647816][T32173]  do_syscall_64+0xf6/0x7d0
[ 1831.652307][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1831.658180][T32173] RIP: 0033:0x45ca59
[ 1831.662061][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1831.681741][T32173] RSP: 002b:00007fc7e9ef2cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1831.690140][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1831.698129][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1831.706086][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1831.714044][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1831.722051][T32173] R13: 0000000000c9fb6f R14: 00007fc7e9ef39c0 R15: 000000000078bf0c
[ 1831.730025][T32173] syz-executor.5  S29824 27016   7376 0x00000000
[ 1831.736344][T32173] Call Trace:
[ 1831.739625][T32173]  __schedule+0x8f3/0x1fc0
[ 1831.744036][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1831.749309][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1831.754585][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1831.760039][T32173]  schedule+0xd0/0x2a0
[ 1831.764097][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1831.769233][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1831.774716][T32173]  futex_wait+0x1e2/0x550
[ 1831.779038][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1831.784052][T32173]  ? wake_up_q+0xc1/0x140
[ 1831.788405][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1831.793601][T32173]  ? futex_wake+0x153/0x480
[ 1831.798097][T32173]  ? perf_trace_lock+0xe2/0x4b0
[ 1831.802932][T32173]  ? mark_lock+0x11f/0xdd0
[ 1831.807332][T32173]  ? debug_smp_processor_id+0x2f/0x185
[ 1831.812779][T32173]  do_futex+0x15f/0x1ad0
[ 1831.817016][T32173]  ? find_held_lock+0x2d/0x110
[ 1831.821769][T32173]  ? futex_exit_release+0x60/0x60
[ 1831.826898][T32173]  ? lock_downgrade+0x840/0x840
[ 1831.831737][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1831.836573][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1831.842631][T32173]  ? __might_fault+0x190/0x1d0
[ 1831.847413][T32173]  ? _copy_to_user+0x126/0x160
[ 1831.852168][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1831.856922][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1831.861413][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1831.866858][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1831.872829][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1831.877502][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1831.883470][T32173]  do_syscall_64+0xf6/0x7d0
[ 1831.887963][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1831.893842][T32173] RIP: 0033:0x45ca59
[ 1831.897720][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1831.917339][T32173] RSP: 002b:00007f656341ecf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1831.925733][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1831.933724][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1831.941685][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1831.949679][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1831.957670][T32173] R13: 0000000000c9fb6f R14: 00007f656341f9c0 R15: 000000000078bf0c
[ 1831.965685][T32173] syz-executor.4  S29824 27032   7358 0x00000000
[ 1831.972011][T32173] Call Trace:
[ 1831.975292][T32173]  __schedule+0x8f3/0x1fc0
[ 1831.979695][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1831.984967][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1831.990239][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1831.995683][T32173]  schedule+0xd0/0x2a0
[ 1831.999758][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1832.004870][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1832.010433][T32173]  futex_wait+0x1e2/0x550
[ 1832.014791][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1832.019814][T32173]  ? wake_up_q+0xc1/0x140
[ 1832.024209][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1832.029398][T32173]  ? futex_wake+0x153/0x480
[ 1832.033929][T32173]  ? perf_trace_lock+0xe2/0x4b0
[ 1832.038763][T32173]  ? mark_lock+0x11f/0xdd0
[ 1832.043163][T32173]  ? debug_smp_processor_id+0x2f/0x185
[ 1832.048609][T32173]  do_futex+0x15f/0x1ad0
[ 1832.052844][T32173]  ? find_held_lock+0x2d/0x110
[ 1832.057594][T32173]  ? futex_exit_release+0x60/0x60
[ 1832.062607][T32173]  ? lock_downgrade+0x840/0x840
[ 1832.067444][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1832.072353][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1832.078358][T32173]  ? __might_fault+0x190/0x1d0
[ 1832.083113][T32173]  ? _copy_to_user+0x126/0x160
[ 1832.087865][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1832.092618][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1832.097165][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1832.102611][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1832.108583][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1832.113248][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1832.119227][T32173]  do_syscall_64+0xf6/0x7d0
[ 1832.123753][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1832.129684][T32173] RIP: 0033:0x45ca59
[ 1832.133615][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1832.153329][T32173] RSP: 002b:00007fc7e9ef2cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1832.161932][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1832.169896][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1832.177859][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1832.185933][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1832.193923][T32173] R13: 0000000000c9fb6f R14: 00007fc7e9ef39c0 R15: 000000000078bf0c
[ 1832.201959][T32173] kworker/0:3     I24576 27375      2 0x80004000
[ 1832.208313][T32173] Workqueue:  0x0 (wg-crypt-wg0)
[ 1832.213324][T32173] Call Trace:
[ 1832.216622][T32173]  __schedule+0x8f3/0x1fc0
[ 1832.221155][T32173]  ? worker_thread+0x240/0xe20
[ 1832.225916][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1832.231206][T32173]  ? do_raw_spin_lock+0x129/0x2e0
[ 1832.236240][T32173]  ? _raw_spin_unlock_irq+0x1f/0x80
[ 1832.241476][T32173]  schedule+0xd0/0x2a0
[ 1832.245551][T32173]  worker_thread+0x245/0xe20
[ 1832.250141][T32173]  ? process_one_work+0x16a0/0x16a0
[ 1832.255404][T32173]  kthread+0x388/0x470
[ 1832.259536][T32173]  ? kthread_mod_delayed_work+0x1a0/0x1a0
[ 1832.265241][T32173]  ? kthread_mod_delayed_work+0x1a0/0x1a0
[ 1832.271164][T32173]  ret_from_fork+0x24/0x30
[ 1832.275587][T32173] kworker/0:4     I26352 28287      2 0x80004000
[ 1832.281932][T32173] Workqueue:  0x0 (wg-crypt-wg2)
[ 1832.286852][T32173] Call Trace:
[ 1832.290132][T32173]  __schedule+0x8f3/0x1fc0
[ 1832.294541][T32173]  ? worker_thread+0x240/0xe20
[ 1832.299360][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1832.304651][T32173]  ? _raw_spin_unlock_irq+0x1f/0x80
[ 1832.309843][T32173]  schedule+0xd0/0x2a0
[ 1832.313910][T32173]  worker_thread+0x245/0xe20
[ 1832.318502][T32173]  ? process_one_work+0x16a0/0x16a0
[ 1832.323693][T32173]  kthread+0x388/0x470
[ 1832.327753][T32173]  ? kthread_mod_delayed_work+0x1a0/0x1a0
[ 1832.333459][T32173]  ? kthread_mod_delayed_work+0x1a0/0x1a0
[ 1832.339167][T32173]  ret_from_fork+0x24/0x30
[ 1832.343587][T32173] syz-executor.5  S29824 28954   7376 0x00000000
[ 1832.350063][T32173] Call Trace:
[ 1832.353487][T32173]  __schedule+0x8f3/0x1fc0
[ 1832.357892][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1832.363209][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1832.368484][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1832.373980][T32173]  schedule+0xd0/0x2a0
[ 1832.378038][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1832.383138][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1832.388716][T32173]  ? find_held_lock+0x2d/0x110
[ 1832.393479][T32173]  futex_wait+0x1e2/0x550
[ 1832.397806][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1832.402823][T32173]  ? print_usage_bug+0x240/0x240
[ 1832.407754][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1832.412945][T32173]  ? futex_wake+0x153/0x480
[ 1832.417442][T32173]  ? perf_trace_lock+0xe2/0x4b0
[ 1832.422284][T32173]  ? print_usage_bug+0x240/0x240
[ 1832.427208][T32173]  ? debug_smp_processor_id+0x2f/0x185
[ 1832.432690][T32173]  do_futex+0x15f/0x1ad0
[ 1832.436960][T32173]  ? find_held_lock+0x2d/0x110
[ 1832.441713][T32173]  ? futex_exit_release+0x60/0x60
[ 1832.446726][T32173]  ? lock_downgrade+0x840/0x840
[ 1832.451567][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1832.456403][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1832.462377][T32173]  ? __might_fault+0x190/0x1d0
[ 1832.467125][T32173]  ? _copy_to_user+0x126/0x160
[ 1832.471917][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1832.476847][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1832.481338][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1832.486813][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1832.492779][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1832.497439][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1832.503449][T32173]  do_syscall_64+0xf6/0x7d0
[ 1832.507941][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1832.513819][T32173] RIP: 0033:0x45ca59
[ 1832.517697][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1832.537335][T32173] RSP: 002b:00007f656341ecf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1832.545821][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1832.553781][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1832.561744][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1832.569712][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1832.577668][T32173] R13: 0000000000c9fb6f R14: 00007f656341f9c0 R15: 000000000078bf0c
[ 1832.585641][T32173] syz-executor.5  S29816 28990   7376 0x00000000
[ 1832.591974][T32173] Call Trace:
[ 1832.595294][T32173]  __schedule+0x8f3/0x1fc0
[ 1832.599704][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1832.604977][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1832.610249][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1832.615695][T32173]  schedule+0xd0/0x2a0
[ 1832.619755][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1832.624850][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1832.630296][T32173]  futex_wait+0x1e2/0x550
[ 1832.634616][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1832.639631][T32173]  ? wake_up_q+0xc1/0x140
[ 1832.643980][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1832.649212][T32173]  ? futex_wake+0x153/0x480
[ 1832.653709][T32173]  ? perf_trace_lock+0xe2/0x4b0
[ 1832.658545][T32173]  ? mark_lock+0x11f/0xdd0
[ 1832.662946][T32173]  ? debug_smp_processor_id+0x2f/0x185
[ 1832.668405][T32173]  do_futex+0x15f/0x1ad0
[ 1832.672643][T32173]  ? find_held_lock+0x2d/0x110
[ 1832.677393][T32173]  ? futex_exit_release+0x60/0x60
[ 1832.682839][T32173]  ? lock_downgrade+0x840/0x840
[ 1832.687723][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1832.692590][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1832.698601][T32173]  ? __might_fault+0x190/0x1d0
[ 1832.703349][T32173]  ? debug_smp_processor_id+0x2f/0x185
[ 1832.708795][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1832.713592][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1832.718108][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1832.723549][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1832.729574][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1832.734235][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1832.740206][T32173]  do_syscall_64+0xf6/0x7d0
[ 1832.744696][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1832.750570][T32173] RIP: 0033:0x45ca59
[ 1832.754446][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1832.774049][T32173] RSP: 002b:00007f656341ecf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1832.782444][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1832.790395][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1832.798365][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1832.806313][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1832.814277][T32173] R13: 0000000000c9fb6f R14: 00007f656341f9c0 R15: 000000000078bf0c
[ 1832.822260][T32173] syz-executor.5  S29824 29003   7376 0x00000000
[ 1832.828588][T32173] Call Trace:
[ 1832.831861][T32173]  __schedule+0x8f3/0x1fc0
[ 1832.836258][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1832.841525][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1832.846788][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1832.852225][T32173]  schedule+0xd0/0x2a0
[ 1832.856270][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1832.861357][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1832.866808][T32173]  futex_wait+0x1e2/0x550
[ 1832.871126][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1832.876128][T32173]  ? wake_up_q+0xc1/0x140
[ 1832.880449][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1832.885623][T32173]  ? futex_wake+0x153/0x480
[ 1832.890133][T32173]  ? perf_trace_lock+0xe2/0x4b0
[ 1832.894973][T32173]  ? mark_lock+0x11f/0xdd0
[ 1832.899365][T32173]  ? debug_smp_processor_id+0x2f/0x185
[ 1832.904816][T32173]  do_futex+0x15f/0x1ad0
[ 1832.909053][T32173]  ? find_held_lock+0x2d/0x110
[ 1832.913795][T32173]  ? futex_exit_release+0x60/0x60
[ 1832.918798][T32173]  ? lock_downgrade+0x840/0x840
[ 1832.923626][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1832.928455][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1832.934432][T32173]  ? __might_fault+0x190/0x1d0
[ 1832.939172][T32173]  ? debug_smp_processor_id+0x2f/0x185
[ 1832.944612][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1832.949372][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1832.953855][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1832.959311][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1832.965282][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1832.969937][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1832.975897][T32173]  do_syscall_64+0xf6/0x7d0
[ 1832.980381][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1832.986249][T32173] RIP: 0033:0x45ca59
[ 1832.990139][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1833.009718][T32173] RSP: 002b:00007f656341ecf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1833.018103][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1833.026065][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1833.035071][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1833.043020][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1833.050986][T32173] R13: 0000000000c9fb6f R14: 00007f656341f9c0 R15: 000000000078bf0c
[ 1833.058965][T32173] syz-executor.2  S28896 31102   7087 0x00000000
[ 1833.065275][T32173] Call Trace:
[ 1833.068543][T32173]  __schedule+0x8f3/0x1fc0
[ 1833.072955][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1833.078218][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1833.083484][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1833.088923][T32173]  schedule+0xd0/0x2a0
[ 1833.092971][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1833.098058][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1833.103496][T32173]  ? alloc_empty_file+0x6d/0x170
[ 1833.108433][T32173]  futex_wait+0x1e2/0x550
[ 1833.112743][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1833.117748][T32173]  ? print_usage_bug+0x240/0x240
[ 1833.122665][T32173]  ? hash_futex+0x10/0x200
[ 1833.127077][T32173]  ? futex_wake+0x153/0x480
[ 1833.131566][T32173]  ? perf_trace_lock+0xe2/0x4b0
[ 1833.136412][T32173]  ? debug_smp_processor_id+0x2f/0x185
[ 1833.141853][T32173]  do_futex+0x15f/0x1ad0
[ 1833.146093][T32173]  ? find_held_lock+0x2d/0x110
[ 1833.150836][T32173]  ? futex_exit_release+0x60/0x60
[ 1833.155854][T32173]  ? lock_downgrade+0x840/0x840
[ 1833.160684][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1833.165512][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1833.171486][T32173]  ? __might_fault+0x190/0x1d0
[ 1833.176227][T32173]  ? _copy_to_user+0x126/0x160
[ 1833.180975][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1833.185718][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1833.190201][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1833.195654][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1833.201641][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1833.206309][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1833.212295][T32173]  do_syscall_64+0xf6/0x7d0
[ 1833.216785][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1833.222658][T32173] RIP: 0033:0x45ca59
[ 1833.226548][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1833.246143][T32173] RSP: 002b:00007f8cd7fe7cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1833.254532][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1833.262482][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1833.270430][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1833.278380][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1833.286328][T32173] R13: 0000000000c9fb6f R14: 00007f8cd7fe89c0 R15: 000000000078bf0c
[ 1833.294311][T32173] syz-executor.2  S29824 31121   7087 0x00000000
[ 1833.300622][T32173] Call Trace:
[ 1833.303897][T32173]  __schedule+0x8f3/0x1fc0
[ 1833.308300][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1833.313577][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1833.318842][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1833.324280][T32173]  schedule+0xd0/0x2a0
[ 1833.328350][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1833.333460][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1833.338905][T32173]  futex_wait+0x1e2/0x550
[ 1833.343214][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1833.348215][T32173]  ? wake_up_q+0xc1/0x140
[ 1833.352525][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1833.357704][T32173]  ? futex_wake+0x153/0x480
[ 1833.362197][T32173]  ? perf_trace_lock+0xe2/0x4b0
[ 1833.367048][T32173]  ? mark_lock+0x11f/0xdd0
[ 1833.371441][T32173]  ? debug_smp_processor_id+0x2f/0x185
[ 1833.376878][T32173]  do_futex+0x15f/0x1ad0
[ 1833.381135][T32173]  ? find_held_lock+0x2d/0x110
[ 1833.385890][T32173]  ? futex_exit_release+0x60/0x60
[ 1833.390917][T32173]  ? lock_downgrade+0x840/0x840
[ 1833.395764][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1833.400605][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1833.406576][T32173]  ? __might_fault+0x190/0x1d0
[ 1833.411396][T32173]  ? debug_smp_processor_id+0x2f/0x185
[ 1833.416886][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1833.421678][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1833.426167][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1833.431659][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1833.437623][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1833.442282][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1833.448253][T32173]  do_syscall_64+0xf6/0x7d0
[ 1833.452743][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1833.458614][T32173] RIP: 0033:0x45ca59
[ 1833.462489][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1833.483219][T32173] RSP: 002b:00007f8cd7fe7cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1833.491621][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1833.499570][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1833.507514][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1833.515461][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1833.523408][T32173] R13: 0000000000c9fb6f R14: 00007f8cd7fe89c0 R15: 000000000078bf0c
[ 1833.531372][T32173] syz-executor.2  S29824 31126   7087 0x00000000
[ 1833.537692][T32173] Call Trace:
[ 1833.540972][T32173]  __schedule+0x8f3/0x1fc0
[ 1833.545368][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1833.550634][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1833.555914][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1833.561354][T32173]  schedule+0xd0/0x2a0
[ 1833.565416][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1833.570518][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1833.575955][T32173]  futex_wait+0x1e2/0x550
[ 1833.580266][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1833.585269][T32173]  ? wake_up_q+0xc1/0x140
[ 1833.589577][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1833.594766][T32173]  ? futex_wake+0x153/0x480
[ 1833.599254][T32173]  ? perf_trace_lock+0xe2/0x4b0
[ 1833.604081][T32173]  ? mark_lock+0x11f/0xdd0
[ 1833.608474][T32173]  ? debug_smp_processor_id+0x2f/0x185
[ 1833.613928][T32173]  do_futex+0x15f/0x1ad0
[ 1833.618167][T32173]  ? find_held_lock+0x2d/0x110
[ 1833.622908][T32173]  ? futex_exit_release+0x60/0x60
[ 1833.627928][T32173]  ? lock_downgrade+0x840/0x840
[ 1833.632761][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1833.637588][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1833.643551][T32173]  ? __might_fault+0x190/0x1d0
[ 1833.648303][T32173]  ? debug_smp_processor_id+0x2f/0x185
[ 1833.653761][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1833.658507][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1833.663612][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1833.669049][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1833.675006][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1833.679660][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1833.685617][T32173]  do_syscall_64+0xf6/0x7d0
[ 1833.690119][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1833.695984][T32173] RIP: 0033:0x45ca59
[ 1833.699857][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1833.719435][T32173] RSP: 002b:00007f8cd7fe7cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1833.727821][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1833.735783][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1833.743729][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1833.751677][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1833.759622][T32173] R13: 0000000000c9fb6f R14: 00007f8cd7fe89c0 R15: 000000000078bf0c
[ 1833.767585][T32173] syz-executor.2  S29824 31138   7087 0x00000000
[ 1833.773896][T32173] Call Trace:
[ 1833.777176][T32173]  __schedule+0x8f3/0x1fc0
[ 1833.781584][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1833.786850][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1833.792114][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1833.797566][T32173]  schedule+0xd0/0x2a0
[ 1833.801615][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1833.806719][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1833.812168][T32173]  futex_wait+0x1e2/0x550
[ 1833.816477][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1833.821480][T32173]  ? wake_up_q+0xc1/0x140
[ 1833.825800][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1833.830975][T32173]  ? futex_wake+0x153/0x480
[ 1833.835464][T32173]  ? perf_trace_lock+0xe2/0x4b0
[ 1833.840313][T32173]  ? mark_lock+0x11f/0xdd0
[ 1833.844703][T32173]  ? debug_smp_processor_id+0x2f/0x185
[ 1833.850141][T32173]  do_futex+0x15f/0x1ad0
[ 1833.854383][T32173]  ? find_held_lock+0x2d/0x110
[ 1833.859125][T32173]  ? futex_exit_release+0x60/0x60
[ 1833.864149][T32173]  ? lock_downgrade+0x840/0x840
[ 1833.868995][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1833.873822][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1833.879802][T32173]  ? __might_fault+0x190/0x1d0
[ 1833.884598][T32173]  ? debug_smp_processor_id+0x2f/0x185
[ 1833.890091][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1833.894892][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1833.899380][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1833.904815][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1833.910794][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1833.915507][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1833.921468][T32173]  do_syscall_64+0xf6/0x7d0
[ 1833.925969][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1833.931837][T32173] RIP: 0033:0x45ca59
[ 1833.935710][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1833.955290][T32173] RSP: 002b:00007f8cd7fe7cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1833.963692][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1833.971751][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1833.979714][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1833.987660][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1833.995606][T32173] R13: 0000000000c9fb6f R14: 00007f8cd7fe89c0 R15: 000000000078bf0c
[ 1834.003569][T32173] syz-executor.2  S29816 31163   7087 0x00000000
[ 1834.009880][T32173] Call Trace:
[ 1834.013152][T32173]  __schedule+0x8f3/0x1fc0
[ 1834.017563][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1834.022834][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1834.028094][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1834.033548][T32173]  schedule+0xd0/0x2a0
[ 1834.037595][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1834.042683][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1834.048123][T32173]  futex_wait+0x1e2/0x550
[ 1834.052433][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1834.057433][T32173]  ? wake_up_q+0xc1/0x140
[ 1834.061755][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1834.066928][T32173]  ? futex_wake+0x153/0x480
[ 1834.071416][T32173]  ? perf_trace_lock+0xe2/0x4b0
[ 1834.076265][T32173]  ? debug_smp_processor_id+0x2f/0x185
[ 1834.081707][T32173]  do_futex+0x15f/0x1ad0
[ 1834.085935][T32173]  ? find_held_lock+0x2d/0x110
[ 1834.090677][T32173]  ? futex_exit_release+0x60/0x60
[ 1834.095682][T32173]  ? lock_downgrade+0x840/0x840
[ 1834.100513][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1834.105339][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1834.111319][T32173]  ? __might_fault+0x190/0x1d0
[ 1834.116058][T32173]  ? _copy_to_user+0x126/0x160
[ 1834.120824][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1834.125569][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1834.130052][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1834.135485][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1834.141442][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1834.146095][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1834.152054][T32173]  do_syscall_64+0xf6/0x7d0
[ 1834.156535][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1834.162420][T32173] RIP: 0033:0x45ca59
[ 1834.166293][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1834.185890][T32173] RSP: 002b:00007f8cd7fe7cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1834.194277][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1834.202228][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1834.210177][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1834.218122][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1834.226084][T32173] R13: 0000000000c9fb6f R14: 00007f8cd7fe89c0 R15: 000000000078bf0c
[ 1834.234064][T32173] syz-executor.2  S29824 31180   7087 0x00000000
[ 1834.240393][T32173] Call Trace:
[ 1834.243672][T32173]  __schedule+0x8f3/0x1fc0
[ 1834.248070][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1834.253341][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1834.258618][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1834.264106][T32173]  schedule+0xd0/0x2a0
[ 1834.268156][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1834.273249][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1834.278690][T32173]  futex_wait+0x1e2/0x550
[ 1834.283000][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1834.288001][T32173]  ? wake_up_q+0xc1/0x140
[ 1834.292307][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1834.297501][T32173]  ? futex_wake+0x153/0x480
[ 1834.301993][T32173]  ? perf_trace_lock+0xe2/0x4b0
[ 1834.306818][T32173]  ? mark_lock+0x11f/0xdd0
[ 1834.311214][T32173]  ? debug_smp_processor_id+0x2f/0x185
[ 1834.316653][T32173]  do_futex+0x15f/0x1ad0
[ 1834.320896][T32173]  ? find_held_lock+0x2d/0x110
[ 1834.325636][T32173]  ? futex_exit_release+0x60/0x60
[ 1834.330640][T32173]  ? lock_downgrade+0x840/0x840
[ 1834.335468][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1834.340298][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1834.346277][T32173]  ? __might_fault+0x190/0x1d0
[ 1834.351020][T32173]  ? debug_smp_processor_id+0x2f/0x185
[ 1834.356459][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1834.361204][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1834.365685][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1834.371121][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1834.377078][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1834.381734][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1834.387693][T32173]  do_syscall_64+0xf6/0x7d0
[ 1834.392194][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1834.398069][T32173] RIP: 0033:0x45ca59
[ 1834.401958][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1834.421550][T32173] RSP: 002b:00007f8cd7fe7cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1834.429943][T32173] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045ca59
[ 1834.437909][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08
[ 1834.445859][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1834.453808][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
[ 1834.461759][T32173] R13: 0000000000c9fb6f R14: 00007f8cd7fe89c0 R15: 000000000078bf0c
[ 1834.469724][T32173] syz-executor.3  S28120 31541   7107 0x00000000
[ 1834.476033][T32173] Call Trace:
[ 1834.479307][T32173]  __schedule+0x8f3/0x1fc0
[ 1834.483702][T32173]  ? futex_wait_queue_me+0x1e7/0x570
[ 1834.488968][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1834.494235][T32173]  ? plist_check_prev_next+0x126/0x1a0
[ 1834.499672][T32173]  schedule+0xd0/0x2a0
[ 1834.503732][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1834.508821][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1834.514256][T32173]  ? find_held_lock+0x2d/0x110
[ 1834.519003][T32173]  futex_wait+0x1e2/0x550
[ 1834.523330][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1834.528334][T32173]  ? print_usage_bug+0x240/0x240
[ 1834.533249][T32173]  ? do_raw_spin_unlock+0x171/0x260
[ 1834.538442][T32173]  ? futex_wake+0x153/0x480
[ 1834.542928][T32173]  ? perf_trace_lock+0xe2/0x4b0
[ 1834.547752][T32173]  ? __bfs+0x520/0x520
[ 1834.551798][T32173]  ? debug_smp_processor_id+0x2f/0x185
[ 1834.557237][T32173]  do_futex+0x15f/0x1ad0
[ 1834.561462][T32173]  ? find_held_lock+0x2d/0x110
[ 1834.566203][T32173]  ? futex_exit_release+0x60/0x60
[ 1834.571209][T32173]  ? lock_downgrade+0x840/0x840
[ 1834.576039][T32173]  ? ktime_get_ts64+0x110/0x3e0
[ 1834.580866][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1834.586826][T32173]  ? __might_fault+0x190/0x1d0
[ 1834.591565][T32173]  ? _copy_to_user+0x126/0x160
[ 1834.596310][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1834.601053][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1834.605536][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1834.610987][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1834.616942][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1834.621597][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1834.627555][T32173]  do_syscall_64+0xf6/0x7d0
[ 1834.632037][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1834.637906][T32173] RIP: 0033:0x45ca59
[ 1834.641780][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1834.661471][T32173] RSP: 002b:00007f65face9cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1834.669857][T32173] RAX: ffffffffffffffda RBX: 000000000078bfa8 RCX: 000000000045ca59
[ 1834.677804][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bfa8
[ 1834.685752][T32173] RBP: 000000000078bfa0 R08: 0000000000000000 R09: 0000000000000000
[ 1834.693700][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bfac
[ 1834.701650][T32173] R13: 0000000000c9fb6f R14: 00007f65facea9c0 R15: 000000000078bfac
[ 1834.709633][T32173] syz-executor.2  T29832 31722   7087 0x00000000
[ 1834.715945][T32173] Call Trace:
[ 1834.719241][T32173]  __schedule+0x8f3/0x1fc0
[ 1834.723638][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1834.728902][T32173]  ? _raw_spin_unlock_irq+0x1f/0x80
[ 1834.734079][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1834.740039][T32173]  schedule+0xd0/0x2a0
[ 1834.744092][T32173]  do_signal_stop+0x31d/0x840
[ 1834.748754][T32173]  get_signal+0x958/0x2510
[ 1834.753158][T32173]  do_signal+0x81/0x2240
[ 1834.757394][T32173]  ? check_kill_permission+0x53/0x540
[ 1834.762761][T32173]  ? copy_siginfo_to_user32+0xa0/0xa0
[ 1834.768109][T32173]  ? do_rt_tgsigqueueinfo+0xab/0x100
[ 1834.773380][T32173]  ? exit_to_usermode_loop+0x36/0x360
[ 1834.778729][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1834.784690][T32173]  exit_to_usermode_loop+0x26c/0x360
[ 1834.789954][T32173]  do_syscall_64+0x6b1/0x7d0
[ 1834.794536][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1834.800404][T32173] RIP: 0033:0x45ca59
[ 1834.804276][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1834.823854][T32173] RSP: 002b:00007f8cd7fe7c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000129
[ 1834.832238][T32173] RAX: 0000000000000000 RBX: 00000000004fc6a0 RCX: 000000000045ca59
[ 1834.840185][T32173] RDX: 0000000000000014 RSI: 0000000000001649 RDI: 0000000000001649
[ 1834.848153][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1834.856102][T32173] R10: 0000000020001180 R11: 0000000000000246 R12: 00000000ffffffff
[ 1834.864059][T32173] R13: 00000000000008d0 R14: 00000000004cba6f R15: 00007f8cd7fe86d4
[ 1834.872021][T32173] syz-executor.2  T29832 31737   7087 0x00004000
[ 1834.879545][T32173] Call Trace:
[ 1834.882816][T32173]  __schedule+0x8f3/0x1fc0
[ 1834.887217][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1834.892478][T32173]  ? _raw_spin_unlock_irq+0x1f/0x80
[ 1834.897653][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1834.903614][T32173]  schedule+0xd0/0x2a0
[ 1834.907674][T32173]  do_signal_stop+0x31d/0x840
[ 1834.912333][T32173]  get_signal+0x958/0x2510
[ 1834.916736][T32173]  do_signal+0x81/0x2240
[ 1834.920955][T32173]  ? check_kill_permission+0x53/0x540
[ 1834.926305][T32173]  ? copy_siginfo_to_user32+0xa0/0xa0
[ 1834.931677][T32173]  ? do_rt_tgsigqueueinfo+0xab/0x100
[ 1834.936946][T32173]  ? exit_to_usermode_loop+0x36/0x360
[ 1834.942296][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1834.948271][T32173]  exit_to_usermode_loop+0x26c/0x360
[ 1834.953534][T32173]  do_syscall_64+0x6b1/0x7d0
[ 1834.958101][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1834.963968][T32173] RIP: 0033:0x45ca59
[ 1834.967854][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1834.987433][T32173] RSP: 002b:00007f8cd7fe7c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000129
[ 1834.995822][T32173] RAX: 0000000000000000 RBX: 00000000004fc6a0 RCX: 000000000045ca59
[ 1835.003769][T32173] RDX: 0000000000000014 RSI: 000000000000164c RDI: 000000000000164c
[ 1835.011717][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1835.019664][T32173] R10: 0000000020001180 R11: 0000000000000246 R12: 00000000ffffffff
[ 1835.027629][T32173] R13: 00000000000008d0 R14: 00000000004cba6f R15: 00007f8cd7fe86d4
[ 1835.035607][T32173] syz-executor.1  T29832 31738   6929 0x00000000
[ 1835.041917][T32173] Call Trace:
[ 1835.045190][T32173]  __schedule+0x8f3/0x1fc0
[ 1835.049606][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1835.054866][T32173]  ? _raw_spin_unlock_irq+0x1f/0x80
[ 1835.060042][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1835.066001][T32173]  schedule+0xd0/0x2a0
[ 1835.070050][T32173]  do_signal_stop+0x31d/0x840
[ 1835.074710][T32173]  get_signal+0x958/0x2510
[ 1835.079115][T32173]  do_signal+0x81/0x2240
[ 1835.083333][T32173]  ? check_kill_permission+0x53/0x540
[ 1835.088686][T32173]  ? copy_siginfo_to_user32+0xa0/0xa0
[ 1835.094036][T32173]  ? do_rt_tgsigqueueinfo+0xab/0x100
[ 1835.099308][T32173]  ? exit_to_usermode_loop+0x36/0x360
[ 1835.104656][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1835.110616][T32173]  exit_to_usermode_loop+0x26c/0x360
[ 1835.115878][T32173]  do_syscall_64+0x6b1/0x7d0
[ 1835.120447][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1835.126312][T32173] RIP: 0033:0x45ca59
[ 1835.130186][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1835.149763][T32173] RSP: 002b:00007f7591596c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000129
[ 1835.158151][T32173] RAX: 0000000000000000 RBX: 00000000004fc6a0 RCX: 000000000045ca59
[ 1835.166111][T32173] RDX: 0000000000000014 RSI: 00000000000016ea RDI: 00000000000016ea
[ 1835.174057][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1835.182003][T32173] R10: 0000000020001180 R11: 0000000000000246 R12: 00000000ffffffff
[ 1835.189950][T32173] R13: 00000000000008d0 R14: 00000000004cba6f R15: 00007f75915976d4
[ 1835.197910][T32173] syz-executor.2  T29832 31750   7087 0x00004000
[ 1835.204221][T32173] Call Trace:
[ 1835.207490][T32173]  __schedule+0x8f3/0x1fc0
[ 1835.212063][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1835.217338][T32173]  ? _raw_spin_unlock_irq+0x1f/0x80
[ 1835.222514][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1835.228472][T32173]  schedule+0xd0/0x2a0
[ 1835.232540][T32173]  do_signal_stop+0x31d/0x840
[ 1835.237210][T32173]  get_signal+0x958/0x2510
[ 1835.241625][T32173]  do_signal+0x81/0x2240
[ 1835.245853][T32173]  ? check_kill_permission+0x53/0x540
[ 1835.251359][T32173]  ? copy_siginfo_to_user32+0xa0/0xa0
[ 1835.256754][T32173]  ? do_rt_tgsigqueueinfo+0xab/0x100
[ 1835.262028][T32173]  ? exit_to_usermode_loop+0x36/0x360
[ 1835.267381][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1835.273341][T32173]  exit_to_usermode_loop+0x26c/0x360
[ 1835.278608][T32173]  do_syscall_64+0x6b1/0x7d0
[ 1835.283219][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1835.289093][T32173] RIP: 0033:0x45ca59
[ 1835.292965][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1835.312546][T32173] RSP: 002b:00007f8cd7fe7c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000129
[ 1835.320933][T32173] RAX: 0000000000000000 RBX: 00000000004fc6a0 RCX: 000000000045ca59
[ 1835.328881][T32173] RDX: 0000000000000014 RSI: 000000000000164f RDI: 000000000000164f
[ 1835.336828][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1835.344774][T32173] R10: 0000000020001180 R11: 0000000000000246 R12: 00000000ffffffff
[ 1835.352721][T32173] R13: 00000000000008d0 R14: 00000000004cba6f R15: 00007f8cd7fe86d4
[ 1835.360684][T32173] syz-executor.1  T29832 31751   6929 0x00004000
[ 1835.366993][T32173] Call Trace:
[ 1835.370266][T32173]  __schedule+0x8f3/0x1fc0
[ 1835.374683][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1835.379955][T32173]  ? _raw_spin_unlock_irq+0x1f/0x80
[ 1835.385135][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1835.391102][T32173]  schedule+0xd0/0x2a0
[ 1835.395183][T32173]  do_signal_stop+0x31d/0x840
[ 1835.399860][T32173]  get_signal+0x958/0x2510
[ 1835.404269][T32173]  do_signal+0x81/0x2240
[ 1835.408501][T32173]  ? check_kill_permission+0x53/0x540
[ 1835.413884][T32173]  ? copy_siginfo_to_user32+0xa0/0xa0
[ 1835.419239][T32173]  ? do_rt_tgsigqueueinfo+0xab/0x100
[ 1835.424512][T32173]  ? exit_to_usermode_loop+0x36/0x360
[ 1835.429862][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1835.435827][T32173]  exit_to_usermode_loop+0x26c/0x360
[ 1835.441094][T32173]  do_syscall_64+0x6b1/0x7d0
[ 1835.445665][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1835.451654][T32173] RIP: 0033:0x45ca59
[ 1835.455540][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1835.475145][T32173] RSP: 002b:00007f7591596c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000129
[ 1835.483548][T32173] RAX: 0000000000000000 RBX: 00000000004fc6a0 RCX: 000000000045ca59
[ 1835.491544][T32173] RDX: 0000000000000014 RSI: 00000000000016ed RDI: 00000000000016ed
[ 1835.499493][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1835.507455][T32173] R10: 0000000020001180 R11: 0000000000000246 R12: 00000000ffffffff
[ 1835.515402][T32173] R13: 00000000000008d0 R14: 00000000004cba6f R15: 00007f75915976d4
[ 1835.523488][T32173] syz-executor.1  T29608 31759   6929 0x00004000
[ 1835.529816][T32173] Call Trace:
[ 1835.533098][T32173]  __schedule+0x8f3/0x1fc0
[ 1835.537500][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1835.542771][T32173]  ? _raw_spin_unlock_irq+0x1f/0x80
[ 1835.547951][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1835.553929][T32173]  schedule+0xd0/0x2a0
[ 1835.557978][T32173]  do_signal_stop+0x31d/0x840
[ 1835.562637][T32173]  get_signal+0x958/0x2510
[ 1835.567039][T32173]  do_signal+0x81/0x2240
[ 1835.571267][T32173]  ? copy_siginfo_to_user32+0xa0/0xa0
[ 1835.576616][T32173]  ? do_rt_tgsigqueueinfo+0xab/0x100
[ 1835.581889][T32173]  ? exit_to_usermode_loop+0x36/0x360
[ 1835.588365][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1835.594329][T32173]  exit_to_usermode_loop+0x26c/0x360
[ 1835.599593][T32173]  do_syscall_64+0x6b1/0x7d0
[ 1835.604206][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1835.610075][T32173] RIP: 0033:0x45ca59
[ 1835.613946][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1835.633523][T32173] RSP: 002b:00007f7591596c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000129
[ 1835.641960][T32173] RAX: 0000000000000000 RBX: 00000000004fc6a0 RCX: 000000000045ca59
[ 1835.649907][T32173] RDX: 0000000000000014 RSI: 00000000000016f0 RDI: 00000000000016f0
[ 1835.657869][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1835.665835][T32173] R10: 0000000020001180 R11: 0000000000000246 R12: 00000000ffffffff
[ 1835.673784][T32173] R13: 00000000000008d0 R14: 00000000004cba6f R15: 00007f75915976d4
[ 1835.681748][T32173] syz-executor.4  S28120 32170   7358 0x00000000
[ 1835.688054][T32173] Call Trace:
[ 1835.691322][T32173]  __schedule+0x8f3/0x1fc0
[ 1835.695739][T32173]  ? firmware_map_remove+0x19d/0x19d
[ 1835.701002][T32173]  ? enqueue_hrtimer+0x420/0x420
[ 1835.705918][T32173]  schedule+0xd0/0x2a0
[ 1835.709974][T32173]  futex_wait_queue_me+0x2a7/0x570
[ 1835.715151][T32173]  ? fault_in_user_writeable+0x90/0x90
[ 1835.720592][T32173]  futex_wait+0x1e2/0x550
[ 1835.724901][T32173]  ? futex_wait_setup+0x2c0/0x2c0
[ 1835.729901][T32173]  ? mark_lock+0x11f/0xdd0
[ 1835.734317][T32173]  ? hrtimer_init_sleeper_on_stack+0x90/0x90
[ 1835.740306][T32173]  do_futex+0x15f/0x1ad0
[ 1835.744546][T32173]  ? __bfs+0x520/0x520
[ 1835.748599][T32173]  ? futex_exit_release+0x60/0x60
[ 1835.753614][T32173]  ? __x64_sys_futex+0x43a/0x4f0
[ 1835.758549][T32173]  ? lock_release+0x800/0x800
[ 1835.763203][T32173]  ? lock_downgrade+0x840/0x840
[ 1835.768043][T32173]  ? __might_fault+0x190/0x1d0
[ 1835.772790][T32173]  ? ktime_get+0xff/0x2f0
[ 1835.777114][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1835.783096][T32173]  ? ktime_get+0x1f8/0x2f0
[ 1835.787510][T32173]  __x64_sys_futex+0x376/0x4f0
[ 1835.792270][T32173]  ? do_futex+0x1ad0/0x1ad0
[ 1835.796752][T32173]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1835.802208][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1835.808168][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1835.812838][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1835.818798][T32173]  do_syscall_64+0xf6/0x7d0
[ 1835.823296][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1835.829165][T32173] RIP: 0033:0x45ca59
[ 1835.833036][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1835.852630][T32173] RSP: 002b:0000000000c9fbe8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1835.861033][T32173] RAX: ffffffffffffffda RBX: 000000000000002d RCX: 000000000045ca59
[ 1835.868986][T32173] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf0c
[ 1835.876950][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1835.884917][T32173] R10: 0000000000c9fcd0 R11: 0000000000000246 R12: 00000000000003e8
[ 1835.892880][T32173] R13: 000000000019d3d8 R14: 000000000019d3ab R15: 000000000078bf0c
[ 1835.900851][T32173] syz-executor.4  R  running task    28296 32173   7358 0x80000008
[ 1835.908758][T32173] Call Trace:
[ 1835.912471][T32173]  sched_show_task.cold+0x2e2/0x343
[ 1835.917656][T32173]  ? can_nice.part.0+0x10/0x10
[ 1835.922403][T32173]  ? cpumask_next+0x3c/0x40
[ 1835.926910][T32173]  show_state_filter+0x162/0x207
[ 1835.931877][T32173]  ? fn_caps_on+0x90/0x90
[ 1835.936287][T32173]  k_spec+0xdc/0x120
[ 1835.940166][T32173]  kbd_event+0xbec/0x2ef0
[ 1835.944480][T32173]  ? lock_acquire+0x1f2/0x8f0
[ 1835.949149][T32173]  ? k_pad+0x720/0x720
[ 1835.953300][T32173]  ? debug_smp_processor_id+0x2f/0x185
[ 1835.958760][T32173]  ? k_pad+0x720/0x720
[ 1835.963052][T32173]  input_to_handler+0x3b6/0x4c0
[ 1835.967900][T32173]  input_pass_values.part.0+0x2da/0x710
[ 1835.973442][T32173]  input_handle_event+0x326/0x13a0
[ 1835.978559][T32173]  input_inject_event+0x301/0x31a
[ 1835.983598][T32173]  evdev_write+0x42d/0x755
[ 1835.987993][T32173]  ? evdev_ioctl+0x30/0x30
[ 1835.992390][T32173]  ? security_file_permission+0x8c/0x470
[ 1835.998009][T32173]  ? evdev_ioctl+0x30/0x30
[ 1836.002399][T32173]  __vfs_write+0x76/0x100
[ 1836.006705][T32173]  vfs_write+0x268/0x5d0
[ 1836.010925][T32173]  ksys_write+0x1ee/0x250
[ 1836.015227][T32173]  ? __ia32_sys_read+0xb0/0xb0
[ 1836.019966][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1836.025931][T32173]  ? do_syscall_64+0x21/0x7d0
[ 1836.030594][T32173]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1836.036550][T32173]  do_syscall_64+0xf6/0x7d0
[ 1836.041033][T32173]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1836.046899][T32173] RIP: 0033:0x45ca59
[ 1836.050784][T32173] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1836.070379][T32173] RSP: 002b:00007fc7e9ef2c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1836.078761][T32173] RAX: ffffffffffffffda RBX: 000000000050d9e0 RCX: 000000000045ca59
[ 1836.086707][T32173] RDX: 00000000000001e8 RSI: 0000000020000080 RDI: 0000000000000004
[ 1836.094653][T32173] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1836.102607][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff
[ 1836.110553][T32173] R13: 0000000000000d1d R14: 00000000004cf73b R15: 00007fc7e9ef36d4
[ 1836.118514][T32173] 
[ 1836.118514][T32173] Showing all locks held in the system:
[ 1836.126269][T32173] 1 lock held by in:imklog/6465:
[ 1836.131181][T32173]  #0: ffff8880a8dc4930 (&f->f_pos_lock){+.+.}-{3:3}, at: __fdget_pos+0xe9/0x100
[ 1836.140337][T32173] 2 locks held by agetty/6481:
[ 1836.145074][T32173]  #0: ffff88809e7be098 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x22/0x80
[ 1836.154774][T32173]  #1: ffffc90000ed42e8 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x220/0x1b30
[ 1836.164951][T32173] 2 locks held by kworker/1:7/15030:
[ 1836.170245][T32173]  #0: ffff8880aa026d38 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x844/0x16a0
[ 1836.180557][T32173]  #1: ffffc9001891fdc0 ((work_completion)(&pwq->unbound_release_work)){+.+.}-{0:0}, at: process_one_work+0x878/0x16a0
[ 1836.192954][T32173] 2 locks held by kworker/1:14/15033:
[ 1836.198297][T32173]  #0: ffff8880aa026d38 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x844/0x16a0
[ 1836.208601][T32173]  #1: ffffc9001894fdc0 ((work_completion)(&pwq->unbound_release_work)){+.+.}-{0:0}, at: process_one_work+0x878/0x16a0
[ 1836.221023][T32173] 6 locks held by syz-executor.4/32173:
[ 1836.226540][T32173]  #0: ffff88809cae7160 (&evdev->mutex){+.+.}-{3:3}, at: evdev_write+0x1cd/0x755
[ 1836.235629][T32173]  #1: ffff88809da44230 (&dev->event_lock){-...}-{2:2}, at: input_inject_event+0xa6/0x31a
[ 1836.245511][T32173]  #2: ffffffff899bdd80 (rcu_read_lock){....}-{1:2}, at: input_inject_event+0x92/0x31a
[ 1836.255131][T32173]  #3: ffffffff899bdd80 (rcu_read_lock){....}-{1:2}, at: input_pass_values.part.0+0x0/0x710
[ 1836.265214][T32173]  #4: ffffffff89f6b3b8 (kbd_event_lock){....}-{2:2}, at: kbd_event+0x87/0x2ef0
03:43:36 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$UHID_INPUT(r0, &(0x7f0000000940)={0x8, {"85f080a4933d55266e07e799aa0cc421388242df2a3c6b631b65b1c061edd2aa108c3528fe9b0bb3a53ab1200f5d01a68a4acdec8fee09648222f908c1fedc3000342e6139de28366c13509306d00ebcc67497181ac916db98af9d366b76e427d9ab5bb68095f0fb246df32b8af0783653136f8a04c03690312125c7ded6a24fda8685340c575ead69519e3583f89d467ec232d6a1ffd0463ba4ea3cbae5dae6654b5547b5458f02ac307729e57b09e134f68be44f88d72517b230b066f6315b5fb80206397bbff8cbc2a36e01c2e7b3aadb32bd3dd5288a69a991d9c674717e3abba7167280b2db3b1b8502afa4f3f296c532510c9d2dd79bb5eeb25adb5edddbdd069c09d14d15c2e7e1e2bd6c108fab3591bb22e97d6992236d2273c8bb95536f7118d007965008b125c7daac2814e6bbe1adbfa3572ad0b7ad5c26c8014118d8374ca9f285779dfee7715a403908146a74de61b3853914c89f444c12e7a38bdd46c4ed36eb806ea598f44d1dec9eff9e2476f43802211f0762b66673b45d236b2391ce322e30fb9c69fe0d514dc1f8b6e3979c1205fd5224b07d18a44fec4f6f1a6f65158bb6adcc295bf2dd7dea107f59d7e03c61fe5822292e45968956b931bdc4d6445ff1631e0b98e4b4448774dd4b9cd53a45896fdb3f03702778741ae2b45a25bf9a23fc02fb97a630f132bf9def6c6d4a7baeb62972f1a814f6f2377bcfc78e2e86368c138510a04cedf7175af8c2034fae7413e3ace8c71ab9a0af1ca7042011a6ed028e205648535dabf3b2f85196ae18d36b839e3cd54ae4933ad529888fdac7bb8a70c72bc0fc81ba06506f2d5bc7686e219bbe5283959cbef9950e071cb6d9f341fc624a5110341f26cebd7100599a06e61f66fae120c7fc2b34c6221200eba75bd1277114671a3fa8f058b27fd897b052f4a52afcea814df526181c75c4497210a2b8b74e26601561e78735387cf123654b0295d1d60556956b36d96dd038866c4b4db31ebdcddd6929bbc2850cd4901389e6ea6e86041e0efa1158f334e7afda0e11c2fb0e6df6364cb95659f506d5c7e63fb67c8116577d15e4a4b1fc4c27de2e52586cb1f52be9c3601f5066549de8bdc3ec07d1a84caf1961323ec2487a37b751aeabafcd647ce2dae5d9499c0f969467e6cabad198669ac96bd1488954eff0854ee0c83d7b596d273625bdb16270782321071fda5d980ded78ffa9dc2b56037d7cbf942547f48a5131f1991f6c17ae1ed5120ca6878f98e68e7997a9a2b70be640a70a34adb80de286c6692abb5f092e4e3a15a83217e03d02a4054f34af3a65ff6b36f395b76a0579cffafd5d3bb0e704c935caecf3a7ab756c23fd60c9fe3f4fb2be7504f5bae22b116ff1588dcf02b327d31bf0488dba8af5b33ccf2d7d87f43bbc48fcd4f191ad6af9313ad38b8b29674bfabd6651bc1f6ce5abb4a2f1413194f96b26d7d6edc4e013fba549075c97eef508af5ca7873664b058b7bcf455a8a04b591d29fab6366c844bb75576bac2d52323e747303d00a5736c9812922b0e17bcec9135550736b54cf6407d61e22e62d7bb75f62935b665acf33e75f688c36ef416f1b890d0f0c8ad1df00e02ec45967834d5649c8e7143978622fa3704672970b7993a87e97d3d926a14265647bc8b8c9e6f83e29572608d24b42c2635ef4abbd0af83860e99c90d7471cf6e8ce99507f5ec2bc572212fa9ee3f5a9dfa3815fe55f0bbb119acce062ae37f2ff921707abba139bcddf42bfd174d29b540161b4113c4e1a13f3a628c638ec4d3a884dfbc093e23ec0d0671b46b41dc8b42d950c8615ba5ee87f49b5d0910ffa4871207995001920db05a95199967f097ba7b55bbd271d818690c4238406b40a3dfc42fa56a67173b53a96b543326c56738b6d043195934018696f5ab49347e5148a78f2d1369a71afab8330273d46ecfba4ee05802a5385649851db949dbfb39e290941641c50b1ac20fb3102754a760b097f464ddb0b83f8168badfa71db6621dcf22fb081e3403f3bac5c7e65905aca52885c807f8ddab18bb2f12ef952c50483c0e251968bc70ff0d42a638ca744dea4c7ebb4fea777cf663bb4f1505ed79730c45bc86e488a13f924377a8e2ee6670a02ca52874ae1c42a35d55b9765757047b2cc3742aa51fa3e43fb2c113c92ad213bad252c1a82966dd016f12a7f1c3900c0f1ab455035163f31899bdd30f3ff43ad17d9e45bb7438c1c986712736f24be14f71ab1bfe92a25ec07f086ee8c7971b8077a13e58a8e8bea39c8e06b251909f02cb0080abf020f27ca160eb26c082dda1fa54ea4094dfdbcb2fa7bddccb67a844e8075f4cc08dad35757006d051e183dced336bc0c2502f93ffc87dca622286ba174c24e1f53f27dc2777baafe170348b0e8d3e743b3aa906bc0764bbe7da08ff403efe2212627d672250658bb513b7312517d1f88c61c7ba5f9647cd619281c5b390b48606ee39fb4171103df2e09d7cfd56c06c721f7c24ad8cce383623fc2dcb15ac56438ea331820ae59c8c474e36fc73f7b1b3b86df1b42490815513681aafbf7e871b4b9686efae6c45ecfca60a640a6f071dfd31f9437c3d03086164b48c1ed802986864bfe0d49bdd7709662262368dbc3ecc05eb240ecc41904c76d78ab5c52b66af5a720fdd6a92f52be0676427a56e32e5bc5085b25f90add28a76f2fce6f8f0ef74f4659698549646bd63175adf77b5cdcfe676e1b1a9af15102946554ba6136cbc83c6268ee40318f3c9d4718025688b35d2265bf60bf889ff629f7834586ef46eab7a9176337536bb6001e676546b987f36b1fe4b9f6e46a8ce73eb22ebbb9c14d8e2b43ea77ef887e5a26448f4086fa819a25e27725ac10298851c8bc45f2ce4430b07917ade5ea8c434c3f2576effbeb521173736e5c9557450643068b0c0fb132a7e99de6ca292246a9937fa7d7e06e59cf59ce5b9f842629049931146af40a8a1256ba373a88d09dc00cdf4453cc6ba78572bf3e1f2352a978cdbad60220cb8ac37d7f614a306492a4b5eee9244b0ca84b6cf2e23013bfb1cb92bf6d126fe550e58c19f84e7a4081437b75b31b2b9fb658dcd8ba077962e0f3359721a148d4fefe5c97941ca9688cb85adf38fd10f5811cdd8e074a21bbfc9541c71465b08d7321281b68ed52bfab789b9c83849c09d52376d419b1e7ba367603236e119cdf4a7b7cf9d81f2229601deace53cea2f14a05f7fa0ca04b39e31c6453e332f4bd0915c0e09e28f4d1125c390c6ff0833a04b6fc37855e65de90333e505b9eb66e00686a3ed499cfb7b8b215dbdc9787b5baa724cfa71ee6745b41e203de8b7794757ac328ec5567540b951b50530c3d4ee34705ea1c66fd6591e88561083e86d48c45ef3b83a3029319d8f3d8e65ce14c1dc3cb92d0a7dbeb609a8d2793928caa079f0fbbb2bc90b9f058cc048f4032041d14c5bca00e99b3027ec3a50c4957199cf016a4594069af8659df0973f20ffb15dbc265ac5b8a2203e90b114a3e9441e357c60ce0b550a7fe66fc34f5702ac8e8992a22e89194c1df69e81a9b7ad3d2634ea8c0388588192fd47d8e803b10044d558617fb2921b69eb4d85c051f86ef63a2f4382b9becd870fb2ecadca6902712b88680792e2f2ec89591cfebb6db3ad31c2a339af10465fcf7988519d382218df52261234f26a6f66ad0d1859de505d0fe819caf2f8d30aa9fd1228ac91d11ca67f1f8d50c8eefa5c441514321507dff6c6ea3cff6f340a1c11e0c40f419e8e60fc94d8828fa47a96cdf7ee4f61e23f40751b25cf9ca1295041a350f83f0e679515d6b4b46e2c9ce8999e07f835abc1663cefcf728df37831f4e17f8c8a4feaf1fbf44c38c9313284404a50ba4cd8abe835b33bfecb02cd6c9d7f435853b4c8d505ab83cf46512739116694765658bae64b3127152d216055aef9b25c70a8a3b302752d7b1e8791c657b9f3fc9001ef299fd1a349491ae6ee9940149160507fc4130fb825d47d97dc2c243209d2403583ac3ef6ddbedcaa76432255487c0a06e59e043e572ab3aec002af6a6b6a2dc9cfaeefa70557886c4d12924a0388f2f1bc8e89e4cfa69705d1ef3c4658f8616278b588011d9dd914beec0b151d65b6524fba3e3f235d58373e021699b07622a51504eade747e0b2f9cf38bc167cabc8cb18c708d1337e25648707e8c0872876514c7a49c0b2aaee5ed9e9ecfcbcc23e032c4deb63e48e7120188056468fad31448e4b42e7d62fbcfc1c2cfb01fcf0db5e8a162bdb9bd820c763f17b96c23f32db9d1c1d74ddbe657b4f9595a9796982a0742153111b15e484d8ffebe47ce0a78a41e470a341616ec2eb6eef813fb415fab50fa965bec6a5977a0ade4fed67f86fc24e11b0e2f5364079f7c7c35b560cac726dbc80f29dbd248f7ecda0286a23ef172a28c96d9bdb1f598eab31c6baf0321312da23920c074b9d2d2e442717f2c21001142a39c2da6b8bd9d06b05a6a8deae1bd1be4108a636ddbebc682d113e715f2f3ee506abc28b1c654b3d2d28e02f73b171ed0deed71dda90ce4a0b728cc75cb576385e7418b545b992b1dd98e2ee53355f464f9250a2a03b3d1e4d2ac1aa71d01de2573530324e14d15a507883411ddbd37be21dc929db9b11f11010e4d2a04c7325a5ae6d24d19900ff97a8a89438f8676457a78cff05201528f4358fe67f61288bf042a8f3c2e0f8b4997b8fb74996b80d465489b2d7807a945eba72a945e8cf8625dbad6f6f6e30537b29e558ca8a8b0625f578c766d34f2d28d704715f94df1f6318a308042aa494baa295640679f1eab1e6a8308af8ce6441d5ad8a2f3d477eb5307af0dfae6644493f1434030b8361621340ad3dcefa6d8f090ed3929d89ad9c0ba01a6903033428dd8f98619304b1803187d2a6130bf1e009b5eb0e7e21c75594b3b8470f3106c92a9e55bfeb026091ced127a90a1f1247f3c07e36d3572923e0de3f73518d0369a25fcd4e65d243b7eab91063a7bfd8bc8ac9e39fbbb32b5c9517886287a18eacd8dbfda9b91db693cb12e42cba5988280e09e51e72b91a0f360656d8f21cc1eb3248ac345ad51d1a6172b18419277851dab01e028c7e8e2cf34095efd28267852a08fccf61c45b5e46930160daf50282be058274e7ff58c48b60b86d0c8cc886ab8778a2a2b5fa2557ad7bf7f01f2175523ce758871d334c20a9839f7a89fe2867c06289c8a2f6456ac7e4fbadee53ac41aee68214bc76669853baa4f58255b39ba581414f2e8c4b49303f8936a33bae5cbc96b29a5c724d5b50e1614144c2acd03bd90de891c3d36ce040d57543682ecbfcae66c4153c337c3a5d01896524c8e0c27e9a08919821ca27bbfe3fc9ba24a823aeec8d4ad8ef8a65c585bee4dcf1acaa3da501a8c11a23b2e22920c1ad0129a038b31fe16c2abc80589dbf7c37211afc5d1a6db908bc5fe8a692060069fcbcdcba7c523d3c424aa3b0c6556387e0e51bcde9e5f850abf62d2c2101c3a2786a0cb94932877a09cb6b64aa61da8cab3b423e7adc4c4700418a65e87225710e1691f6d9cb2eb63cce5b605ce0a4a89cf519767e00845397c5e381141a0ed8a89b01064b495ec8d1e2da37433bf1597d919a69610d2ad26bdf6fca8de422bb2cb80d0516206e8194ee51445a3dcb5dee33c0c310b4751e68e58bebda2fb586985a5a5b06456756f44e6dbfef4bb99ca732f00fb9ea35775f7419681bfbe6f43dc7c4650c13b63d93c1d490bf0173f287a4309531f13ecb1a775d0bd881a", 0x1000}}, 0x1006)
mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1, 0x10012, r0, 0x0)
r1 = socket$inet6_sctp(0xa, 0x801, 0x84)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x72, &(0x7f0000000000), &(0x7f0000000040)=0x8)

[ 1836.274256][T32173]  #5: ffffffff899bdd80 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x53/0x260
[ 1836.284100][T32173] 
[ 1836.286403][T32173] =============================================
[ 1836.286403][T32173] 
[ 1836.295223][    C0] rcu: INFO: rcu_preempt self-detected stall on CPU
[ 1836.302417][    C0] rcu: 	0-...!: (1 GPs behind) idle=46a/1/0x4000000000000002 softirq=134095/134096 fqs=0 
[ 1836.312916][    C0] 	(t=14386 jiffies g=252881 q=1243)
[ 1836.318211][    C0] rcu: rcu_preempt kthread starved for 14386 jiffies! g252881 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=1
[ 1836.329475][    C0] rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
[ 1836.339437][    C0] rcu: RCU grace-period kthread stack dump:
[ 1836.345324][    C0] rcu_preempt     I28832    10      2 0x80004000
[ 1836.351663][    C0] Call Trace:
[ 1836.354964][    C0]  __schedule+0x8f3/0x1fc0
[ 1836.359391][    C0]  ? firmware_map_remove+0x19d/0x19d
[ 1836.364684][    C0]  ? _raw_spin_unlock_irqrestore+0x62/0xe0
[ 1836.370498][    C0]  schedule+0xd0/0x2a0
[ 1836.374574][    C0]  schedule_timeout+0x35c/0x850
[ 1836.379437][    C0]  ? usleep_range+0x160/0x160
[ 1836.384113][    C0]  ? _raw_spin_unlock_irqrestore+0x62/0xe0
[ 1836.389923][    C0]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1836.395911][    C0]  ? __next_timer_interrupt+0x190/0x190
[ 1836.401470][    C0]  ? prepare_to_swait_exclusive+0x110/0x110
[ 1836.407364][    C0]  rcu_gp_kthread+0xc74/0x1a10
[ 1836.412131][    C0]  ? rcu_barrier+0x4b0/0x4b0
[ 1836.416709][    C0]  ? _raw_spin_unlock_irqrestore+0x62/0xe0
[ 1836.422503][    C0]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1836.428485][    C0]  ? __kthread_parkme+0x13f/0x1e0
[ 1836.433494][    C0]  ? rcu_barrier+0x4b0/0x4b0
[ 1836.438068][    C0]  kthread+0x388/0x470
[ 1836.442126][    C0]  ? kthread_mod_delayed_work+0x1a0/0x1a0
[ 1836.447823][    C0]  ? kthread_mod_delayed_work+0x1a0/0x1a0
[ 1836.453534][    C0]  ret_from_fork+0x24/0x30
[ 1836.457981][    C0] NMI backtrace for cpu 0
[ 1836.462295][    C0] CPU: 0 PID: 32173 Comm: syz-executor.4 Not tainted 5.7.0-syzkaller #0
[ 1836.470602][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1836.480642][    C0] Call Trace:
[ 1836.483904][    C0]  <IRQ>
[ 1836.486736][    C0]  dump_stack+0x188/0x20d
[ 1836.491049][    C0]  nmi_cpu_backtrace.cold+0x70/0xb1
[ 1836.496290][    C0]  ? lapic_can_unplug_cpu.cold+0x3b/0x3b
[ 1836.501906][    C0]  nmi_trigger_cpumask_backtrace+0x1e6/0x221
[ 1836.507865][    C0]  rcu_dump_cpu_stacks+0x19b/0x1e5
[ 1836.512971][    C0]  rcu_sched_clock_irq.cold+0x55a/0xd25
[ 1836.518508][    C0]  ? rcu_read_lock_sched_held+0x9c/0xd0
[ 1836.524034][    C0]  ? rcu_read_lock_any_held.part.0+0x50/0x50
[ 1836.530027][    C0]  ? cgroup_rstat_updated+0x55/0x2b0
[ 1836.535290][    C0]  ? rcutree_dead_cpu+0x10/0x10
[ 1836.540130][    C0]  ? __this_cpu_preempt_check+0x28/0x190
[ 1836.545739][    C0]  ? trace_hardirqs_off+0x50/0x220
[ 1836.550833][    C0]  update_process_times+0x25/0x60
[ 1836.555836][    C0]  tick_sched_handle+0x9b/0x180
[ 1836.560676][    C0]  tick_sched_timer+0x4e/0x140
[ 1836.565417][    C0]  __hrtimer_run_queues+0x5ca/0xed0
[ 1836.570594][    C0]  ? tick_sched_do_timer+0x1a0/0x1a0
[ 1836.575879][    C0]  ? do_raw_spin_lock+0x129/0x2e0
[ 1836.580894][    C0]  ? hrtimer_init+0x320/0x320
[ 1836.585561][    C0]  ? ktime_get_update_offsets_now+0x2d6/0x450
[ 1836.591609][    C0]  hrtimer_interrupt+0x312/0x770
[ 1836.596536][    C0]  smp_apic_timer_interrupt+0x15b/0x600
[ 1836.602061][    C0]  apic_timer_interrupt+0xf/0x20
[ 1836.607063][    C0]  </IRQ>
[ 1836.609984][    C0] RIP: 0010:_raw_spin_unlock_irqrestore+0x8c/0xe0
[ 1836.616384][    C0] Code: 48 c7 c0 c0 ae 94 89 48 ba 00 00 00 00 00 fc ff df 48 c1 e8 03 80 3c 10 00 75 37 48 83 3d 0b 8e b6 01 00 74 22 48 89 df 57 9d <0f> 1f 44 00 00 bf 01 00 00 00 e8 15 72 71 f9 65 8b 05 f6 fd 23 78
[ 1836.636073][    C0] RSP: 0018:ffffc9001888fcb8 EFLAGS: 00000282 ORIG_RAX: ffffffffffffff13
[ 1836.644464][    C0] RAX: 1ffffffff13295d8 RBX: 0000000000000282 RCX: 1ffffffff15173ba
[ 1836.652411][    C0] RDX: dffffc0000000000 RSI: 0000000000000000 RDI: 0000000000000282
[ 1836.660359][    C0] RBP: ffff88809da44218 R08: 0000000000000000 R09: 0000000000000001
[ 1836.668664][    C0] R10: ffffffff8c347a57 R11: fffffbfff1868f4a R12: 0000000000000000
[ 1836.676613][    C0] R13: 0000000000000000 R14: ffff88809da44000 R15: ffff88809da44218
[ 1836.684582][    C0]  input_inject_event+0x210/0x31a
[ 1836.689600][    C0]  evdev_write+0x42d/0x755
[ 1836.693999][    C0]  ? evdev_ioctl+0x30/0x30
[ 1836.698413][    C0]  ? security_file_permission+0x8c/0x470
[ 1836.704027][    C0]  ? evdev_ioctl+0x30/0x30
[ 1836.708430][    C0]  __vfs_write+0x76/0x100
[ 1836.712739][    C0]  vfs_write+0x268/0x5d0
[ 1836.716965][    C0]  ksys_write+0x1ee/0x250
[ 1836.721271][    C0]  ? __ia32_sys_read+0xb0/0xb0
[ 1836.726013][    C0]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1836.731973][    C0]  ? do_syscall_64+0x21/0x7d0
[ 1836.736628][    C0]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[ 1836.742603][    C0]  do_syscall_64+0xf6/0x7d0
[ 1836.747088][    C0]  entry_SYSCALL_64_after_hwframe+0x49/0xb3
[ 1836.753073][    C0] RIP: 0033:0x45ca59
[ 1836.756946][    C0] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1836.776535][    C0] RSP: 002b:00007fc7e9ef2c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1836.784934][    C0] RAX: ffffffffffffffda RBX: 000000000050d9e0 RCX: 000000000045ca59
[ 1836.793242][    C0] RDX: 00000000000001e8 RSI: 0000000020000080 RDI: 0000000000000004
[ 1836.801189][    C0] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1836.809148][    C0] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff
[ 1836.817095][    C0] R13: 0000000000000d1d R14: 00000000004cf73b R15: 00007fc7e9ef36d4
03:43:36 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$UHID_INPUT(r0, &(0x7f0000000940)={0x8, {"85f080a4933d55266e07e799aa0cc421388242df2a3c6b631b65b1c061edd2aa108c3528fe9b0bb3a53ab1200f5d01a68a4acdec8fee09648222f908c1fedc3000342e6139de28366c13509306d00ebcc67497181ac916db98af9d366b76e427d9ab5bb68095f0fb246df32b8af0783653136f8a04c03690312125c7ded6a24fda8685340c575ead69519e3583f89d467ec232d6a1ffd0463ba4ea3cbae5dae6654b5547b5458f02ac307729e57b09e134f68be44f88d72517b230b066f6315b5fb80206397bbff8cbc2a36e01c2e7b3aadb32bd3dd5288a69a991d9c674717e3abba7167280b2db3b1b8502afa4f3f296c532510c9d2dd79bb5eeb25adb5edddbdd069c09d14d15c2e7e1e2bd6c108fab3591bb22e97d6992236d2273c8bb95536f7118d007965008b125c7daac2814e6bbe1adbfa3572ad0b7ad5c26c8014118d8374ca9f285779dfee7715a403908146a74de61b3853914c89f444c12e7a38bdd46c4ed36eb806ea598f44d1dec9eff9e2476f43802211f0762b66673b45d236b2391ce322e30fb9c69fe0d514dc1f8b6e3979c1205fd5224b07d18a44fec4f6f1a6f65158bb6adcc295bf2dd7dea107f59d7e03c61fe5822292e45968956b931bdc4d6445ff1631e0b98e4b4448774dd4b9cd53a45896fdb3f03702778741ae2b45a25bf9a23fc02fb97a630f132bf9def6c6d4a7baeb62972f1a814f6f2377bcfc78e2e86368c138510a04cedf7175af8c2034fae7413e3ace8c71ab9a0af1ca7042011a6ed028e205648535dabf3b2f85196ae18d36b839e3cd54ae4933ad529888fdac7bb8a70c72bc0fc81ba06506f2d5bc7686e219bbe5283959cbef9950e071cb6d9f341fc624a5110341f26cebd7100599a06e61f66fae120c7fc2b34c6221200eba75bd1277114671a3fa8f058b27fd897b052f4a52afcea814df526181c75c4497210a2b8b74e26601561e78735387cf123654b0295d1d60556956b36d96dd038866c4b4db31ebdcddd6929bbc2850cd4901389e6ea6e86041e0efa1158f334e7afda0e11c2fb0e6df6364cb95659f506d5c7e63fb67c8116577d15e4a4b1fc4c27de2e52586cb1f52be9c3601f5066549de8bdc3ec07d1a84caf1961323ec2487a37b751aeabafcd647ce2dae5d9499c0f969467e6cabad198669ac96bd1488954eff0854ee0c83d7b596d273625bdb16270782321071fda5d980ded78ffa9dc2b56037d7cbf942547f48a5131f1991f6c17ae1ed5120ca6878f98e68e7997a9a2b70be640a70a34adb80de286c6692abb5f092e4e3a15a83217e03d02a4054f34af3a65ff6b36f395b76a0579cffafd5d3bb0e704c935caecf3a7ab756c23fd60c9fe3f4fb2be7504f5bae22b116ff1588dcf02b327d31bf0488dba8af5b33ccf2d7d87f43bbc48fcd4f191ad6af9313ad38b8b29674bfabd6651bc1f6ce5abb4a2f1413194f96b26d7d6edc4e013fba549075c97eef508af5ca7873664b058b7bcf455a8a04b591d29fab6366c844bb75576bac2d52323e747303d00a5736c9812922b0e17bcec9135550736b54cf6407d61e22e62d7bb75f62935b665acf33e75f688c36ef416f1b890d0f0c8ad1df00e02ec45967834d5649c8e7143978622fa3704672970b7993a87e97d3d926a14265647bc8b8c9e6f83e29572608d24b42c2635ef4abbd0af83860e99c90d7471cf6e8ce99507f5ec2bc572212fa9ee3f5a9dfa3815fe55f0bbb119acce062ae37f2ff921707abba139bcddf42bfd174d29b540161b4113c4e1a13f3a628c638ec4d3a884dfbc093e23ec0d0671b46b41dc8b42d950c8615ba5ee87f49b5d0910ffa4871207995001920db05a95199967f097ba7b55bbd271d818690c4238406b40a3dfc42fa56a67173b53a96b543326c56738b6d043195934018696f5ab49347e5148a78f2d1369a71afab8330273d46ecfba4ee05802a5385649851db949dbfb39e290941641c50b1ac20fb3102754a760b097f464ddb0b83f8168badfa71db6621dcf22fb081e3403f3bac5c7e65905aca52885c807f8ddab18bb2f12ef952c50483c0e251968bc70ff0d42a638ca744dea4c7ebb4fea777cf663bb4f1505ed79730c45bc86e488a13f924377a8e2ee6670a02ca52874ae1c42a35d55b9765757047b2cc3742aa51fa3e43fb2c113c92ad213bad252c1a82966dd016f12a7f1c3900c0f1ab455035163f31899bdd30f3ff43ad17d9e45bb7438c1c986712736f24be14f71ab1bfe92a25ec07f086ee8c7971b8077a13e58a8e8bea39c8e06b251909f02cb0080abf020f27ca160eb26c082dda1fa54ea4094dfdbcb2fa7bddccb67a844e8075f4cc08dad35757006d051e183dced336bc0c2502f93ffc87dca622286ba174c24e1f53f27dc2777baafe170348b0e8d3e743b3aa906bc0764bbe7da08ff403efe2212627d672250658bb513b7312517d1f88c61c7ba5f9647cd619281c5b390b48606ee39fb4171103df2e09d7cfd56c06c721f7c24ad8cce383623fc2dcb15ac56438ea331820ae59c8c474e36fc73f7b1b3b86df1b42490815513681aafbf7e871b4b9686efae6c45ecfca60a640a6f071dfd31f9437c3d03086164b48c1ed802986864bfe0d49bdd7709662262368dbc3ecc05eb240ecc41904c76d78ab5c52b66af5a720fdd6a92f52be0676427a56e32e5bc5085b25f90add28a76f2fce6f8f0ef74f4659698549646bd63175adf77b5cdcfe676e1b1a9af15102946554ba6136cbc83c6268ee40318f3c9d4718025688b35d2265bf60bf889ff629f7834586ef46eab7a9176337536bb6001e676546b987f36b1fe4b9f6e46a8ce73eb22ebbb9c14d8e2b43ea77ef887e5a26448f4086fa819a25e27725ac10298851c8bc45f2ce4430b07917ade5ea8c434c3f2576effbeb521173736e5c9557450643068b0c0fb132a7e99de6ca292246a9937fa7d7e06e59cf59ce5b9f842629049931146af40a8a1256ba373a88d09dc00cdf4453cc6ba78572bf3e1f2352a978cdbad60220cb8ac37d7f614a306492a4b5eee9244b0ca84b6cf2e23013bfb1cb92bf6d126fe550e58c19f84e7a4081437b75b31b2b9fb658dcd8ba077962e0f3359721a148d4fefe5c97941ca9688cb85adf38fd10f5811cdd8e074a21bbfc9541c71465b08d7321281b68ed52bfab789b9c83849c09d52376d419b1e7ba367603236e119cdf4a7b7cf9d81f2229601deace53cea2f14a05f7fa0ca04b39e31c6453e332f4bd0915c0e09e28f4d1125c390c6ff0833a04b6fc37855e65de90333e505b9eb66e00686a3ed499cfb7b8b215dbdc9787b5baa724cfa71ee6745b41e203de8b7794757ac328ec5567540b951b50530c3d4ee34705ea1c66fd6591e88561083e86d48c45ef3b83a3029319d8f3d8e65ce14c1dc3cb92d0a7dbeb609a8d2793928caa079f0fbbb2bc90b9f058cc048f4032041d14c5bca00e99b3027ec3a50c4957199cf016a4594069af8659df0973f20ffb15dbc265ac5b8a2203e90b114a3e9441e357c60ce0b550a7fe66fc34f5702ac8e8992a22e89194c1df69e81a9b7ad3d2634ea8c0388588192fd47d8e803b10044d558617fb2921b69eb4d85c051f86ef63a2f4382b9becd870fb2ecadca6902712b88680792e2f2ec89591cfebb6db3ad31c2a339af10465fcf7988519d382218df52261234f26a6f66ad0d1859de505d0fe819caf2f8d30aa9fd1228ac91d11ca67f1f8d50c8eefa5c441514321507dff6c6ea3cff6f340a1c11e0c40f419e8e60fc94d8828fa47a96cdf7ee4f61e23f40751b25cf9ca1295041a350f83f0e679515d6b4b46e2c9ce8999e07f835abc1663cefcf728df37831f4e17f8c8a4feaf1fbf44c38c9313284404a50ba4cd8abe835b33bfecb02cd6c9d7f435853b4c8d505ab83cf46512739116694765658bae64b3127152d216055aef9b25c70a8a3b302752d7b1e8791c657b9f3fc9001ef299fd1a349491ae6ee9940149160507fc4130fb825d47d97dc2c243209d2403583ac3ef6ddbedcaa76432255487c0a06e59e043e572ab3aec002af6a6b6a2dc9cfaeefa70557886c4d12924a0388f2f1bc8e89e4cfa69705d1ef3c4658f8616278b588011d9dd914beec0b151d65b6524fba3e3f235d58373e021699b07622a51504eade747e0b2f9cf38bc167cabc8cb18c708d1337e25648707e8c0872876514c7a49c0b2aaee5ed9e9ecfcbcc23e032c4deb63e48e7120188056468fad31448e4b42e7d62fbcfc1c2cfb01fcf0db5e8a162bdb9bd820c763f17b96c23f32db9d1c1d74ddbe657b4f9595a9796982a0742153111b15e484d8ffebe47ce0a78a41e470a341616ec2eb6eef813fb415fab50fa965bec6a5977a0ade4fed67f86fc24e11b0e2f5364079f7c7c35b560cac726dbc80f29dbd248f7ecda0286a23ef172a28c96d9bdb1f598eab31c6baf0321312da23920c074b9d2d2e442717f2c21001142a39c2da6b8bd9d06b05a6a8deae1bd1be4108a636ddbebc682d113e715f2f3ee506abc28b1c654b3d2d28e02f73b171ed0deed71dda90ce4a0b728cc75cb576385e7418b545b992b1dd98e2ee53355f464f9250a2a03b3d1e4d2ac1aa71d01de2573530324e14d15a507883411ddbd37be21dc929db9b11f11010e4d2a04c7325a5ae6d24d19900ff97a8a89438f8676457a78cff05201528f4358fe67f61288bf042a8f3c2e0f8b4997b8fb74996b80d465489b2d7807a945eba72a945e8cf8625dbad6f6f6e30537b29e558ca8a8b0625f578c766d34f2d28d704715f94df1f6318a308042aa494baa295640679f1eab1e6a8308af8ce6441d5ad8a2f3d477eb5307af0dfae6644493f1434030b8361621340ad3dcefa6d8f090ed3929d89ad9c0ba01a6903033428dd8f98619304b1803187d2a6130bf1e009b5eb0e7e21c75594b3b8470f3106c92a9e55bfeb026091ced127a90a1f1247f3c07e36d3572923e0de3f73518d0369a25fcd4e65d243b7eab91063a7bfd8bc8ac9e39fbbb32b5c9517886287a18eacd8dbfda9b91db693cb12e42cba5988280e09e51e72b91a0f360656d8f21cc1eb3248ac345ad51d1a6172b18419277851dab01e028c7e8e2cf34095efd28267852a08fccf61c45b5e46930160daf50282be058274e7ff58c48b60b86d0c8cc886ab8778a2a2b5fa2557ad7bf7f01f2175523ce758871d334c20a9839f7a89fe2867c06289c8a2f6456ac7e4fbadee53ac41aee68214bc76669853baa4f58255b39ba581414f2e8c4b49303f8936a33bae5cbc96b29a5c724d5b50e1614144c2acd03bd90de891c3d36ce040d57543682ecbfcae66c4153c337c3a5d01896524c8e0c27e9a08919821ca27bbfe3fc9ba24a823aeec8d4ad8ef8a65c585bee4dcf1acaa3da501a8c11a23b2e22920c1ad0129a038b31fe16c2abc80589dbf7c37211afc5d1a6db908bc5fe8a692060069fcbcdcba7c523d3c424aa3b0c6556387e0e51bcde9e5f850abf62d2c2101c3a2786a0cb94932877a09cb6b64aa61da8cab3b423e7adc4c4700418a65e87225710e1691f6d9cb2eb63cce5b605ce0a4a89cf519767e00845397c5e381141a0ed8a89b01064b495ec8d1e2da37433bf1597d919a69610d2ad26bdf6fca8de422bb2cb80d0516206e8194ee51445a3dcb5dee33c0c310b4751e68e58bebda2fb586985a5a5b06456756f44e6dbfef4bb99ca732f00fb9ea35775f7419681bfbe6f43dc7c4650c13b63d93c1d490bf0173f287a4309531f13ecb1a775d0bd881a", 0x1000}}, 0x1006)
mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1, 0x10012, r0, 0x0)
r1 = socket$inet6_sctp(0xa, 0x801, 0x84)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x72, &(0x7f0000000000), &(0x7f0000000040)=0x8)

03:43:36 executing program 1:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)={0x58, 0x2, 0x6, 0x5, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_TYPENAME={0x14, 0x3, 'hash:ip,port,ip\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8, 0x6}]}]}, 0x58}}, 0x0)

03:43:36 executing program 5:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff})
getsockopt$TIPC_CONN_TIMEOUT(r0, 0x10f, 0x82, &(0x7f0000000040), &(0x7f0000000080)=0x4)

03:43:36 executing program 5:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff})
getsockopt$TIPC_CONN_TIMEOUT(r0, 0x10f, 0x82, &(0x7f0000000040), &(0x7f0000000080)=0x4)

03:43:37 executing program 5:
socket$inet6(0xa, 0x800000000000002, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
name_to_handle_at(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
fcntl$setlease(0xffffffffffffffff, 0x400, 0x0)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
close(r0)
add_key$keyring(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd)
add_key(&(0x7f0000000040)='id_legacy\x00', &(0x7f0000000080)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffe)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000a40)=ANY=[@ANYBLOB="2321200d34e813fb4b5c49ca7df29a31eb147d4b723f6894d2b0f007879d6c6a76d9a5069e1a242f7bc6402e4b2619d6948f49a9e6a8df73651b35d447528027a58ccfbb2436c32b749b527c6cbf8edf91cc6f7f3ac5adc1f4e273af4115ade8a3ad233a148994"], 0x145)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(0xffffffffffffffff, &(0x7f00000005c0)={0x0, 0xe00, &(0x7f0000000440)={&(0x7f00000003c0)={0x14, 0x0, 0x1, 0x0, 0x0, {0x6}}, 0x14}}, 0x0)
sendmsg$MPTCP_PM_CMD_GET_ADDR(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000180)={&(0x7f0000000240)={0x6c, 0x0, 0x8, 0x70bd29, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x8}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @remote}]}, @MPTCP_PM_ATTR_ADDR={0x34, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @private2={0xfc, 0x2, [], 0x1}}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @local}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x8}]}, 0x6c}, 0x1, 0x0, 0x0, 0x40}, 0x80)
close(0xffffffffffffffff)
r1 = socket(0x840000000002, 0x3, 0xff)
connect$inet(r0, &(0x7f0000000140)={0x2, 0x0, @remote}, 0x10)
sendmmsg$inet(r1, &(0x7f0000005240)=[{{0x0, 0xffffff7f, 0x0}}], 0x300, 0x401eb94)

03:46:00 executing program 2:
delete_module(0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x800000000000002, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x9}, 0x1c)
setsockopt$inet6_opts(r0, 0x29, 0x36, &(0x7f00000001c0)=@fragment, 0x8)
sendmmsg(r0, &(0x7f0000006d00)=[{{0x0, 0x1002000, 0x0}}], 0xc6, 0x0)

03:46:00 executing program 0:
delete_module(0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x800000000000002, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x9}, 0x1c)
setsockopt$inet6_opts(r0, 0x29, 0x36, &(0x7f00000001c0)=@fragment, 0x8)
sendmmsg(r0, &(0x7f0000006d00)=[{{0x0, 0x1002000, 0x0}}], 0xc6, 0x0)

2020/06/19 03:46:03 Manager.Poll call failed: connection is shut down
[ 1839.802932][    T1] systemd[1]: systemd-journald.service: Main process exited, code=killed, status=6/ABRT
[ 1841.120604][    T1] systemd[1]: systemd-journald.service: Unit entered failed state.
[ 1841.131155][    T1] systemd[1]: systemd-journald.service: Failed with result 'watchdog'.
[ 1841.140235][    T1] systemd[1]: systemd-journald.service: Service has no hold-off time, scheduling restart.
[ 1841.191543][    T1] systemd[1]: Stopped Flush Journal to Persistent Storage.
[ 1841.200435][    T1] systemd[1]: Stopping Flush Journal to Persistent Storage...
[ 1841.208308][    T1] systemd[1]: Stopped Journal Service.
[ 1841.242298][    T1] systemd[1]: Starting Journal Service...
[ 1844.196384][T32207] systemd-journald[32207]: File /run/log/journal/64dd78f1a75445a997c532444ad0f085/system.journal corrupted or uncleanly shut down, renaming and replacing.
[ 1844.537743][T28961] tipc: TX() has been purged, node left!