./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor1308163111
<...>
Warning: Permanently added '10.128.0.246' (ECDSA) to the list of known hosts.
execve("./syz-executor1308163111", ["./syz-executor1308163111"], 0x7ffd9ad2e060 /* 10 vars */) = 0
brk(NULL) = 0x5555568ec000
brk(0x5555568ecc40) = 0x5555568ecc40
arch_prctl(ARCH_SET_FS, 0x5555568ec300) = 0
uname({sysname="Linux", nodename="syzkaller", ...}) = 0
readlink("/proc/self/exe", "/root/syz-executor1308163111", 4096) = 28
brk(0x55555690dc40) = 0x55555690dc40
brk(0x55555690e000) = 0x55555690e000
mprotect(0x7f1a2a1e9000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 3602 attached
, child_tidptr=0x5555568ec5d0) = 3602
[pid 3602] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 3602] setpgid(0, 0) = 0
[pid 3602] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 3602] write(3, "1000", 4) = 4
[pid 3602] close(3) = 0
[pid 3602] openat(AT_FDCWD, "/dev/raw-gadget", O_RDWR) = 3
[pid 3602] ioctl(3, USB_RAW_IOCTL_INIT, 0x7ffc3c0382c0) = 0
[pid 3602] ioctl(3, UI_DEV_CREATE or USB_RAW_IOCTL_RUN, 0) = 0
[pid 3602] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc3c0382c0) = 0
[pid 3602] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc3c0382c0) = 0
[pid 3602] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc3c0372b0) = 18
syzkaller login: [ 50.408724][ T14] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[pid 3602] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc3c0382c0) = 0
[pid 3602] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc3c0372b0) = 18
[pid 3602] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc3c0382c0) = 0
[pid 3602] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc3c0372b0) = 9
[pid 3602] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc3c0382c0) = 0
[ 50.688988][ T14] usb 1-1: too many configurations: 130, using maximum allowed: 8
[pid 3602] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc3c0372b0) = 72
[pid 3602] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc3c0382c0) = 0
[pid 3602] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc3c0372b0) = 9
[pid 3602] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc3c0382c0) = 0
[ 50.768729][ T14] usb 1-1: config index 0 descriptor too short (expected 65163, got 72)
[pid 3602] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc3c0372b0) = 72
[pid 3602] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc3c0382c0) = 0
[pid 3602] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc3c0372b0) = 9
[pid 3602] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc3c0382c0) = 0
[ 50.848741][ T14] usb 1-1: config index 1 descriptor too short (expected 65163, got 72)
[pid 3602] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc3c0372b0) = 72
[pid 3602] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc3c0382c0) = 0
[pid 3602] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc3c0372b0) = 9
[pid 3602] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc3c0382c0) = 0
[ 50.928813][ T14] usb 1-1: config index 2 descriptor too short (expected 65163, got 72)
[pid 3602] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc3c0372b0) = 72
[pid 3602] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc3c0382c0) = 0
[pid 3602] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc3c0372b0) = 9
[pid 3602] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc3c0382c0) = 0
[ 51.008753][ T14] usb 1-1: config index 3 descriptor too short (expected 65163, got 72)
[pid 3602] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc3c0372b0) = 72
[pid 3602] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc3c0382c0) = 0
[pid 3602] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc3c0372b0) = 9
[pid 3602] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc3c0382c0) = 0
[ 51.088783][ T14] usb 1-1: config index 4 descriptor too short (expected 65163, got 72)
[pid 3602] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc3c0372b0) = 72
[pid 3602] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc3c0382c0) = 0
[pid 3602] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc3c0372b0) = 9
[pid 3602] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc3c0382c0) = 0
[ 51.168823][ T14] usb 1-1: config index 5 descriptor too short (expected 65163, got 72)
[pid 3602] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc3c0372b0) = 72
[pid 3602] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc3c0382c0) = 0
[pid 3602] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc3c0372b0) = 9
[pid 3602] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc3c0382c0) = 0
[ 51.248762][ T14] usb 1-1: config index 6 descriptor too short (expected 65163, got 72)
[pid 3602] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc3c0372b0) = 72
[pid 3602] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc3c0382c0) = 0
[pid 3602] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc3c0372b0) = 4
[ 51.328779][ T14] usb 1-1: config index 7 descriptor too short (expected 65163, got 72)
[pid 3602] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc3c0382c0) = 0
[pid 3602] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc3c0372b0) = 8
[pid 3602] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc3c0382c0) = 0
[pid 3602] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc3c0372b0) = 8
[pid 3602] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc3c0382c0) = 0
[pid 3602] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc3c0372b0) = 8
[pid 3602] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc3c0382c0) = 0
[pid 3602] ioctl(3, USB_RAW_IOCTL_VBUS_DRAW, 0xfa) = 0
[pid 3602] ioctl(3, USB_RAW_IOCTL_CONFIGURE, 0) = 0
[pid 3602] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f1a2a1ef46c) = 9
[pid 3602] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f1a2a1ef47c) = 10
[pid 3602] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f1a2a1ef48c) = 12
[pid 3602] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f1a2a1ef49c) = 11
[pid 3602] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f1a2a1ef4ac) = 13
[pid 3602] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f1a2a1ef4bc) = 14
[ 51.488886][ T14] usb 1-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[ 51.498774][ T14] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 51.507089][ T14] usb 1-1: Product: syz
[ 51.511430][ T14] usb 1-1: Manufacturer: syz
[ 51.516037][ T14] usb 1-1: SerialNumber: syz
[pid 3602] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffc3c0372b0) = 0
[pid 3602] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc3c0382c0) = 0
[pid 3602] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffc3c0372b0) = 4096
[ 51.559999][ T14] usb 1-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[pid 3602] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc3c0382c0) = 0
[pid 3602] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffc3c0372b0) = 4096
[pid 3602] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc3c0382c0) = 0
[pid 3602] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffc3c0372b0) = 4096
[pid 3602] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc3c0382c0) = 0
[pid 3602] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffc3c0372b0) = 4096
[pid 3602] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc3c0382c0) = 0
[pid 3602] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffc3c0372b0) = 4096
[pid 3602] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc3c0382c0) = 0
[pid 3602] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffc3c0372b0) = 4096
[pid 3602] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc3c0382c0) = 0
[pid 3602] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffc3c0372b0) = 4096
[pid 3602] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc3c0382c0) = 0
[pid 3602] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffc3c0372b0) = 4096
[pid 3602] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc3c0382c0) = 0
[pid 3602] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffc3c0372b0) = 4096
[pid 3602] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc3c0382c0) = 0
[pid 3602] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffc3c0372b0) = 4096
[pid 3602] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc3c0382c0) = 0
[pid 3602] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffc3c0372b0) = 4096
[pid 3602] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc3c0382c0) = 0
[pid 3602] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffc3c0372b0) = 4096
[pid 3602] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc3c0382c0) = 0
[pid 3602] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffc3c0372b0) = 1856
[pid 3602] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc3c0382c0) = 0
[pid 3602] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffc3c0372b0) = 0
[ 52.138721][ T142] usb 1-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[pid 3602] ioctl(3, USB_RAW_IOCTL_EP_WRITE, 0x7ffc3c0382f0) = 4
[pid 3602] ioctl(3, USB_RAW_IOCTL_EP_WRITE, 0x7ffc3c0382f0) = 4
[pid 3602] ioctl(3, USB_RAW_IOCTL_EP_WRITE, 0x7ffc3c0382f0) = 4
[pid 3602] ioctl(3, USB_RAW_IOCTL_EP_WRITE, 0x7ffc3c0382f0) = 4
[pid 3602] ioctl(3, USB_RAW_IOCTL_EP_WRITE, 0x7ffc3c0382f0) = 4
[ 53.178713][ T142] ath9k_htc 1-1:1.0: ath9k_htc: Target is unresponsive
[ 53.186186][ T142] ath9k_htc: Failed to initialize the device
[pid 3602] ioctl(3, USB_RAW_IOCTL_EP_WRITE, 0x7ffc3c0382f0) = 4
[pid 3602] ioctl(3, USB_RAW_IOCTL_EP_WRITE, 0x7ffc3c0382f0) = 4
[pid 3602] ioctl(3, USB_RAW_IOCTL_EP_WRITE, 0x7ffc3c0382f0) = 4
[pid 3602] ioctl(3, USB_RAW_IOCTL_EP_WRITE, 0x7ffc3c0382f0) = 4
[pid 3602] ioctl(3, USB_RAW_IOCTL_EP_WRITE, 0x7ffc3c0382f0) = 4
[pid 3602] ioctl(3, USB_RAW_IOCTL_EP_WRITE, 0x7ffc3c0382f0) = 4
[pid 3602] ioctl(3, USB_RAW_IOCTL_EP_WRITE, 0x7ffc3c0382f0) = 4
[ 54.621754][ T142] usb 1-1: ath9k_htc: USB layer deinitialized
[pid 3602] ioctl(3, USB_RAW_IOCTL_EP_WRITE, 0x7ffc3c0382f0) = 4
[pid 3602] ioctl(3, USB_RAW_IOCTL_EP_WRITE <unfinished ...>
[pid 3601] kill(-3602, SIGKILL <unfinished ...>
[pid 3602] <... ioctl resumed> <unfinished ...>) = ?
[pid 3601] <... kill resumed>) = 0
[pid 3602] +++ killed by SIGKILL +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=3602, si_uid=0, si_status=SIGKILL, si_utime=0, si_stime=2} ---
kill(3602, SIGKILL) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 3610 attached
, child_tidptr=0x5555568ec5d0) = 3610
[pid 3610] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 3610] setpgid(0, 0) = 0
[pid 3610] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 3610] write(3, "1000", 4) = 4
[pid 3610] close(3) = 0
[pid 3610] openat(AT_FDCWD, "/dev/raw-gadget", O_RDWR) = 3
[pid 3610] ioctl(3, USB_RAW_IOCTL_INIT, 0x7ffc3c0382c0) = 0
[pid 3610] ioctl(3, UI_DEV_CREATE or USB_RAW_IOCTL_RUN, 0) = 0
[pid 3610] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc3c0382c0) = 0
[ 55.141346][ T3606] usb 1-1: USB disconnect, device number 2
[pid 3610] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc3c0382c0) = 0
[pid 3610] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc3c0372b0) = 18
[ 55.558642][ T3606] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[pid 3610] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc3c0382c0) = 0
[pid 3610] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc3c0372b0) = 18
[pid 3610] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc3c0382c0) = 0
[pid 3610] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc3c0372b0) = 9
[pid 3610] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc3c0382c0) = 0
[ 55.838753][ T3606] usb 1-1: too many configurations: 130, using maximum allowed: 8
[pid 3610] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc3c0372b0) = 72
[pid 3610] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc3c0382c0) = 0
[pid 3610] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc3c0372b0) = 9
[pid 3610] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc3c0382c0) = 0
[ 55.918732][ T3606] usb 1-1: config index 0 descriptor too short (expected 65163, got 72)
[pid 3610] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc3c0372b0) = 72
[pid 3610] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc3c0382c0) = 0
[pid 3610] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc3c0372b0) = 9
[pid 3610] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc3c0382c0) = 0
[ 55.998734][ T3606] usb 1-1: config index 1 descriptor too short (expected 65163, got 72)
[pid 3610] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc3c0372b0) = 72
[pid 3610] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc3c0382c0) = 0
[pid 3610] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc3c0372b0) = 9
[pid 3610] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc3c0382c0) = 0
[ 56.078815][ T3606] usb 1-1: config index 2 descriptor too short (expected 65163, got 72)
[pid 3610] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc3c0372b0) = 72
[pid 3610] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc3c0382c0) = 0
[pid 3610] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc3c0372b0) = 9
[ 56.158731][ T3606] usb 1-1: config index 3 descriptor too short (expected 65163, got 72)
[pid 3610] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc3c0382c0) = 0
[pid 3610] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc3c0372b0) = 72
[pid 3610] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc3c0382c0) = 0
[pid 3610] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc3c0372b0) = 9
[pid 3610] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc3c0382c0) = 0
[ 56.248736][ T3606] usb 1-1: config index 4 descriptor too short (expected 65163, got 72)
[pid 3610] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc3c0372b0) = 72
[pid 3610] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc3c0382c0) = 0
[pid 3610] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc3c0372b0) = 9
[pid 3610] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc3c0382c0) = 0
[ 56.328723][ T3606] usb 1-1: config index 5 descriptor too short (expected 65163, got 72)
[pid 3610] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc3c0372b0) = 72
[pid 3610] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc3c0382c0) = 0
[pid 3610] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc3c0372b0) = 9
[pid 3610] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc3c0382c0) = 0
[ 56.408752][ T3606] usb 1-1: config index 6 descriptor too short (expected 65163, got 72)
[pid 3610] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc3c0372b0) = 72
[pid 3610] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc3c0382c0) = 0
[pid 3610] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc3c0372b0) = 4
[pid 3610] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc3c0382c0) = 0
[ 56.488791][ T3606] usb 1-1: config index 7 descriptor too short (expected 65163, got 72)
[pid 3610] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc3c0372b0) = 8
[pid 3610] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc3c0382c0) = 0
[pid 3610] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc3c0372b0) = 8
[pid 3610] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc3c0382c0) = 0
[pid 3610] ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc3c0372b0) = 8
[pid 3610] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc3c0382c0) = 0
[pid 3610] ioctl(3, USB_RAW_IOCTL_VBUS_DRAW, 0xfa) = 0
[pid 3610] ioctl(3, USB_RAW_IOCTL_CONFIGURE, 0) = 0
[pid 3610] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f1a2a1ef46c) = 9
[pid 3610] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f1a2a1ef47c) = 10
[pid 3610] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f1a2a1ef48c) = 12
[pid 3610] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f1a2a1ef49c) = 11
[pid 3610] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f1a2a1ef4ac) = 13
[pid 3610] ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f1a2a1ef4bc) = 14
[pid 3610] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffc3c0372b0) = 0
[ 56.648769][ T3606] usb 1-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[ 56.658405][ T3606] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 56.667196][ T3606] usb 1-1: Product: syz
[ 56.671679][ T3606] usb 1-1: Manufacturer: syz
[ 56.676274][ T3606] usb 1-1: SerialNumber: syz
[pid 3610] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc3c0382c0) = 0
[pid 3610] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffc3c0372b0) = 4096
[ 56.721318][ T3606] usb 1-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[pid 3610] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc3c0382c0) = 0
[pid 3610] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffc3c0372b0) = 4096
[pid 3610] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc3c0382c0) = 0
[pid 3610] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffc3c0372b0) = 4096
[pid 3610] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc3c0382c0) = 0
[pid 3610] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffc3c0372b0) = 4096
[pid 3610] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc3c0382c0) = 0
[pid 3610] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffc3c0372b0) = 4096
[pid 3610] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc3c0382c0) = 0
[pid 3610] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffc3c0372b0) = 4096
[pid 3610] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc3c0382c0) = 0
[pid 3610] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffc3c0372b0) = 4096
[pid 3610] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc3c0382c0) = 0
[pid 3610] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffc3c0372b0) = 4096
[pid 3610] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc3c0382c0) = 0
[pid 3610] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffc3c0372b0) = 4096
[pid 3610] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc3c0382c0) = 0
[pid 3610] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffc3c0372b0) = 4096
[pid 3610] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc3c0382c0) = 0
[pid 3610] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffc3c0372b0) = 4096
[pid 3610] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc3c0382c0) = 0
[pid 3610] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffc3c0372b0) = 4096
[pid 3610] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc3c0382c0) = 0
[pid 3610] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffc3c0372b0) = 1856
[pid 3610] ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc3c0382c0) = 0
[pid 3610] ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffc3c0372b0) = 0
[ 57.288778][ T3606] usb 1-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[pid 3610] ioctl(3, USB_RAW_IOCTL_EP_WRITE, 0x7ffc3c0382f0) = 4
[pid 3610] ioctl(3, USB_RAW_IOCTL_EP_WRITE, 0x7ffc3c0382f0) = 4
[pid 3610] ioctl(3, USB_RAW_IOCTL_EP_WRITE, 0x7ffc3c0382f0) = 4
[pid 3610] ioctl(3, USB_RAW_IOCTL_EP_WRITE, 0x7ffc3c0382f0) = 4
[pid 3610] ioctl(3, USB_RAW_IOCTL_EP_WRITE, 0x7ffc3c0382f0) = 4
[ 58.378678][ T3606] ath9k_htc 1-1:1.0: ath9k_htc: Target is unresponsive
[ 58.385724][ T3606] ath9k_htc: Failed to initialize the device
[pid 3610] ioctl(3, USB_RAW_IOCTL_EP_WRITE, 0x7ffc3c0382f0) = 4
[ 58.518642][ C0] ==================================================================
[ 58.526720][ C0] BUG: KASAN: use-after-free in ath9k_hif_usb_rx_cb+0xd17/0x10d0
[ 58.534541][ C0] Read of size 4 at addr ffff88801e75c2f4 by task swapper/0/0
[ 58.541990][ C0]
[ 58.544304][ C0] CPU: 0 PID: 0 Comm: swapper/0 Not tainted 5.19.0-syzkaller-02972-g200e340f2196 #0
[ 58.553662][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/22/2022
[ 58.563703][ C0] Call Trace:
[ 58.566978][ C0] <IRQ>
[ 58.569860][ C0] dump_stack_lvl+0xcd/0x134
[ 58.574454][ C0] print_address_description.constprop.0.cold+0xeb/0x495
[ 58.581489][ C0] ? ath9k_hif_usb_rx_cb+0xd17/0x10d0
[ 58.586933][ C0] kasan_report.cold+0xf4/0x1c6
[ 58.591805][ C0] ? ath9k_hif_usb_rx_cb+0xd17/0x10d0
[ 58.597197][ C0] ath9k_hif_usb_rx_cb+0xd17/0x10d0
[ 58.602406][ C0] ? psi_cgroup_free+0xf0/0x180
[ 58.607267][ C0] ? lock_downgrade+0x6e0/0x6e0
[ 58.612118][ C0] ? hif_usb_start+0xa0/0xa0
[ 58.616711][ C0] ? rwlock_bug.part.0+0x90/0x90
[ 58.621655][ C0] __usb_hcd_giveback_urb+0x2b0/0x5c0
[ 58.627040][ C0] usb_hcd_giveback_urb+0x367/0x410
[ 58.632243][ C0] dummy_timer+0x11f9/0x32b0
[ 58.636852][ C0] ? dummy_dequeue+0x500/0x500
[ 58.641641][ C0] ? dummy_dequeue+0x500/0x500
[ 58.646441][ C0] call_timer_fn+0x1a5/0x6b0
[ 58.651047][ C0] ? timer_fixup_activate+0x350/0x350
[ 58.656427][ C0] ? lock_downgrade+0x6e0/0x6e0
[ 58.661295][ C0] ? _raw_spin_unlock_irq+0x1f/0x40
[ 58.666514][ C0] ? _raw_spin_unlock_irq+0x1f/0x40
[ 58.671730][ C0] ? dummy_dequeue+0x500/0x500
[ 58.676522][ C0] __run_timers.part.0+0x679/0xa80
[ 58.681648][ C0] ? call_timer_fn+0x6b0/0x6b0
[ 58.686424][ C0] ? __wake_up_locked_sync_key+0x20/0x20
[ 58.692059][ C0] ? kvm_sched_clock_read+0x14/0x40
[ 58.697276][ C0] ? sched_clock_cpu+0x69/0x2b0
[ 58.702148][ C0] run_timer_softirq+0xb3/0x1d0
[ 58.707008][ C0] __do_softirq+0x29b/0x9c2
[ 58.711541][ C0] __irq_exit_rcu+0x123/0x180
[ 58.716274][ C0] irq_exit_rcu+0x5/0x20
[ 58.720532][ C0] sysvec_apic_timer_interrupt+0x93/0xc0
[ 58.726183][ C0] </IRQ>
[ 58.729211][ C0] <TASK>
[ 58.732159][ C0] asm_sysvec_apic_timer_interrupt+0x16/0x20
[ 58.738156][ C0] RIP: 0010:acpi_idle_do_entry+0x1c9/0x240
[ 58.743985][ C0] Code: 89 de e8 9a d3 ff f7 84 db 75 98 e8 91 d7 ff f7 e8 fc 26 06 f8 66 90 e8 85 d7 ff f7 0f 00 2d fe 24 b9 00 e8 79 d7 ff f7 fb f4 <9c> 5b 81 e3 00 02 00 00 fa 31 ff 48 89 de e8 c4 d3 ff f7 48 85 db
[ 58.763606][ C0] RSP: 0018:ffffffff8ba07d38 EFLAGS: 00000293
[ 58.769676][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
[ 58.777648][ C0] RDX: ffffffff8babc940 RSI: ffffffff897b0247 RDI: 0000000000000000
[ 58.785621][ C0] RBP: ffff888017199864 R08: 0000000000000001 R09: 0000000000000001
[ 58.793592][ C0] R10: 0000000000000000 R11: 0000000000000001 R12: 0000000000000001
[ 58.801564][ C0] R13: ffff888017199800 R14: ffff888017199864 R15: ffff8881458c2804
[ 58.809547][ C0] ? acpi_idle_do_entry+0x1c7/0x240
[ 58.814760][ C0] ? acpi_idle_do_entry+0x1c7/0x240
[ 58.819964][ C0] acpi_idle_enter+0x369/0x510
[ 58.824738][ C0] cpuidle_enter_state+0x1b1/0xc80
[ 58.829862][ C0] cpuidle_enter+0x4a/0xa0
[ 58.834286][ C0] do_idle+0x3e8/0x590
[ 58.838361][ C0] ? arch_cpu_idle_exit+0x30/0x30
[ 58.843403][ C0] cpu_startup_entry+0x14/0x20
[ 58.848171][ C0] rest_init+0x169/0x270
[ 58.852416][ C0] ? trace_init_perf_perm_irq_work_exit+0xe/0xe
[ 58.858751][ C0] arch_call_rest_init+0xf/0x14
[ 58.863608][ C0] start_kernel+0x46e/0x48f
[ 58.868204][ C0] secondary_startup_64_no_verify+0xce/0xdb
[ 58.874111][ C0] </TASK>
[ 58.877127][ C0]
[ 58.879452][ C0] Allocated by task 3610:
[ 58.883772][ C0] kasan_save_stack+0x1e/0x40
[ 58.888450][ C0] __kasan_kmalloc+0xa9/0xd0
[ 58.893038][ C0] tomoyo_realpath_from_path+0xc3/0x620
[ 58.898591][ C0] tomoyo_path_number_perm+0x1d5/0x590
[ 58.904056][ C0] security_file_ioctl+0x50/0xb0
[ 58.908995][ C0] __x64_sys_ioctl+0xb3/0x200
[ 58.913675][ C0] do_syscall_64+0x35/0xb0
[ 58.918098][ C0] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 58.924009][ C0]
[ 58.926334][ C0] Freed by task 3610:
[ 58.930314][ C0] kasan_save_stack+0x1e/0x40
[ 58.935017][ C0] kasan_set_track+0x21/0x30
[ 58.939611][ C0] kasan_set_free_info+0x20/0x30
[ 58.944558][ C0] ____kasan_slab_free+0x166/0x1a0
[ 58.949676][ C0] slab_free_freelist_hook+0x8b/0x1c0
[ 58.955051][ C0] kfree+0xe2/0x4d0
[ 58.958864][ C0] tomoyo_realpath_from_path+0x191/0x620
[ 58.964510][ C0] tomoyo_path_number_perm+0x1d5/0x590
[ 58.969975][ C0] security_file_ioctl+0x50/0xb0
[ 58.974914][ C0] __x64_sys_ioctl+0xb3/0x200
[ 58.979596][ C0] do_syscall_64+0x35/0xb0
[ 58.984017][ C0] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 58.989913][ C0]
[ 58.992233][ C0] The buggy address belongs to the object at ffff88801e75c000
[ 58.992233][ C0] which belongs to the cache kmalloc-4k of size 4096
[ 59.006284][ C0] The buggy address is located 756 bytes inside of
[ 59.006284][ C0] 4096-byte region [ffff88801e75c000, ffff88801e75d000)
[ 59.019651][ C0]
[ 59.021970][ C0] The buggy address belongs to the physical page:
[ 59.028375][ C0] page:ffffea000079d600 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1e758
[ 59.038525][ C0] head:ffffea000079d600 order:3 compound_mapcount:0 compound_pincount:0
[ 59.046855][ C0] flags: 0xfff00000010200(slab|head|node=0|zone=1|lastcpupid=0x7ff)
[ 59.054846][ C0] raw: 00fff00000010200 0000000000000000 dead000000000122 ffff888011842140
[ 59.063433][ C0] raw: 0000000000000000 0000000080040004 00000001ffffffff 0000000000000000
[ 59.072010][ C0] page dumped because: kasan: bad access detected
[ 59.078415][ C0] page_owner tracks the page as allocated
[ 59.084118][ C0] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd2040(__GFP_IO|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 2952, tgid 2952 (syslogd), ts 58392133386, free_ts 58385668170
[ 59.104267][ C0] get_page_from_freelist+0x1298/0x3b80
[ 59.109818][ C0] __alloc_pages+0x1c7/0x510
[ 59.114413][ C0] alloc_pages+0x1aa/0x310
[ 59.118833][ C0] allocate_slab+0x26c/0x3c0
[ 59.123429][ C0] ___slab_alloc+0x99f/0xe10
[ 59.128026][ C0] __slab_alloc.constprop.0+0x4d/0xa0
[ 59.133404][ C0] __kmalloc+0x393/0x470
[ 59.137651][ C0] tomoyo_realpath_from_path+0xc3/0x620
[ 59.143204][ C0] tomoyo_check_open_permission+0x272/0x380
[ 59.149104][ C0] tomoyo_file_open+0x9d/0xc0
[ 59.153786][ C0] security_file_open+0x45/0xb0
[ 59.158646][ C0] do_dentry_open+0x349/0x12d0
[ 59.163412][ C0] path_openat+0x1c92/0x28f0
[ 59.168003][ C0] do_filp_open+0x1b6/0x400
[ 59.172514][ C0] do_sys_openat2+0x16d/0x4c0
[ 59.177193][ C0] __x64_sys_openat+0x13f/0x1f0
[ 59.182049][ C0] page last free stack trace:
[ 59.186714][ C0] free_pcp_prepare+0x549/0xd20
[ 59.191586][ C0] free_unref_page+0x19/0x6a0
[ 59.196265][ C0] device_release+0x9f/0x240
[ 59.200862][ C0] kobject_put+0x1c8/0x540
[ 59.205284][ C0] put_device+0x1b/0x30
[ 59.209444][ C0] ath9k_htc_probe_device+0x1c7/0x1f00
[ 59.214904][ C0] ath9k_htc_hw_init+0x31/0x60
[ 59.219668][ C0] ath9k_hif_usb_firmware_cb+0x274/0x530
[ 59.225307][ C0] request_firmware_work_func+0x12c/0x230
[ 59.231028][ C0] process_one_work+0x996/0x1610
[ 59.235969][ C0] worker_thread+0x665/0x1080
[ 59.240670][ C0] kthread+0x2e9/0x3a0
[ 59.244739][ C0] ret_from_fork+0x1f/0x30
[ 59.249159][ C0]
[ 59.251476][ C0] Memory state around the buggy address:
[ 59.257100][ C0] ffff88801e75c180: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 59.265162][ C0] ffff88801e75c200: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 59.273219][ C0] >ffff88801e75c280: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 59.281297][ C0] ^
[ 59.289009][ C0] ffff88801e75c300: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 59.297067][ C0] ffff88801e75c380: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 59.306311][ C0] ==================================================================
[ 59.315437][ C0] Kernel panic - not syncing: panic_on_warn set ...
[ 59.323699][ C0] CPU: 0 PID: 0 Comm: swapper/0 Not tainted 5.19.0-syzkaller-02972-g200e340f2196 #0
[ 59.333888][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/22/2022
[ 59.344527][ C0] Call Trace:
[ 59.347806][ C0] <IRQ>
[ 59.350660][ C0] dump_stack_lvl+0xcd/0x134
[ 59.355268][ C0] panic+0x2d7/0x636
[ 59.359165][ C0] ? panic_print_sys_info.part.0+0x10b/0x10b
[ 59.365161][ C0] ? ath9k_hif_usb_rx_cb+0xd17/0x10d0
[ 59.370540][ C0] end_report.part.0+0x3f/0x7c
[ 59.375308][ C0] kasan_report.cold+0x93/0x1c6
[ 59.380165][ C0] ? ath9k_hif_usb_rx_cb+0xd17/0x10d0
[ 59.385545][ C0] ath9k_hif_usb_rx_cb+0xd17/0x10d0
[ 59.390754][ C0] ? psi_cgroup_free+0xf0/0x180
[ 59.395613][ C0] ? lock_downgrade+0x6e0/0x6e0
[ 59.400464][ C0] ? hif_usb_start+0xa0/0xa0
[ 59.405057][ C0] ? rwlock_bug.part.0+0x90/0x90
[ 59.410004][ C0] __usb_hcd_giveback_urb+0x2b0/0x5c0
[ 59.415382][ C0] usb_hcd_giveback_urb+0x367/0x410
[ 59.420585][ C0] dummy_timer+0x11f9/0x32b0
[ 59.425194][ C0] ? dummy_dequeue+0x500/0x500
[ 59.429964][ C0] ? dummy_dequeue+0x500/0x500
[ 59.434730][ C0] call_timer_fn+0x1a5/0x6b0
[ 59.439326][ C0] ? timer_fixup_activate+0x350/0x350
[ 59.444701][ C0] ? lock_downgrade+0x6e0/0x6e0
[ 59.449553][ C0] ? _raw_spin_unlock_irq+0x1f/0x40
[ 59.454758][ C0] ? _raw_spin_unlock_irq+0x1f/0x40
[ 59.459958][ C0] ? dummy_dequeue+0x500/0x500
[ 59.464727][ C0] __run_timers.part.0+0x679/0xa80
[ 59.469848][ C0] ? call_timer_fn+0x6b0/0x6b0
[ 59.474617][ C0] ? __wake_up_locked_sync_key+0x20/0x20
[ 59.480251][ C0] ? kvm_sched_clock_read+0x14/0x40
[ 59.485452][ C0] ? sched_clock_cpu+0x69/0x2b0
[ 59.490310][ C0] run_timer_softirq+0xb3/0x1d0
[ 59.495167][ C0] __do_softirq+0x29b/0x9c2
[ 59.499770][ C0] __irq_exit_rcu+0x123/0x180
[ 59.504449][ C0] irq_exit_rcu+0x5/0x20
[ 59.508693][ C0] sysvec_apic_timer_interrupt+0x93/0xc0
[ 59.514334][ C0] </IRQ>
[ 59.517263][ C0] <TASK>
[ 59.520197][ C0] asm_sysvec_apic_timer_interrupt+0x16/0x20
[ 59.526187][ C0] RIP: 0010:acpi_idle_do_entry+0x1c9/0x240
[ 59.531998][ C0] Code: 89 de e8 9a d3 ff f7 84 db 75 98 e8 91 d7 ff f7 e8 fc 26 06 f8 66 90 e8 85 d7 ff f7 0f 00 2d fe 24 b9 00 e8 79 d7 ff f7 fb f4 <9c> 5b 81 e3 00 02 00 00 fa 31 ff 48 89 de e8 c4 d3 ff f7 48 85 db
[ 59.551610][ C0] RSP: 0018:ffffffff8ba07d38 EFLAGS: 00000293
[ 59.557682][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
[ 59.565657][ C0] RDX: ffffffff8babc940 RSI: ffffffff897b0247 RDI: 0000000000000000
[ 59.573629][ C0] RBP: ffff888017199864 R08: 0000000000000001 R09: 0000000000000001
[ 59.581600][ C0] R10: 0000000000000000 R11: 0000000000000001 R12: 0000000000000001
[ 59.589568][ C0] R13: ffff888017199800 R14: ffff888017199864 R15: ffff8881458c2804
[ 59.597546][ C0] ? acpi_idle_do_entry+0x1c7/0x240
[ 59.602755][ C0] ? acpi_idle_do_entry+0x1c7/0x240
[ 59.607955][ C0] acpi_idle_enter+0x369/0x510
[ 59.612725][ C0] cpuidle_enter_state+0x1b1/0xc80
[ 59.617848][ C0] cpuidle_enter+0x4a/0xa0
[ 59.622271][ C0] do_idle+0x3e8/0x590
[ 59.626346][ C0] ? arch_cpu_idle_exit+0x30/0x30
[ 59.631378][ C0] cpu_startup_entry+0x14/0x20
[ 59.636144][ C0] rest_init+0x169/0x270
[ 59.640387][ C0] ? trace_init_perf_perm_irq_work_exit+0xe/0xe
[ 59.646631][ C0] arch_call_rest_init+0xf/0x14
[ 59.651491][ C0] start_kernel+0x46e/0x48f
[ 59.656003][ C0] secondary_startup_64_no_verify+0xce/0xdb
[ 59.661916][ C0] </TASK>
[ 59.665168][ C0] Kernel Offset: disabled
[ 59.669492][ C0] Rebooting in 86400 seconds..