./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor669130931
<...>
DUID 00:04:48:2f:83:80:5e:82:2f:af:2e:03:8c:bf:d4:14:8e:03
forked to background, child pid 3181
[ 25.434872][ T3182] 8021q: adding VLAN 0 to HW filter on device bond0
[ 25.437511][ T3182] eql: remember to turn off Van-Jacobson compression on your slave devices
Starting sshd: OK
syzkaller
Warning: Permanently added '10.128.10.12' (ECDSA) to the list of known hosts.
execve("./syz-executor669130931", ["./syz-executor669130931"], 0x7ffd938c3a60 /* 10 vars */) = 0
brk(NULL) = 0x5555563b1000
brk(0x5555563b1c40) = 0x5555563b1c40
arch_prctl(ARCH_SET_FS, 0x5555563b1300) = 0
uname({sysname="Linux", nodename="syzkaller", ...}) = 0
readlink("/proc/self/exe", "/root/syz-executor669130931", 4096) = 27
brk(0x5555563d2c40) = 0x5555563d2c40
brk(0x5555563d3000) = 0x5555563d3000
mprotect(0x7f0fea2e2000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
openat(AT_FDCWD, "/dev/raw-gadget", O_RDWR) = 3
ioctl(3, USB_RAW_IOCTL_INIT, 0x7ffc2b8fbd90) = 0
ioctl(3, UI_DEV_CREATE or USB_RAW_IOCTL_RUN, 0) = 0
ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc2b8fbd90) = 0
ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc2b8fbd90) = 0
ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc2b8fad80) = 18
syzkaller login: [ 49.146222][ T1621] usb 1-1: new high-speed USB device number 2 using dummy_hcd
ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc2b8fbd90) = 0
ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc2b8fad80) = 18
ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc2b8fbd90) = 0
ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc2b8fad80) = 9
ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc2b8fbd90) = 0
ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc2b8fad80) = 72
ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc2b8fbd90) = 0
ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc2b8fad80) = 4
ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc2b8fbd90) = 0
ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc2b8fad80) = 8
ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc2b8fbd90) = 0
ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc2b8fad80) = 8
ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc2b8fbd90) = 0
ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffc2b8fad80) = 8
ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc2b8fbd90) = 0
ioctl(3, USB_RAW_IOCTL_VBUS_DRAW, 0xfa) = 0
ioctl(3, USB_RAW_IOCTL_CONFIGURE, 0) = 0
ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f0fea2e83ac) = 9
ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f0fea2e83bc) = 10
ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f0fea2e83cc) = 12
ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f0fea2e83dc) = 11
ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f0fea2e83ec) = 13
ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f0fea2e83fc) = 14
ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffc2b8fad80) = 0
ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc2b8fbd90) = 0
[ 49.676209][ T1621] usb 1-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[ 49.676227][ T1621] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 49.676236][ T1621] usb 1-1: Product: syz
[ 49.676242][ T1621] usb 1-1: Manufacturer: syz
[ 49.676249][ T1621] usb 1-1: SerialNumber: syz
[ 49.718387][ T1621] usb 1-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffc2b8fad80) = 4096
ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc2b8fbd90) = 0
ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffc2b8fad80) = 4096
ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc2b8fbd90) = 0
ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffc2b8fad80) = 4096
ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc2b8fbd90) = 0
ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffc2b8fad80) = 4096
ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc2b8fbd90) = 0
ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffc2b8fad80) = 4096
ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc2b8fbd90) = 0
ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffc2b8fad80) = 4096
ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc2b8fbd90) = 0
ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffc2b8fad80) = 4096
ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc2b8fbd90) = 0
ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffc2b8fad80) = 4096
ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc2b8fbd90) = 0
ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffc2b8fad80) = 4096
ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc2b8fbd90) = 0
ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffc2b8fad80) = 4096
ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc2b8fbd90) = 0
ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffc2b8fad80) = 4096
ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc2b8fbd90) = 0
ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffc2b8fad80) = 4096
ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc2b8fbd90) = 0
ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffc2b8fad80) = 1856
ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffc2b8fbd90) = 0
ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffc2b8fad80) = 0
[ 50.306201][ T1621] usb 1-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
ioctl(3, USB_RAW_IOCTL_EP_WRITE, 0x7ffc2b8fbdd0) = 20
ioctl(3, USB_RAW_IOCTL_EP_WRITE, 0x7ffc2b8fbdd0) = 20
ioctl(3, USB_RAW_IOCTL_EP_WRITE, 0x7ffc2b8fbdd0) = 20
ioctl(3, USB_RAW_IOCTL_EP_WRITE, 0x7ffc2b8fbdd0) = 20
ioctl(3, USB_RAW_IOCTL_EP_WRITE, 0x7ffc2b8fbdd0) = 20
[ 51.336155][ T1621] ath9k_htc 1-1:1.0: ath9k_htc: Target is unresponsive
[ 51.336411][ T1621] ath9k_htc: Failed to initialize the device
ioctl(3, USB_RAW_IOCTL_EP_WRITE, 0x7ffc2b8fbdd0) = 20
[ 51.516101][ C1] ==================================================================
[ 51.516112][ C1] BUG: KASAN: slab-out-of-bounds in ath9k_hif_usb_rx_cb+0x1120/0x1130
[ 51.516145][ C1] Read of size 4 at addr ffff888074c6c2f4 by task swapper/1/0
[ 51.516153][ C1]
[ 51.516157][ C1] CPU: 1 PID: 0 Comm: swapper/1 Not tainted 5.18.0-syzkaller-12234-g50fd82b3a9a9 #0
[ 51.516167][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 51.516172][ C1] Call Trace:
[ 51.516176][ C1]
[ 51.516179][ C1] dump_stack_lvl+0x1e3/0x2cb
[ 51.516195][ C1] ? bfq_pos_tree_add_move+0x436/0x436
[ 51.516204][ C1] ? _printk+0xcf/0x10f
[ 51.516214][ C1] ? __wake_up_klogd+0xd6/0x100
[ 51.516224][ C1] ? __wake_up_klogd+0xcd/0x100
[ 51.516233][ C1] ? panic+0x76e/0x76e
[ 51.516242][ C1] ? _printk+0xcf/0x10f
[ 51.516251][ C1] print_address_description+0x65/0x4b0
[ 51.516263][ C1] print_report+0xf4/0x210
[ 51.516272][ C1] ? __lock_acquire+0x1f80/0x1f80
[ 51.516281][ C1] ? do_raw_spin_lock+0x148/0x360
[ 51.516291][ C1] ? ath9k_hif_usb_rx_cb+0x1120/0x1130
[ 51.516300][ C1] kasan_report+0xfb/0x130
[ 51.516309][ C1] ? ath9k_hif_usb_rx_cb+0x1120/0x1130
[ 51.516318][ C1] ath9k_hif_usb_rx_cb+0x1120/0x1130
[ 51.516329][ C1] ? do_raw_spin_lock+0x148/0x360
[ 51.516339][ C1] ? ath9k_hif_usb_alloc_urbs+0xe90/0xe90
[ 51.516352][ C1] __usb_hcd_giveback_urb+0x369/0x530
[ 51.516362][ C1] dummy_timer+0x86b/0x3110
[ 51.516383][ C1] ? dummy_free_streams+0x320/0x320
[ 51.516392][ C1] ? trace_lock_release+0x7a/0x190
[ 51.516402][ C1] ? dummy_free_streams+0x320/0x320
[ 51.516410][ C1] call_timer_fn+0xf5/0x210
[ 51.516418][ C1] ? dummy_free_streams+0x320/0x320
[ 51.516427][ C1] ? dummy_free_streams+0x320/0x320
[ 51.516435][ C1] ? __run_timers+0x980/0x980
[ 51.516444][ C1] ? do_raw_spin_unlock+0x134/0x8a0
[ 51.516464][ C1] ? dummy_free_streams+0x320/0x320
[ 51.516473][ C1] ? _raw_spin_unlock_irq+0x1f/0x40
[ 51.516484][ C1] ? lockdep_hardirqs_on+0x95/0x140
[ 51.516494][ C1] ? dummy_free_streams+0x320/0x320
[ 51.516503][ C1] __run_timers+0x76a/0x980
[ 51.516514][ C1] ? trace_timer_cancel+0x210/0x210
[ 51.516523][ C1] ? print_irqtrace_events+0x220/0x220
[ 51.516534][ C1] run_timer_softirq+0x63/0xf0
[ 51.516542][ C1] __do_softirq+0x382/0x793
[ 51.516551][ C1] ? __irq_exit_rcu+0xec/0x170
[ 51.516562][ C1] ? __entry_text_end+0x1fec88/0x1fec88
[ 51.516572][ C1] __irq_exit_rcu+0xec/0x170
[ 51.516580][ C1] ? irq_exit_rcu+0x20/0x20
[ 51.516590][ C1] irq_exit_rcu+0x5/0x20
[ 51.516597][ C1] sysvec_apic_timer_interrupt+0x91/0xb0
[ 51.516607][ C1]
[ 51.516609][ C1]
[ 51.516612][ C1] asm_sysvec_apic_timer_interrupt+0x1b/0x20
[ 51.516624][ C1] RIP: 0010:acpi_idle_enter+0x43d/0x7c0
[ 51.516636][ C1] Code: ff e8 f7 e6 f4 fc 48 83 e3 08 44 8b 7c 24 04 0f 85 21 01 00 00 e8 d3 8b fb fc eb 0c e8 1c e2 f4 fc 0f 00 2d 95 b4 62 06 fb f4 <4c> 89 e3 48 c1 eb 03 42 80 3c 2b 00 74 08 4c 89 e7 e8 9d ca 47 fd
[ 51.516643][ C1] RSP: 0018:ffffc90000187c00 EFLAGS: 00000286
[ 51.516653][ C1] RAX: ba19ac387f063400 RBX: 0000000000000000 RCX: ffffffff9153ce03
[ 51.516660][ C1] RDX: dffffc0000000000 RSI: ffffffff8a8d2320 RDI: ffffffff8ae98940
[ 51.516667][ C1] RBP: ffffc90000187cb0 R08: ffffffff8492aac9 R09: ffffed1002545761
[ 51.516673][ C1] R10: ffffed1002545761 R11: 1ffff11002545760 R12: ffffc90000187c40
[ 51.516679][ C1] R13: dffffc0000000000 R14: ffff888016d76800 R15: 0000000000000001
[ 51.516687][ C1] ? acpi_idle_enter+0x419/0x7c0
[ 51.516699][ C1] ? acpi_idle_lpi_enter+0xe0/0xe0
[ 51.516711][ C1] cpuidle_enter_state+0x517/0xed0
[ 51.516723][ C1] ? cpuidle_enter_s2idle+0x6b0/0x6b0
[ 51.516733][ C1] ? menu_enable_device+0x370/0x370
[ 51.516742][ C1] cpuidle_enter+0x59/0x90
[ 51.516752][ C1] do_idle+0x3d2/0x640
[ 51.516762][ C1] ? idle_inject_timer_fn+0x60/0x60
[ 51.516774][ C1] cpu_startup_entry+0x15/0x20
[ 51.516782][ C1] start_secondary+0xe4/0xf0
[ 51.516790][ C1] secondary_startup_64_no_verify+0xcf/0xdb
[ 51.516803][ C1]
[ 51.516806][ C1]
[ 51.516808][ C1] Allocated by task 0:
[ 51.516811][ C1] (stack is not available)
[ 51.516813][ C1]
[ 51.516814][ C1] The buggy address belongs to the object at ffff888074c6c000
[ 51.516814][ C1] which belongs to the cache kmalloc-1k of size 1024
[ 51.516821][ C1] The buggy address is located 756 bytes inside of
[ 51.516821][ C1] 1024-byte region [ffff888074c6c000, ffff888074c6c400)
[ 51.516829][ C1]
[ 51.516830][ C1] The buggy address belongs to the physical page:
[ 51.516834][ C1] page:ffffea0001d31a00 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x74c68
[ 51.516844][ C1] head:ffffea0001d31a00 order:3 compound_mapcount:0 compound_pincount:0
[ 51.516851][ C1] flags: 0xfff00000010200(slab|head|node=0|zone=1|lastcpupid=0x7ff)
[ 51.516865][ C1] raw: 00fff00000010200 0000000000000000 dead000000000122 ffff888011c41dc0
[ 51.516872][ C1] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000
[ 51.516876][ C1] page dumped because: kasan: bad access detected
[ 51.516880][ C1] page_owner tracks the page as allocated
[ 51.516883][ C1] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 3597, tgid 3597 (sshd), ts 51514992348, free_ts 51336386056
[ 51.516899][ C1] get_page_from_freelist+0x72b/0x7a0
[ 51.516910][ C1] __alloc_pages+0x259/0x560
[ 51.516917][ C1] alloc_slab_page+0x70/0xf0
[ 51.516924][ C1] allocate_slab+0x5e/0x520
[ 51.516932][ C1] ___slab_alloc+0x41e/0xcd0
[ 51.516938][ C1] __kmalloc_node_track_caller+0x2bb/0x3f0
[ 51.516946][ C1] __alloc_skb+0x11d/0x660
[ 51.516955][ C1] tcp_stream_alloc_skb+0x67/0x480
[ 51.516965][ C1] tcp_sendmsg_locked+0xd64/0x3fc0
[ 51.516973][ C1] tcp_sendmsg+0x2c/0x40
[ 51.516981][ C1] sock_write_iter+0x3e7/0x560
[ 51.516990][ C1] vfs_write+0xa22/0xd40
[ 51.516998][ C1] ksys_write+0x19b/0x2c0
[ 51.517004][ C1] do_syscall_64+0x2b/0x70
[ 51.517012][ C1] entry_SYSCALL_64_after_hwframe+0x46/0xb0
[ 51.517020][ C1] page last free stack trace:
[ 51.517023][ C1] free_pcp_prepare+0x812/0x900
[ 51.517031][ C1] free_unref_page+0x7d/0x390
[ 51.517039][ C1] free_large_kmalloc+0xeb/0x1a0
[ 51.517046][ C1] kfree+0x188/0x210
[ 51.517052][ C1] device_release+0x98/0x1c0
[ 51.517061][ C1] kobject_cleanup+0x235/0x470
[ 51.517070][ C1] ath9k_htc_probe_device+0xfe8/0x2090
[ 51.517079][ C1] ath9k_htc_hw_init+0x30/0x70
[ 51.517086][ C1] ath9k_hif_usb_firmware_cb+0x250/0x4d0
[ 51.517094][ C1] request_firmware_work_func+0x198/0x270
[ 51.517104][ C1] process_one_work+0x81c/0xd10
[ 51.517113][ C1] worker_thread+0xb14/0x1330
[ 51.517120][ C1] kthread+0x266/0x300
[ 51.517128][ C1] ret_from_fork+0x1f/0x30
[ 51.517135][ C1]
[ 51.517137][ C1] Memory state around the buggy address:
[ 51.517141][ C1] ffff888074c6c180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 51.517146][ C1] ffff888074c6c200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 51.517150][ C1] >ffff888074c6c280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 51.517154][ C1] ^
[ 51.517158][ C1] ffff888074c6c300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 51.517163][ C1] ffff888074c6c380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 51.517167][ C1] ==================================================================
[ 51.517171][ C1] Kernel panic - not syncing: panic_on_warn set ...
[ 52.260724][ C1] CPU: 1 PID: 0 Comm: swapper/1 Not tainted 5.18.0-syzkaller-12234-g50fd82b3a9a9 #0
[ 52.270074][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 52.280139][ C1] Call Trace:
[ 52.283413][ C1]
[ 52.286252][ C1] dump_stack_lvl+0x1e3/0x2cb
[ 52.290917][ C1] ? bfq_pos_tree_add_move+0x436/0x436
[ 52.296377][ C1] ? panic+0x76e/0x76e
[ 52.300436][ C1] ? vscnprintf+0x59/0x80
[ 52.304747][ C1] panic+0x312/0x76e
[ 52.308638][ C1] ? fb_is_primary_device+0xcc/0xcc
[ 52.313820][ C1] ? _raw_spin_unlock_irqrestore+0xd9/0x130
[ 52.319702][ C1] ? ath9k_hif_usb_rx_cb+0x1120/0x1130
[ 52.325163][ C1] end_report+0x91/0xa0
[ 52.329303][ C1] kasan_report+0x108/0x130
[ 52.333786][ C1] ? ath9k_hif_usb_rx_cb+0x1120/0x1130
[ 52.339225][ C1] ath9k_hif_usb_rx_cb+0x1120/0x1130
[ 52.344493][ C1] ? do_raw_spin_lock+0x148/0x360
[ 52.349514][ C1] ? ath9k_hif_usb_alloc_urbs+0xe90/0xe90
[ 52.355215][ C1] __usb_hcd_giveback_urb+0x369/0x530
[ 52.360571][ C1] dummy_timer+0x86b/0x3110
[ 52.365068][ C1] ? dummy_free_streams+0x320/0x320
[ 52.370248][ C1] ? trace_lock_release+0x7a/0x190
[ 52.375342][ C1] ? dummy_free_streams+0x320/0x320
[ 52.380521][ C1] call_timer_fn+0xf5/0x210
[ 52.385026][ C1] ? dummy_free_streams+0x320/0x320
[ 52.390204][ C1] ? dummy_free_streams+0x320/0x320
[ 52.395382][ C1] ? __run_timers+0x980/0x980
[ 52.400038][ C1] ? do_raw_spin_unlock+0x134/0x8a0
[ 52.405219][ C1] ? dummy_free_streams+0x320/0x320
[ 52.410394][ C1] ? _raw_spin_unlock_irq+0x1f/0x40
[ 52.415575][ C1] ? lockdep_hardirqs_on+0x95/0x140
[ 52.420758][ C1] ? dummy_free_streams+0x320/0x320
[ 52.425938][ C1] __run_timers+0x76a/0x980
[ 52.430428][ C1] ? trace_timer_cancel+0x210/0x210
[ 52.435610][ C1] ? print_irqtrace_events+0x220/0x220
[ 52.441138][ C1] run_timer_softirq+0x63/0xf0
[ 52.445901][ C1] __do_softirq+0x382/0x793
[ 52.450387][ C1] ? __irq_exit_rcu+0xec/0x170
[ 52.455135][ C1] ? __entry_text_end+0x1fec88/0x1fec88
[ 52.460664][ C1] __irq_exit_rcu+0xec/0x170
[ 52.465234][ C1] ? irq_exit_rcu+0x20/0x20
[ 52.469722][ C1] irq_exit_rcu+0x5/0x20
[ 52.473944][ C1] sysvec_apic_timer_interrupt+0x91/0xb0
[ 52.479560][ C1]
[ 52.482492][ C1]
[ 52.485407][ C1] asm_sysvec_apic_timer_interrupt+0x1b/0x20
[ 52.491385][ C1] RIP: 0010:acpi_idle_enter+0x43d/0x7c0
[ 52.496915][ C1] Code: ff e8 f7 e6 f4 fc 48 83 e3 08 44 8b 7c 24 04 0f 85 21 01 00 00 e8 d3 8b fb fc eb 0c e8 1c e2 f4 fc 0f 00 2d 95 b4 62 06 fb f4 <4c> 89 e3 48 c1 eb 03 42 80 3c 2b 00 74 08 4c 89 e7 e8 9d ca 47 fd
[ 52.516500][ C1] RSP: 0018:ffffc90000187c00 EFLAGS: 00000286
[ 52.522563][ C1] RAX: ba19ac387f063400 RBX: 0000000000000000 RCX: ffffffff9153ce03
[ 52.530516][ C1] RDX: dffffc0000000000 RSI: ffffffff8a8d2320 RDI: ffffffff8ae98940
[ 52.538469][ C1] RBP: ffffc90000187cb0 R08: ffffffff8492aac9 R09: ffffed1002545761
[ 52.546422][ C1] R10: ffffed1002545761 R11: 1ffff11002545760 R12: ffffc90000187c40
[ 52.554389][ C1] R13: dffffc0000000000 R14: ffff888016d76800 R15: 0000000000000001
[ 52.562371][ C1] ? acpi_idle_enter+0x419/0x7c0
[ 52.567315][ C1] ? acpi_idle_lpi_enter+0xe0/0xe0
[ 52.572409][ C1] cpuidle_enter_state+0x517/0xed0
[ 52.577573][ C1] ? cpuidle_enter_s2idle+0x6b0/0x6b0
[ 52.582937][ C1] ? menu_enable_device+0x370/0x370
[ 52.588130][ C1] cpuidle_enter+0x59/0x90
[ 52.592529][ C1] do_idle+0x3d2/0x640
[ 52.596580][ C1] ? idle_inject_timer_fn+0x60/0x60
[ 52.601762][ C1] cpu_startup_entry+0x15/0x20
[ 52.606509][ C1] start_secondary+0xe4/0xf0
[ 52.611426][ C1] secondary_startup_64_no_verify+0xcf/0xdb
[ 52.617305][ C1]
[ 52.620399][ C1] Kernel Offset: disabled
[ 52.624820][ C1] Rebooting in 86400 seconds..