Warning: Permanently added '10.128.10.24' (ED25519) to the list of known hosts. 2024/04/28 17:26:57 ignoring optional flag "sandboxArg"="0" 2024/04/28 17:26:57 parsed 1 programs 2024/04/28 17:26:57 executed programs: 0 [ 40.501120][ T4146] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k SSFS [ 40.573576][ T4154] bridge0: port 1(bridge_slave_0) entered blocking state [ 40.575190][ T4154] bridge0: port 1(bridge_slave_0) entered disabled state [ 40.577002][ T4154] device bridge_slave_0 entered promiscuous mode [ 40.579143][ T4154] bridge0: port 2(bridge_slave_1) entered blocking state [ 40.580776][ T4154] bridge0: port 2(bridge_slave_1) entered disabled state [ 40.582556][ T4154] device bridge_slave_1 entered promiscuous mode [ 40.605350][ T4154] team0: Port device team_slave_0 added [ 40.606968][ T4154] team0: Port device team_slave_1 added [ 40.667806][ T4154] device hsr_slave_0 entered promiscuous mode [ 40.727536][ T4154] device hsr_slave_1 entered promiscuous mode [ 41.271450][ T4154] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 41.308385][ T4154] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 41.337854][ T4154] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 41.377849][ T4154] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 41.431637][ T4154] bridge0: port 2(bridge_slave_1) entered blocking state [ 41.433227][ T4154] bridge0: port 2(bridge_slave_1) entered forwarding state [ 41.434865][ T4154] bridge0: port 1(bridge_slave_0) entered blocking state [ 41.436493][ T4154] bridge0: port 1(bridge_slave_0) entered forwarding state [ 41.486811][ T4154] 8021q: adding VLAN 0 to HW filter on device team0 [ 41.488980][ T99] bridge0: port 1(bridge_slave_0) entered disabled state [ 41.490804][ T99] bridge0: port 2(bridge_slave_1) entered disabled state [ 41.493296][ T99] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 41.495059][ T99] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 41.501264][ T4154] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 41.503609][ T4154] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 41.506642][ T99] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 41.508885][ T99] bridge0: port 1(bridge_slave_0) entered blocking state [ 41.510501][ T99] bridge0: port 1(bridge_slave_0) entered forwarding state [ 41.512172][ T99] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 41.514164][ T99] bridge0: port 2(bridge_slave_1) entered blocking state [ 41.515743][ T99] bridge0: port 2(bridge_slave_1) entered forwarding state [ 41.517633][ T99] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 41.519591][ T99] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 41.521537][ T99] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 41.523468][ T99] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 41.526038][ T99] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 41.528075][ T99] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 41.636603][ T4154] device veth0_vlan entered promiscuous mode [ 41.638729][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 41.640763][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 41.642736][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 41.644627][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 41.646620][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 41.649142][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 41.651579][ T4154] device veth1_vlan entered promiscuous mode [ 41.655109][ T4154] device veth0_macvtap entered promiscuous mode [ 41.657114][ T4154] device veth1_macvtap entered promiscuous mode [ 41.659288][ T99] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 41.661116][ T99] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 41.662910][ T99] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 41.664892][ T99] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 41.666774][ T99] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 41.670486][ T99] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 41.672364][ T99] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 41.674325][ T99] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 41.676388][ T99] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 41.678502][ T99] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 41.737849][ T1694] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 41.739561][ T1694] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 41.744783][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 41.749006][ T1694] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 41.750706][ T1694] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 41.752410][ T99] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 42.067401][ T3723] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 42.507396][ T3723] usb 1-1: config 0 has an invalid interface number: 10 but max is 0 [ 42.509225][ T3723] usb 1-1: config 0 has no interface number 0 [ 42.510615][ T3723] usb 1-1: config 0 interface 10 altsetting 0 has an invalid endpoint with address 0x0, skipping [ 42.513009][ T3723] usb 1-1: config 0 interface 10 altsetting 0 endpoint 0x81 has invalid maxpacket 21669, setting to 1024 [ 42.515560][ T3723] usb 1-1: config 0 interface 10 altsetting 0 bulk endpoint 0x81 has invalid maxpacket 1024 [ 42.517982][ T3723] usb 1-1: config 0 interface 10 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1 [ 42.677378][ T3723] usb 1-1: New USB device found, idVendor=05ac, idProduct=024e, bcdDevice=d4.d7 [ 42.679373][ T3723] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 42.681209][ T3723] usb 1-1: Product: syz [ 42.682123][ T3723] usb 1-1: Manufacturer: syz [ 42.683177][ T3723] usb 1-1: SerialNumber: syz [ 42.685024][ T3723] usb 1-1: config 0 descriptor?? [ 42.697485][ T4471] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 42.718226][ T3723] input: bcm5974 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.10/input/input2 [ 43.147419][ T4472] ------------[ cut here ]------------ [ 43.148673][ T4472] usb 1-1: BOGUS urb xfer, pipe 1 != type 3 [ 43.150280][ T4472] WARNING: CPU: 1 PID: 4472 at drivers/usb/core/urb.c:505 usb_submit_urb+0x594/0x9b4 [ 43.152538][ T4472] Modules linked in: [ 43.153418][ T4472] CPU: 1 PID: 4472 Comm: udevd Not tainted 6.1.88-syzkaller #0 [ 43.155159][ T4472] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024 [ 43.157397][ T4472] pstate: 60401005 (nZCv daif +PAN -UAO -TCO -DIT +SSBS BTYPE=--) [ 43.159241][ T4472] pc : usb_submit_urb+0x594/0x9b4 [ 43.160481][ T4472] lr : usb_submit_urb+0x594/0x9b4 [ 43.161722][ T4472] sp : ffff8000124fb8e0 [ 43.162692][ T4472] x29: ffff8000124fb8f0 x28: ffff0000cbec5800 x27: ffff0000c928cb5c [ 43.164646][ T4472] x26: ffff80000ce43b38 x25: ffff0000cbec58a8 x24: ffff0000c59b1f00 [ 43.166553][ T4472] x23: ffff80000ce6ea72 x22: 0000000000000400 x21: 0000000000000002 [ 43.168403][ T4472] x20: 0000000000000cc0 x19: ffff0000c928cb00 x18: ffff80000bd3d2cc [ 43.170333][ T4472] x17: 0000000000020000 x16: 00000000000001d1 x15: 0000000000000000 [ 43.172151][ T4472] x14: 0000000000000000 x13: 205d323734345420 x12: ffff80000e679000 [ 43.173985][ T4472] x11: 0000000000ff0100 x10: 0000000000000000 x9 : cf293c8c719fb500 [ 43.175862][ T4472] x8 : cf293c8c719fb500 x7 : 0000000000000000 x6 : ffff80000bcfbd2c [ 43.177762][ T4472] x5 : 0000000000000000 x4 : 0000000000000080 x3 : 0000000000000000 [ 43.179677][ T4472] x2 : 0000000000000000 x1 : 0000000100000000 x0 : 0000000000000000 [ 43.181588][ T4472] Call trace: [ 43.182355][ T4472] usb_submit_urb+0x594/0x9b4 [ 43.183475][ T4472] bcm5974_start_traffic+0xa0/0xfc [ 43.184659][ T4472] bcm5974_open+0x5c/0xb4 [ 43.185672][ T4472] input_open_device+0xe8/0x14c [ 43.186804][ T4472] evdev_open+0x1b4/0x258 [ 43.187808][ T4472] chrdev_open+0x27c/0x2b0 [ 43.188831][ T4472] do_dentry_open+0x36c/0x6f8 [ 43.189925][ T4472] vfs_open+0x38/0x48 [ 43.190868][ T4472] path_openat+0xf04/0x1328 [ 43.191948][ T4472] do_filp_open+0xd0/0x1a8 [ 43.193007][ T4472] do_sys_openat2+0xb8/0x22c [ 43.194009][ T4472] __arm64_sys_openat+0xb0/0xe0 [ 43.195123][ T4472] invoke_syscall+0x64/0x178 [ 43.196248][ T4472] el0_svc_common+0xb8/0x174 [ 43.197330][ T4472] do_el0_svc+0x48/0x174 [ 43.198311][ T4472] el0_svc+0x34/0x110 [ 43.199271][ T4472] el0t_64_sync_handler+0x84/0xf0 [ 43.200414][ T4472] el0t_64_sync+0x18c/0x190 [ 43.201558][ T4472] ---[ end trace 0000000000000000 ]--- [ 43.217354][ C1] ------------[ cut here ]------------ [ 43.218509][ C1] usb 1-1: BOGUS urb xfer, pipe 1 != type 3 [ 43.220118][ C1] WARNING: CPU: 1 PID: 0 at drivers/usb/core/urb.c:505 usb_submit_urb+0x594/0x9b4 [ 43.222220][ C1] Modules linked in: [ 43.223107][ C1] CPU: 1 PID: 0 Comm: swapper/1 Tainted: G W 6.1.88-syzkaller #0 [ 43.225177][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024 [ 43.227372][ C1] pstate: 604010c5 (nZCv daIF +PAN -UAO -TCO -DIT +SSBS BTYPE=--) [ 43.229225][ C1] pc : usb_submit_urb+0x594/0x9b4 [ 43.230375][ C1] lr : usb_submit_urb+0x594/0x9b4 [ 43.231593][ C1] sp : ffff80000800bba0 [ 43.232630][ C1] x29: ffff80000800bbb0 x28: ffff0000cbec5800 x27: ffff0000c928cb5c [ 43.234514][ C1] x26: ffff80000ce43b38 x25: ffff0000cbec58a8 x24: ffff0000c59b1f00 [ 43.236300][ C1] x23: ffff80000ce6ea72 x22: 0000000000000400 x21: 0000000000000002 [ 43.238178][ C1] x20: 0000000000000a20 x19: ffff0000c928cb00 x18: 0000000000000000 [ 43.240086][ C1] x17: ffff8001f1632000 x16: ffff800008008000 x15: 0000000000000000 [ 43.242011][ C1] x14: 0000000000000000 x13: 205d314320202020 x12: ffff80000e679000 [ 43.243888][ C1] x11: 0000000000ff0100 x10: 0000000000000000 x9 : bdc2ecd11f190f00 [ 43.245692][ C1] x8 : bdc2ecd11f190f00 x7 : 0000000000000000 x6 : ffff80000bcfbd2c [ 43.247550][ C1] x5 : 0000000000000000 x4 : 0000000000000080 x3 : 0000000000000000 [ 43.249491][ C1] x2 : 0000000000000000 x1 : 0000000000000101 x0 : 0000000000000000 [ 43.251402][ C1] Call trace: [ 43.252194][ C1] usb_submit_urb+0x594/0x9b4 [ 43.253342][ C1] bcm5974_irq_trackpad+0x138/0x524 [ 43.254525][ C1] __usb_hcd_giveback_urb+0x16c/0x244 [ 43.255777][ C1] usb_hcd_giveback_urb+0x78/0x238 [ 43.257032][ C1] dummy_timer+0x2c8/0x102c [ 43.258137][ C1] call_timer_fn+0x7c/0x15c [ 43.259202][ C1] __run_timers+0x60c/0x6f8 [ 43.260301][ C1] run_timer_softirq+0x34/0x5c [ 43.261417][ C1] __do_softirq+0x100/0x29c [ 43.262475][ C1] ____do_softirq+0x14/0x20 [ 43.263502][ C1] call_on_irq_stack+0x24/0x4c [ 43.264604][ C1] do_softirq_own_stack+0x20/0x2c [ 43.265845][ C1] __irq_exit_rcu+0xb0/0x124 [ 43.266970][ C1] irq_exit_rcu+0x10/0x1c [ 43.268032][ C1] el1_interrupt+0x38/0x68 [ 43.269120][ C1] el1h_64_irq_handler+0x18/0x24 [ 43.270286][ C1] el1h_64_irq+0x64/0x68 [ 43.271288][ C1] arch_local_irq_enable+0xc/0x18 [ 43.272453][ C1] do_idle+0x110/0x2d8 [ 43.273372][ C1] cpu_startup_entry+0x34/0x38 [ 43.274459][ C1] secondary_start_kernel+0x150/0x178 [ 43.275682][ C1] __secondary_switched+0xb0/0xb4 [ 43.276871][ C1] ---[ end trace 0000000000000000 ]--- [ 43.287358][ C1] ------------[ cut here ]------------ [ 43.288555][ C1] usb 1-1: BOGUS urb xfer, pipe 1 != type 3 [ 43.290169][ C1] WARNING: CPU: 1 PID: 0 at drivers/usb/core/urb.c:505 usb_submit_urb+0x594/0x9b4 [ 43.292408][ C1] Modules linked in: [ 43.293332][ C1] CPU: 1 PID: 0 Comm: swapper/1 Tainted: G W 6.1.88-syzkaller #0 [ 43.295486][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024 [ 43.297884][ C1] pstate: 604010c5 (nZCv daIF +PAN -UAO -TCO -DIT +SSBS BTYPE=--) [ 43.299824][ C1] pc : usb_submit_urb+0x594/0x9b4 [ 43.301019][ C1] lr : usb_submit_urb+0x594/0x9b4 [ 43.302206][ C1] sp : ffff80000800bba0 [ 43.303151][ C1] x29: ffff80000800bbb0 x28: ffff0000cbec5800 x27: ffff0000c928cb5c [ 43.305062][ C1] x26: ffff80000ce43b38 x25: ffff0000cbec58a8 x24: ffff0000c59b1f00 [ 43.306857][ C1] x23: ffff80000ce6ea72 x22: 0000000000000400 x21: 0000000000000002 [ 43.308782][ C1] x20: 0000000000000a20 x19: ffff0000c928cb00 x18: 0000000000000000 [ 43.310711][ C1] x17: ffff8001f1632000 x16: ffff800008008000 x15: 0000000000000000 [ 43.312551][ C1] x14: 0000000000000000 x13: 205d314320202020 x12: ffff80000e679000 [ 43.314417][ C1] x11: 0000000000ff0100 x10: 0000000000000000 x9 : bdc2ecd11f190f00 [ 43.316285][ C1] x8 : bdc2ecd11f190f00 x7 : 0000000000000000 x6 : ffff80000bcfbd2c [ 43.318189][ C1] x5 : 0000000000000000 x4 : 0000000000000080 x3 : 0000000000000000 [ 43.320039][ C1] x2 : 0000000000000000 x1 : 0000000100000101 x0 : 0000000000000000 [ 43.322001][ C1] Call trace: [ 43.322771][ C1] usb_submit_urb+0x594/0x9b4 [ 43.323869][ C1] bcm5974_irq_trackpad+0x138/0x524 [ 43.325019][ C1] __usb_hcd_giveback_urb+0x16c/0x244 [ 43.326231][ C1] usb_hcd_giveback_urb+0x78/0x238 [ 43.327457][ C1] dummy_timer+0x2c8/0x102c [ 43.328534][ C1] call_timer_fn+0x7c/0x15c [ 43.329625][ C1] __run_timers+0x60c/0x6f8 [ 43.330720][ C1] run_timer_softirq+0x34/0x5c [ 43.331881][ C1] __do_softirq+0x100/0x29c [ 43.332940][ C1] ____do_softirq+0x14/0x20 [ 43.334061][ C1] call_on_irq_stack+0x24/0x4c [ 43.335206][ C1] do_softirq_own_stack+0x20/0x2c [ 43.336413][ C1] __irq_exit_rcu+0xb0/0x124 [ 43.337516][ C1] irq_exit_rcu+0x10/0x1c [ 43.338556][ C1] el1_interrupt+0x38/0x68 [ 43.339630][ C1] el1h_64_irq_handler+0x18/0x24 [ 43.340761][ C1] el1h_64_irq+0x64/0x68 [ 43.341814][ C1] arch_local_irq_enable+0xc/0x18 [ 43.343058][ C1] do_idle+0x110/0x2d8 [ 43.344018][ C1] cpu_startup_entry+0x34/0x38 [ 43.345141][ C1] secondary_start_kernel+0x150/0x178 [ 43.346406][ C1] __secondary_switched+0xb0/0xb4 [ 43.347609][ C1] ---[ end trace 0000000000000000 ]--- [ 43.349644][ T23] usb 1-1: USB disconnect, device number 2 [ 43.357484][ T4472] bcm5974 1-1:0.10: could not read from device [ 44.117416][ T3723] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 44.477464][ T3723] usb 1-1: config 0 has an invalid interface number: 10 but max is 0 [ 44.479333][ T3723] usb 1-1: config 0 has no interface number 0 [ 44.480743][ T3723] usb 1-1: config 0 interface 10 altsetting 0 has an invalid endpoint with address 0x0, skipping [ 44.483197][ T3723] usb 1-1: config 0 interface 10 altsetting 0 endpoint 0x81 has invalid maxpacket 21669, setting to 1024 [ 44.485724][ T3723] usb 1-1: config 0 interface 10 altsetting 0 bulk endpoint 0x81 has invalid maxpacket 1024 [ 44.488009][ T3723] usb 1-1: config 0 interface 10 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1 [ 44.647412][ T3723] usb 1-1: New USB device found, idVendor=05ac, idProduct=024e, bcdDevice=d4.d7 [ 44.649333][ T3723] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 44.651170][ T3723] usb 1-1: Product: syz [ 44.652085][ T3723] usb 1-1: Manufacturer: syz [ 44.653132][ T3723] usb 1-1: SerialNumber: syz [ 44.654673][ T3723] usb 1-1: config 0 descriptor?? [ 44.667429][ T4570] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 44.688233][ T3723] input: bcm5974 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.10/input/input3 [ 45.127463][ T4148] ------------[ cut here ]------------ [ 45.128691][ T4148] usb 1-1: BOGUS urb xfer, pipe 1 != type 3 [ 45.130256][ T4148] WARNING: CPU: 0 PID: 4148 at drivers/usb/core/urb.c:505 usb_submit_urb+0x594/0x9b4 [ 45.132543][ T4148] Modules linked in: [ 45.133459][ T4148] CPU: 0 PID: 4148 Comm: udevd Tainted: G W 6.1.88-syzkaller #0 [ 45.135569][ T4148] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024 [ 45.137906][ T4148] pstate: 60401005 (nZCv daif +PAN -UAO -TCO -DIT +SSBS BTYPE=--) [ 45.139669][ T4148] pc : usb_submit_urb+0x594/0x9b4 [ 45.140911][ T4148] lr : usb_submit_urb+0x594/0x9b4 [ 45.142127][ T4148] sp : ffff8000124538e0 [ 45.143144][ T4148] x29: ffff8000124538f0 x28: ffff0000cb1ca800 x27: ffff0000c780315c [ 45.145086][ T4148] x26: ffff80000ce43b38 x25: ffff0000cb1ca8a8 x24: ffff0000cbfed400 [ 45.146853][ T4148] x23: ffff80000ce6ea72 x22: 0000000000000400 x21: 0000000000000002 [ 45.148690][ T4148] x20: 0000000000000cc0 x19: ffff0000c7803100 x18: ffff80000bd3d2cc [ 45.150390][ T4148] x17: 0000000000028000 x16: 00000000000000ff x15: 0000000000000000 [ 45.152226][ T4148] x14: 0000000000000000 x13: 205d383431345420 x12: ffff80000e679000 [ 45.154097][ T4148] x11: 0000000000ff0100 x10: 0000000000000000 x9 : f7e53f9bea6ce500 [ 45.155844][ T4148] x8 : f7e53f9bea6ce500 x7 : 0000000000000000 x6 : ffff80000bcfbd2c [ 45.157716][ T4148] x5 : 0000000000000000 x4 : 0000000000000080 x3 : 0000000000000000 [ 45.159457][ T4148] x2 : 0000000000000000 x1 : 0000000100000000 x0 : 0000000000000000 [ 45.161274][ T4148] Call trace: [ 45.162032][ T4148] usb_submit_urb+0x594/0x9b4 [ 45.163132][ T4148] bcm5974_start_traffic+0xa0/0xfc [ 45.164251][ T4148] bcm5974_open+0x5c/0xb4 [ 45.165221][ T4148] input_open_device+0xe8/0x14c [ 45.166277][ T4148] evdev_open+0x1b4/0x258 [ 45.167310][ T4148] chrdev_open+0x27c/0x2b0 [ 45.168289][ T4148] do_dentry_open+0x36c/0x6f8 [ 45.169421][ T4148] vfs_open+0x38/0x48 [ 45.170319][ T4148] path_openat+0xf04/0x1328 [ 45.171405][ T4148] do_filp_open+0xd0/0x1a8 [ 45.172434][ T4148] do_sys_openat2+0xb8/0x22c [ 45.173582][ T4148] __arm64_sys_openat+0xb0/0xe0 [ 45.174937][ T4148] invoke_syscall+0x64/0x178 [ 45.176071][ T4148] el0_svc_common+0xb8/0x174 [ 45.177203][ T4148] do_el0_svc+0x48/0x174 [ 45.178142][ T4148] el0_svc+0x34/0x110 [ 45.179023][ T4148] el0t_64_sync_handler+0x84/0xf0 [ 45.180148][ T4148] el0t_64_sync+0x18c/0x190 [ 45.181206][ T4148] ---[ end trace 0000000000000000 ]--- [ 45.197358][ C0] ------------[ cut here ]------------ [ 45.198537][ C0] usb 1-1: BOGUS urb xfer, pipe 1 != type 3 [ 45.200006][ C0] WARNING: CPU: 0 PID: 0 at drivers/usb/core/urb.c:505 usb_submit_urb+0x594/0x9b4 [ 45.201933][ C0] Modules linked in: [ 45.202789][ C0] CPU: 0 PID: 0 Comm: swapper/0 Tainted: G W 6.1.88-syzkaller #0 [ 45.204701][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024 [ 45.206973][ C0] pstate: 604010c5 (nZCv daIF +PAN -UAO -TCO -DIT +SSBS BTYPE=--) [ 45.208745][ C0] pc : usb_submit_urb+0x594/0x9b4 [ 45.209797][ C0] lr : usb_submit_urb+0x594/0x9b4 [ 45.210837][ C0] sp : ffff800008003ba0 [ 45.211900][ C0] x29: ffff800008003bb0 x28: ffff0000cb1ca800 x27: ffff0000c780315c [ 45.213807][ C0] x26: ffff80000ce43b38 x25: ffff0000cb1ca8a8 x24: ffff0000cbfed400 [ 45.215636][ C0] x23: ffff80000ce6ea72 x22: 0000000000000400 x21: 0000000000000002 [ 45.217289][ C0] x20: 0000000000000a20 x19: ffff0000c7803100 x18: ffff80000bd3d2cc [ 45.218972][ C0] x17: 0000000000010000 x16: 0000000000000076 x15: 0000000000000000 [ 45.220721][ C0] x14: 0000000000000000 x13: 205d304320202020 x12: ffff80000e679000 [ 45.222534][ C0] x11: 0000000000ff0100 x10: 0000000000000000 x9 : 963e1520261b0c00 [ 45.224323][ C0] x8 : 963e1520261b0c00 x7 : 0000000000000000 x6 : ffff80000bcfbd2c [ 45.226175][ C0] x5 : 0000000000000000 x4 : 0000000000000080 x3 : 0000000000000000 [ 45.227980][ C0] x2 : 0000000000000000 x1 : 0000000000000101 x0 : 0000000000000000 [ 45.229677][ C0] Call trace: [ 45.230495][ C0] usb_submit_urb+0x594/0x9b4 [ 45.231612][ C0] bcm5974_irq_trackpad+0x138/0x524 [ 45.232823][ C0] __usb_hcd_giveback_urb+0x16c/0x244 [ 45.234101][ C0] usb_hcd_giveback_urb+0x78/0x238 [ 45.235326][ C0] dummy_timer+0x2c8/0x102c [ 45.236330][ C0] call_timer_fn+0x7c/0x15c [ 45.237363][ C0] __run_timers+0x60c/0x6f8 [ 45.238343][ C0] run_timer_softirq+0x34/0x5c [ 45.239378][ C0] __do_softirq+0x100/0x29c [ 45.240623][ C0] ____do_softirq+0x14/0x20 [ 45.241603][ C0] call_on_irq_stack+0x24/0x4c [ 45.242768][ C0] do_softirq_own_stack+0x20/0x2c [ 45.243828][ C0] __irq_exit_rcu+0xb0/0x124 [ 45.244831][ C0] irq_exit_rcu+0x10/0x1c [ 45.245799][ C0] el1_interrupt+0x38/0x68 [ 45.246788][ C0] el1h_64_irq_handler+0x18/0x24 [ 45.247842][ C0] el1h_64_irq+0x64/0x68 [ 45.248845][ C0] arch_local_irq_enable+0xc/0x18 [ 45.250123][ C0] do_idle+0x110/0x2d8 [ 45.251049][ C0] cpu_startup_entry+0x34/0x38 [ 45.252157][ C0] kernel_init+0x0/0x290 [ 45.253089][ C0] start_kernel+0x0/0x4c0 [ 45.254089][ C0] start_kernel+0x30c/0x4c0 [ 45.255155][ C0] __primary_switched+0xb4/0xbc [ 45.256272][ C0] ---[ end trace 0000000000000000 ]--- [ 45.267377][ C0] ------------[ cut here ]------------ [ 45.268649][ C0] usb 1-1: BOGUS urb xfer, pipe 1 != type 3 [ 45.270072][ C0] WARNING: CPU: 0 PID: 0 at drivers/usb/core/urb.c:505 usb_submit_urb+0x594/0x9b4 [ 45.271976][ C0] Modules linked in: [ 45.272783][ C0] CPU: 0 PID: 0 Comm: swapper/0 Tainted: G W 6.1.88-syzkaller #0 [ 45.274724][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024 [ 45.276906][ C0] pstate: 604010c5 (nZCv daIF +PAN -UAO -TCO -DIT +SSBS BTYPE=--) [ 45.278762][ C0] pc : usb_submit_urb+0x594/0x9b4 [ 45.279965][ C0] lr : usb_submit_urb+0x594/0x9b4 [ 45.281161][ C0] sp : ffff800008003ba0 [ 45.282051][ C0] x29: ffff800008003bb0 x28: ffff0000cb1ca800 x27: ffff0000c780315c [ 45.283799][ C0] x26: ffff80000ce43b38 x25: ffff0000cb1ca8a8 x24: ffff0000cbfed400 [ 45.285624][ C0] x23: ffff80000ce6ea72 x22: 0000000000000400 x21: 0000000000000002 [ 45.287447][ C0] x20: 0000000000000a20 x19: ffff0000c7803100 x18: 0000000000000000 [ 45.289283][ C0] x17: ffff8001f161a000 x16: ffff800008000000 x15: 0000000000000000 [ 45.291204][ C0] x14: 0000000000000000 x13: 205d304320202020 x12: ffff80000e679000 [ 45.293018][ C0] x11: 0000000000ff0100 x10: 0000000000000000 x9 : 963e1520261b0c00 [ 45.294743][ C0] x8 : 963e1520261b0c00 x7 : 0000000000000000 x6 : ffff80000bcfbd2c [ 45.296591][ C0] x5 : 0000000000000000 x4 : 0000000000000080 x3 : 0000000000000000 [ 45.298587][ C0] x2 : 0000000000000000 x1 : 0000000100000101 x0 : 0000000000000000 [ 45.300398][ C0] Call trace: [ 45.301183][ C0] usb_submit_urb+0x594/0x9b4 [ 45.302279][ C0] bcm5974_irq_trackpad+0x138/0x524 [ 45.303396][ C0] __usb_hcd_giveback_urb+0x16c/0x244 [ 45.304719][ C0] usb_hcd_giveback_urb+0x78/0x238 [ 45.305925][ C0] dummy_timer+0x2c8/0x102c [ 45.306944][ C0] call_timer_fn+0x7c/0x15c [ 45.307940][ C0] __run_timers+0x60c/0x6f8 [ 45.309013][ C0] run_timer_softirq+0x34/0x5c [ 45.310125][ C0] __do_softirq+0x100/0x29c [ 45.311287][ C0] ____do_softirq+0x14/0x20 [ 45.312351][ C0] call_on_irq_stack+0x24/0x4c [ 45.313415][ C0] do_softirq_own_stack+0x20/0x2c [ 45.314474][ C0] __irq_exit_rcu+0xb0/0x124 [ 45.315616][ C0] irq_exit_rcu+0x10/0x1c [ 45.316600][ C0] el1_interrupt+0x38/0x68 [ 45.317638][ C0] el1h_64_irq_handler+0x18/0x24 [ 45.318799][ C0] el1h_64_irq+0x64/0x68 [ 45.319775][ C0] arch_local_irq_enable+0xc/0x18 [ 45.320895][ C0] do_idle+0x110/0x2d8 [ 45.321794][ C0] cpu_startup_entry+0x34/0x38 [ 45.322882][ C0] kernel_init+0x0/0x290 [ 45.323948][ C0] start_kernel+0x0/0x4c0 [ 45.324965][ C0] start_kernel+0x30c/0x4c0 [ 45.326002][ C0] __primary_switched+0xb4/0xbc [ 45.327048][ C0] ---[ end trace 0000000000000000 ]--- [ 45.328591][ T3723] usb 1-1: USB disconnect, device number 3 [ 45.337387][ T4148] bcm5974 1-1:0.10: could not read from device 2024/04/28 17:27:03 executed programs: 2 [ 46.097361][ T3723] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 46.467438][ T3723] usb 1-1: config 0 has an invalid interface number: 10 but max is 0 [ 46.469189][ T3723] usb 1-1: config 0 has no interface number 0 [ 46.470421][ T3723] usb 1-1: config 0 interface 10 altsetting 0 has an invalid endpoint with address 0x0, skipping [ 46.472591][ T3723] usb 1-1: config 0 interface 10 altsetting 0 endpoint 0x81 has invalid maxpacket 21669, setting to 1024 [ 46.474972][ T3723] usb 1-1: config 0 interface 10 altsetting 0 bulk endpoint 0x81 has invalid maxpacket 1024 [ 46.477107][ T3723] usb 1-1: config 0 interface 10 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1 [ 46.637409][ T3723] usb 1-1: New USB device found, idVendor=05ac, idProduct=024e, bcdDevice=d4.d7 [ 46.639260][ T3723] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 46.640962][ T3723] usb 1-1: Product: syz [ 46.641769][ T3723] usb 1-1: Manufacturer: syz [ 46.642759][ T3723] usb 1-1: SerialNumber: syz [ 46.644443][ T3723] usb 1-1: config 0 descriptor?? [ 46.657478][ T4572] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 46.678212][ T3723] input: bcm5974 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.10/input/input4 [ 47.107405][ T4148] ------------[ cut here ]------------ [ 47.108598][ T4148] usb 1-1: BOGUS urb xfer, pipe 1 != type 3 [ 47.110050][ T4148] WARNING: CPU: 0 PID: 4148 at drivers/usb/core/urb.c:505 usb_submit_urb+0x594/0x9b4 [ 47.111984][ T4148] Modules linked in: [ 47.112793][ T4148] CPU: 0 PID: 4148 Comm: udevd Tainted: G W 6.1.88-syzkaller #0 [ 47.114638][ T4148] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024 [ 47.116688][ T4148] pstate: 60401005 (nZCv daif +PAN -UAO -TCO -DIT +SSBS BTYPE=--) [ 47.118449][ T4148] pc : usb_submit_urb+0x594/0x9b4 [ 47.119560][ T4148] lr : usb_submit_urb+0x594/0x9b4 [ 47.120639][ T4148] sp : ffff8000124538e0 [ 47.121476][ T4148] x29: ffff8000124538f0 x28: ffff0000c9cf9800 x27: ffff0000cb2be35c [ 47.123388][ T4148] x26: ffff80000ce43b38 x25: ffff0000c9cf98a8 x24: ffff0000c92f6600 [ 47.125220][ T4148] x23: ffff80000ce6ea72 x22: 0000000000000400 x21: 0000000000000002 [ 47.126885][ T4148] x20: 0000000000000cc0 x19: ffff0000cb2be300 x18: 0000000000000000 [ 47.128702][ T4148] x17: 0000000000000000 x16: 000000000000001d x15: 0000000000000000 [ 47.130574][ T4148] x14: 0000000000000000 x13: 205d383431345420 x12: ffff80000e679000 [ 47.132353][ T4148] x11: 0000000000ff0100 x10: 0000000000000000 x9 : f7e53f9bea6ce500 [ 47.134181][ T4148] x8 : f7e53f9bea6ce500 x7 : 0000000000000000 x6 : ffff80000bcfbd2c [ 47.136149][ T4148] x5 : 0000000000000000 x4 : 0000000000000080 x3 : 0000000000000000 [ 47.138250][ T4148] x2 : 0000000000000000 x1 : 0000000100000000 x0 : 0000000000000000 [ 47.140157][ T4148] Call trace: [ 47.140877][ T4148] usb_submit_urb+0x594/0x9b4 [ 47.141979][ T4148] bcm5974_start_traffic+0xa0/0xfc [ 47.143167][ T4148] bcm5974_open+0x5c/0xb4 [ 47.144057][ T4148] input_open_device+0xe8/0x14c [ 47.145196][ T4148] evdev_open+0x1b4/0x258 [ 47.146196][ T4148] chrdev_open+0x27c/0x2b0 [ 47.147228][ T4148] do_dentry_open+0x36c/0x6f8 [ 47.148281][ T4148] vfs_open+0x38/0x48 [ 47.149251][ T4148] path_openat+0xf04/0x1328 [ 47.150265][ T4148] do_filp_open+0xd0/0x1a8 [ 47.151275][ T4148] do_sys_openat2+0xb8/0x22c [ 47.152288][ T4148] __arm64_sys_openat+0xb0/0xe0 [ 47.153489][ T4148] invoke_syscall+0x64/0x178 [ 47.154629][ T4148] el0_svc_common+0xb8/0x174 [ 47.155651][ T4148] do_el0_svc+0x48/0x174 [ 47.156588][ T4148] el0_svc+0x34/0x110 [ 47.157514][ T4148] el0t_64_sync_handler+0x84/0xf0 [ 47.158588][ T4148] el0t_64_sync+0x18c/0x190 [ 47.159658][ T4148] ---[ end trace 0000000000000000 ]--- [ 47.177355][ C0] ------------[ cut here ]------------ [ 47.178467][ C0] usb 1-1: BOGUS urb xfer, pipe 1 != type 3 [ 47.179875][ C0] WARNING: CPU: 0 PID: 0 at drivers/usb/core/urb.c:505 usb_submit_urb+0x594/0x9b4 [ 47.181798][ C0] Modules linked in: [ 47.182651][ C0] CPU: 0 PID: 0 Comm: swapper/0 Tainted: G W 6.1.88-syzkaller #0 [ 47.184526][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024 [ 47.186673][ C0] pstate: 604010c5 (nZCv daIF +PAN -UAO -TCO -DIT +SSBS BTYPE=--) [ 47.188456][ C0] pc : usb_submit_urb+0x594/0x9b4 [ 47.189494][ C0] lr : usb_submit_urb+0x594/0x9b4 [ 47.190690][ C0] sp : ffff800008003ba0 [ 47.191591][ C0] x29: ffff800008003bb0 x28: ffff0000c9cf9800 x27: ffff0000cb2be35c [ 47.193426][ C0] x26: ffff80000ce43b38 x25: ffff0000c9cf98a8 x24: ffff0000c92f6600 [ 47.195188][ C0] x23: ffff80000ce6ea72 x22: 0000000000000400 x21: 0000000000000002 [ 47.197004][ C0] x20: 0000000000000a20 x19: ffff0000cb2be300 x18: 0000000000000000 [ 47.198750][ C0] x17: ffff8001f161a000 x16: ffff800008000000 x15: 0000000000000000 [ 47.200553][ C0] x14: 0000000000000000 x13: 205d304320202020 x12: ffff80000e679000 [ 47.202319][ C0] x11: 0000000000ff0100 x10: 0000000000000000 x9 : 963e1520261b0c00 [ 47.204167][ C0] x8 : 963e1520261b0c00 x7 : 0000000000000000 x6 : ffff80000bcfbd2c [ 47.206154][ C0] x5 : 0000000000000000 x4 : 0000000000000080 x3 : 0000000000000000 [ 47.208138][ C0] x2 : 0000000000000000 x1 : 0000000100000101 x0 : 0000000000000000 [ 47.210108][ C0] Call trace: [ 47.210779][ C0] usb_submit_urb+0x594/0x9b4 [ 47.211844][ C0] bcm5974_irq_trackpad+0x138/0x524 [ 47.212974][ C0] __usb_hcd_giveback_urb+0x16c/0x244 [ 47.214161][ C0] usb_hcd_giveback_urb+0x78/0x238 [ 47.215292][ C0] dummy_timer+0x2c8/0x102c [ 47.216344][ C0] call_timer_fn+0x7c/0x15c [ 47.217344][ C0] __run_timers+0x60c/0x6f8 [ 47.218330][ C0] run_timer_softirq+0x34/0x5c [ 47.219469][ C0] __do_softirq+0x100/0x29c [ 47.220504][ C0] ____do_softirq+0x14/0x20 [ 47.221494][ C0] call_on_irq_stack+0x24/0x4c [ 47.222498][ C0] do_softirq_own_stack+0x20/0x2c [ 47.223518][ C0] __irq_exit_rcu+0xb0/0x124 [ 47.224604][ C0] irq_exit_rcu+0x10/0x1c [ 47.225681][ C0] el1_interrupt+0x38/0x68 [ 47.226763][ C0] el1h_64_irq_handler+0x18/0x24 [ 47.227836][ C0] el1h_64_irq+0x64/0x68 [ 47.228861][ C0] arch_local_irq_enable+0xc/0x18 [ 47.230033][ C0] do_idle+0x110/0x2d8 [ 47.230883][ C0] cpu_startup_entry+0x34/0x38 [ 47.232013][ C0] kernel_init+0x0/0x290 [ 47.232934][ C0] start_kernel+0x0/0x4c0 [ 47.233966][ C0] start_kernel+0x30c/0x4c0 [ 47.235051][ C0] __primary_switched+0xb4/0xbc [ 47.236186][ C0] ---[ end trace 0000000000000000 ]--- [ 47.307739][ T3725] usb 1-1: USB disconnect, device number 4 [ 47.317410][ T4148] bcm5974 1-1:0.10: could not read from device [ 48.077421][ T3725] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 48.437372][ T3725] usb 1-1: config 0 has an invalid interface number: 10 but max is 0 [ 48.439081][ T3725] usb 1-1: config 0 has no interface number 0 [ 48.440321][ T3725] usb 1-1: config 0 interface 10 altsetting 0 has an invalid endpoint with address 0x0, skipping [ 48.442540][ T3725] usb 1-1: config 0 interface 10 altsetting 0 endpoint 0x81 has invalid maxpacket 21669, setting to 1024 [ 48.444839][ T3725] usb 1-1: config 0 interface 10 altsetting 0 bulk endpoint 0x81 has invalid maxpacket 1024 [ 48.447000][ T3725] usb 1-1: config 0 interface 10 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1 [ 48.607368][ T3725] usb 1-1: New USB device found, idVendor=05ac, idProduct=024e, bcdDevice=d4.d7 [ 48.609351][ T3725] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 48.610948][ T3725] usb 1-1: Product: syz [ 48.611783][ T3725] usb 1-1: Manufacturer: syz [ 48.612808][ T3725] usb 1-1: SerialNumber: syz [ 48.614281][ T3725] usb 1-1: config 0 descriptor?? [ 48.627441][ T4574] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 48.648019][ T3725] input: bcm5974 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.10/input/input5 [ 49.087377][ T4148] ------------[ cut here ]------------ [ 49.088651][ T4148] usb 1-1: BOGUS urb xfer, pipe 1 != type 3 [ 49.090075][ T4148] WARNING: CPU: 0 PID: 4148 at drivers/usb/core/urb.c:505 usb_submit_urb+0x594/0x9b4 [ 49.092057][ T4148] Modules linked in: [ 49.092860][ T4148] CPU: 0 PID: 4148 Comm: udevd Tainted: G W 6.1.88-syzkaller #0 [ 49.094790][ T4148] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024 [ 49.097013][ T4148] pstate: 60401005 (nZCv daif +PAN -UAO -TCO -DIT +SSBS BTYPE=--) [ 49.098711][ T4148] pc : usb_submit_urb+0x594/0x9b4 [ 49.099764][ T4148] lr : usb_submit_urb+0x594/0x9b4 [ 49.100850][ T4148] sp : ffff8000124538e0 [ 49.101839][ T4148] x29: ffff8000124538f0 x28: ffff0000c9cf9800 x27: ffff0000cb2beb5c [ 49.103672][ T4148] x26: ffff80000ce43b38 x25: ffff0000c9cf98a8 x24: ffff0000c5c0b800 [ 49.105501][ T4148] x23: ffff80000ce6ea72 x22: 0000000000000400 x21: 0000000000000002 [ 49.107277][ T4148] x20: 0000000000000cc0 x19: ffff0000cb2beb00 x18: 0000000000000000 [ 49.109060][ T4148] x17: 000000000003c116 x16: 0000000000000005 x15: 0000000000000000 [ 49.110856][ T4148] x14: 0000000000000000 x13: 205d383431345420 x12: ffff80000e679000 [ 49.112682][ T4148] x11: 0000000000ff0100 x10: 0000000000000000 x9 : f7e53f9bea6ce500 [ 49.114671][ T4148] x8 : f7e53f9bea6ce500 x7 : 0000000000000000 x6 : ffff80000bcfbd2c [ 49.116502][ T4148] x5 : 0000000000000000 x4 : 0000000000000080 x3 : 0000000000000000 [ 49.118424][ T4148] x2 : 0000000000000000 x1 : 0000000100000000 x0 : 0000000000000000 [ 49.120368][ T4148] Call trace: [ 49.121103][ T4148] usb_submit_urb+0x594/0x9b4 [ 49.122085][ T4148] bcm5974_start_traffic+0xa0/0xfc [ 49.123249][ T4148] bcm5974_open+0x5c/0xb4 [ 49.124158][ T4148] input_open_device+0xe8/0x14c [ 49.125230][ T4148] evdev_open+0x1b4/0x258 [ 49.126199][ T4148] chrdev_open+0x27c/0x2b0 [ 49.127163][ T4148] do_dentry_open+0x36c/0x6f8 [ 49.128184][ T4148] vfs_open+0x38/0x48 [ 49.129091][ T4148] path_openat+0xf04/0x1328 [ 49.130041][ T4148] do_filp_open+0xd0/0x1a8 [ 49.131080][ T4148] do_sys_openat2+0xb8/0x22c [ 49.132081][ T4148] __arm64_sys_openat+0xb0/0xe0 [ 49.133142][ T4148] invoke_syscall+0x64/0x178 [ 49.134182][ T4148] el0_svc_common+0xb8/0x174 [ 49.135244][ T4148] do_el0_svc+0x48/0x174 [ 49.136265][ T4148] el0_svc+0x34/0x110 [ 49.137214][ T4148] el0t_64_sync_handler+0x84/0xf0 [ 49.138398][ T4148] el0t_64_sync+0x18c/0x190 [ 49.139410][ T4148] ---[ end trace 0000000000000000 ]--- [ 49.157366][ C0] ------------[ cut here ]------------ [ 49.158630][ C0] usb 1-1: BOGUS urb xfer, pipe 1 != type 3 [ 49.159985][ C0] WARNING: CPU: 0 PID: 0 at drivers/usb/core/urb.c:505 usb_submit_urb+0x594/0x9b4 [ 49.161941][ C0] Modules linked in: [ 49.162676][ C0] CPU: 0 PID: 0 Comm: swapper/0 Tainted: G W 6.1.88-syzkaller #0 [ 49.164553][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024 [ 49.166680][ C0] pstate: 604010c5 (nZCv daIF +PAN -UAO -TCO -DIT +SSBS BTYPE=--) [ 49.168414][ C0] pc : usb_submit_urb+0x594/0x9b4 [ 49.169529][ C0] lr : usb_submit_urb+0x594/0x9b4 [ 49.170721][ C0] sp : ffff800008003ba0 [ 49.171770][ C0] x29: ffff800008003bb0 x28: ffff0000c9cf9800 x27: ffff0000cb2beb5c [ 49.173536][ C0] x26: ffff80000ce43b38 x25: ffff0000c9cf98a8 x24: ffff0000c5c0b800 [ 49.175345][ C0] x23: ffff80000ce6ea72 x22: 0000000000000400 x21: 0000000000000002 [ 49.177062][ C0] x20: 0000000000000a20 x19: ffff0000cb2beb00 x18: 00000000e64f7da1 [ 49.178862][ C0] x17: ffff8001f161a000 x16: ffff800008000000 x15: 0000000000000000 [ 49.180703][ C0] x14: 0000000000000000 x13: 205d304320202020 x12: ffff80000e679000 [ 49.182584][ C0] x11: 0000000000ff0100 x10: 0000000000000000 x9 : 963e1520261b0c00 [ 49.184419][ C0] x8 : 963e1520261b0c00 x7 : 0000000000000000 x6 : ffff80000bcfbd2c [ 49.186109][ C0] x5 : 0000000000000000 x4 : 0000000000000080 x3 : 0000000000000000 [ 49.187920][ C0] x2 : 0000000000000000 x1 : 0000000100000101 x0 : 0000000000000000 [ 49.189731][ C0] Call trace: [ 49.190486][ C0] usb_submit_urb+0x594/0x9b4 [ 49.191487][ C0] bcm5974_irq_trackpad+0x138/0x524 [ 49.192750][ C0] __usb_hcd_giveback_urb+0x16c/0x244 [ 49.193945][ C0] usb_hcd_giveback_urb+0x78/0x238 [ 49.195131][ C0] dummy_timer+0x2c8/0x102c [ 49.196052][ C0] call_timer_fn+0x7c/0x15c [ 49.197017][ C0] __run_timers+0x60c/0x6f8 [ 49.198111][ C0] run_timer_softirq+0x34/0x5c [ 49.199215][ C0] __do_softirq+0x100/0x29c [ 49.200215][ C0] ____do_softirq+0x14/0x20 [ 49.201318][ C0] call_on_irq_stack+0x24/0x4c [ 49.202489][ C0] do_softirq_own_stack+0x20/0x2c [ 49.203632][ C0] __irq_exit_rcu+0xb0/0x124 [ 49.204688][ C0] irq_exit_rcu+0x10/0x1c [ 49.205794][ C0] el1_interrupt+0x38/0x68 [ 49.206918][ C0] el1h_64_irq_handler+0x18/0x24 [ 49.208263][ C0] el1h_64_irq+0x64/0x68 [ 49.209319][ C0] arch_local_irq_enable+0xc/0x18 [ 49.210345][ C0] do_idle+0x110/0x2d8 [ 49.211312][ C0] cpu_startup_entry+0x34/0x38 [ 49.212507][ C0] kernel_init+0x0/0x290 [ 49.213500][ C0] start_kernel+0x0/0x4c0 [ 49.214471][ C0] start_kernel+0x30c/0x4c0 [ 49.215561][ C0] __primary_switched+0xb4/0xbc [ 49.216708][ C0] ---[ end trace 0000000000000000 ]--- [ 49.287779][ T3725] usb 1-1: USB disconnect, device number 5 [ 49.297454][ T4148] bcm5974 1-1:0.10: could not read from device [ 50.057381][ T3725] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 50.417399][ T3725] usb 1-1: config 0 has an invalid interface number: 10 but max is 0 [ 50.419174][ T3725] usb 1-1: config 0 has no interface number 0 [ 50.420422][ T3725] usb 1-1: config 0 interface 10 altsetting 0 has an invalid endpoint with address 0x0, skipping [ 50.422612][ T3725] usb 1-1: config 0 interface 10 altsetting 0 endpoint 0x81 has invalid maxpacket 21669, setting to 1024 [ 50.424854][ T3725] usb 1-1: config 0 interface 10 altsetting 0 bulk endpoint 0x81 has invalid maxpacket 1024 [ 50.427146][ T3725] usb 1-1: config 0 interface 10 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1 [ 50.587449][ T3725] usb 1-1: New USB device found, idVendor=05ac, idProduct=024e, bcdDevice=d4.d7 [ 50.589538][ T3725] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 50.591145][ T3725] usb 1-1: Product: syz [ 50.591944][ T3725] usb 1-1: Manufacturer: syz [ 50.592922][ T3725] usb 1-1: SerialNumber: syz [ 50.594248][ T3725] usb 1-1: config 0 descriptor?? [ 50.607491][ T4576] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 50.628022][ T3725] input: bcm5974 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.10/input/input6 [ 51.057423][ T4148] ------------[ cut here ]------------ [ 51.058624][ T4148] usb 1-1: BOGUS urb xfer, pipe 1 != type 3 [ 51.060017][ T4148] WARNING: CPU: 0 PID: 4148 at drivers/usb/core/urb.c:505 usb_submit_urb+0x594/0x9b4 [ 51.061920][ T4148] Modules linked in: [ 51.062721][ T4148] CPU: 0 PID: 4148 Comm: udevd Tainted: G W 6.1.88-syzkaller #0 [ 51.064512][ T4148] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024 [ 51.066576][ T4148] pstate: 60401005 (nZCv daif +PAN -UAO -TCO -DIT +SSBS BTYPE=--) [ 51.068327][ T4148] pc : usb_submit_urb+0x594/0x9b4 [ 51.069510][ T4148] lr : usb_submit_urb+0x594/0x9b4 [ 51.070592][ T4148] sp : ffff8000124538e0 [ 51.071563][ T4148] x29: ffff8000124538f0 x28: ffff0000c9cf9800 x27: ffff0000cb2be85c [ 51.073315][ T4148] x26: ffff80000ce43b38 x25: ffff0000c9cf98a8 x24: ffff0000c5cfa600 [ 51.075084][ T4148] x23: ffff80000ce6ea72 x22: 0000000000000400 x21: 0000000000000002 [ 51.076854][ T4148] x20: 0000000000000cc0 x19: ffff0000cb2be800 x18: 0000000000000000 [ 51.078745][ T4148] x17: 0000000000000009 x16: 0000000000000079 x15: 0000000000000000 [ 51.080603][ T4148] x14: 0000000000000000 x13: 205d383431345420 x12: ffff80000e679000 [ 51.082581][ T4148] x11: 0000000000ff0100 x10: 0000000000000000 x9 : f7e53f9bea6ce500 [ 51.084246][ T4148] x8 : f7e53f9bea6ce500 x7 : 0000000000000000 x6 : ffff80000bcfbd2c [ 51.086037][ T4148] x5 : 0000000000000000 x4 : 0000000000000080 x3 : 0000000000000000 [ 51.087820][ T4148] x2 : 0000000000000000 x1 : 0000000100000000 x0 : 0000000000000000 [ 51.089633][ T4148] Call trace: [ 51.090373][ T4148] usb_submit_urb+0x594/0x9b4 [ 51.091405][ T4148] bcm5974_start_traffic+0xa0/0xfc [ 51.092478][ T4148] bcm5974_open+0x5c/0xb4 [ 51.093540][ T4148] input_open_device+0xe8/0x14c [ 51.094550][ T4148] evdev_open+0x1b4/0x258 [ 51.095706][ T4148] chrdev_open+0x27c/0x2b0 [ 51.096789][ T4148] do_dentry_open+0x36c/0x6f8 [ 51.097799][ T4148] vfs_open+0x38/0x48 [ 51.098712][ T4148] path_openat+0xf04/0x1328 [ 51.099675][ T4148] do_filp_open+0xd0/0x1a8 [ 51.100672][ T4148] do_sys_openat2+0xb8/0x22c [ 51.101748][ T4148] __arm64_sys_openat+0xb0/0xe0 [ 51.102827][ T4148] invoke_syscall+0x64/0x178 [ 51.103871][ T4148] el0_svc_common+0xb8/0x174 [ 51.104861][ T4148] do_el0_svc+0x48/0x174 [ 51.105790][ T4148] el0_svc+0x34/0x110 [ 51.106719][ T4148] el0t_64_sync_handler+0x84/0xf0 [ 51.107901][ T4148] el0t_64_sync+0x18c/0x190 [ 51.108852][ T4148] ---[ end trace 0000000000000000 ]--- [ 51.127390][ C0] ------------[ cut here ]------------ [ 51.128560][ C0] usb 1-1: BOGUS urb xfer, pipe 1 != type 3 [ 51.129965][ C0] WARNING: CPU: 0 PID: 0 at drivers/usb/core/urb.c:505 usb_submit_urb+0x594/0x9b4 [ 51.131826][ C0] Modules linked in: [ 51.132585][ C0] CPU: 0 PID: 0 Comm: swapper/0 Tainted: G W 6.1.88-syzkaller #0 [ 51.134445][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024 [ 51.136607][ C0] pstate: 604010c5 (nZCv daIF +PAN -UAO -TCO -DIT +SSBS BTYPE=--) [ 51.138162][ C0] pc : usb_submit_urb+0x594/0x9b4 [ 51.139341][ C0] lr : usb_submit_urb+0x594/0x9b4 [ 51.140514][ C0] sp : ffff800008003ba0 [ 51.141446][ C0] x29: ffff800008003bb0 x28: ffff0000c9cf9800 x27: ffff0000cb2be85c [ 51.143230][ C0] x26: ffff80000ce43b38 x25: ffff0000c9cf98a8 x24: ffff0000c5cfa600 [ 51.144973][ C0] x23: ffff80000ce6ea72 x22: 0000000000000400 x21: 0000000000000002 [ 51.146782][ C0] x20: 0000000000000a20 x19: ffff0000cb2be800 x18: 000000005da48ac3 [ 51.148648][ C0] x17: ffff8001f161a000 x16: ffff800008000000 x15: 0000000000000000 [ 51.150438][ C0] x14: 0000000000000000 x13: 205d304320202020 x12: ffff80000e679000 [ 51.152103][ C0] x11: 0000000000ff0100 x10: 0000000000000000 x9 : 963e1520261b0c00 [ 51.153836][ C0] x8 : 963e1520261b0c00 x7 : 0000000000000000 x6 : ffff80000bcfbd2c [ 51.155733][ C0] x5 : 0000000000000000 x4 : 0000000000000080 x3 : 0000000000000000 [ 51.157551][ C0] x2 : 0000000000000000 x1 : 0000000100000101 x0 : 0000000000000000 [ 51.159431][ C0] Call trace: [ 51.160254][ C0] usb_submit_urb+0x594/0x9b4 [ 51.161388][ C0] bcm5974_irq_trackpad+0x138/0x524 [ 51.162587][ C0] __usb_hcd_giveback_urb+0x16c/0x244 [ 51.163869][ C0] usb_hcd_giveback_urb+0x78/0x238 [ 51.165001][ C0] dummy_timer+0x2c8/0x102c [ 51.165939][ C0] call_timer_fn+0x7c/0x15c [ 51.166943][ C0] __run_timers+0x60c/0x6f8 [ 51.167922][ C0] run_timer_softirq+0x34/0x5c [ 51.168979][ C0] __do_softirq+0x100/0x29c [ 51.170024][ C0] ____do_softirq+0x14/0x20 [ 51.170984][ C0] call_on_irq_stack+0x24/0x4c [ 51.172021][ C0] do_softirq_own_stack+0x20/0x2c [ 51.173135][ C0] __irq_exit_rcu+0xb0/0x124 [ 51.174104][ C0] irq_exit_rcu+0x10/0x1c [ 51.175054][ C0] el1_interrupt+0x38/0x68 [ 51.175980][ C0] el1h_64_irq_handler+0x18/0x24 [ 51.177178][ C0] el1h_64_irq+0x64/0x68 [ 51.178156][ C0] arch_local_irq_enable+0xc/0x18 [ 51.179279][ C0] do_idle+0x110/0x2d8 [ 51.180115][ C0] cpu_startup_entry+0x34/0x38 [ 51.181151][ C0] kernel_init+0x0/0x290 [ 51.182047][ C0] start_kernel+0x0/0x4c0 [ 51.183030][ C0] start_kernel+0x30c/0x4c0 [ 51.184147][ C0] __primary_switched+0xb4/0xbc [ 51.185342][ C0] ---[ end trace 0000000000000000 ]--- [ 51.257773][ T3725] usb 1-1: USB disconnect, device number 6 [ 51.277375][ T4148] bcm5974 1-1:0.10: could not read from device 2024/04/28 17:27:09 executed programs: 5 [ 52.027373][ T99] usb 1-1: new high-speed USB device number 7 using dummy_hcd [ 52.397414][ T99] usb 1-1: config 0 has an invalid interface number: 10 but max is 0 [ 52.399193][ T99] usb 1-1: config 0 has no interface number 0 [ 52.400349][ T99] usb 1-1: config 0 interface 10 altsetting 0 has an invalid endpoint with address 0x0, skipping [ 52.402414][ T99] usb 1-1: config 0 interface 10 altsetting 0 endpoint 0x81 has invalid maxpacket 21669, setting to 1024 [ 52.404765][ T99] usb 1-1: config 0 interface 10 altsetting 0 bulk endpoint 0x81 has invalid maxpacket 1024 [ 52.406938][ T99] usb 1-1: config 0 interface 10 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1 [ 52.567467][ T99] usb 1-1: New USB device found, idVendor=05ac, idProduct=024e, bcdDevice=d4.d7 [ 52.569406][ T99] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 52.571098][ T99] usb 1-1: Product: syz [ 52.571907][ T99] usb 1-1: Manufacturer: syz [ 52.572859][ T99] usb 1-1: SerialNumber: syz [ 52.574286][ T99] usb 1-1: config 0 descriptor?? [ 52.587431][ T4578] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 52.608051][ T99] input: bcm5974 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.10/input/input7 [ 53.057453][ T4148] ------------[ cut here ]------------ [ 53.058680][ T4148] usb 1-1: BOGUS urb xfer, pipe 1 != type 3 [ 53.060161][ T4148] WARNING: CPU: 1 PID: 4148 at drivers/usb/core/urb.c:505 usb_submit_urb+0x594/0x9b4 [ 53.062235][ T4148] Modules linked in: [ 53.063090][ T4148] CPU: 1 PID: 4148 Comm: udevd Tainted: G W 6.1.88-syzkaller #0 [ 53.065030][ T4148] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024 [ 53.067312][ T4148] pstate: 60401005 (nZCv daif +PAN -UAO -TCO -DIT +SSBS BTYPE=--) [ 53.069123][ T4148] pc : usb_submit_urb+0x594/0x9b4 [ 53.070421][ T4148] lr : usb_submit_urb+0x594/0x9b4 [ 53.071812][ T4148] sp : ffff8000124538e0 [ 53.072782][ T4148] x29: ffff8000124538f0 x28: ffff0000c6963000 x27: ffff0000c7af445c [ 53.074750][ T4148] x26: ffff80000ce43b38 x25: ffff0000c69630a8 x24: ffff0000c79ce400 [ 53.076660][ T4148] x23: ffff80000ce6ea72 x22: 0000000000000400 x21: 0000000000000002 [ 53.078503][ T4148] x20: 0000000000000cc0 x19: ffff0000c7af4400 x18: 0000000000000000 [ 53.080474][ T4148] x17: 000000000000ba7e x16: 00000000000008d0 x15: 0000000000000000 [ 53.082340][ T4148] x14: 0000000000000000 x13: 205d383431345420 x12: ffff80000e679000 [ 53.084162][ T4148] x11: 0000000000ff0100 x10: 0000000000000000 x9 : f7e53f9bea6ce500 [ 53.085976][ T4148] x8 : f7e53f9bea6ce500 x7 : 0000000000000000 x6 : ffff80000bcfbd2c [ 53.087833][ T4148] x5 : 0000000000000000 x4 : 0000000000000080 x3 : 0000000000000000 [ 53.089683][ T4148] x2 : 0000000000000000 x1 : 0000000100000000 x0 : 0000000000000000 [ 53.091494][ T4148] Call trace: [ 53.092242][ T4148] usb_submit_urb+0x594/0x9b4 [ 53.093402][ T4148] bcm5974_start_traffic+0xa0/0xfc [ 53.094632][ T4148] bcm5974_open+0x5c/0xb4 [ 53.095584][ T4148] input_open_device+0xe8/0x14c [ 53.096799][ T4148] evdev_open+0x1b4/0x258 [ 53.097811][ T4148] chrdev_open+0x27c/0x2b0 [ 53.098946][ T4148] do_dentry_open+0x36c/0x6f8 [ 53.100037][ T4148] vfs_open+0x38/0x48 [ 53.100914][ T4148] path_openat+0xf04/0x1328 [ 53.101888][ T4148] do_filp_open+0xd0/0x1a8 [ 53.102920][ T4148] do_sys_openat2+0xb8/0x22c [ 53.104073][ T4148] __arm64_sys_openat+0xb0/0xe0 [ 53.105278][ T4148] invoke_syscall+0x64/0x178 [ 53.106374][ T4148] el0_svc_common+0xb8/0x174 [ 53.107433][ T4148] do_el0_svc+0x48/0x174 [ 53.108458][ T4148] el0_svc+0x34/0x110 [ 53.109386][ T4148] el0t_64_sync_handler+0x84/0xf0 [ 53.110610][ T4148] el0t_64_sync+0x18c/0x190 [ 53.111653][ T4148] ---[ end trace 0000000000000000 ]--- [ 53.127366][ C1] ------------[ cut here ]------------ [ 53.128703][ C1] usb 1-1: BOGUS urb xfer, pipe 1 != type 3 [ 53.130133][ C1] WARNING: CPU: 1 PID: 0 at drivers/usb/core/urb.c:505 usb_submit_urb+0x594/0x9b4 [ 53.132251][ C1] Modules linked in: [ 53.133088][ C1] CPU: 1 PID: 0 Comm: swapper/1 Tainted: G W 6.1.88-syzkaller #0 [ 53.135012][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024 [ 53.137147][ C1] pstate: 604010c5 (nZCv daIF +PAN -UAO -TCO -DIT +SSBS BTYPE=--) [ 53.138923][ C1] pc : usb_submit_urb+0x594/0x9b4 [ 53.140168][ C1] lr : usb_submit_urb+0x594/0x9b4 [ 53.141259][ C1] sp : ffff80000800bba0 [ 53.142160][ C1] x29: ffff80000800bbb0 x28: ffff0000c6963000 x27: ffff0000c7af445c [ 53.143985][ C1] x26: ffff80000ce43b38 x25: ffff0000c69630a8 x24: ffff0000c79ce400 [ 53.145864][ C1] x23: ffff80000ce6ea72 x22: 0000000000000400 x21: 0000000000000002 [ 53.147667][ C1] x20: 0000000000000a20 x19: ffff0000c7af4400 x18: 0000000000000000 [ 53.149562][ C1] x17: ffff8001f1632000 x16: ffff800008008000 x15: 0000000000000000 [ 53.151480][ C1] x14: 0000000000000000 x13: 205d314320202020 x12: ffff80000e679000 [ 53.153383][ C1] x11: 0000000000ff0100 x10: 0000000000000000 x9 : bdc2ecd11f190f00 [ 53.155361][ C1] x8 : bdc2ecd11f190f00 x7 : 0000000000000000 x6 : ffff80000bcfbd2c [ 53.157181][ C1] x5 : 0000000000000000 x4 : 0000000000000080 x3 : 0000000000000000