Warning: Permanently added '10.128.0.77' (ED25519) to the list of known hosts. 1970/01/01 00:01:01 ignoring optional flag "sandboxArg"="0" 1970/01/01 00:01:01 ignoring optional flag "type"="gce" 1970/01/01 00:01:01 parsed 1 programs [ 61.773553][ T4267] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k SSFS 1970/01/01 00:01:01 executed programs: 0 [ 61.879947][ T4273] chnl_net:caif_netlink_parms(): no params data found [ 61.907440][ T4273] bridge0: port 1(bridge_slave_0) entered blocking state [ 61.909457][ T4273] bridge0: port 1(bridge_slave_0) entered disabled state [ 61.911894][ T4273] device bridge_slave_0 entered promiscuous mode [ 61.915106][ T4273] bridge0: port 2(bridge_slave_1) entered blocking state [ 61.917308][ T4273] bridge0: port 2(bridge_slave_1) entered disabled state [ 61.919722][ T4273] device bridge_slave_1 entered promiscuous mode [ 61.932553][ T4273] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 61.936452][ T4273] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 61.949198][ T4273] team0: Port device team_slave_0 added [ 61.951988][ T4273] team0: Port device team_slave_1 added [ 61.963384][ T4273] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 61.965191][ T4273] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 61.972248][ T4273] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 61.976245][ T4273] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 61.978421][ T4273] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 61.985298][ T4273] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 62.058472][ T4273] device hsr_slave_0 entered promiscuous mode [ 62.116865][ T4273] device hsr_slave_1 entered promiscuous mode [ 62.773009][ T4273] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 62.818174][ T4273] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 62.848278][ T4273] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 62.888117][ T4273] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 62.979280][ T4273] 8021q: adding VLAN 0 to HW filter on device bond0 [ 62.985800][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 62.988721][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 62.993354][ T4273] 8021q: adding VLAN 0 to HW filter on device team0 [ 62.997868][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 63.000595][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 63.003092][ T148] bridge0: port 1(bridge_slave_0) entered blocking state [ 63.005051][ T148] bridge0: port 1(bridge_slave_0) entered forwarding state [ 63.015188][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 63.018076][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 63.020777][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 63.023187][ T148] bridge0: port 2(bridge_slave_1) entered blocking state [ 63.025029][ T148] bridge0: port 2(bridge_slave_1) entered forwarding state [ 63.029109][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 63.040425][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 63.043148][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 63.046365][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 63.050279][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 63.052942][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 63.055475][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 63.060368][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 63.065414][ T4273] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 63.069175][ T4273] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 63.071810][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 63.074488][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 63.077333][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 63.147332][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 63.149442][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 63.154035][ T4273] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 63.169021][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 63.171724][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 63.183339][ T340] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 63.185905][ T340] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 63.189764][ T340] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 63.192102][ T340] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 63.195779][ T4273] device veth0_vlan entered promiscuous mode [ 63.202272][ T4273] device veth1_vlan entered promiscuous mode [ 63.215495][ T340] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 63.219684][ T340] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 63.222869][ T340] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 63.225523][ T340] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 63.229593][ T4273] device veth0_macvtap entered promiscuous mode [ 63.233198][ T4273] device veth1_macvtap entered promiscuous mode [ 63.242629][ T4273] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 63.244604][ T340] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 63.248845][ T340] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 63.251375][ T340] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 63.254004][ T340] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 63.260978][ T4273] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 63.264475][ T4273] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 63.267385][ T4273] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 63.269760][ T4273] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 63.272168][ T4273] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 63.275408][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 63.279375][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 63.318589][ T148] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 63.320816][ T148] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 63.324735][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 63.338694][ T340] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 63.340857][ T340] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 63.343452][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 63.636726][ T1535] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 63.877376][ T3605] Bluetooth: hci0: command 0x0409 tx timeout [ 63.996950][ T1535] usb 1-1: config 0 has an invalid interface number: 10 but max is 0 [ 63.999209][ T1535] usb 1-1: config 0 has no interface number 0 [ 64.000849][ T1535] usb 1-1: config 0 interface 10 altsetting 0 has an invalid endpoint with address 0x0, skipping [ 64.003621][ T1535] usb 1-1: config 0 interface 10 altsetting 0 endpoint 0x81 has invalid maxpacket 21669, setting to 1024 [ 64.006900][ T1535] usb 1-1: config 0 interface 10 altsetting 0 bulk endpoint 0x81 has invalid maxpacket 1024 [ 64.009621][ T1535] usb 1-1: config 0 interface 10 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1 [ 64.168932][ T1535] usb 1-1: New USB device found, idVendor=05ac, idProduct=024e, bcdDevice=d4.d7 [ 64.171403][ T1535] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 64.173527][ T1535] usb 1-1: Product: syz [ 64.174603][ T1535] usb 1-1: Manufacturer: syz [ 64.175768][ T1535] usb 1-1: SerialNumber: syz [ 64.185776][ T1535] usb 1-1: config 0 descriptor?? [ 64.207758][ T4368] raw-gadget.0 gadget: fail, usb_ep_enable returned -22 [ 64.231185][ T1535] input: bcm5974 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.10/input/input2 [ 64.667097][ T4277] ------------[ cut here ]------------ [ 64.668795][ T4277] usb 1-1: BOGUS urb xfer, pipe 1 != type 3 [ 64.670770][ T4277] WARNING: CPU: 1 PID: 4277 at drivers/usb/core/urb.c:503 usb_submit_urb+0xa44/0x1580 [ 64.673277][ T4277] Modules linked in: [ 64.674300][ T4277] CPU: 1 PID: 4277 Comm: udevd Not tainted 5.15.182-syzkaller #0 [ 64.676375][ T4277] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 64.679123][ T4277] pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 64.681225][ T4277] pc : usb_submit_urb+0xa44/0x1580 [ 64.682635][ T4277] lr : usb_submit_urb+0xa44/0x1580 [ 64.683981][ T4277] sp : ffff80001f4b7470 [ 64.685095][ T4277] x29: ffff80001f4b74b0 x28: 1fffe0001abd7603 x27: ffff80001237bca8 [ 64.687196][ T4277] x26: ffff0000cd471600 x25: ffff0000d3b26e50 x24: 0000000000000400 [ 64.689382][ T4277] x23: ffff800012382300 x22: dfff800000000000 x21: 0000000000000002 [ 64.691562][ T4277] x20: 0000000000000cc0 x19: ffff0000d3b26e00 x18: 0000000000000001 [ 64.693652][ T4277] x17: 0000000000000000 x16: ffff8000111a53fc x15: 00000000ffffffff [ 64.695840][ T4277] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 64.697963][ T4277] x11: 0000000000000000 x10: 0000000000000000 x9 : ac10d508dfc82b00 [ 64.700337][ T4277] x8 : ac10d508dfc82b00 x7 : 0000000000000001 x6 : 0000000000000001 [ 64.702513][ T4277] x5 : ffff80001f4b6d58 x4 : ffff80001422f280 x3 : ffff800008503828 [ 64.704760][ T4277] x2 : 0000000000000001 x1 : 0000000100000000 x0 : 0000000000000029 [ 64.706904][ T4277] Call trace: [ 64.707810][ T4277] usb_submit_urb+0xa44/0x1580 [ 64.709125][ T4277] bcm5974_start_traffic+0xe0/0x154 [ 64.710546][ T4277] bcm5974_open+0x94/0x130 [ 64.711738][ T4277] input_open_device+0x134/0x288 [ 64.713124][ T4277] evdev_open+0x3c4/0x468 [ 64.714303][ T4277] chrdev_open+0x26c/0x4f0 [ 64.715521][ T4277] do_dentry_open+0x760/0xebc [ 64.716790][ T4277] vfs_open+0x7c/0x90 [ 64.717858][ T4277] path_openat+0x1f80/0x26e4 [ 64.719066][ T4277] do_filp_open+0x164/0x330 [ 64.720284][ T4277] do_sys_openat2+0x128/0x3d8 [ 64.721529][ T4277] __arm64_sys_openat+0x120/0x154 [ 64.722881][ T4277] invoke_syscall+0x98/0x2b8 [ 64.724084][ T4277] el0_svc_common+0x138/0x258 [ 64.725323][ T4277] do_el0_svc+0x58/0x14c [ 64.726499][ T4277] el0_svc+0x78/0x1e0 [ 64.727564][ T4277] el0t_64_sync_handler+0xcc/0xe4 [ 64.728892][ T4277] el0t_64_sync+0x1a0/0x1a4 [ 64.730101][ T4277] irq event stamp: 6406 [ 64.731232][ T4277] hardirqs last enabled at (6405): [] __up_console_sem+0xb4/0x100 [ 64.733750][ T4277] hardirqs last disabled at (6406): [] el1_dbg+0x24/0x80 [ 64.736051][ T4277] softirqs last enabled at (6306): [] handle_softirqs+0xa4c/0xbf0 [ 64.738634][ T4277] softirqs last disabled at (6249): [] __irq_exit_rcu+0x240/0x440 [ 64.741166][ T4277] ---[ end trace c2a3927d8b95879c ]--- [ 64.756597][ C1] ------------[ cut here ]------------ [ 64.758338][ C1] usb 1-1: BOGUS urb xfer, pipe 1 != type 3 [ 64.760186][ C1] WARNING: CPU: 1 PID: 0 at drivers/usb/core/urb.c:503 usb_submit_urb+0xa44/0x1580 [ 64.762729][ C1] Modules linked in: [ 64.763764][ C1] CPU: 1 PID: 0 Comm: swapper/1 Tainted: G W 5.15.182-syzkaller #0 [ 64.766311][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 64.768997][ C1] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 64.771168][ C1] pc : usb_submit_urb+0xa44/0x1580 [ 64.772561][ C1] lr : usb_submit_urb+0xa44/0x1580 [ 64.773909][ C1] sp : ffff800008017620 [ 64.775008][ C1] x29: ffff800008017660 x28: 1fffe0001abd7603 x27: ffff80001237bca8 [ 64.777246][ C1] x26: ffff0000cd471600 x25: ffff0000d3b26e50 x24: 0000000000000400 [ 64.779420][ C1] x23: ffff800012382300 x22: dfff800000000000 x21: 0000000000000002 [ 64.781597][ C1] x20: 0000000000000a20 x19: ffff0000d3b26e00 x18: 0000000000000102 [ 64.783726][ C1] x17: 0000000000000000 x16: ffff8000111a53fc x15: 00000000ffffffff [ 64.785880][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 64.788079][ C1] x11: 0000000000000101 x10: 0000000000000000 x9 : ea3cac68d5281500 [ 64.790244][ C1] x8 : ea3cac68d5281500 x7 : 0000000000000001 x6 : 0000000000000001 [ 64.792501][ C1] x5 : ffff800008016f18 x4 : ffff80001422f280 x3 : ffff800008503828 [ 64.794843][ C1] x2 : 0000000000000001 x1 : 0000000000000101 x0 : 0000000000000029 [ 64.797075][ C1] Call trace: [ 64.797938][ C1] usb_submit_urb+0xa44/0x1580 [ 64.799182][ C1] bcm5974_irq_trackpad+0x204/0xe88 [ 64.800669][ C1] __usb_hcd_giveback_urb+0x2e0/0x518 [ 64.802068][ C1] usb_hcd_giveback_urb+0x100/0x3e0 [ 64.803453][ C1] dummy_timer+0x5b8/0x231c [ 64.804707][ C1] call_timer_fn+0x19c/0x858 [ 64.805979][ C1] __run_timers+0x46c/0x6c4 [ 64.807213][ C1] run_timer_softirq+0x7c/0x114 [ 64.808480][ C1] handle_softirqs+0x344/0xbf0 [ 64.809777][ C1] __irq_exit_rcu+0x240/0x440 [ 64.811093][ C1] irq_exit+0x14/0x88 [ 64.812180][ C1] handle_domain_irq+0x14c/0x1fc [ 64.813482][ C1] gic_handle_irq+0x78/0x1c8 [ 64.814710][ C1] call_on_irq_stack+0x24/0x4c [ 64.815978][ C1] do_interrupt_handler+0x6c/0x88 [ 64.817366][ C1] el1_interrupt+0x30/0x58 [ 64.818610][ C1] el1h_64_irq_handler+0x18/0x24 [ 64.819941][ C1] el1h_64_irq+0x78/0x7c [ 64.821115][ C1] arch_local_irq_enable+0xc/0x18 [ 64.822417][ C1] default_idle_call+0xcc/0x418 [ 64.823701][ C1] do_idle+0x1c8/0x480 [ 64.824784][ C1] cpu_startup_entry+0x24/0x28 [ 64.826018][ C1] secondary_start_kernel+0x23c/0x294 [ 64.827479][ C1] __secondary_switched+0x94/0x98 [ 64.828874][ C1] irq event stamp: 186927 [ 64.830038][ C1] hardirqs last enabled at (186926): [] _raw_spin_unlock_irq+0x98/0x128 [ 64.832737][ C1] hardirqs last disabled at (186927): [] _raw_spin_lock_irqsave+0xfc/0x14c [ 64.835505][ C1] softirqs last enabled at (186718): [] handle_softirqs+0xa4c/0xbf0 [ 64.838070][ C1] softirqs last disabled at (186923): [] __irq_exit_rcu+0x240/0x440 [ 64.840691][ C1] ---[ end trace c2a3927d8b95879d ]--- [ 64.842363][ C1] ------------[ cut here ]------------ [ 64.843784][ C1] usb 1-1: BOGUS urb xfer, pipe 1 != type 3 [ 64.845645][ C1] WARNING: CPU: 1 PID: 0 at drivers/usb/core/urb.c:503 usb_submit_urb+0xa44/0x1580 [ 64.848119][ C1] Modules linked in: [ 64.849200][ C1] CPU: 1 PID: 0 Comm: swapper/1 Tainted: G W 5.15.182-syzkaller #0 [ 64.851546][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 64.853941][ C1] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 64.855888][ C1] pc : usb_submit_urb+0xa44/0x1580 [ 64.857242][ C1] lr : usb_submit_urb+0xa44/0x1580 [ 64.858602][ C1] sp : ffff800008017620 [ 64.859734][ C1] x29: ffff800008017660 x28: 1fffe0001abd7603 x27: ffff80001237bca8 [ 64.861896][ C1] x26: ffff0000cd471600 x25: ffff0000d3b26e50 x24: 0000000000000400 [ 64.863989][ C1] x23: ffff800012382300 x22: dfff800000000000 x21: 0000000000000002 [ 64.866113][ C1] x20: 0000000000000a20 x19: ffff0000d3b26e00 x18: 0000000000000102 [ 64.868250][ C1] x17: 0000000000000000 x16: ffff8000083007d8 x15: 00000000ffffffff [ 64.870445][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 64.872664][ C1] x11: 0000000000000101 x10: 0000000000000000 x9 : ea3cac68d5281500 [ 64.874810][ C1] x8 : ea3cac68d5281500 x7 : 0000000000000001 x6 : 0000000000000001 [ 64.876888][ C1] x5 : ffff800008016f18 x4 : ffff80001422f280 x3 : ffff8000083008e8 [ 64.879041][ C1] x2 : 0000000000000001 x1 : 0000000000000101 x0 : 0000000000000029 [ 64.881249][ C1] Call trace: [ 64.882078][ C1] usb_submit_urb+0xa44/0x1580 [ 64.883342][ C1] bcm5974_irq_trackpad+0x204/0xe88 [ 64.884741][ C1] __usb_hcd_giveback_urb+0x2e0/0x518 [ 64.886192][ C1] usb_hcd_giveback_urb+0x100/0x3e0 [ 64.887593][ C1] dummy_timer+0x5b8/0x231c [ 64.888814][ C1] call_timer_fn+0x19c/0x858 [ 64.890041][ C1] __run_timers+0x46c/0x6c4 [ 64.891245][ C1] run_timer_softirq+0x7c/0x114 [ 64.892601][ C1] handle_softirqs+0x344/0xbf0 [ 64.893930][ C1] __irq_exit_rcu+0x240/0x440 [ 64.895215][ C1] irq_exit+0x14/0x88 [ 64.896258][ C1] handle_domain_irq+0x14c/0x1fc [ 64.897662][ C1] gic_handle_irq+0x78/0x1c8 [ 64.898874][ C1] call_on_irq_stack+0x24/0x4c [ 64.900128][ C1] do_interrupt_handler+0x6c/0x88 [ 64.901506][ C1] el1_interrupt+0x30/0x58 [ 64.902719][ C1] el1h_64_irq_handler+0x18/0x24 [ 64.904059][ C1] el1h_64_irq+0x78/0x7c [ 64.905167][ C1] arch_local_irq_enable+0xc/0x18 [ 64.906531][ C1] default_idle_call+0xcc/0x418 [ 64.907872][ C1] do_idle+0x1c8/0x480 [ 64.908967][ C1] cpu_startup_entry+0x24/0x28 [ 64.910239][ C1] secondary_start_kernel+0x23c/0x294 [ 64.911725][ C1] __secondary_switched+0x94/0x98 [ 64.913070][ C1] irq event stamp: 186957 [ 64.914233][ C1] hardirqs last enabled at (186956): [] _raw_spin_unlock_irq+0x98/0x128 [ 64.917063][ C1] hardirqs last disabled at (186957): [] _raw_spin_lock_irqsave+0xfc/0x14c [ 64.919756][ C1] softirqs last enabled at (186718): [] handle_softirqs+0xa4c/0xbf0 [ 64.922359][ C1] softirqs last disabled at (186923): [] __irq_exit_rcu+0x240/0x440 [ 64.924970][ C1] ---[ end trace c2a3927d8b95879e ]--- [ 64.926599][ C1] ------------[ cut here ]------------ [ 64.928010][ C1] usb 1-1: BOGUS urb xfer, pipe 1 != type 3 [ 64.929928][ C1] WARNING: CPU: 1 PID: 0 at drivers/usb/core/urb.c:503 usb_submit_urb+0xa44/0x1580 [ 64.932429][ C1] Modules linked in: [ 64.933477][ C1] CPU: 1 PID: 0 Comm: swapper/1 Tainted: G W 5.15.182-syzkaller #0 [ 64.935925][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 64.938623][ C1] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 64.940768][ C1] pc : usb_submit_urb+0xa44/0x1580 [ 64.942175][ C1] lr : usb_submit_urb+0xa44/0x1580 [ 64.943612][ C1] sp : ffff800008017620 [ 64.944685][ C1] x29: ffff800008017660 x28: 1fffe0001abd7603 x27: ffff80001237bca8 [ 64.946823][ C1] x26: ffff0000cd471600 x25: ffff0000d3b26e50 x24: 0000000000000400 [ 64.948945][ C1] x23: ffff800012382300 x22: dfff800000000000 x21: 0000000000000002 [ 64.951105][ C1] x20: 0000000000000a20 x19: ffff0000d3b26e00 x18: 0000000000000102 [ 64.953219][ C1] x17: 0000000000000000 x16: ffff8000083007d8 x15: 00000000ffffffff [ 64.955323][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 64.957451][ C1] x11: 0000000000000101 x10: 0000000000000000 x9 : ea3cac68d5281500 [ 64.959713][ C1] x8 : ea3cac68d5281500 x7 : 0000000000000001 x6 : 0000000000000001 [ 64.961832][ C1] x5 : ffff800008016f18 x4 : ffff80001422f280 x3 : ffff8000083008e8 [ 64.964033][ C1] x2 : 0000000000000001 x1 : 0000000000000101 x0 : 0000000000000029 [ 64.966235][ C1] Call trace: [ 64.967114][ C1] usb_submit_urb+0xa44/0x1580 [ 64.968423][ C1] bcm5974_irq_trackpad+0x204/0xe88 [ 64.969821][ C1] __usb_hcd_giveback_urb+0x2e0/0x518 [ 64.971296][ C1] usb_hcd_giveback_urb+0x100/0x3e0 [ 64.972667][ C1] dummy_timer+0x5b8/0x231c [ 64.973880][ C1] call_timer_fn+0x19c/0x858 [ 64.975086][ C1] __run_timers+0x46c/0x6c4 [ 64.976294][ C1] run_timer_softirq+0x7c/0x114 [ 64.977622][ C1] handle_softirqs+0x344/0xbf0 [ 64.978918][ C1] __irq_exit_rcu+0x240/0x440 [ 64.980166][ C1] irq_exit+0x14/0x88 [ 64.981204][ C1] handle_domain_irq+0x14c/0x1fc [ 64.982504][ C1] gic_handle_irq+0x78/0x1c8 [ 64.983756][ C1] call_on_irq_stack+0x24/0x4c [ 64.985090][ C1] do_interrupt_handler+0x6c/0x88 [ 64.986462][ C1] el1_interrupt+0x30/0x58 [ 64.987639][ C1] el1h_64_irq_handler+0x18/0x24 [ 64.989008][ C1] el1h_64_irq+0x78/0x7c [ 64.990199][ C1] arch_local_irq_enable+0xc/0x18 [ 64.991549][ C1] default_idle_call+0xcc/0x418 [ 64.992960][ C1] do_idle+0x1c8/0x480 [ 64.994025][ C1] cpu_startup_entry+0x24/0x28 [ 64.995340][ C1] secondary_start_kernel+0x23c/0x294 [ 64.996773][ C1] __secondary_switched+0x94/0x98 [ 64.998173][ C1] irq event stamp: 186977 [ 64.999295][ C1] hardirqs last enabled at (186976): [] _raw_spin_unlock_irq+0x98/0x128 [ 65.001960][ C1] hardirqs last disabled at (186977): [] _raw_spin_lock_irqsave+0xfc/0x14c [ 65.004729][ C1] softirqs last enabled at (186718): [] handle_softirqs+0xa4c/0xbf0 [ 65.007265][ C1] softirqs last disabled at (186923): [] __irq_exit_rcu+0x240/0x440 [ 65.009870][ C1] ---[ end trace c2a3927d8b95879f ]--- [ 65.011443][ C1] ------------[ cut here ]------------ [ 65.012864][ C1] usb 1-1: BOGUS urb xfer, pipe 1 != type 3 [ 65.014769][ C1] WARNING: CPU: 1 PID: 0 at drivers/usb/core/urb.c:503 usb_submit_urb+0xa44/0x1580 [ 65.017262][ C1] Modules linked in: [ 65.018295][ C1] CPU: 1 PID: 0 Comm: swapper/1 Tainted: G W 5.15.182-syzkaller #0 [ 65.020773][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 65.023425][ C1] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 65.025503][ C1] pc : usb_submit_urb+0xa44/0x1580 [ 65.026840][ C1] lr : usb_submit_urb+0xa44/0x1580 [ 65.028194][ C1] sp : ffff800008017620 [ 65.029277][ C1] x29: ffff800008017660 x28: 1fffe0001abd7603 x27: ffff80001237bca8 [ 65.031411][ C1] x26: ffff0000cd471600 x25: ffff0000d3b26e50 x24: 0000000000000400 [ 65.033646][ C1] x23: ffff800012382300 x22: dfff800000000000 x21: 0000000000000002 [ 65.035794][ C1] x20: 0000000000000a20 x19: ffff0000d3b26e00 x18: 0000000000000102 [ 65.037927][ C1] x17: 0000000000000000 x16: ffff8000083007d8 x15: 00000000ffffffff [ 65.040124][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 65.042275][ C1] x11: 0000000000000101 x10: 0000000000000000 x9 : ea3cac68d5281500 [ 65.044441][ C1] x8 : ea3cac68d5281500 x7 : 0000000000000001 x6 : 0000000000000001 [ 65.046656][ C1] x5 : ffff800008016f18 x4 : ffff80001422f280 x3 : ffff8000083008e8 [ 65.048882][ C1] x2 : 0000000000000001 x1 : 0000000000000101 x0 : 0000000000000029 [ 65.051028][ C1] Call trace: [ 65.051874][ C1] usb_submit_urb+0xa44/0x1580 [ 65.053146][ C1] bcm5974_irq_trackpad+0x204/0xe88 [ 65.054528][ C1] __usb_hcd_giveback_urb+0x2e0/0x518 [ 65.055969][ C1] usb_hcd_giveback_urb+0x100/0x3e0 [ 65.057399][ C1] dummy_timer+0x5b8/0x231c [ 65.058606][ C1] call_timer_fn+0x19c/0x858 [ 65.059870][ C1] __run_timers+0x46c/0x6c4 [ 65.061090][ C1] run_timer_softirq+0x7c/0x114 [ 65.062423][ C1] handle_softirqs+0x344/0xbf0 [ 65.063731][ C1] __irq_exit_rcu+0x240/0x440 [ 65.064137][ T3605] usb 1-1: USB disconnect, device number 2 [ 65.064972][ C1] irq_exit+0x14/0x88 [ 65.067632][ C1] handle_domain_irq+0x14c/0x1fc [ 65.068916][ C1] gic_handle_irq+0x78/0x1c8 [ 65.070172][ C1] call_on_irq_stack+0x24/0x4c [ 65.071467][ C1] do_interrupt_handler+0x6c/0x88 [ 65.072829][ C1] el1_interrupt+0x30/0x58 [ 65.074008][ C1] el1h_64_irq_handler+0x18/0x24 [ 65.075280][ C1] el1h_64_irq+0x78/0x7c [ 65.076397][ C1] arch_local_irq_enable+0xc/0x18 [ 65.077744][ C1] default_idle_call+0xcc/0x418 [ 65.079011][ C1] do_idle+0x1c8/0x480 [ 65.080129][ C1] cpu_startup_entry+0x24/0x28 [ 65.081394][ C1] secondary_start_kernel+0x23c/0x294 [ 65.082877][ C1] __secondary_switched+0x94/0x98 [ 65.084222][ C1] irq event stamp: 186993 [ 65.085406][ C1] hardirqs last enabled at (186992): [] _raw_spin_unlock_irq+0x98/0x128 [ 65.088044][ C1] hardirqs last disabled at (186993): [] _raw_spin_lock_irqsave+0xfc/0x14c [ 65.090788][ C1] softirqs last enabled at (186718): [] handle_softirqs+0xa4c/0xbf0 [ 65.093398][ C1] softirqs last disabled at (186923): [] __irq_exit_rcu+0x240/0x440 [ 65.096027][ C1] ---[ end trace c2a3927d8b9587a0 ]--- [ 65.097484][ C1] bcm5974 1-1:0.10: trackpad urb failed: -2 [ 65.116766][ T4277] bcm5974 1-1:0.10: could not read from device [ 65.846832][ T1535] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 65.956735][ T3605] Bluetooth: hci0: command 0x041b tx timeout [ 66.206806][ T1535] usb 1-1: config 0 has an invalid interface number: 10 but max is 0 [ 66.209318][ T1535] usb 1-1: config 0 has no interface number 0 [ 66.211168][ T1535] usb 1-1: config 0 interface 10 altsetting 0 has an invalid endpoint with address 0x0, skipping [ 66.215272][ T1535] usb 1-1: config 0 interface 10 altsetting 0 endpoint 0x81 has invalid maxpacket 21669, setting to 1024 [ 66.218945][ T1535] usb 1-1: config 0 interface 10 altsetting 0 bulk endpoint 0x81 has invalid maxpacket 1024 [ 66.221783][ T1535] usb 1-1: config 0 interface 10 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1 [ 66.376789][ T1535] usb 1-1: New USB device found, idVendor=05ac, idProduct=024e, bcdDevice=d4.d7 [ 66.379700][ T1535] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 66.381902][ T1535] usb 1-1: Product: syz [ 66.383068][ T1535] usb 1-1: Manufacturer: syz [ 66.384341][ T1535] usb 1-1: SerialNumber: syz [ 66.389725][ T1535] usb 1-1: config 0 descriptor?? [ 66.407092][ T4525] raw-gadget.0 gadget: fail, usb_ep_enable returned -22 [ 66.428725][ T1535] input: bcm5974 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.10/input/input3 [ 66.867232][ T4277] ------------[ cut here ]------------ [ 66.868759][ T4277] usb 1-1: BOGUS urb xfer, pipe 1 != type 3 [ 66.870640][ T4277] WARNING: CPU: 1 PID: 4277 at drivers/usb/core/urb.c:503 usb_submit_urb+0xa44/0x1580 [ 66.873158][ T4277] Modules linked in: [ 66.874262][ T4277] CPU: 1 PID: 4277 Comm: udevd Tainted: G W 5.15.182-syzkaller #0 [ 66.876700][ T4277] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 66.879461][ T4277] pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 66.881625][ T4277] pc : usb_submit_urb+0xa44/0x1580 [ 66.883009][ T4277] lr : usb_submit_urb+0xa44/0x1580 [ 66.884332][ T4277] sp : ffff80001f4b7470 [ 66.885406][ T4277] x29: ffff80001f4b74b0 x28: 1fffe000185d4003 x27: ffff80001237bca8 [ 66.887531][ T4277] x26: ffff0000d672ba00 x25: ffff0000c1c46e50 x24: 0000000000000400 [ 66.889712][ T4277] x23: ffff800012382300 x22: dfff800000000000 x21: 0000000000000002 [ 66.891827][ T4277] x20: 0000000000000cc0 x19: ffff0000c1c46e00 x18: 0000000000000001 [ 66.893987][ T4277] x17: 0000000000000000 x16: ffff8000111a53fc x15: 00000000ffffffff [ 66.896105][ T4277] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 66.898214][ T4277] x11: 0000000000000000 x10: 0000000000000000 x9 : ac10d508dfc82b00 [ 66.900327][ T4277] x8 : ac10d508dfc82b00 x7 : 0000000000000001 x6 : 0000000000000001 [ 66.902487][ T4277] x5 : ffff80001f4b6d58 x4 : ffff80001422f280 x3 : ffff800008503828 [ 66.904674][ T4277] x2 : 0000000000000001 x1 : 0000000100000000 x0 : 0000000000000029 [ 66.906831][ T4277] Call trace: [ 66.907677][ T4277] usb_submit_urb+0xa44/0x1580 [ 66.908978][ T4277] bcm5974_start_traffic+0xe0/0x154 [ 66.910327][ T4277] bcm5974_open+0x94/0x130 [ 66.911551][ T4277] input_open_device+0x134/0x288 [ 66.912908][ T4277] evdev_open+0x3c4/0x468 [ 66.914112][ T4277] chrdev_open+0x26c/0x4f0 [ 66.915306][ T4277] do_dentry_open+0x760/0xebc [ 66.916557][ T4277] vfs_open+0x7c/0x90 [ 66.917679][ T4277] path_openat+0x1f80/0x26e4 [ 66.918921][ T4277] do_filp_open+0x164/0x330 [ 66.920179][ T4277] do_sys_openat2+0x128/0x3d8 [ 66.921429][ T4277] __arm64_sys_openat+0x120/0x154 [ 66.922768][ T4277] invoke_syscall+0x98/0x2b8 [ 66.924010][ T4277] el0_svc_common+0x138/0x258 [ 66.925263][ T4277] do_el0_svc+0x58/0x14c [ 66.926437][ T4277] el0_svc+0x78/0x1e0 [ 66.927497][ T4277] el0t_64_sync_handler+0xcc/0xe4 [ 66.928884][ T4277] el0t_64_sync+0x1a0/0x1a4 [ 66.930093][ T4277] irq event stamp: 10564 [ 66.931206][ T4277] hardirqs last enabled at (10563): [] __up_console_sem+0xb4/0x100 [ 66.933848][ T4277] hardirqs last disabled at (10564): [] el1_dbg+0x24/0x80 [ 66.936180][ T4277] softirqs last enabled at (9258): [] handle_softirqs+0xa4c/0xbf0 [ 66.938789][ T4277] softirqs last disabled at (9173): [] __irq_exit_rcu+0x240/0x440 [ 66.941333][ T4277] ---[ end trace c2a3927d8b9587a1 ]--- [ 66.956566][ C1] ------------[ cut here ]------------ [ 66.958054][ C1] usb 1-1: BOGUS urb xfer, pipe 1 != type 3 [ 66.959969][ C1] WARNING: CPU: 1 PID: 0 at drivers/usb/core/urb.c:503 usb_submit_urb+0xa44/0x1580 [ 66.962475][ C1] Modules linked in: [ 66.963525][ C1] CPU: 1 PID: 0 Comm: swapper/1 Tainted: G W 5.15.182-syzkaller #0 [ 66.965961][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 66.968683][ C1] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 66.970824][ C1] pc : usb_submit_urb+0xa44/0x1580 [ 66.972199][ C1] lr : usb_submit_urb+0xa44/0x1580 [ 66.973617][ C1] sp : ffff800008017620 [ 66.974727][ C1] x29: ffff800008017660 x28: 1fffe000185d4003 x27: ffff80001237bca8 [ 66.976923][ C1] x26: ffff0000d672ba00 x25: ffff0000c1c46e50 x24: 0000000000000400 [ 66.979109][ C1] x23: ffff800012382300 x22: dfff800000000000 x21: 0000000000000002 [ 66.981269][ C1] x20: 0000000000000a20 x19: ffff0000c1c46e00 x18: 0000000000000102 [ 66.983471][ C1] x17: 0000000000000000 x16: ffff8000111a53fc x15: 00000000ffffffff [ 66.985651][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 66.987857][ C1] x11: 0000000000000101 x10: 0000000000000000 x9 : ea3cac68d5281500 [ 66.989971][ C1] x8 : ea3cac68d5281500 x7 : 0000000000000001 x6 : 0000000000000001 [ 66.992199][ C1] x5 : ffff800008016f18 x4 : ffff80001422f280 x3 : ffff800008503828 [ 66.994384][ C1] x2 : 0000000000000001 x1 : 0000000100000101 x0 : 0000000000000029 [ 66.996526][ C1] Call trace: [ 66.997456][ C1] usb_submit_urb+0xa44/0x1580 [ 66.998779][ C1] bcm5974_irq_trackpad+0x204/0xe88 [ 67.000266][ C1] __usb_hcd_giveback_urb+0x2e0/0x518 [ 67.001774][ C1] usb_hcd_giveback_urb+0x100/0x3e0 [ 67.003145][ C1] dummy_timer+0x5b8/0x231c [ 67.004385][ C1] call_timer_fn+0x19c/0x858 [ 67.005613][ C1] __run_timers+0x46c/0x6c4 [ 67.006836][ C1] run_timer_softirq+0x7c/0x114 [ 67.008135][ C1] handle_softirqs+0x344/0xbf0 [ 67.009390][ C1] __irq_exit_rcu+0x240/0x440 [ 67.010695][ C1] irq_exit+0x14/0x88 [ 67.011759][ C1] handle_domain_irq+0x14c/0x1fc [ 67.013083][ C1] gic_handle_irq+0x78/0x1c8 [ 67.014296][ C1] call_on_irq_stack+0x24/0x4c [ 67.015664][ C1] do_interrupt_handler+0x6c/0x88 [ 67.017024][ C1] el1_interrupt+0x30/0x58 [ 67.018208][ C1] el1h_64_irq_handler+0x18/0x24 [ 67.019548][ C1] el1h_64_irq+0x78/0x7c [ 67.020701][ C1] arch_local_irq_enable+0xc/0x18 [ 67.022082][ C1] default_idle_call+0xcc/0x418 [ 67.023420][ C1] do_idle+0x1c8/0x480 [ 67.024510][ C1] cpu_startup_entry+0x24/0x28 [ 67.025804][ C1] secondary_start_kernel+0x23c/0x294 [ 67.027275][ C1] __secondary_switched+0x94/0x98 [ 67.028650][ C1] irq event stamp: 202917 [ 67.029799][ C1] hardirqs last enabled at (202916): [] _raw_spin_unlock_irq+0x98/0x128 [ 67.032474][ C1] hardirqs last disabled at (202917): [] _raw_spin_lock_irqsave+0xfc/0x14c [ 67.035273][ C1] softirqs last enabled at (202906): [] handle_softirqs+0xa4c/0xbf0 [ 67.037906][ C1] softirqs last disabled at (202913): [] __irq_exit_rcu+0x240/0x440 [ 67.040564][ C1] ---[ end trace c2a3927d8b9587a2 ]--- [ 67.046558][ C1] ------------[ cut here ]------------ [ 67.048153][ C1] usb 1-1: BOGUS urb xfer, pipe 1 != type 3 [ 67.050071][ C1] WARNING: CPU: 1 PID: 0 at drivers/usb/core/urb.c:503 usb_submit_urb+0xa44/0x1580 [ 67.052581][ C1] Modules linked in: [ 67.053622][ C1] CPU: 1 PID: 0 Comm: swapper/1 Tainted: G W 5.15.182-syzkaller #0 [ 67.056078][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 67.058883][ C1] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 67.061016][ C1] pc : usb_submit_urb+0xa44/0x1580 [ 67.062395][ C1] lr : usb_submit_urb+0xa44/0x1580 [ 67.063825][ C1] sp : ffff800008017620 [ 67.064950][ C1] x29: ffff800008017660 x28: 1fffe000185d4003 x27: ffff80001237bca8 [ 67.067197][ C1] x26: ffff0000d672ba00 x25: ffff0000c1c46e50 x24: 0000000000000400 [ 67.068574][ T4027] usb 1-1: USB disconnect, device number 3 [ 67.069337][ C1] x23: ffff800012382300 x22: dfff800000000000 x21: 0000000000000002 [ 67.073004][ C1] x20: 0000000000000a20 x19: ffff0000c1c46e00 x18: 0000000000000102 [ 67.075155][ C1] x17: 0000000000000000 x16: ffff8000111a53fc x15: 00000000ffffffff [ 67.077372][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 67.079517][ C1] x11: 0000000000000101 x10: 0000000000000000 x9 : ea3cac68d5281500 [ 67.081718][ C1] x8 : ea3cac68d5281500 x7 : 0000000000000001 x6 : 0000000000000001 [ 67.083895][ C1] x5 : ffff800008016f18 x4 : ffff80001422f280 x3 : ffff800008503828 [ 67.086101][ C1] x2 : 0000000000000001 x1 : 0000000100000101 x0 : 0000000000000029 [ 67.088276][ C1] Call trace: [ 67.089128][ C1] usb_submit_urb+0xa44/0x1580 [ 67.090458][ C1] bcm5974_irq_trackpad+0x204/0xe88 [ 67.091892][ C1] __usb_hcd_giveback_urb+0x2e0/0x518 [ 67.093332][ C1] usb_hcd_giveback_urb+0x100/0x3e0 [ 67.094764][ C1] dummy_timer+0x5b8/0x231c [ 67.095962][ C1] call_timer_fn+0x19c/0x858 [ 67.097169][ C1] __run_timers+0x46c/0x6c4 [ 67.098371][ C1] run_timer_softirq+0x7c/0x114 [ 67.099687][ C1] handle_softirqs+0x344/0xbf0 [ 67.100994][ C1] __irq_exit_rcu+0x240/0x440 [ 67.102284][ C1] irq_exit+0x14/0x88 [ 67.103379][ C1] handle_domain_irq+0x14c/0x1fc [ 67.104690][ C1] gic_handle_irq+0x78/0x1c8 [ 67.105970][ C1] call_on_irq_stack+0x24/0x4c [ 67.107237][ C1] do_interrupt_handler+0x6c/0x88 [ 67.108652][ C1] el1_interrupt+0x30/0x58 [ 67.109819][ C1] el1h_64_irq_handler+0x18/0x24 [ 67.111149][ C1] el1h_64_irq+0x78/0x7c [ 67.112264][ C1] arch_local_irq_enable+0xc/0x18 [ 67.113631][ C1] default_idle_call+0xcc/0x418 [ 67.114950][ C1] do_idle+0x1c8/0x480 [ 67.116065][ C1] cpu_startup_entry+0x24/0x28 [ 67.117392][ C1] secondary_start_kernel+0x23c/0x294 [ 67.118879][ C1] __secondary_switched+0x94/0x98 [ 67.120250][ C1] irq event stamp: 203023 [ 67.121447][ C1] hardirqs last enabled at (203022): [] _raw_spin_unlock_irq+0x98/0x128 [ 67.124128][ C1] hardirqs last disabled at (203023): [] _raw_spin_lock_irqsave+0xfc/0x14c [ 67.126905][ C1] softirqs last enabled at (202982): [] handle_softirqs+0xa4c/0xbf0 [ 67.129640][ C1] softirqs last disabled at (203019): [] __irq_exit_rcu+0x240/0x440 [ 67.132398][ C1] ---[ end trace c2a3927d8b9587a3 ]--- [ 67.133913][ C1] bcm5974 1-1:0.10: trackpad urb failed: -2 [ 67.139230][ T4277] bcm5974 1-1:0.10: could not read from device 1970/01/01 00:01:07 executed programs: 2 [ 67.856710][ T4053] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 68.036613][ T4027] Bluetooth: hci0: command 0x040f tx timeout [ 68.226663][ T4053] usb 1-1: config 0 has an invalid interface number: 10 but max is 0 [ 68.228895][ T4053] usb 1-1: config 0 has no interface number 0 [ 68.230494][ T4053] usb 1-1: config 0 interface 10 altsetting 0 has an invalid endpoint with address 0x0, skipping [ 68.233209][ T4053] usb 1-1: config 0 interface 10 altsetting 0 endpoint 0x81 has invalid maxpacket 21669, setting to 1024 [ 68.236112][ T4053] usb 1-1: config 0 interface 10 altsetting 0 bulk endpoint 0x81 has invalid maxpacket 1024 [ 68.238969][ T4053] usb 1-1: config 0 interface 10 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1 [ 68.406730][ T4053] usb 1-1: New USB device found, idVendor=05ac, idProduct=024e, bcdDevice=d4.d7 [ 68.409335][ T4053] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 68.411486][ T4053] usb 1-1: Product: syz [ 68.412640][ T4053] usb 1-1: Manufacturer: syz [ 68.413811][ T4053] usb 1-1: SerialNumber: syz [ 68.417047][ T4053] usb 1-1: config 0 descriptor?? [ 68.437170][ T4592] raw-gadget.0 gadget: fail, usb_ep_enable returned -22 [ 68.459134][ T4053] input: bcm5974 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.10/input/input4 [ 68.886958][ T4277] ------------[ cut here ]------------ [ 68.888503][ T4277] usb 1-1: BOGUS urb xfer, pipe 1 != type 3 [ 68.890335][ T4277] WARNING: CPU: 0 PID: 4277 at drivers/usb/core/urb.c:503 usb_submit_urb+0xa44/0x1580 [ 68.892803][ T4277] Modules linked in: [ 68.893775][ T4277] CPU: 0 PID: 4277 Comm: udevd Tainted: G W 5.15.182-syzkaller #0 [ 68.896128][ T4277] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 68.898909][ T4277] pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 68.901001][ T4277] pc : usb_submit_urb+0xa44/0x1580 [ 68.902340][ T4277] lr : usb_submit_urb+0xa44/0x1580 [ 68.903764][ T4277] sp : ffff80001f4b7470 [ 68.904826][ T4277] x29: ffff80001f4b74b0 x28: 1fffe00019da6603 x27: ffff80001237bca8 [ 68.907019][ T4277] x26: ffff0000cebd6900 x25: ffff0000c1c30650 x24: 0000000000000400 [ 68.909120][ T4277] x23: ffff800012382300 x22: dfff800000000000 x21: 0000000000000002 [ 68.911253][ T4277] x20: 0000000000000cc0 x19: ffff0000c1c30600 x18: 0000000000000001 [ 68.913345][ T4277] x17: 0000000000000000 x16: ffff8000111a53fc x15: 00000000ffffffff [ 68.915479][ T4277] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 68.917601][ T4277] x11: 0000000000000000 x10: 0000000000000000 x9 : ac10d508dfc82b00 [ 68.919722][ T4277] x8 : ac10d508dfc82b00 x7 : 0000000000000001 x6 : 0000000000000001 [ 68.921967][ T4277] x5 : ffff80001f4b6d58 x4 : ffff80001422f280 x3 : ffff800008503828 [ 68.924160][ T4277] x2 : 0000000000000001 x1 : 0000000100000000 x0 : 0000000000000029 [ 68.926339][ T4277] Call trace: [ 68.927269][ T4277] usb_submit_urb+0xa44/0x1580 [ 68.928604][ T4277] bcm5974_start_traffic+0xe0/0x154 [ 68.930034][ T4277] bcm5974_open+0x94/0x130 [ 68.931247][ T4277] input_open_device+0x134/0x288 [ 68.932557][ T4277] evdev_open+0x3c4/0x468 [ 68.933735][ T4277] chrdev_open+0x26c/0x4f0 [ 68.934910][ T4277] do_dentry_open+0x760/0xebc [ 68.936181][ T4277] vfs_open+0x7c/0x90 [ 68.937208][ T4277] path_openat+0x1f80/0x26e4 [ 68.938410][ T4277] do_filp_open+0x164/0x330 [ 68.939592][ T4277] do_sys_openat2+0x128/0x3d8 [ 68.940827][ T4277] __arm64_sys_openat+0x120/0x154 [ 68.942139][ T4277] invoke_syscall+0x98/0x2b8 [ 68.943341][ T4277] el0_svc_common+0x138/0x258 [ 68.944585][ T4277] do_el0_svc+0x58/0x14c [ 68.945696][ T4277] el0_svc+0x78/0x1e0 [ 68.946809][ T4277] el0t_64_sync_handler+0xcc/0xe4 [ 68.948153][ T4277] el0t_64_sync+0x1a0/0x1a4 [ 68.949384][ T4277] irq event stamp: 14898 [ 68.950519][ T4277] hardirqs last enabled at (14897): [] __up_console_sem+0xb4/0x100 [ 68.953143][ T4277] hardirqs last disabled at (14898): [] el1_dbg+0x24/0x80 [ 68.955481][ T4277] softirqs last enabled at (13096): [] handle_softirqs+0xa4c/0xbf0 [ 68.958029][ T4277] softirqs last disabled at (13081): [] __irq_exit_rcu+0x240/0x440 [ 68.960553][ T4277] ---[ end trace c2a3927d8b9587a4 ]--- [ 68.986611][ C0] ------------[ cut here ]------------ [ 68.988100][ C0] usb 1-1: BOGUS urb xfer, pipe 1 != type 3 [ 68.990042][ C0] WARNING: CPU: 0 PID: 0 at drivers/usb/core/urb.c:503 usb_submit_urb+0xa44/0x1580 [ 68.992442][ C0] Modules linked in: [ 68.993515][ C0] CPU: 0 PID: 0 Comm: swapper/0 Tainted: G W 5.15.182-syzkaller #0 [ 68.995937][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 68.998588][ C0] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 69.000688][ C0] pc : usb_submit_urb+0xa44/0x1580 [ 69.002084][ C0] lr : usb_submit_urb+0xa44/0x1580 [ 69.003509][ C0] sp : ffff800008007620 [ 69.004641][ C0] x29: ffff800008007660 x28: 1fffe00019da6603 x27: ffff80001237bca8 [ 69.006758][ C0] x26: ffff0000cebd6900 x25: ffff0000c1c30650 x24: 0000000000000400 [ 69.008914][ C0] x23: ffff800012382300 x22: dfff800000000000 x21: 0000000000000002 [ 69.011170][ C0] x20: 0000000000000a20 x19: ffff0000c1c30600 x18: 0000000000000102 [ 69.013347][ C0] x17: 0000000000000000 x16: ffff8000111a53fc x15: 00000000ffffffff [ 69.015579][ C0] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 69.017752][ C0] x11: 0000000000000101 x10: 0000000000000000 x9 : 3de6532156d26100 [ 69.019887][ C0] x8 : 3de6532156d26100 x7 : 0000000000000001 x6 : 0000000000000001 [ 69.022054][ C0] x5 : ffff800008006f18 x4 : ffff80001422f280 x3 : ffff800008503828 [ 69.024307][ C0] x2 : 0000000000000001 x1 : 0000000100000101 x0 : 0000000000000029 [ 69.026496][ C0] Call trace: [ 69.027403][ C0] usb_submit_urb+0xa44/0x1580 [ 69.028687][ C0] bcm5974_irq_trackpad+0x204/0xe88 [ 69.030095][ C0] __usb_hcd_giveback_urb+0x2e0/0x518 [ 69.031591][ C0] usb_hcd_giveback_urb+0x100/0x3e0 [ 69.033013][ C0] dummy_timer+0x5b8/0x231c [ 69.034179][ C0] call_timer_fn+0x19c/0x858 [ 69.035412][ C0] __run_timers+0x46c/0x6c4 [ 69.036645][ C0] run_timer_softirq+0x7c/0x114 [ 69.037933][ C0] handle_softirqs+0x344/0xbf0 [ 69.039206][ C0] __irq_exit_rcu+0x240/0x440 [ 69.040501][ C0] irq_exit+0x14/0x88 [ 69.041604][ C0] handle_domain_irq+0x14c/0x1fc [ 69.042920][ C0] gic_handle_irq+0x78/0x1c8 [ 69.044116][ C0] call_on_irq_stack+0x24/0x4c [ 69.045428][ C0] do_interrupt_handler+0x6c/0x88 [ 69.046819][ C0] el1_interrupt+0x30/0x58 [ 69.047986][ C0] el1h_64_irq_handler+0x18/0x24 [ 69.049323][ C0] el1h_64_irq+0x78/0x7c [ 69.050409][ C0] arch_local_irq_enable+0xc/0x18 [ 69.051818][ C0] default_idle_call+0xcc/0x418 [ 69.053144][ C0] do_idle+0x1c8/0x480 [ 69.054214][ C0] cpu_startup_entry+0x24/0x28 [ 69.055517][ C0] rest_init+0x360/0x390 [ 69.056690][ C0] arch_call_rest_init+0x14/0x20 [ 69.058032][ C0] start_kernel+0x49c/0x54c [ 69.059343][ C0] __primary_switched+0xa8/0xb0 [ 69.060664][ C0] irq event stamp: 198031 [ 69.061826][ C0] hardirqs last enabled at (198030): [] _raw_spin_unlock_irq+0x98/0x128 [ 69.064487][ C0] hardirqs last disabled at (198031): [] _raw_spin_lock_irqsave+0xfc/0x14c [ 69.067271][ C0] softirqs last enabled at (198008): [] handle_softirqs+0xa4c/0xbf0 [ 69.069869][ C0] softirqs last disabled at (198027): [] __irq_exit_rcu+0x240/0x440 [ 69.072447][ C0] ---[ end trace c2a3927d8b9587a5 ]--- [ 69.087582][ T4053] usb 1-1: USB disconnect, device number 4 [ 69.097214][ T4277] bcm5974 1-1:0.10: could not read from device [ 69.638270][ T2055] ieee802154 phy0 wpan0: encryption failed: -22 [ 69.639340][ T13] cfg80211: failed to load regulatory.db [ 69.640230][ T2055] ieee802154 phy1 wpan1: encryption failed: -22 [ 69.876744][ T4053] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 70.116691][ T13] Bluetooth: hci0: command 0x0419 tx timeout [ 70.236697][ T4053] usb 1-1: config 0 has an invalid interface number: 10 but max is 0 [ 70.238812][ T4053] usb 1-1: config 0 has no interface number 0 [ 70.240432][ T4053] usb 1-1: config 0 interface 10 altsetting 0 has an invalid endpoint with address 0x0, skipping [ 70.243275][ T4053] usb 1-1: config 0 interface 10 altsetting 0 endpoint 0x81 has invalid maxpacket 21669, setting to 1024 [ 70.246278][ T4053] usb 1-1: config 0 interface 10 altsetting 0 bulk endpoint 0x81 has invalid maxpacket 1024 [ 70.249173][ T4053] usb 1-1: config 0 interface 10 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1 [ 70.406844][ T4053] usb 1-1: New USB device found, idVendor=05ac, idProduct=024e, bcdDevice=d4.d7 [ 70.409436][ T4053] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 70.411751][ T4053] usb 1-1: Product: syz [ 70.412921][ T4053] usb 1-1: Manufacturer: syz [ 70.414324][ T4053] usb 1-1: SerialNumber: syz [ 70.422246][ T4053] usb 1-1: config 0 descriptor?? [ 70.437166][ T4594] raw-gadget.0 gadget: fail, usb_ep_enable returned -22 [ 70.460590][ T4053] input: bcm5974 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.10/input/input5 [ 70.896678][ T4277] ------------[ cut here ]------------ [ 70.898313][ T4277] usb 1-1: BOGUS urb xfer, pipe 1 != type 3 [ 70.900267][ T4277] WARNING: CPU: 0 PID: 4277 at drivers/usb/core/urb.c:503 usb_submit_urb+0xa44/0x1580 [ 70.902888][ T4277] Modules linked in: [ 70.903992][ T4277] CPU: 0 PID: 4277 Comm: udevd Tainted: G W 5.15.182-syzkaller #0 [ 70.906597][ T4277] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 70.909497][ T4277] pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 70.911687][ T4277] pc : usb_submit_urb+0xa44/0x1580 [ 70.913128][ T4277] lr : usb_submit_urb+0xa44/0x1580 [ 70.914605][ T4277] sp : ffff80001f4b7470 [ 70.915718][ T4277] x29: ffff80001f4b74b0 x28: 1fffe00018564603 x27: ffff80001237bca8 [ 70.917992][ T4277] x26: ffff0000cf0ed400 x25: ffff0000cd80e650 x24: 0000000000000400 [ 70.920367][ T4277] x23: ffff800012382300 x22: dfff800000000000 x21: 0000000000000002 [ 70.922607][ T4277] x20: 0000000000000cc0 x19: ffff0000cd80e600 x18: 0000000000000001 [ 70.924845][ T4277] x17: 0000000000000000 x16: ffff8000111a53fc x15: 00000000ffffffff [ 70.927055][ T4277] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 70.929246][ T4277] x11: 0000000000000000 x10: 0000000000000000 x9 : ac10d508dfc82b00 [ 70.931464][ T4277] x8 : ac10d508dfc82b00 x7 : 0000000000000001 x6 : 0000000000000001 [ 70.933656][ T4277] x5 : ffff80001f4b6d58 x4 : ffff80001422f280 x3 : ffff800008503828 [ 70.935871][ T4277] x2 : 0000000000000001 x1 : 0000000100000000 x0 : 0000000000000029 [ 70.937970][ T4277] Call trace: [ 70.938901][ T4277] usb_submit_urb+0xa44/0x1580 [ 70.940184][ T4277] bcm5974_start_traffic+0xe0/0x154 [ 70.941584][ T4277] bcm5974_open+0x94/0x130 [ 70.942877][ T4277] input_open_device+0x134/0x288 [ 70.944250][ T4277] evdev_open+0x3c4/0x468 [ 70.945449][ T4277] chrdev_open+0x26c/0x4f0 [ 70.946709][ T4277] do_dentry_open+0x760/0xebc [ 70.948091][ T4277] vfs_open+0x7c/0x90 [ 70.949146][ T4277] path_openat+0x1f80/0x26e4 [ 70.950396][ T4277] do_filp_open+0x164/0x330 [ 70.951686][ T4277] do_sys_openat2+0x128/0x3d8 [ 70.952957][ T4277] __arm64_sys_openat+0x120/0x154 [ 70.954389][ T4277] invoke_syscall+0x98/0x2b8 [ 70.955686][ T4277] el0_svc_common+0x138/0x258 [ 70.956989][ T4277] do_el0_svc+0x58/0x14c [ 70.958135][ T4277] el0_svc+0x78/0x1e0 [ 70.959203][ T4277] el0t_64_sync_handler+0xcc/0xe4 [ 70.960581][ T4277] el0t_64_sync+0x1a0/0x1a4 [ 70.961835][ T4277] irq event stamp: 19488 [ 70.962996][ T4277] hardirqs last enabled at (19487): [] __up_console_sem+0xb4/0x100 [ 70.965756][ T4277] hardirqs last disabled at (19488): [] el1_dbg+0x24/0x80 [ 70.968193][ T4277] softirqs last enabled at (18964): [] handle_softirqs+0xa4c/0xbf0 [ 70.970872][ T4277] softirqs last disabled at (18933): [] __irq_exit_rcu+0x240/0x440 [ 70.973578][ T4277] ---[ end trace c2a3927d8b9587a6 ]--- [ 70.986550][ C0] ------------[ cut here ]------------ [ 70.987984][ C0] usb 1-1: BOGUS urb xfer, pipe 1 != type 3 [ 70.989930][ C0] WARNING: CPU: 0 PID: 0 at drivers/usb/core/urb.c:503 usb_submit_urb+0xa44/0x1580 [ 70.992707][ C0] Modules linked in: [ 70.993763][ C0] CPU: 0 PID: 0 Comm: swapper/0 Tainted: G W 5.15.182-syzkaller #0 [ 70.996305][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 70.999119][ C0] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 71.001269][ C0] pc : usb_submit_urb+0xa44/0x1580 [ 71.002696][ C0] lr : usb_submit_urb+0xa44/0x1580 [ 71.004106][ C0] sp : ffff800008007620 [ 71.005285][ C0] x29: ffff800008007660 x28: 1fffe00018564603 x27: ffff80001237bca8 [ 71.007496][ C0] x26: ffff0000cf0ed400 x25: ffff0000cd80e650 x24: 0000000000000400 [ 71.009690][ C0] x23: ffff800012382300 x22: dfff800000000000 x21: 0000000000000002 [ 71.011926][ C0] x20: 0000000000000a20 x19: ffff0000cd80e600 x18: 0000000000000102 [ 71.014341][ C0] x17: 0000000000000000 x16: ffff8000111a53fc x15: 00000000ffffffff [ 71.016582][ C0] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 71.018752][ C0] x11: 0000000000000101 x10: 0000000000000000 x9 : 3de6532156d26100 [ 71.021079][ C0] x8 : 3de6532156d26100 x7 : 0000000000000001 x6 : 0000000000000001 [ 71.023358][ C0] x5 : ffff800008006f18 x4 : ffff80001422f280 x3 : ffff800008503828 [ 71.025650][ C0] x2 : 0000000000000001 x1 : 0000000100000101 x0 : 0000000000000029 [ 71.027940][ C0] Call trace: [ 71.028875][ C0] usb_submit_urb+0xa44/0x1580 [ 71.030253][ C0] bcm5974_irq_trackpad+0x204/0xe88 [ 71.031707][ C0] __usb_hcd_giveback_urb+0x2e0/0x518 [ 71.033149][ C0] usb_hcd_giveback_urb+0x100/0x3e0 [ 71.034577][ C0] dummy_timer+0x5b8/0x231c [ 71.035851][ C0] call_timer_fn+0x19c/0x858 [ 71.037078][ C0] __run_timers+0x46c/0x6c4 [ 71.038316][ C0] run_timer_softirq+0x7c/0x114 [ 71.038331][ C0] handle_softirqs+0x344/0xbf0 [ 71.038343][ C0] __irq_exit_rcu+0x240/0x440 [ 71.038353][ C0] irq_exit+0x14/0x88 [ 71.038363][ C0] handle_domain_irq+0x14c/0x1fc [ 71.044921][ C0] gic_handle_irq+0x78/0x1c8 [ 71.046231][ C0] call_on_irq_stack+0x24/0x4c [ 71.047629][ C0] do_interrupt_handler+0x6c/0x88 [ 71.049035][ C0] el1_interrupt+0x30/0x58 [ 71.050300][ C0] el1h_64_irq_handler+0x18/0x24 [ 71.051673][ C0] el1h_64_irq+0x78/0x7c [ 71.052826][ C0] arch_local_irq_enable+0xc/0x18 [ 71.054294][ C0] default_idle_call+0xcc/0x418 [ 71.055582][ C0] do_idle+0x1c8/0x480 [ 71.056672][ C0] cpu_startup_entry+0x24/0x28 [ 71.057981][ C0] rest_init+0x360/0x390 [ 71.059217][ C0] arch_call_rest_init+0x14/0x20 [ 71.060567][ C0] start_kernel+0x49c/0x54c [ 71.061857][ C0] __primary_switched+0xa8/0xb0 [ 71.063168][ C0] irq event stamp: 211669 [ 71.064340][ C0] hardirqs last enabled at (211668): [] _raw_spin_unlock_irq+0x98/0x128 [ 71.067184][ C0] hardirqs last disabled at (211669): [] _raw_spin_lock_irqsave+0xfc/0x14c [ 71.070163][ C0] softirqs last enabled at (211520): [] handle_softirqs+0xa4c/0xbf0 [ 71.072921][ C0] softirqs last disabled at (211665): [] __irq_exit_rcu+0x240/0x440 [ 71.075544][ C0] ---[ end trace c2a3927d8b9587a7 ]--- [ 71.077172][ C0] ------------[ cut here ]------------ [ 71.078704][ C0] usb 1-1: BOGUS urb xfer, pipe 1 != type 3 [ 71.080672][ C0] WARNING: CPU: 0 PID: 0 at drivers/usb/core/urb.c:503 usb_submit_urb+0xa44/0x1580 [ 71.083095][ C0] Modules linked in: [ 71.084119][ C0] CPU: 0 PID: 0 Comm: swapper/0 Tainted: G W 5.15.182-syzkaller #0 [ 71.086571][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 71.089435][ C0] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 71.091619][ C0] pc : usb_submit_urb+0xa44/0x1580 [ 71.093044][ C0] lr : usb_submit_urb+0xa44/0x1580 [ 71.094479][ C0] sp : ffff800008007620 [ 71.095624][ C0] x29: ffff800008007660 x28: 1fffe00018564603 x27: ffff80001237bca8 [ 71.097265][ T4053] usb 1-1: USB disconnect, device number 5 [ 71.097857][ C0] x26: ffff0000cf0ed400 x25: ffff0000cd80e650 x24: 0000000000000400 [ 71.101561][ C0] x23: ffff800012382300 x22: dfff800000000000 x21: 0000000000000002 [ 71.103784][ C0] x20: 0000000000000a20 x19: ffff0000cd80e600 x18: 0000000000000102 [ 71.106072][ C0] x17: 0000000000000000 x16: ffff8000083007d8 x15: 00000000ffffffff [ 71.108334][ C0] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 71.110594][ C0] x11: 0000000000000101 x10: 0000000000000000 x9 : 3de6532156d26100 [ 71.112829][ C0] x8 : 3de6532156d26100 x7 : 0000000000000001 x6 : 0000000000000001 [ 71.115117][ C0] x5 : ffff800008006f18 x4 : ffff80001422f280 x3 : ffff8000083008e8 [ 71.117390][ C0] x2 : 0000000000000001 x1 : 0000000000000101 x0 : 0000000000000029 [ 71.119667][ C0] Call trace: [ 71.120641][ C0] usb_submit_urb+0xa44/0x1580 [ 71.121966][ C0] bcm5974_irq_trackpad+0x204/0xe88 [ 71.123333][ C0] __usb_hcd_giveback_urb+0x2e0/0x518 [ 71.124814][ C0] usb_hcd_giveback_urb+0x100/0x3e0 [ 71.126237][ C0] dummy_timer+0x5b8/0x231c [ 71.127453][ C0] call_timer_fn+0x19c/0x858 [ 71.128681][ C0] __run_timers+0x46c/0x6c4 [ 71.130006][ C0] run_timer_softirq+0x7c/0x114 [ 71.131291][ C0] handle_softirqs+0x344/0xbf0 [ 71.132615][ C0] __irq_exit_rcu+0x240/0x440 [ 71.133969][ C0] irq_exit+0x14/0x88 [ 71.135121][ C0] handle_domain_irq+0x14c/0x1fc [ 71.136472][ C0] gic_handle_irq+0x78/0x1c8 [ 71.137778][ C0] call_on_irq_stack+0x24/0x4c [ 71.139149][ C0] do_interrupt_handler+0x6c/0x88 [ 71.140487][ C0] el1_interrupt+0x30/0x58 [ 71.141669][ C0] el1h_64_irq_handler+0x18/0x24 [ 71.143079][ C0] el1h_64_irq+0x78/0x7c [ 71.144290][ C0] arch_local_irq_enable+0xc/0x18 [ 71.145626][ C0] default_idle_call+0xcc/0x418 [ 71.146922][ C0] do_idle+0x1c8/0x480 [ 71.148030][ C0] cpu_startup_entry+0x24/0x28 [ 71.149387][ C0] rest_init+0x360/0x390 [ 71.150626][ C0] arch_call_rest_init+0x14/0x20 [ 71.152026][ C0] start_kernel+0x49c/0x54c [ 71.153289][ C0] __primary_switched+0xa8/0xb0 [ 71.154616][ C0] irq event stamp: 211681 [ 71.155790][ C0] hardirqs last enabled at (211680): [] _raw_spin_unlock_irq+0x98/0x128 [ 71.158755][ C0] hardirqs last disabled at (211681): [] _raw_spin_lock_irqsave+0xfc/0x14c [ 71.161683][ C0] softirqs last enabled at (211520): [] handle_softirqs+0xa4c/0xbf0 [ 71.164372][ C0] softirqs last disabled at (211665): [] __irq_exit_rcu+0x240/0x440 [ 71.167275][ C0] ---[ end trace c2a3927d8b9587a8 ]--- [ 71.169067][ C0] bcm5974 1-1:0.10: trackpad urb failed: -2 [ 71.176642][ T4277] bcm5974 1-1:0.10: could not read from device [ 71.906597][ T4046] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 72.276674][ T4046] usb 1-1: config 0 has an invalid interface number: 10 but max is 0 [ 72.278903][ T4046] usb 1-1: config 0 has no interface number 0 [ 72.280626][ T4046] usb 1-1: config 0 interface 10 altsetting 0 has an invalid endpoint with address 0x0, skipping [ 72.283382][ T4046] usb 1-1: config 0 interface 10 altsetting 0 endpoint 0x81 has invalid maxpacket 21669, setting to 1024 [ 72.286310][ T4046] usb 1-1: config 0 interface 10 altsetting 0 bulk endpoint 0x81 has invalid maxpacket 1024 [ 72.289362][ T4046] usb 1-1: config 0 interface 10 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1 [ 72.466727][ T4046] usb 1-1: New USB device found, idVendor=05ac, idProduct=024e, bcdDevice=d4.d7 [ 72.469059][ T4046] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 72.471220][ T4046] usb 1-1: Product: syz [ 72.472366][ T4046] usb 1-1: Manufacturer: syz [ 72.473554][ T4046] usb 1-1: SerialNumber: syz [ 72.477403][ T4046] usb 1-1: config 0 descriptor?? [ 72.496938][ T4596] raw-gadget.0 gadget: fail, usb_ep_enable returned -22 [ 72.519300][ T4046] input: bcm5974 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.10/input/input6 [ 72.956634][ T4277] ------------[ cut here ]------------ [ 72.958251][ T4277] usb 1-1: BOGUS urb xfer, pipe 1 != type 3 [ 72.960222][ T4277] WARNING: CPU: 1 PID: 4277 at drivers/usb/core/urb.c:503 usb_submit_urb+0xa44/0x1580 [ 72.963053][ T4277] Modules linked in: [ 72.964142][ T4277] CPU: 1 PID: 4277 Comm: udevd Tainted: G W 5.15.182-syzkaller #0 [ 72.966673][ T4277] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 72.969815][ T4277] pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 72.971968][ T4277] pc : usb_submit_urb+0xa44/0x1580 [ 72.973502][ T4277] lr : usb_submit_urb+0xa44/0x1580 [ 72.975153][ T4277] sp : ffff80001f4b7470 [ 72.976400][ T4277] x29: ffff80001f4b74b0 x28: 1fffe0001aa43203 x27: ffff80001237bca8 [ 72.978885][ T4277] x26: ffff0000c25b1200 x25: ffff0000c2039250 x24: 0000000000000400 [ 72.981404][ T4277] x23: ffff800012382300 x22: dfff800000000000 x21: 0000000000000002 [ 72.983772][ T4277] x20: 0000000000000cc0 x19: ffff0000c2039200 x18: 0000000000000001 [ 72.986064][ T4277] x17: 0000000000000000 x16: ffff8000111a53fc x15: 00000000ffffffff [ 72.988360][ T4277] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 72.990680][ T4277] x11: 0000000000000000 x10: 0000000000000000 x9 : ac10d508dfc82b00 [ 72.992899][ T4277] x8 : ac10d508dfc82b00 x7 : 0000000000000001 x6 : 0000000000000001 [ 72.995137][ T4277] x5 : ffff80001f4b6d58 x4 : ffff80001422f280 x3 : ffff800008503828 [ 72.997317][ T4277] x2 : 0000000000000001 x1 : 0000000100000000 x0 : 0000000000000029 [ 72.999729][ T4277] Call trace: [ 73.000623][ T4277] usb_submit_urb+0xa44/0x1580 [ 73.002015][ T4277] bcm5974_start_traffic+0xe0/0x154 [ 73.003472][ T4277] bcm5974_open+0x94/0x130 [ 73.004719][ T4277] input_open_device+0x134/0x288 [ 73.006122][ T4277] evdev_open+0x3c4/0x468 [ 73.007338][ T4277] chrdev_open+0x26c/0x4f0 [ 73.008560][ T4277] do_dentry_open+0x760/0xebc [ 73.009909][ T4277] vfs_open+0x7c/0x90 [ 73.011020][ T4277] path_openat+0x1f80/0x26e4 [ 73.012386][ T4277] do_filp_open+0x164/0x330 [ 73.013700][ T4277] do_sys_openat2+0x128/0x3d8 [ 73.015155][ T4277] __arm64_sys_openat+0x120/0x154 [ 73.016582][ T4277] invoke_syscall+0x98/0x2b8 [ 73.017911][ T4277] el0_svc_common+0x138/0x258 [ 73.019298][ T4277] do_el0_svc+0x58/0x14c [ 73.020521][ T4277] el0_svc+0x78/0x1e0 [ 73.021645][ T4277] el0t_64_sync_handler+0xcc/0xe4 [ 73.023156][ T4277] el0t_64_sync+0x1a0/0x1a4 [ 73.024382][ T4277] irq event stamp: 23886 [ 73.025647][ T4277] hardirqs last enabled at (23885): [] __up_console_sem+0xb4/0x100 [ 73.028350][ T4277] hardirqs last disabled at (23886): [] el1_dbg+0x24/0x80 [ 73.030750][ T4277] softirqs last enabled at (22636): [] handle_softirqs+0xa4c/0xbf0 [ 73.033396][ T4277] softirqs last disabled at (22625): [] __irq_exit_rcu+0x240/0x440 [ 73.036076][ T4277] ---[ end trace c2a3927d8b9587a9 ]--- [ 73.056574][ C1] ------------[ cut here ]------------ [ 73.058115][ C1] usb 1-1: BOGUS urb xfer, pipe 1 != type 3 [ 73.060071][ C1] WARNING: CPU: 1 PID: 0 at drivers/usb/core/urb.c:503 usb_submit_urb+0xa44/0x1580 [ 73.062779][ C1] Modules linked in: [ 73.063941][ C1] CPU: 1 PID: 0 Comm: swapper/1 Tainted: G W 5.15.182-syzkaller #0 [ 73.066511][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 73.069484][ C1] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 73.071714][ C1] pc : usb_submit_urb+0xa44/0x1580 [ 73.073148][ C1] lr : usb_submit_urb+0xa44/0x1580 [ 73.074643][ C1] sp : ffff800008017620 [ 73.075847][ C1] x29: ffff800008017660 x28: 1fffe0001aa43203 x27: ffff80001237bca8 [ 73.078271][ C1] x26: ffff0000c25b1200 x25: ffff0000c2039250 x24: 0000000000000400 [ 73.080528][ C1] x23: ffff800012382300 x22: dfff800000000000 x21: 0000000000000002 [ 73.082779][ C1] x20: 0000000000000a20 x19: ffff0000c2039200 x18: 0000000000000102 [ 73.084966][ C1] x17: 0000000000000000 x16: ffff8000111a53fc x15: 00000000ffffffff [ 73.087238][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 73.089378][ C1] x11: 0000000000000101 x10: 0000000000000000 x9 : ea3cac68d5281500 [ 73.091683][ C1] x8 : ea3cac68d5281500 x7 : 0000000000000001 x6 : 0000000000000001 [ 73.094038][ C1] x5 : ffff800008016f18 x4 : ffff80001422f280 x3 : ffff800008503828 [ 73.096394][ C1] x2 : 0000000000000001 x1 : 0000000100000101 x0 : 0000000000000029 [ 73.098799][ C1] Call trace: [ 73.099782][ C1] usb_submit_urb+0xa44/0x1580 [ 73.101144][ C1] bcm5974_irq_trackpad+0x204/0xe88 [ 73.102545][ C1] __usb_hcd_giveback_urb+0x2e0/0x518 [ 73.104032][ C1] usb_hcd_giveback_urb+0x100/0x3e0 [ 73.105498][ C1] dummy_timer+0x5b8/0x231c [ 73.106792][ C1] call_timer_fn+0x19c/0x858 [ 73.108021][ C1] __run_timers+0x46c/0x6c4 [ 73.109369][ C1] run_timer_softirq+0x7c/0x114 [ 73.110847][ C1] handle_softirqs+0x344/0xbf0 [ 73.112306][ C1] __irq_exit_rcu+0x240/0x440 [ 73.113566][ C1] irq_exit+0x14/0x88 [ 73.114741][ C1] handle_domain_irq+0x14c/0x1fc [ 73.116264][ C1] gic_handle_irq+0x78/0x1c8 [ 73.117579][ C1] call_on_irq_stack+0x24/0x4c [ 73.118953][ C1] do_interrupt_handler+0x6c/0x88 [ 73.120316][ C1] el1_interrupt+0x30/0x58 [ 73.121554][ C1] el1h_64_irq_handler+0x18/0x24 [ 73.123090][ C1] el1h_64_irq+0x78/0x7c [ 73.124348][ C1] arch_local_irq_enable+0xc/0x18 [ 73.125809][ C1] default_idle_call+0xcc/0x418 [ 73.127203][ C1] do_idle+0x1c8/0x480 [ 73.128340][ C1] cpu_startup_entry+0x24/0x28 [ 73.129662][ C1] secondary_start_kernel+0x23c/0x294 [ 73.131232][ C1] __secondary_switched+0x94/0x98 [ 73.132645][ C1] irq event stamp: 255339 [ 73.133945][ C1] hardirqs last enabled at (255338): [] _raw_spin_unlock_irq+0x98/0x128 [ 73.136801][ C1] hardirqs last disabled at (255339): [] _raw_spin_lock_irqsave+0xfc/0x14c [ 73.139716][ C1] softirqs last enabled at (255316): [] handle_softirqs+0xa4c/0xbf0 [ 73.142566][ C1] softirqs last disabled at (255335): [] __irq_exit_rcu+0x240/0x440 [ 73.145422][ C1] ---[ end trace c2a3927d8b9587aa ]--- [ 73.147196][ C1] ------------[ cut here ]------------ [ 73.148759][ C1] usb 1-1: BOGUS urb xfer, pipe 1 != type 3 [ 73.150716][ C1] WARNING: CPU: 1 PID: 0 at drivers/usb/core/urb.c:503 usb_submit_urb+0xa44/0x1580 [ 73.153098][ C1] Modules linked in: [ 73.154229][ C1] CPU: 1 PID: 0 Comm: swapper/1 Tainted: G W 5.15.182-syzkaller #0 [ 73.156702][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 73.158455][ T4046] usb 1-1: USB disconnect, device number 6 [ 73.159586][ C1] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 73.159603][ C1] pc : usb_submit_urb+0xa44/0x1580 [ 73.164831][ C1] lr : usb_submit_urb+0xa44/0x1580 [ 73.166268][ C1] sp : ffff800008017620 [ 73.167520][ C1] x29: ffff800008017660 x28: 1fffe0001aa43203 x27: ffff80001237bca8 [ 73.169849][ C1] x26: ffff0000c25b1200 x25: ffff0000c2039250 x24: 0000000000000400 [ 73.171981][ C1] x23: ffff800012382300 x22: dfff800000000000 x21: 0000000000000002 [ 73.174292][ C1] x20: 0000000000000a20 x19: ffff0000c2039200 x18: 0000000000000102 [ 73.176813][ C1] x17: 0000000000000000 x16: ffff8000111a53fc x15: 00000000ffffffff [ 73.179186][ C1] x14: 0000000000ff0100 x13: 0000000000000001 x12: 0000000000ff0100 [ 73.181486][ C1] x11: 0000000000000101 x10: 0000000000000000 x9 : ea3cac68d5281500 [ 73.183881][ C1] x8 : ea3cac68d5281500 x7 : 0000000000000001 x6 : 0000000000000001 [ 73.186400][ C1] x5 : ffff800008016f18 x4 : ffff80001422f280 x3 : ffff80000a731dc4 [ 73.188716][ C1] x2 : ffff0001a111cd10 x1 : 0000000000000101 x0 : 0000000000000029 [ 73.190968][ C1] Call trace: [ 73.191924][ C1] usb_submit_urb+0xa44/0x1580 [ 73.193154][ C1] bcm5974_irq_trackpad+0x204/0xe88 [ 73.194710][ C1] __usb_hcd_giveback_urb+0x2e0/0x518 [ 73.196211][ C1] usb_hcd_giveback_urb+0x100/0x3e0 [ 73.197696][ C1] dummy_timer+0x5b8/0x231c [ 73.199054][ C1] call_timer_fn+0x19c/0x858 [ 73.200292][ C1] __run_timers+0x46c/0x6c4 [ 73.201568][ C1] run_timer_softirq+0x7c/0x114 [ 73.202996][ C1] handle_softirqs+0x344/0xbf0 [ 73.204323][ C1] __irq_exit_rcu+0x240/0x440 [ 73.205623][ C1] irq_exit+0x14/0x88 [ 73.206773][ C1] handle_domain_irq+0x14c/0x1fc [ 73.208161][ C1] gic_handle_irq+0x78/0x1c8 [ 73.209509][ C1] call_on_irq_stack+0x24/0x4c [ 73.210849][ C1] do_interrupt_handler+0x6c/0x88 [ 73.212261][ C1] el1_interrupt+0x30/0x58 [ 73.213583][ C1] el1h_64_irq_handler+0x18/0x24 [ 73.214969][ C1] el1h_64_irq+0x78/0x7c [ 73.216426][ C1] arch_local_irq_enable+0xc/0x18 [ 73.217907][ C1] default_idle_call+0xcc/0x418 [ 73.219202][ C1] do_idle+0x1c8/0x480 [ 73.220369][ C1] cpu_startup_entry+0x24/0x28 [ 73.221689][ C1] secondary_start_kernel+0x23c/0x294 [ 73.223301][ C1] __secondary_switched+0x94/0x98 [ 73.224706][ C1] irq event stamp: 255365 [ 73.225955][ C1] hardirqs last enabled at (255364): [] _raw_spin_unlock_irq+0x98/0x128 [ 73.228741][ C1] hardirqs last disabled at (255365): [] _raw_spin_lock_irqsave+0xfc/0x14c [ 73.231651][ C1] softirqs last enabled at (255316): [] handle_softirqs+0xa4c/0xbf0 [ 73.234285][ C1] softirqs last disabled at (255335): [] __irq_exit_rcu+0x240/0x440 [ 73.237099][ C1] ---[ end trace c2a3927d8b9587ab ]--- [ 73.238716][ C1] bcm5974 1-1:0.10: trackpad urb failed: -2 [ 73.246826][ T4277] bcm5974 1-1:0.10: could not read from device 1970/01/01 00:01:13 executed programs: 5 [ 73.956616][ T4053] usb 1-1: new high-speed USB device number 7 using dummy_hcd [ 74.316682][ T4053] usb 1-1: config 0 has an invalid interface number: 10 but max is 0 [ 74.318791][ T4053] usb 1-1: config 0 has no interface number 0 [ 74.320370][ T4053] usb 1-1: config 0 interface 10 altsetting 0 has an invalid endpoint with address 0x0, skipping [ 74.323104][ T4053] usb 1-1: config 0 interface 10 altsetting 0 endpoint 0x81 has invalid maxpacket 21669, setting to 1024 [ 74.326082][ T4053] usb 1-1: config 0 interface 10 altsetting 0 bulk endpoint 0x81 has invalid maxpacket 1024 [ 74.329034][ T4053] usb 1-1: config 0 interface 10 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1 [ 74.496722][ T4053] usb 1-1: New USB device found, idVendor=05ac, idProduct=024e, bcdDevice=d4.d7 [ 74.499102][ T4053] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 74.501170][ T4053] usb 1-1: Product: syz [ 74.502391][ T4053] usb 1-1: Manufacturer: syz [ 74.503689][ T4053] usb 1-1: SerialNumber: syz [ 74.509253][ T4053] usb 1-1: config 0 descriptor?? [ 74.526931][ T4598] raw-gadget.0 gadget: fail, usb_ep_enable returned -22 [ 74.549407][ T4053] input: bcm5974 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.10/input/input7