Warning: Permanently added '10.128.1.52' (ED25519) to the list of known hosts. 2024/03/12 19:13:36 ignoring optional flag "sandboxArg"="0" 2024/03/12 19:13:36 parsed 1 programs [ 41.412764][ T4145] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k SSFS 2024/03/12 19:13:36 executed programs: 0 [ 41.483511][ T4152] bridge0: port 1(bridge_slave_0) entered blocking state [ 41.485458][ T4152] bridge0: port 1(bridge_slave_0) entered disabled state [ 41.487488][ T4152] device bridge_slave_0 entered promiscuous mode [ 41.489643][ T4152] bridge0: port 2(bridge_slave_1) entered blocking state [ 41.491540][ T4152] bridge0: port 2(bridge_slave_1) entered disabled state [ 41.494142][ T4152] device bridge_slave_1 entered promiscuous mode [ 41.516823][ T4152] team0: Port device team_slave_0 added [ 41.518636][ T4152] team0: Port device team_slave_1 added [ 41.560605][ T4152] device hsr_slave_0 entered promiscuous mode [ 41.619607][ T4152] device hsr_slave_1 entered promiscuous mode [ 42.233175][ T4152] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 42.270351][ T4152] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 42.300127][ T4152] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 42.360125][ T4152] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 42.423538][ T4152] bridge0: port 2(bridge_slave_1) entered blocking state [ 42.425500][ T4152] bridge0: port 2(bridge_slave_1) entered forwarding state [ 42.427494][ T4152] bridge0: port 1(bridge_slave_0) entered blocking state [ 42.429423][ T4152] bridge0: port 1(bridge_slave_0) entered forwarding state [ 42.479083][ T4152] 8021q: adding VLAN 0 to HW filter on device team0 [ 42.485087][ T4152] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 42.487815][ T3725] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 42.490249][ T3725] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 42.492949][ T3725] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 42.495245][ T3725] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 42.497506][ T3725] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 42.503577][ T3725] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 42.505791][ T3725] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 42.508002][ T3725] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 42.512740][ T3725] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 42.609145][ T4152] device veth0_vlan entered promiscuous mode [ 42.611541][ T99] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 42.613805][ T99] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 42.616027][ T99] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 42.618329][ T99] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 42.621796][ T4152] device veth1_vlan entered promiscuous mode [ 42.625766][ T3725] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 42.627775][ T3725] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 42.629919][ T3725] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 42.632068][ T3725] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 42.634132][ T3725] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 42.636269][ T3725] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 42.638764][ T4152] device veth0_macvtap entered promiscuous mode [ 42.640928][ T4152] device veth1_macvtap entered promiscuous mode [ 42.644722][ T3725] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 42.646850][ T3725] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 42.648915][ T3725] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 42.651296][ T3725] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 42.653516][ T3725] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 42.659811][ T3725] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 42.710052][ T9] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 42.712211][ T9] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 42.715332][ T1666] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 42.715429][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 42.717447][ T1666] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 42.722251][ T3764] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 43.019525][ T26] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 43.439542][ T26] usb 1-1: config 0 has an invalid interface number: 10 but max is 0 [ 43.441846][ T26] usb 1-1: config 0 has no interface number 0 [ 43.443444][ T26] usb 1-1: config 0 interface 10 altsetting 0 has an invalid endpoint with address 0x0, skipping [ 43.446225][ T26] usb 1-1: config 0 interface 10 altsetting 0 endpoint 0x81 has invalid maxpacket 21669, setting to 1024 [ 43.449266][ T26] usb 1-1: config 0 interface 10 altsetting 0 bulk endpoint 0x81 has invalid maxpacket 1024 [ 43.452060][ T26] usb 1-1: config 0 interface 10 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1 [ 43.629547][ T26] usb 1-1: New USB device found, idVendor=05ac, idProduct=024e, bcdDevice=d4.d7 [ 43.632094][ T26] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 43.634227][ T26] usb 1-1: Product: syz [ 43.635321][ T26] usb 1-1: Manufacturer: syz [ 43.636509][ T26] usb 1-1: SerialNumber: syz [ 43.638495][ T26] usb 1-1: config 0 descriptor?? [ 43.659604][ T4458] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 43.680381][ T26] input: bcm5974 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.10/input/input2 [ 44.109565][ T4146] ------------[ cut here ]------------ [ 44.111084][ T4146] usb 1-1: BOGUS urb xfer, pipe 1 != type 3 [ 44.112829][ T4146] WARNING: CPU: 0 PID: 4146 at drivers/usb/core/urb.c:505 usb_submit_urb+0x594/0x9b4 [ 44.115289][ T4146] Modules linked in: [ 44.116317][ T4146] CPU: 0 PID: 4146 Comm: udevd Not tainted 6.1.81-syzkaller #0 [ 44.118285][ T4146] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 44.120927][ T4146] pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 44.123051][ T4146] pc : usb_submit_urb+0x594/0x9b4 [ 44.124371][ T4146] lr : usb_submit_urb+0x594/0x9b4 [ 44.125720][ T4146] sp : ffff8000124bb8e0 [ 44.126854][ T4146] x29: ffff8000124bb8f0 x28: ffff0000cb4ee800 x27: ffff0000d199d15c [ 44.129039][ T4146] x26: ffff80000ce30d70 x25: ffff0000cb4ee8a8 x24: ffff0000d1bafc80 [ 44.131173][ T4146] x23: ffff80000ce5bbf6 x22: 0000000000000400 x21: 0000000000000002 [ 44.133337][ T4146] x20: 0000000000000cc0 x19: ffff0000d199d100 x18: ffff80000bd2d2cc [ 44.135547][ T4146] x17: 0000000000030000 x16: 0000000000000167 x15: 0000000000000000 [ 44.137740][ T4146] x14: 0000000000000000 x13: 205d363431345420 x12: ffff80000e668000 [ 44.139893][ T4146] x11: 0000000000ff0100 x10: 0000000000000000 x9 : ec08928ab3279300 [ 44.142032][ T4146] x8 : ec08928ab3279300 x7 : 0000000000000000 x6 : ffff80000bceaa1c [ 44.144156][ T4146] x5 : 0000000000000000 x4 : 0000000000000080 x3 : 0000000000000000 [ 44.146342][ T4146] x2 : 0000000000000000 x1 : 0000000100000000 x0 : 0000000000000000 [ 44.148539][ T4146] Call trace: [ 44.149448][ T4146] usb_submit_urb+0x594/0x9b4 [ 44.150737][ T4146] bcm5974_start_traffic+0xa0/0xfc [ 44.152110][ T4146] bcm5974_open+0x5c/0xb4 [ 44.153221][ T4146] input_open_device+0xe8/0x14c [ 44.154555][ T4146] evdev_open+0x1b4/0x258 [ 44.155689][ T4146] chrdev_open+0x27c/0x2b0 [ 44.156855][ T4146] do_dentry_open+0x36c/0x6f8 [ 44.158079][ T4146] vfs_open+0x38/0x48 [ 44.159149][ T4146] path_openat+0xf04/0x1328 [ 44.160292][ T4146] do_filp_open+0xd0/0x1a8 [ 44.161479][ T4146] do_sys_openat2+0xb8/0x22c [ 44.162717][ T4146] __arm64_sys_openat+0xb0/0xe0 [ 44.163969][ T4146] invoke_syscall+0x64/0x178 [ 44.165179][ T4146] el0_svc_common+0xb8/0x174 [ 44.166375][ T4146] do_el0_svc+0x48/0x174 [ 44.167492][ T4146] el0_svc+0x34/0x110 [ 44.168535][ T4146] el0t_64_sync_handler+0x84/0xf0 [ 44.169901][ T4146] el0t_64_sync+0x18c/0x190 [ 44.171100][ T4146] ---[ end trace 0000000000000000 ]--- [ 44.189509][ C0] ------------[ cut here ]------------ [ 44.191046][ C0] usb 1-1: BOGUS urb xfer, pipe 1 != type 3 [ 44.192776][ C0] WARNING: CPU: 0 PID: 0 at drivers/usb/core/urb.c:505 usb_submit_urb+0x594/0x9b4 [ 44.195215][ C0] Modules linked in: [ 44.196213][ C0] CPU: 0 PID: 0 Comm: swapper/0 Tainted: G W 6.1.81-syzkaller #0 [ 44.198614][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 44.201296][ C0] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 44.203330][ C0] pc : usb_submit_urb+0x594/0x9b4 [ 44.204736][ C0] lr : usb_submit_urb+0x594/0x9b4 [ 44.206130][ C0] sp : ffff800008003ba0 [ 44.207278][ C0] x29: ffff800008003bb0 x28: ffff0000cb4ee800 x27: ffff0000d199d15c [ 44.209558][ C0] x26: ffff80000ce30d70 x25: ffff0000cb4ee8a8 x24: ffff0000d1bafc80 [ 44.211697][ C0] x23: ffff80000ce5bbf6 x22: 0000000000000400 x21: 0000000000000002 [ 44.213878][ C0] x20: 0000000000000a20 x19: ffff0000d199d100 x18: 0000000000000000 [ 44.216039][ C0] x17: 000000000000000a x16: 00000000000003e0 x15: 0000000000000000 [ 44.217910][ C0] x14: 0000000000000000 x13: 205d304320202020 x12: ffff80000e668000 [ 44.220114][ C0] x11: 0000000000ff0100 x10: 0000000000000000 x9 : c56a38dcd47f8c00 [ 44.222460][ C0] x8 : c56a38dcd47f8c00 x7 : 0000000000000000 x6 : ffff80000bceaa1c [ 44.224613][ C0] x5 : 0000000000000000 x4 : 0000000000000080 x3 : 0000000000000000 [ 44.226802][ C0] x2 : 0000000000000000 x1 : 0000000000000101 x0 : 0000000000000000 [ 44.229068][ C0] Call trace: [ 44.229939][ C0] usb_submit_urb+0x594/0x9b4 [ 44.231177][ C0] bcm5974_irq_trackpad+0x138/0x524 [ 44.232575][ C0] __usb_hcd_giveback_urb+0x16c/0x244 [ 44.234020][ C0] usb_hcd_giveback_urb+0x78/0x238 [ 44.235534][ C0] dummy_timer+0x2c8/0x102c [ 44.236769][ C0] call_timer_fn+0x7c/0x15c [ 44.238041][ C0] __run_timers+0x60c/0x6f8 [ 44.239210][ C0] run_timer_softirq+0x34/0x5c [ 44.240511][ C0] __do_softirq+0x100/0x29c [ 44.241891][ C0] ____do_softirq+0x14/0x20 [ 44.243107][ C0] call_on_irq_stack+0x24/0x4c [ 44.244378][ C0] do_softirq_own_stack+0x20/0x2c [ 44.245770][ C0] __irq_exit_rcu+0xb0/0x124 [ 44.246956][ C0] irq_exit_rcu+0x10/0x1c [ 44.248236][ C0] el1_interrupt+0x38/0x68 [ 44.249420][ C0] el1h_64_irq_handler+0x18/0x24 [ 44.250800][ C0] el1h_64_irq+0x64/0x68 [ 44.251897][ C0] arch_local_irq_enable+0xc/0x18 [ 44.253236][ C0] do_idle+0x110/0x2d8 [ 44.254277][ C0] cpu_startup_entry+0x34/0x38 [ 44.255695][ C0] kernel_init+0x0/0x290 [ 44.257101][ C0] start_kernel+0x0/0x4c0 [ 44.258268][ C0] start_kernel+0x30c/0x4c0 [ 44.259530][ C0] __primary_switched+0xb4/0xbc [ 44.260837][ C0] ---[ end trace 0000000000000000 ]--- [ 44.309915][ T3764] usb 1-1: USB disconnect, device number 2 [ 44.319600][ T4146] bcm5974 1-1:0.10: could not read from device [ 45.079512][ T3764] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 45.439523][ T3764] usb 1-1: config 0 has an invalid interface number: 10 but max is 0 [ 45.441859][ T3764] usb 1-1: config 0 has no interface number 0 [ 45.443499][ T3764] usb 1-1: config 0 interface 10 altsetting 0 has an invalid endpoint with address 0x0, skipping [ 45.446255][ T3764] usb 1-1: config 0 interface 10 altsetting 0 endpoint 0x81 has invalid maxpacket 21669, setting to 1024 [ 45.449275][ T3764] usb 1-1: config 0 interface 10 altsetting 0 bulk endpoint 0x81 has invalid maxpacket 1024 [ 45.452003][ T3764] usb 1-1: config 0 interface 10 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1 [ 45.609578][ T3764] usb 1-1: New USB device found, idVendor=05ac, idProduct=024e, bcdDevice=d4.d7 [ 45.612168][ T3764] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 45.614295][ T3764] usb 1-1: Product: syz [ 45.615429][ T3764] usb 1-1: Manufacturer: syz [ 45.616628][ T3764] usb 1-1: SerialNumber: syz [ 45.618243][ T3764] usb 1-1: config 0 descriptor?? [ 45.639634][ T4569] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 45.660137][ T3764] input: bcm5974 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.10/input/input3 [ 46.099554][ T4146] ------------[ cut here ]------------ [ 46.101082][ T4146] usb 1-1: BOGUS urb xfer, pipe 1 != type 3 [ 46.102808][ T4146] WARNING: CPU: 1 PID: 4146 at drivers/usb/core/urb.c:505 usb_submit_urb+0x594/0x9b4 [ 46.105337][ T4146] Modules linked in: [ 46.106350][ T4146] CPU: 1 PID: 4146 Comm: udevd Tainted: G W 6.1.81-syzkaller #0 [ 46.108772][ T4146] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 46.111434][ T4146] pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 46.113573][ T4146] pc : usb_submit_urb+0x594/0x9b4 [ 46.114960][ T4146] lr : usb_submit_urb+0x594/0x9b4 [ 46.116259][ T4146] sp : ffff8000124bb8e0 [ 46.117356][ T4146] x29: ffff8000124bb8f0 x28: ffff0000cd2d4800 x27: ffff0000d18eb55c [ 46.119551][ T4146] x26: ffff80000ce30d70 x25: ffff0000cd2d48a8 x24: ffff0000cd21dd00 [ 46.121689][ T4146] x23: ffff80000ce5bbf6 x22: 0000000000000400 x21: 0000000000000002 [ 46.123929][ T4146] x20: 0000000000000cc0 x19: ffff0000d18eb500 x18: ffff80000bd2d2cc [ 46.126071][ T4146] x17: 0000000000030000 x16: 000000000000038a x15: 0000000000000000 [ 46.128269][ T4146] x14: 0000000000000000 x13: 205d363431345420 x12: ffff80000e668000 [ 46.130421][ T4146] x11: 0000000000ff0100 x10: 0000000000000000 x9 : ec08928ab3279300 [ 46.132555][ T4146] x8 : ec08928ab3279300 x7 : 0000000000000000 x6 : ffff80000bceaa1c [ 46.134827][ T4146] x5 : 0000000000000000 x4 : 0000000000000080 x3 : 0000000000000000 [ 46.136978][ T4146] x2 : 0000000000000000 x1 : 0000000100000000 x0 : 0000000000000000 [ 46.139156][ T4146] Call trace: [ 46.140036][ T4146] usb_submit_urb+0x594/0x9b4 [ 46.141302][ T4146] bcm5974_start_traffic+0xa0/0xfc [ 46.142787][ T4146] bcm5974_open+0x5c/0xb4 [ 46.143932][ T4146] input_open_device+0xe8/0x14c [ 46.145259][ T4146] evdev_open+0x1b4/0x258 [ 46.146428][ T4146] chrdev_open+0x27c/0x2b0 [ 46.147589][ T4146] do_dentry_open+0x36c/0x6f8 [ 46.148845][ T4146] vfs_open+0x38/0x48 [ 46.149906][ T4146] path_openat+0xf04/0x1328 [ 46.151190][ T4146] do_filp_open+0xd0/0x1a8 [ 46.152349][ T4146] do_sys_openat2+0xb8/0x22c [ 46.153603][ T4146] __arm64_sys_openat+0xb0/0xe0 [ 46.154909][ T4146] invoke_syscall+0x64/0x178 [ 46.156171][ T4146] el0_svc_common+0xb8/0x174 [ 46.157381][ T4146] do_el0_svc+0x48/0x174 [ 46.158532][ T4146] el0_svc+0x34/0x110 [ 46.159629][ T4146] el0t_64_sync_handler+0x84/0xf0 [ 46.160941][ T4146] el0t_64_sync+0x18c/0x190 [ 46.162109][ T4146] ---[ end trace 0000000000000000 ]--- [ 46.179506][ C1] ------------[ cut here ]------------ [ 46.181039][ C1] usb 1-1: BOGUS urb xfer, pipe 1 != type 3 [ 46.182766][ C1] WARNING: CPU: 1 PID: 0 at drivers/usb/core/urb.c:505 usb_submit_urb+0x594/0x9b4 [ 46.185152][ C1] Modules linked in: [ 46.186150][ C1] CPU: 1 PID: 0 Comm: swapper/1 Tainted: G W 6.1.81-syzkaller #0 [ 46.188626][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 46.191347][ C1] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 46.193498][ C1] pc : usb_submit_urb+0x594/0x9b4 [ 46.194894][ C1] lr : usb_submit_urb+0x594/0x9b4 [ 46.196272][ C1] sp : ffff80000800bba0 [ 46.197340][ C1] x29: ffff80000800bbb0 x28: ffff0000cd2d4800 x27: ffff0000d18eb55c [ 46.199447][ C1] x26: ffff80000ce30d70 x25: ffff0000cd2d48a8 x24: ffff0000cd21dd00 [ 46.201563][ C1] x23: ffff80000ce5bbf6 x22: 0000000000000400 x21: 0000000000000002 [ 46.203704][ C1] x20: 0000000000000a20 x19: ffff0000d18eb500 x18: 0000000000000000 [ 46.205932][ C1] x17: ffff8001f1642000 x16: ffff800008008000 x15: 0000000000000000 [ 46.208012][ C1] x14: 0000000000000000 x13: 205d314320202020 x12: ffff80000e668000 [ 46.210160][ C1] x11: 0000000000ff0100 x10: 0000000000000000 x9 : dbf5a76b50962000 [ 46.212255][ C1] x8 : dbf5a76b50962000 x7 : 0000000000000000 x6 : ffff80000bceaa1c [ 46.214444][ C1] x5 : 0000000000000000 x4 : 0000000000000080 x3 : 0000000000000000 [ 46.216607][ C1] x2 : 0000000000000000 x1 : 0000000100000101 x0 : 0000000000000000 [ 46.218752][ C1] Call trace: [ 46.219633][ C1] usb_submit_urb+0x594/0x9b4 [ 46.220902][ C1] bcm5974_irq_trackpad+0x138/0x524 [ 46.222327][ C1] __usb_hcd_giveback_urb+0x16c/0x244 [ 46.223803][ C1] usb_hcd_giveback_urb+0x78/0x238 [ 46.225238][ C1] dummy_timer+0x2c8/0x102c [ 46.226464][ C1] call_timer_fn+0x7c/0x15c [ 46.227678][ C1] __run_timers+0x60c/0x6f8 [ 46.228911][ C1] run_timer_softirq+0x34/0x5c [ 46.230150][ C1] __do_softirq+0x100/0x29c [ 46.231357][ C1] ____do_softirq+0x14/0x20 [ 46.232546][ C1] call_on_irq_stack+0x24/0x4c [ 46.233812][ C1] do_softirq_own_stack+0x20/0x2c [ 46.235159][ C1] __irq_exit_rcu+0xb0/0x124 [ 46.236394][ C1] irq_exit_rcu+0x10/0x1c [ 46.237569][ C1] el1_interrupt+0x38/0x68 [ 46.238782][ C1] el1h_64_irq_handler+0x18/0x24 [ 46.240091][ C1] el1h_64_irq+0x64/0x68 [ 46.241257][ C1] arch_local_irq_enable+0xc/0x18 [ 46.242602][ C1] do_idle+0x110/0x2d8 [ 46.243652][ C1] cpu_startup_entry+0x34/0x38 [ 46.244935][ C1] secondary_start_kernel+0x150/0x178 [ 46.246389][ C1] __secondary_switched+0xb0/0xb4 [ 46.247795][ C1] ---[ end trace 0000000000000000 ]--- [ 46.299869][ T3764] usb 1-1: USB disconnect, device number 3 [ 46.319529][ T4146] bcm5974 1-1:0.10: could not read from device 2024/03/12 19:13:42 executed programs: 2 [ 47.069539][ T26] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 47.429553][ T26] usb 1-1: config 0 has an invalid interface number: 10 but max is 0 [ 47.431936][ T26] usb 1-1: config 0 has no interface number 0 [ 47.433494][ T26] usb 1-1: config 0 interface 10 altsetting 0 has an invalid endpoint with address 0x0, skipping [ 47.436238][ T26] usb 1-1: config 0 interface 10 altsetting 0 endpoint 0x81 has invalid maxpacket 21669, setting to 1024 [ 47.439258][ T26] usb 1-1: config 0 interface 10 altsetting 0 bulk endpoint 0x81 has invalid maxpacket 1024 [ 47.441975][ T26] usb 1-1: config 0 interface 10 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1 [ 47.599536][ T26] usb 1-1: New USB device found, idVendor=05ac, idProduct=024e, bcdDevice=d4.d7 [ 47.602093][ T26] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 47.604249][ T26] usb 1-1: Product: syz [ 47.605346][ T26] usb 1-1: Manufacturer: syz [ 47.606538][ T26] usb 1-1: SerialNumber: syz [ 47.608227][ T26] usb 1-1: config 0 descriptor?? [ 47.629791][ T4571] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 47.650302][ T26] input: bcm5974 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.10/input/input4 [ 48.089524][ T4146] ------------[ cut here ]------------ [ 48.090983][ T4146] usb 1-1: BOGUS urb xfer, pipe 1 != type 3 [ 48.092749][ T4146] WARNING: CPU: 1 PID: 4146 at drivers/usb/core/urb.c:505 usb_submit_urb+0x594/0x9b4 [ 48.095272][ T4146] Modules linked in: [ 48.096304][ T4146] CPU: 1 PID: 4146 Comm: udevd Tainted: G W 6.1.81-syzkaller #0 [ 48.098658][ T4146] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 48.101389][ T4146] pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 48.103463][ T4146] pc : usb_submit_urb+0x594/0x9b4 [ 48.104848][ T4146] lr : usb_submit_urb+0x594/0x9b4 [ 48.106196][ T4146] sp : ffff8000124bb8e0 [ 48.107299][ T4146] x29: ffff8000124bb8f0 x28: ffff0000cc6fb000 x27: ffff0000c937485c [ 48.109475][ T4146] x26: ffff80000ce30d70 x25: ffff0000cc6fb0a8 x24: ffff0000d1a42d80 [ 48.111638][ T4146] x23: ffff80000ce5bbf6 x22: 0000000000000400 x21: 0000000000000002 [ 48.113740][ T4146] x20: 0000000000000cc0 x19: ffff0000c9374800 x18: 00000000363f9051 [ 48.115876][ T4146] x17: 00000000288e6180 x16: 0000000000000263 x15: 0000000000000000 [ 48.118124][ T4146] x14: 0000000000000000 x13: 205d363431345420 x12: ffff80000e668000 [ 48.120285][ T4146] x11: 0000000000ff0100 x10: 0000000000000000 x9 : ec08928ab3279300 [ 48.122441][ T4146] x8 : ec08928ab3279300 x7 : 0000000000000000 x6 : ffff80000bceaa1c [ 48.124643][ T4146] x5 : 0000000000000000 x4 : 0000000000000080 x3 : 0000000000000000 [ 48.126779][ T4146] x2 : 0000000000000000 x1 : 0000000100000000 x0 : 0000000000000000 [ 48.128880][ T4146] Call trace: [ 48.129728][ T4146] usb_submit_urb+0x594/0x9b4 [ 48.130981][ T4146] bcm5974_start_traffic+0xa0/0xfc [ 48.132394][ T4146] bcm5974_open+0x5c/0xb4 [ 48.133561][ T4146] input_open_device+0xe8/0x14c [ 48.134845][ T4146] evdev_open+0x1b4/0x258 [ 48.135980][ T4146] chrdev_open+0x27c/0x2b0 [ 48.137130][ T4146] do_dentry_open+0x36c/0x6f8 [ 48.138387][ T4146] vfs_open+0x38/0x48 [ 48.139447][ T4146] path_openat+0xf04/0x1328 [ 48.140648][ T4146] do_filp_open+0xd0/0x1a8 [ 48.141783][ T4146] do_sys_openat2+0xb8/0x22c [ 48.143020][ T4146] __arm64_sys_openat+0xb0/0xe0 [ 48.144333][ T4146] invoke_syscall+0x64/0x178 [ 48.145535][ T4146] el0_svc_common+0xb8/0x174 [ 48.146786][ T4146] do_el0_svc+0x48/0x174 [ 48.147940][ T4146] el0_svc+0x34/0x110 [ 48.149002][ T4146] el0t_64_sync_handler+0x84/0xf0 [ 48.150328][ T4146] el0t_64_sync+0x18c/0x190 [ 48.151523][ T4146] ---[ end trace 0000000000000000 ]--- [ 48.169509][ C1] ------------[ cut here ]------------ [ 48.170958][ C1] usb 1-1: BOGUS urb xfer, pipe 1 != type 3 [ 48.172728][ C1] WARNING: CPU: 1 PID: 0 at drivers/usb/core/urb.c:505 usb_submit_urb+0x594/0x9b4 [ 48.175139][ C1] Modules linked in: [ 48.176181][ C1] CPU: 1 PID: 0 Comm: swapper/1 Tainted: G W 6.1.81-syzkaller #0 [ 48.178558][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 48.181264][ C1] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 48.183408][ C1] pc : usb_submit_urb+0x594/0x9b4 [ 48.184724][ C1] lr : usb_submit_urb+0x594/0x9b4 [ 48.186120][ C1] sp : ffff80000800bba0 [ 48.187219][ C1] x29: ffff80000800bbb0 x28: ffff0000cc6fb000 x27: ffff0000c937485c [ 48.189435][ C1] x26: ffff80000ce30d70 x25: ffff0000cc6fb0a8 x24: ffff0000d1a42d80 [ 48.191571][ C1] x23: ffff80000ce5bbf6 x22: 0000000000000400 x21: 0000000000000002 [ 48.193743][ C1] x20: 0000000000000a20 x19: ffff0000c9374800 x18: ffff80000bd2d2cc [ 48.195862][ C1] x17: ffff8001f1642000 x16: ffff800008008000 x15: 0000000000000000 [ 48.198095][ C1] x14: 0000000000000000 x13: 205d314320202020 x12: ffff80000e668000 [ 48.200228][ C1] x11: 0000000000ff0100 x10: 0000000000000000 x9 : dbf5a76b50962000 [ 48.202383][ C1] x8 : dbf5a76b50962000 x7 : 0000000000000000 x6 : ffff80000bceaa1c [ 48.204561][ C1] x5 : 0000000000000000 x4 : 0000000000000080 x3 : 0000000000000000 [ 48.206829][ C1] x2 : 0000000000000000 x1 : 0000000100000101 x0 : 0000000000000000 [ 48.209000][ C1] Call trace: [ 48.209846][ C1] usb_submit_urb+0x594/0x9b4 [ 48.211070][ C1] bcm5974_irq_trackpad+0x138/0x524 [ 48.212650][ C1] __usb_hcd_giveback_urb+0x16c/0x244 [ 48.214170][ C1] usb_hcd_giveback_urb+0x78/0x238 [ 48.215538][ C1] dummy_timer+0x2c8/0x102c [ 48.216737][ C1] call_timer_fn+0x7c/0x15c [ 48.218018][ C1] __run_timers+0x60c/0x6f8 [ 48.219279][ C1] run_timer_softirq+0x34/0x5c [ 48.220546][ C1] __do_softirq+0x100/0x29c [ 48.221753][ C1] ____do_softirq+0x14/0x20 [ 48.222937][ C1] call_on_irq_stack+0x24/0x4c [ 48.224228][ C1] do_softirq_own_stack+0x20/0x2c [ 48.225554][ C1] __irq_exit_rcu+0xb0/0x124 [ 48.226889][ C1] irq_exit_rcu+0x10/0x1c [ 48.228012][ C1] el1_interrupt+0x38/0x68 [ 48.229216][ C1] el1h_64_irq_handler+0x18/0x24 [ 48.230535][ C1] el1h_64_irq+0x64/0x68 [ 48.231696][ C1] arch_local_irq_enable+0xc/0x18 [ 48.233178][ C1] do_idle+0x110/0x2d8 [ 48.234295][ C1] cpu_startup_entry+0x34/0x38 [ 48.235606][ C1] secondary_start_kernel+0x150/0x178 [ 48.237123][ C1] __secondary_switched+0xb0/0xb4 [ 48.238532][ C1] ---[ end trace 0000000000000000 ]--- [ 48.249493][ C1] ------------[ cut here ]------------ [ 48.250939][ C1] usb 1-1: BOGUS urb xfer, pipe 1 != type 3 [ 48.252721][ C1] WARNING: CPU: 1 PID: 0 at drivers/usb/core/urb.c:505 usb_submit_urb+0x594/0x9b4 [ 48.255182][ C1] Modules linked in: [ 48.256271][ C1] CPU: 1 PID: 0 Comm: swapper/1 Tainted: G W 6.1.81-syzkaller #0 [ 48.258705][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 48.261554][ C1] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 48.263684][ C1] pc : usb_submit_urb+0x594/0x9b4 [ 48.265046][ C1] lr : usb_submit_urb+0x594/0x9b4 [ 48.266437][ C1] sp : ffff80000800bba0 [ 48.267550][ C1] x29: ffff80000800bbb0 x28: ffff0000cc6fb000 x27: ffff0000c937485c [ 48.269720][ C1] x26: ffff80000ce30d70 x25: ffff0000cc6fb0a8 x24: ffff0000d1a42d80 [ 48.271890][ C1] x23: ffff80000ce5bbf6 x22: 0000000000000400 x21: 0000000000000002 [ 48.274042][ C1] x20: 0000000000000a20 x19: ffff0000c9374800 x18: 0000000000000000 [ 48.276239][ C1] x17: ffff8001f1642000 x16: ffff800008008000 x15: 0000000000000000 [ 48.278382][ C1] x14: 0000000000000000 x13: 205d314320202020 x12: ffff80000e668000 [ 48.280579][ C1] x11: 0000000000ff0100 x10: 0000000000000000 x9 : dbf5a76b50962000 [ 48.282736][ C1] x8 : dbf5a76b50962000 x7 : 0000000000000000 x6 : ffff80000bceaa1c [ 48.284896][ C1] x5 : 0000000000000000 x4 : 0000000000000080 x3 : 0000000000000000 [ 48.287027][ C1] x2 : 0000000000000000 x1 : 0000000100000101 x0 : 0000000000000000 [ 48.289168][ C1] Call trace: [ 48.290032][ C1] usb_submit_urb+0x594/0x9b4 [ 48.290990][ T26] usb 1-1: USB disconnect, device number 4 [ 48.291305][ C1] bcm5974_irq_trackpad+0x138/0x524 [ 48.294171][ C1] __usb_hcd_giveback_urb+0x16c/0x244 [ 48.295679][ C1] usb_hcd_giveback_urb+0x78/0x238 [ 48.297088][ C1] dummy_timer+0x2c8/0x102c [ 48.298390][ C1] call_timer_fn+0x7c/0x15c [ 48.299585][ C1] __run_timers+0x60c/0x6f8 [ 48.300775][ C1] run_timer_softirq+0x34/0x5c [ 48.302078][ C1] __do_softirq+0x100/0x29c [ 48.303310][ C1] ____do_softirq+0x14/0x20 [ 48.304583][ C1] call_on_irq_stack+0x24/0x4c [ 48.305812][ C1] do_softirq_own_stack+0x20/0x2c [ 48.307140][ C1] __irq_exit_rcu+0xb0/0x124 [ 48.308414][ C1] irq_exit_rcu+0x10/0x1c [ 48.309595][ C1] el1_interrupt+0x38/0x68 [ 48.310750][ C1] el1h_64_irq_handler+0x18/0x24 [ 48.312079][ C1] el1h_64_irq+0x64/0x68 [ 48.313239][ C1] arch_local_irq_enable+0xc/0x18 [ 48.314569][ C1] do_idle+0x110/0x2d8 [ 48.315677][ C1] cpu_startup_entry+0x34/0x38 [ 48.316976][ C1] secondary_start_kernel+0x150/0x178 [ 48.318505][ C1] __secondary_switched+0xb0/0xb4 [ 48.319874][ C1] ---[ end trace 0000000000000000 ]--- [ 48.321332][ C1] bcm5974 1-1:0.10: trackpad urb failed: -2 [ 48.323331][ T4146] bcm5974 1-1:0.10: could not read from device [ 49.059517][ T26] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 49.419512][ T26] usb 1-1: config 0 has an invalid interface number: 10 but max is 0 [ 49.421824][ T26] usb 1-1: config 0 has no interface number 0 [ 49.423325][ T26] usb 1-1: config 0 interface 10 altsetting 0 has an invalid endpoint with address 0x0, skipping [ 49.425913][ T26] usb 1-1: config 0 interface 10 altsetting 0 endpoint 0x81 has invalid maxpacket 21669, setting to 1024 [ 49.428793][ T26] usb 1-1: config 0 interface 10 altsetting 0 bulk endpoint 0x81 has invalid maxpacket 1024 [ 49.431503][ T26] usb 1-1: config 0 interface 10 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1 [ 49.589528][ T26] usb 1-1: New USB device found, idVendor=05ac, idProduct=024e, bcdDevice=d4.d7 [ 49.591889][ T26] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 49.593986][ T26] usb 1-1: Product: syz [ 49.595009][ T26] usb 1-1: Manufacturer: syz [ 49.596134][ T26] usb 1-1: SerialNumber: syz [ 49.597999][ T26] usb 1-1: config 0 descriptor?? [ 49.609571][ T4573] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 49.630343][ T26] input: bcm5974 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.10/input/input5 [ 50.059517][ T4146] ------------[ cut here ]------------ [ 50.061040][ T4146] usb 1-1: BOGUS urb xfer, pipe 1 != type 3 [ 50.062832][ T4146] WARNING: CPU: 0 PID: 4146 at drivers/usb/core/urb.c:505 usb_submit_urb+0x594/0x9b4 [ 50.065309][ T4146] Modules linked in: [ 50.066338][ T4146] CPU: 0 PID: 4146 Comm: udevd Tainted: G W 6.1.81-syzkaller #0 [ 50.068702][ T4146] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 50.071425][ T4146] pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 50.073470][ T4146] pc : usb_submit_urb+0x594/0x9b4 [ 50.074834][ T4146] lr : usb_submit_urb+0x594/0x9b4 [ 50.076184][ T4146] sp : ffff8000124bb8e0 [ 50.077318][ T4146] x29: ffff8000124bb8f0 x28: ffff0000cc6fb000 x27: ffff0000cb56e55c [ 50.079427][ T4146] x26: ffff80000ce30d70 x25: ffff0000cc6fb0a8 x24: ffff0000cd21c000 [ 50.081516][ T4146] x23: ffff80000ce5bbf6 x22: 0000000000000400 x21: 0000000000000002 [ 50.083673][ T4146] x20: 0000000000000cc0 x19: ffff0000cb56e500 x18: 0000000000000000 [ 50.085766][ T4146] x17: 000000000003fd57 x16: 0000000000000008 x15: 0000000000000000 [ 50.088001][ T4146] x14: 0000000000000000 x13: 205d363431345420 x12: ffff80000e668000 [ 50.090196][ T4146] x11: 0000000000ff0100 x10: 0000000000000000 x9 : ec08928ab3279300 [ 50.092364][ T4146] x8 : ec08928ab3279300 x7 : 0000000000000000 x6 : ffff80000bceaa1c [ 50.094586][ T4146] x5 : 0000000000000000 x4 : 0000000000000080 x3 : 0000000000000000 [ 50.096744][ T4146] x2 : 0000000000000000 x1 : 0000000100000000 x0 : 0000000000000000 [ 50.098914][ T4146] Call trace: [ 50.099805][ T4146] usb_submit_urb+0x594/0x9b4 [ 50.101116][ T4146] bcm5974_start_traffic+0xa0/0xfc [ 50.102533][ T4146] bcm5974_open+0x5c/0xb4 [ 50.103745][ T4146] input_open_device+0xe8/0x14c [ 50.105097][ T4146] evdev_open+0x1b4/0x258 [ 50.106294][ T4146] chrdev_open+0x27c/0x2b0 [ 50.107497][ T4146] do_dentry_open+0x36c/0x6f8 [ 50.108740][ T4146] vfs_open+0x38/0x48 [ 50.109799][ T4146] path_openat+0xf04/0x1328 [ 50.111010][ T4146] do_filp_open+0xd0/0x1a8 [ 50.112201][ T4146] do_sys_openat2+0xb8/0x22c [ 50.113452][ T4146] __arm64_sys_openat+0xb0/0xe0 [ 50.114807][ T4146] invoke_syscall+0x64/0x178 [ 50.116053][ T4146] el0_svc_common+0xb8/0x174 [ 50.117270][ T4146] do_el0_svc+0x48/0x174 [ 50.118417][ T4146] el0_svc+0x34/0x110 [ 50.119518][ T4146] el0t_64_sync_handler+0x84/0xf0 [ 50.120903][ T4146] el0t_64_sync+0x18c/0x190 [ 50.122085][ T4146] ---[ end trace 0000000000000000 ]--- [ 50.139492][ C0] ------------[ cut here ]------------ [ 50.140988][ C0] usb 1-1: BOGUS urb xfer, pipe 1 != type 3 [ 50.142778][ C0] WARNING: CPU: 0 PID: 0 at drivers/usb/core/urb.c:505 usb_submit_urb+0x594/0x9b4 [ 50.145248][ C0] Modules linked in: [ 50.146269][ C0] CPU: 0 PID: 0 Comm: swapper/0 Tainted: G W 6.1.81-syzkaller #0 [ 50.148656][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 50.151349][ C0] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 50.153510][ C0] pc : usb_submit_urb+0x594/0x9b4 [ 50.154890][ C0] lr : usb_submit_urb+0x594/0x9b4 [ 50.156267][ C0] sp : ffff800008003ba0 [ 50.157402][ C0] x29: ffff800008003bb0 x28: ffff0000cc6fb000 x27: ffff0000cb56e55c [ 50.159525][ C0] x26: ffff80000ce30d70 x25: ffff0000cc6fb0a8 x24: ffff0000cd21c000 [ 50.161659][ C0] x23: ffff80000ce5bbf6 x22: 0000000000000400 x21: 0000000000000002 [ 50.163822][ C0] x20: 0000000000000a20 x19: ffff0000cb56e500 x18: 0000000000000000 [ 50.166043][ C0] x17: ffff8001f162a000 x16: ffff800008000000 x15: 0000000000000000 [ 50.168217][ C0] x14: 0000000000000000 x13: 205d304320202020 x12: ffff80000e668000 [ 50.170391][ C0] x11: 0000000000ff0100 x10: 0000000000000000 x9 : c56a38dcd47f8c00 [ 50.172576][ C0] x8 : c56a38dcd47f8c00 x7 : 0000000000000000 x6 : ffff80000bceaa1c [ 50.174739][ C0] x5 : 0000000000000000 x4 : 0000000000000080 x3 : 0000000000000000 [ 50.176999][ C0] x2 : 0000000000000000 x1 : 0000000100000101 x0 : 0000000000000000 [ 50.179103][ C0] Call trace: [ 50.179951][ C0] usb_submit_urb+0x594/0x9b4 [ 50.181202][ C0] bcm5974_irq_trackpad+0x138/0x524 [ 50.182616][ C0] __usb_hcd_giveback_urb+0x16c/0x244 [ 50.184098][ C0] usb_hcd_giveback_urb+0x78/0x238 [ 50.185523][ C0] dummy_timer+0x2c8/0x102c [ 50.186702][ C0] call_timer_fn+0x7c/0x15c [ 50.187961][ C0] __run_timers+0x60c/0x6f8 [ 50.189150][ C0] run_timer_softirq+0x34/0x5c [ 50.190468][ C0] __do_softirq+0x100/0x29c [ 50.191645][ C0] ____do_softirq+0x14/0x20 [ 50.192873][ C0] call_on_irq_stack+0x24/0x4c [ 50.194145][ C0] do_softirq_own_stack+0x20/0x2c [ 50.195534][ C0] __irq_exit_rcu+0xb0/0x124 [ 50.196783][ C0] irq_exit_rcu+0x10/0x1c [ 50.197939][ C0] el1_interrupt+0x38/0x68 [ 50.199180][ C0] el1h_64_irq_handler+0x18/0x24 [ 50.200520][ C0] el1h_64_irq+0x64/0x68 [ 50.201791][ C0] arch_local_irq_enable+0xc/0x18 [ 50.203186][ C0] do_idle+0x110/0x2d8 [ 50.204235][ C0] cpu_startup_entry+0x34/0x38 [ 50.205511][ C0] kernel_init+0x0/0x290 [ 50.206696][ C0] start_kernel+0x0/0x4c0 [ 50.207888][ C0] start_kernel+0x30c/0x4c0 [ 50.209081][ C0] __primary_switched+0xb4/0xbc [ 50.210393][ C0] ---[ end trace 0000000000000000 ]--- [ 50.211996][ C0] ------------[ cut here ]------------ [ 50.213441][ C0] usb 1-1: BOGUS urb xfer, pipe 1 != type 3 [ 50.215223][ C0] WARNING: CPU: 0 PID: 0 at drivers/usb/core/urb.c:505 usb_submit_urb+0x594/0x9b4 [ 50.217651][ C0] Modules linked in: [ 50.218701][ C0] CPU: 0 PID: 0 Comm: swapper/0 Tainted: G W 6.1.81-syzkaller #0 [ 50.221237][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 50.223867][ C0] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 50.226018][ C0] pc : usb_submit_urb+0x594/0x9b4 [ 50.227351][ C0] lr : usb_submit_urb+0x594/0x9b4 [ 50.228734][ C0] sp : ffff800008003ba0 [ 50.229886][ C0] x29: ffff800008003bb0 x28: ffff0000cc6fb000 x27: ffff0000cb56e55c [ 50.232110][ C0] x26: ffff80000ce30d70 x25: ffff0000cc6fb0a8 x24: ffff0000cd21c000 [ 50.234302][ C0] x23: ffff80000ce5bbf6 x22: 0000000000000400 x21: 0000000000000002 [ 50.236506][ C0] x20: 0000000000000a20 x19: ffff0000cb56e500 x18: ffff80000bd2d2cc [ 50.238759][ C0] x17: 0000000000068000 x16: 0000000000000001 x15: 0000000000000000 [ 50.240926][ C0] x14: 0000000000000000 x13: 205d304320202020 x12: ffff80000e668000 [ 50.243106][ C0] x11: 0000000000ff0100 x10: 0000000000000000 x9 : c56a38dcd47f8c00 [ 50.245273][ C0] x8 : c56a38dcd47f8c00 x7 : 0000000000000000 x6 : ffff80000bceaa1c [ 50.247509][ C0] x5 : 0000000000000000 x4 : 0000000000000080 x3 : 0000000000000000 [ 50.249623][ C0] x2 : 0000000000000000 x1 : 0000000000000101 x0 : 0000000000000000 [ 50.251846][ C0] Call trace: [ 50.252702][ C0] usb_submit_urb+0x594/0x9b4 [ 50.253972][ C0] bcm5974_irq_trackpad+0x138/0x524 [ 50.255381][ C0] __usb_hcd_giveback_urb+0x16c/0x244 [ 50.256847][ C0] usb_hcd_giveback_urb+0x78/0x238 [ 50.258218][ C0] dummy_timer+0x2c8/0x102c [ 50.259412][ C0] call_timer_fn+0x7c/0x15c [ 50.259900][ T3764] usb 1-1: USB disconnect, device number 5 [ 50.260600][ C0] __run_timers+0x60c/0x6f8 [ 50.263441][ C0] run_timer_softirq+0x34/0x5c [ 50.264776][ C0] __do_softirq+0x100/0x29c [ 50.266034][ C0] ____do_softirq+0x14/0x20 [ 50.267233][ C0] call_on_irq_stack+0x24/0x4c [ 50.268593][ C0] do_softirq_own_stack+0x20/0x2c [ 50.270037][ C0] __irq_exit_rcu+0xb0/0x124 [ 50.271305][ C0] irq_exit_rcu+0x10/0x1c [ 50.272447][ C0] el1_interrupt+0x38/0x68 [ 50.273617][ C0] el1h_64_irq_handler+0x18/0x24 [ 50.274963][ C0] el1h_64_irq+0x64/0x68 [ 50.276118][ C0] arch_local_irq_enable+0xc/0x18 [ 50.277539][ C0] do_idle+0x110/0x2d8 [ 50.278661][ C0] cpu_startup_entry+0x34/0x38 [ 50.279940][ C0] kernel_init+0x0/0x290 [ 50.281082][ C0] start_kernel+0x0/0x4c0 [ 50.282241][ C0] start_kernel+0x30c/0x4c0 [ 50.283432][ C0] __primary_switched+0xb4/0xbc [ 50.284838][ C0] ---[ end trace 0000000000000000 ]--- [ 50.286277][ C0] bcm5974 1-1:0.10: trackpad urb failed: -2 [ 50.289534][ T4146] bcm5974 1-1:0.10: could not read from device [ 51.029505][ T3764] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 51.389523][ T3764] usb 1-1: config 0 has an invalid interface number: 10 but max is 0 [ 51.391655][ T3764] usb 1-1: config 0 has no interface number 0 [ 51.393319][ T3764] usb 1-1: config 0 interface 10 altsetting 0 has an invalid endpoint with address 0x0, skipping [ 51.396103][ T3764] usb 1-1: config 0 interface 10 altsetting 0 endpoint 0x81 has invalid maxpacket 21669, setting to 1024 [ 51.399119][ T3764] usb 1-1: config 0 interface 10 altsetting 0 bulk endpoint 0x81 has invalid maxpacket 1024 [ 51.401907][ T3764] usb 1-1: config 0 interface 10 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1 [ 51.559555][ T3764] usb 1-1: New USB device found, idVendor=05ac, idProduct=024e, bcdDevice=d4.d7 [ 51.561992][ T3764] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 51.564107][ T3764] usb 1-1: Product: syz [ 51.565158][ T3764] usb 1-1: Manufacturer: syz [ 51.566346][ T3764] usb 1-1: SerialNumber: syz [ 51.568007][ T3764] usb 1-1: config 0 descriptor?? [ 51.579665][ T4575] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 51.600238][ T3764] input: bcm5974 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.10/input/input6 [ 52.019537][ T4146] ------------[ cut here ]------------ [ 52.021009][ T4146] usb 1-1: BOGUS urb xfer, pipe 1 != type 3 [ 52.022749][ T4146] WARNING: CPU: 1 PID: 4146 at drivers/usb/core/urb.c:505 usb_submit_urb+0x594/0x9b4 [ 52.025294][ T4146] Modules linked in: [ 52.026279][ T4146] CPU: 1 PID: 4146 Comm: udevd Tainted: G W 6.1.81-syzkaller #0 [ 52.028624][ T4146] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 52.031315][ T4146] pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 52.033489][ T4146] pc : usb_submit_urb+0x594/0x9b4 [ 52.034840][ T4146] lr : usb_submit_urb+0x594/0x9b4 [ 52.036161][ T4146] sp : ffff8000124bb8e0 [ 52.037222][ T4146] x29: ffff8000124bb8f0 x28: ffff0000cd2d3000 x27: ffff0000ca844c5c [ 52.039380][ T4146] x26: ffff80000ce30d70 x25: ffff0000cd2d30a8 x24: ffff0000cc671200 [ 52.041487][ T4146] x23: ffff80000ce5bbf6 x22: 0000000000000400 x21: 0000000000000002 [ 52.043584][ T4146] x20: 0000000000000cc0 x19: ffff0000ca844c00 x18: 0000000000000000 [ 52.045798][ T4146] x17: 0000000000000000 x16: 000000000000001d x15: 0000000000000000 [ 52.047987][ T4146] x14: 0000000000000000 x13: 205d363431345420 x12: ffff80000e668000 [ 52.050051][ T4146] x11: 0000000000ff0100 x10: 0000000000000000 x9 : ec08928ab3279300 [ 52.052222][ T4146] x8 : ec08928ab3279300 x7 : 0000000000000000 x6 : ffff80000bceaa1c [ 52.054382][ T4146] x5 : 0000000000000000 x4 : 0000000000000080 x3 : 0000000000000000 [ 52.056570][ T4146] x2 : 0000000000000000 x1 : 0000000100000000 x0 : 0000000000000000 [ 52.058826][ T4146] Call trace: [ 52.059668][ T4146] usb_submit_urb+0x594/0x9b4 [ 52.060966][ T4146] bcm5974_start_traffic+0xa0/0xfc [ 52.062327][ T4146] bcm5974_open+0x5c/0xb4 [ 52.063520][ T4146] input_open_device+0xe8/0x14c [ 52.064850][ T4146] evdev_open+0x1b4/0x258 [ 52.066077][ T4146] chrdev_open+0x27c/0x2b0 [ 52.067275][ T4146] do_dentry_open+0x36c/0x6f8 [ 52.068520][ T4146] vfs_open+0x38/0x48 [ 52.069554][ T4146] path_openat+0xf04/0x1328 [ 52.070769][ T4146] do_filp_open+0xd0/0x1a8 [ 52.071937][ T4146] do_sys_openat2+0xb8/0x22c [ 52.073179][ T4146] __arm64_sys_openat+0xb0/0xe0 [ 52.074572][ T4146] invoke_syscall+0x64/0x178 [ 52.075830][ T4146] el0_svc_common+0xb8/0x174 [ 52.077120][ T4146] do_el0_svc+0x48/0x174 [ 52.078226][ T4146] el0_svc+0x34/0x110 [ 52.079344][ T4146] el0t_64_sync_handler+0x84/0xf0 [ 52.080701][ T4146] el0t_64_sync+0x18c/0x190 [ 52.081895][ T4146] ---[ end trace 0000000000000000 ]--- [ 52.099489][ C1] ------------[ cut here ]------------ [ 52.101008][ C1] usb 1-1: BOGUS urb xfer, pipe 1 != type 3 [ 52.102873][ C1] WARNING: CPU: 1 PID: 0 at drivers/usb/core/urb.c:505 usb_submit_urb+0x594/0x9b4 [ 52.105463][ C1] Modules linked in: [ 52.106538][ C1] CPU: 1 PID: 0 Comm: swapper/1 Tainted: G W 6.1.81-syzkaller #0 [ 52.109050][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 52.111827][ C1] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 52.113969][ C1] pc : usb_submit_urb+0x594/0x9b4 [ 52.115375][ C1] lr : usb_submit_urb+0x594/0x9b4 [ 52.116742][ C1] sp : ffff80000800bba0 [ 52.117888][ C1] x29: ffff80000800bbb0 x28: ffff0000cd2d3000 x27: ffff0000ca844c5c [ 52.120102][ C1] x26: ffff80000ce30d70 x25: ffff0000cd2d30a8 x24: ffff0000cc671200 [ 52.122250][ C1] x23: ffff80000ce5bbf6 x22: 0000000000000400 x21: 0000000000000002 [ 52.124408][ C1] x20: 0000000000000a20 x19: ffff0000ca844c00 x18: 0000000000000000 [ 52.126657][ C1] x17: ffff8001f1642000 x16: ffff800008008000 x15: 0000000000000000 [ 52.128868][ C1] x14: 0000000000000000 x13: 205d314320202020 x12: ffff80000e668000 [ 52.131143][ C1] x11: 0000000000ff0100 x10: 0000000000000000 x9 : dbf5a76b50962000 [ 52.133252][ C1] x8 : dbf5a76b50962000 x7 : 0000000000000000 x6 : ffff80000bceaa1c [ 52.135498][ C1] x5 : 0000000000000000 x4 : 0000000000000080 x3 : 0000000000000000 [ 52.137694][ C1] x2 : 0000000000000000 x1 : 0000000100000101 x0 : 0000000000000000 [ 52.139950][ C1] Call trace: [ 52.140830][ C1] usb_submit_urb+0x594/0x9b4 [ 52.142066][ C1] bcm5974_irq_trackpad+0x138/0x524 [ 52.143563][ C1] __usb_hcd_giveback_urb+0x16c/0x244 [ 52.145004][ C1] usb_hcd_giveback_urb+0x78/0x238 [ 52.146368][ C1] dummy_timer+0x2c8/0x102c [ 52.147629][ C1] call_timer_fn+0x7c/0x15c [ 52.148858][ C1] __run_timers+0x60c/0x6f8 [ 52.150049][ C1] run_timer_softirq+0x34/0x5c [ 52.151327][ C1] __do_softirq+0x100/0x29c [ 52.152485][ C1] ____do_softirq+0x14/0x20 [ 52.153688][ C1] call_on_irq_stack+0x24/0x4c [ 52.154975][ C1] do_softirq_own_stack+0x20/0x2c [ 52.156375][ C1] __irq_exit_rcu+0xb0/0x124 [ 52.157645][ C1] irq_exit_rcu+0x10/0x1c [ 52.158811][ C1] el1_interrupt+0x38/0x68 [ 52.159986][ C1] el1h_64_irq_handler+0x18/0x24 [ 52.161382][ C1] el1h_64_irq+0x64/0x68 [ 52.162539][ C1] arch_local_irq_enable+0xc/0x18 [ 52.163991][ C1] do_idle+0x110/0x2d8 [ 52.165092][ C1] cpu_startup_entry+0x34/0x38 [ 52.166379][ C1] secondary_start_kernel+0x150/0x178 [ 52.167861][ C1] __secondary_switched+0xb0/0xb4 [ 52.169195][ C1] ---[ end trace 0000000000000000 ]--- [ 52.170734][ C1] ------------[ cut here ]------------ [ 52.172145][ C1] usb 1-1: BOGUS urb xfer, pipe 1 != type 3 [ 52.173893][ C1] WARNING: CPU: 1 PID: 0 at drivers/usb/core/urb.c:505 usb_submit_urb+0x594/0x9b4 [ 52.176343][ C1] Modules linked in: [ 52.177328][ C1] CPU: 1 PID: 0 Comm: swapper/1 Tainted: G W 6.1.81-syzkaller #0 [ 52.179772][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 52.182427][ C1] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 52.184557][ C1] pc : usb_submit_urb+0x594/0x9b4 [ 52.185933][ C1] lr : usb_submit_urb+0x594/0x9b4 [ 52.187261][ C1] sp : ffff80000800bba0 [ 52.188350][ C1] x29: ffff80000800bbb0 x28: ffff0000cd2d3000 x27: ffff0000ca844c5c [ 52.190535][ C1] x26: ffff80000ce30d70 x25: ffff0000cd2d30a8 x24: ffff0000cc671200 [ 52.192703][ C1] x23: ffff80000ce5bbf6 x22: 0000000000000400 x21: 0000000000000002 [ 52.194865][ C1] x20: 0000000000000a20 x19: ffff0000ca844c00 x18: ffff80000bd2d2cc [ 52.197055][ C1] x17: 0000000000000000 x16: 0000000000000009 x15: 0000000000000000 [ 52.199253][ C1] x14: 0000000000000000 x13: 205d314320202020 x12: ffff80000e668000 [ 52.201402][ C1] x11: 0000000000ff0100 x10: 0000000000000000 x9 : dbf5a76b50962000 [ 52.203515][ C1] x8 : dbf5a76b50962000 x7 : 0000000000000000 x6 : ffff80000bceaa1c [ 52.205643][ C1] x5 : 0000000000000000 x4 : 0000000000000080 x3 : 0000000000000000 [ 52.207832][ C1] x2 : 0000000000000000 x1 : 0000000000000101 x0 : 0000000000000000 [ 52.209926][ C1] Call trace: [ 52.210764][ C1] usb_submit_urb+0x594/0x9b4 [ 52.212010][ C1] bcm5974_irq_trackpad+0x138/0x524 [ 52.213423][ C1] __usb_hcd_giveback_urb+0x16c/0x244 [ 52.214873][ C1] usb_hcd_giveback_urb+0x78/0x238 [ 52.216260][ C1] dummy_timer+0x2c8/0x102c [ 52.217493][ C1] call_timer_fn+0x7c/0x15c [ 52.218694][ C1] __run_timers+0x60c/0x6f8 [ 52.219858][ T26] usb 1-1: USB disconnect, device number 6 [ 52.220000][ C1] run_timer_softirq+0x34/0x5c [ 52.222772][ C1] __do_softirq+0x100/0x29c [ 52.223996][ C1] ____do_softirq+0x14/0x20 [ 52.225185][ C1] call_on_irq_stack+0x24/0x4c [ 52.226504][ C1] do_softirq_own_stack+0x20/0x2c [ 52.227898][ C1] __irq_exit_rcu+0xb0/0x124 [ 52.229081][ C1] irq_exit_rcu+0x10/0x1c [ 52.230236][ C1] el1_interrupt+0x38/0x68 [ 52.231432][ C1] el1h_64_irq_handler+0x18/0x24 [ 52.232763][ C1] el1h_64_irq+0x64/0x68 [ 52.233903][ C1] arch_local_irq_enable+0xc/0x18 [ 52.235282][ C1] do_idle+0x110/0x2d8 [ 52.236346][ C1] cpu_startup_entry+0x34/0x38 [ 52.237612][ C1] secondary_start_kernel+0x150/0x178 [ 52.239048][ C1] __secondary_switched+0xb0/0xb4 [ 52.240446][ C1] ---[ end trace 0000000000000000 ]--- [ 52.241895][ C1] bcm5974 1-1:0.10: trackpad urb failed: -2 [ 52.243896][ T4146] bcm5974 1-1:0.10: could not read from device 2024/03/12 19:13:47 executed programs: 5 [ 52.989563][ T3764] usb 1-1: new high-speed USB device number 7 using dummy_hcd [ 53.349561][ T3764] usb 1-1: config 0 has an invalid interface number: 10 but max is 0 [ 53.351821][ T3764] usb 1-1: config 0 has no interface number 0 [ 53.353435][ T3764] usb 1-1: config 0 interface 10 altsetting 0 has an invalid endpoint with address 0x0, skipping [ 53.356260][ T3764] usb 1-1: config 0 interface 10 altsetting 0 endpoint 0x81 has invalid maxpacket 21669, setting to 1024 [ 53.359339][ T3764] usb 1-1: config 0 interface 10 altsetting 0 bulk endpoint 0x81 has invalid maxpacket 1024 [ 53.362147][ T3764] usb 1-1: config 0 interface 10 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1 [ 53.519513][ T3764] usb 1-1: New USB device found, idVendor=05ac, idProduct=024e, bcdDevice=d4.d7 [ 53.521973][ T3764] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 53.524126][ T3764] usb 1-1: Product: syz [ 53.525208][ T3764] usb 1-1: Manufacturer: syz [ 53.526402][ T3764] usb 1-1: SerialNumber: syz [ 53.528115][ T3764] usb 1-1: config 0 descriptor?? [ 53.559610][ T4577] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 53.590384][ T3764] input: bcm5974 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.10/input/input7 [ 54.029592][ T4146] ------------[ cut here ]------------ [ 54.031017][ T4146] usb 1-1: BOGUS urb xfer, pipe 1 != type 3 [ 54.032793][ T4146] WARNING: CPU: 1 PID: 4146 at drivers/usb/core/urb.c:505 usb_submit_urb+0x594/0x9b4 [ 54.035278][ T4146] Modules linked in: [ 54.036275][ T4146] CPU: 1 PID: 4146 Comm: udevd Tainted: G W 6.1.81-syzkaller #0 [ 54.038630][ T4146] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 54.041354][ T4146] pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 54.043497][ T4146] pc : usb_submit_urb+0x594/0x9b4 [ 54.044848][ T4146] lr : usb_submit_urb+0x594/0x9b4 [ 54.046184][ T4146] sp : ffff8000124bb8e0 [ 54.047313][ T4146] x29: ffff8000124bb8f0 x28: ffff0000cd2d1800 x27: ffff0000cc6b2d5c [ 54.049528][ T4146] x26: ffff80000ce30d70 x25: ffff0000cd2d18a8 x24: ffff0000d1a3e500 [ 54.051728][ T4146] x23: ffff80000ce5bbf6 x22: 0000000000000400 x21: 0000000000000002 [ 54.053952][ T4146] x20: 0000000000000cc0 x19: ffff0000cc6b2d00 x18: 0000000000000000 [ 54.056014][ T4146] x17: 0000000000000000 x16: 0000000000000028 x15: 0000000000000000 [ 54.058191][ T4146] x14: 0000000000000000 x13: 205d363431345420 x12: ffff80000e668000 [ 54.060291][ T4146] x11: 0000000000ff0100 x10: 0000000000000000 x9 : ec08928ab3279300 [ 54.062487][ T4146] x8 : ec08928ab3279300 x7 : 0000000000000000 x6 : ffff80000bceaa1c [ 54.064664][ T4146] x5 : 0000000000000000 x4 : 0000000000000080 x3 : 0000000000000000 [ 54.066788][ T4146] x2 : 0000000000000000 x1 : 0000000100000000 x0 : 0000000000000000 [ 54.068961][ T4146] Call trace: [ 54.069800][ T4146] usb_submit_urb+0x594/0x9b4 [ 54.071054][ T4146] bcm5974_start_traffic+0xa0/0xfc [ 54.072417][ T4146] bcm5974_open+0x5c/0xb4 [ 54.073561][ T4146] input_open_device+0xe8/0x14c [ 54.074880][ T4146] evdev_open+0x1b4/0x258 [ 54.076047][ T4146] chrdev_open+0x27c/0x2b0 [ 54.077265][ T4146] do_dentry_open+0x36c/0x6f8 [ 54.078500][ T4146] vfs_open+0x38/0x48 [ 54.079537][ T4146] path_openat+0xf04/0x1328 [ 54.080742][ T4146] do_filp_open+0xd0/0x1a8 [ 54.081914][ T4146] do_sys_openat2+0xb8/0x22c [ 54.083143][ T4146] __arm64_sys_openat+0xb0/0xe0 [ 54.084381][ T4146] invoke_syscall+0x64/0x178 [ 54.085562][ T4146] el0_svc_common+0xb8/0x174 [ 54.086799][ T4146] do_el0_svc+0x48/0x174 [ 54.087926][ T4146] el0_svc+0x34/0x110 [ 54.088961][ T4146] el0t_64_sync_handler+0x84/0xf0 [ 54.090317][ T4146] el0t_64_sync+0x18c/0x190 [ 54.091527][ T4146] ---[ end trace 0000000000000000 ]--- [ 54.109495][ C1] ------------[ cut here ]------------ [ 54.110887][ C1] usb 1-1: BOGUS urb xfer, pipe 1 != type 3 [ 54.112684][ C1] WARNING: CPU: 1 PID: 0 at drivers/usb/core/urb.c:505 usb_submit_urb+0x594/0x9b4 [ 54.115116][ C1] Modules linked in: