[ 27.799998][ T307] bridge_slave_0: left promiscuous mode [ 27.801160][ T307] bridge0: port 1(bridge_slave_0) entered disabled state [ 28.462620][ T307] hsr_slave_0: left promiscuous mode [ 28.501385][ T307] hsr_slave_1: left promiscuous mode [ 28.601845][ T307] veth1_macvtap: left promiscuous mode [ 28.602906][ T307] veth0_macvtap: left promiscuous mode [ 28.604076][ T307] veth1_vlan: left promiscuous mode [ 28.605163][ T307] veth0_vlan: left promiscuous mode [ 28.627523][ T307] team0 (unregistering): Port device team_slave_1 removed [ 28.630033][ T307] team0 (unregistering): Port device team_slave_0 removed Warning: Permanently added '10.128.0.126' (ED25519) to the list of known hosts. 2024/03/28 05:51:59 ignoring optional flag "sandboxArg"="0" 2024/03/28 05:51:59 parsed 1 programs [ 40.983418][ T5608] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k SS 2024/03/28 05:52:00 executed programs: 0 [ 41.045471][ T5616] bridge0: port 1(bridge_slave_0) entered blocking state [ 41.047403][ T5616] bridge0: port 1(bridge_slave_0) entered disabled state [ 41.049352][ T5616] bridge_slave_0: entered allmulticast mode [ 41.051049][ T5616] bridge_slave_0: entered promiscuous mode [ 41.053160][ T5616] bridge0: port 2(bridge_slave_1) entered blocking state [ 41.055011][ T5616] bridge0: port 2(bridge_slave_1) entered disabled state [ 41.056873][ T5616] bridge_slave_1: entered allmulticast mode [ 41.058602][ T5616] bridge_slave_1: entered promiscuous mode [ 41.077798][ T5616] team0: Port device team_slave_0 added [ 41.079598][ T5616] team0: Port device team_slave_1 added [ 41.112415][ T5616] hsr_slave_0: entered promiscuous mode [ 41.171280][ T5616] hsr_slave_1: entered promiscuous mode [ 41.595718][ T5616] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 41.597981][ T5616] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 41.600247][ T5616] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 41.602472][ T5616] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 41.608013][ T5616] bridge0: port 2(bridge_slave_1) entered blocking state [ 41.609989][ T5616] bridge0: port 2(bridge_slave_1) entered forwarding state [ 41.611902][ T5616] bridge0: port 1(bridge_slave_0) entered blocking state [ 41.613696][ T5616] bridge0: port 1(bridge_slave_0) entered forwarding state [ 41.654942][ T4951] bridge0: port 1(bridge_slave_0) entered disabled state [ 41.656972][ T4951] bridge0: port 2(bridge_slave_1) entered disabled state [ 41.659954][ T5616] 8021q: adding VLAN 0 to HW filter on device team0 [ 41.663221][ T4951] bridge0: port 1(bridge_slave_0) entered blocking state [ 41.665039][ T4951] bridge0: port 1(bridge_slave_0) entered forwarding state [ 41.668374][ T5267] bridge0: port 2(bridge_slave_1) entered blocking state [ 41.670273][ T5267] bridge0: port 2(bridge_slave_1) entered forwarding state [ 41.766692][ T5616] veth0_vlan: entered promiscuous mode [ 41.769048][ T5616] veth1_vlan: entered promiscuous mode [ 41.773454][ T5616] veth0_macvtap: entered promiscuous mode [ 41.775346][ T5616] veth1_macvtap: entered promiscuous mode [ 41.830240][ T5267] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 41.833585][ T5267] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 41.836764][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 41.838787][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 42.161449][ T4951] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 42.551279][ T4951] usb 1-1: config 0 has an invalid interface number: 10 but max is 0 [ 42.553387][ T4951] usb 1-1: config 0 has no interface number 0 [ 42.554990][ T4951] usb 1-1: config 0 interface 10 altsetting 0 has an invalid endpoint with address 0x0, skipping [ 42.557710][ T4951] usb 1-1: config 0 interface 10 altsetting 0 endpoint 0x81 has invalid maxpacket 21669, setting to 1024 [ 42.560661][ T4951] usb 1-1: config 0 interface 10 altsetting 0 bulk endpoint 0x81 has invalid maxpacket 1024 [ 42.563305][ T4951] usb 1-1: config 0 interface 10 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1 [ 42.721453][ T4951] usb 1-1: New USB device found, idVendor=05ac, idProduct=024e, bcdDevice=d4.d7 [ 42.723814][ T4951] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 42.726013][ T4951] usb 1-1: Product: syz [ 42.727051][ T4951] usb 1-1: Manufacturer: syz [ 42.728208][ T4951] usb 1-1: SerialNumber: syz [ 42.729819][ T4951] usb 1-1: config 0 descriptor?? [ 42.741290][ T5885] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 42.771799][ T4951] input: bcm5974 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.10/input/input2 [ 43.191249][ T5641] ------------[ cut here ]------------ [ 43.192710][ T5641] usb 1-1: BOGUS urb xfer, pipe 1 != type 3 [ 43.194469][ T5641] WARNING: CPU: 1 PID: 5641 at drivers/usb/core/urb.c:504 usb_submit_urb+0x570/0x8b8 [ 43.196919][ T5641] Modules linked in: [ 43.197935][ T5641] CPU: 1 PID: 5641 Comm: udevd Not tainted 6.9.0-rc1-syzkaller #0 [ 43.199889][ T5641] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/29/2024 [ 43.202544][ T5641] pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 43.204652][ T5641] pc : usb_submit_urb+0x570/0x8b8 [ 43.205991][ T5641] lr : usb_submit_urb+0x570/0x8b8 [ 43.207325][ T5641] sp : ffff8000923b3920 [ 43.208407][ T5641] x29: ffff8000923b3930 x28: ffff0000ce04f59c x27: ffff0000cb3f0800 [ 43.210506][ T5641] x26: ffff8000851345ec x25: 0000000000000001 x24: ffff0000cb3f08a8 [ 43.212665][ T5641] x23: ffff0000cf014c70 x22: ffff80008515e89e x21: 0000000000000002 [ 43.214751][ T5641] x20: 0000000000000cc0 x19: ffff0000ce04f540 x18: 0000000000000000 [ 43.216847][ T5641] x17: 0000000000000000 x16: 0000000000000020 x15: 0000000000000043 [ 43.218903][ T5641] x14: 0000000000000000 x13: ffff8000869e4000 x12: 0000000000000400 [ 43.221084][ T5641] x11: 000000009fb16957 x10: 0000000000ff0100 x9 : 44a9459915257500 [ 43.223183][ T5641] x8 : 44a9459915257500 x7 : 0000000000000000 x6 : ffff800083ef1438 [ 43.225252][ T5641] x5 : 0000000000000000 x4 : 0000000000000001 x3 : 0000000000000000 [ 43.227338][ T5641] x2 : 0000000000000000 x1 : 0000000100000000 x0 : 0000000000000000 [ 43.229433][ T5641] Call trace: [ 43.230240][ T5641] usb_submit_urb+0x570/0x8b8 [ 43.231496][ T5641] bcm5974_start_traffic+0xa0/0xfc [ 43.232842][ T5641] bcm5974_open+0x5c/0xb4 [ 43.233974][ T5641] input_open_device+0xe8/0x14c [ 43.235299][ T5641] evdev_open+0x1b4/0x258 [ 43.236439][ T5641] chrdev_open+0x25c/0x290 [ 43.237603][ T5641] do_dentry_open+0x36c/0x878 [ 43.238798][ T5641] vfs_open+0x38/0x48 [ 43.239815][ T5641] path_openat+0x1050/0x1438 [ 43.240991][ T5641] do_filp_open+0xd0/0x1a8 [ 43.242152][ T5641] do_sys_openat2+0xb0/0x128 [ 43.243342][ T5641] __arm64_sys_openat+0xb0/0xe0 [ 43.244652][ T5641] invoke_syscall+0x64/0x170 [ 43.245870][ T5641] el0_svc_common+0xb4/0x164 [ 43.247042][ T5641] do_el0_svc+0x2c/0x3c [ 43.248164][ T5641] el0_svc+0x3c/0x110 [ 43.249222][ T5641] el0t_64_sync_handler+0x84/0xfc [ 43.250600][ T5641] el0t_64_sync+0x190/0x194 [ 43.251771][ T5641] ---[ end trace 0000000000000000 ]--- [ 43.271235][ C1] ------------[ cut here ]------------ [ 43.272646][ C1] usb 1-1: BOGUS urb xfer, pipe 1 != type 3 [ 43.274398][ C1] WARNING: CPU: 1 PID: 0 at drivers/usb/core/urb.c:504 usb_submit_urb+0x570/0x8b8 [ 43.276818][ C1] Modules linked in: [ 43.277795][ C1] CPU: 1 PID: 0 Comm: swapper/1 Tainted: G W 6.9.0-rc1-syzkaller #0 [ 43.280180][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/29/2024 [ 43.282804][ C1] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 43.284764][ C1] pc : usb_submit_urb+0x570/0x8b8 [ 43.286111][ C1] lr : usb_submit_urb+0x570/0x8b8 [ 43.287481][ C1] sp : ffff80008000bba0 [ 43.288574][ C1] x29: ffff80008000bbb0 x28: ffff0000ce04f59c x27: ffff0000cb3f0800 [ 43.290710][ C1] x26: ffff8000851345ec x25: 0000000000000001 x24: ffff0000cb3f08a8 [ 43.292946][ C1] x23: ffff0000cf014c70 x22: ffff80008515e89e x21: 0000000000000002 [ 43.295084][ C1] x20: 0000000000000820 x19: ffff0000ce04f540 x18: 0000000000000000 [ 43.297183][ C1] x17: ffff8001792fa000 x16: ffff800080008000 x15: ffff800083f2ef00 [ 43.299324][ C1] x14: 0000000000000000 x13: ffff8000869e4000 x12: 0000000000000400 [ 43.301457][ C1] x11: 000000006d38f931 x10: 0000000000ff0100 x9 : 283f83edf3354100 [ 43.303641][ C1] x8 : 283f83edf3354100 x7 : 0000000000000000 x6 : ffff800083ef1438 [ 43.305750][ C1] x5 : 0000000000000000 x4 : 0000000000000001 x3 : 0000000000000000 [ 43.307867][ C1] x2 : 0000000000000000 x1 : 0000000100000101 x0 : 0000000000000000 [ 43.310005][ C1] Call trace: [ 43.310875][ C1] usb_submit_urb+0x570/0x8b8 [ 43.312051][ C1] bcm5974_irq_trackpad+0x138/0x524 [ 43.313464][ C1] __usb_hcd_giveback_urb+0x16c/0x244 [ 43.314872][ C1] usb_hcd_giveback_urb+0x78/0x198 [ 43.316221][ C1] dummy_timer+0x2b0/0x1720 [ 43.317433][ C1] call_timer_fn+0x7c/0x14c [ 43.318603][ C1] __run_timer_base+0x63c/0x738 [ 43.319840][ C1] run_timer_softirq+0x4c/0x8c [ 43.321147][ C1] __do_softirq+0xfc/0x278 [ 43.322318][ C1] ____do_softirq+0x14/0x20 [ 43.323486][ C1] call_on_irq_stack+0x24/0x4c [ 43.324704][ C1] do_softirq_own_stack+0x20/0x2c [ 43.326080][ C1] __irq_exit_rcu+0x5c/0xd4 [ 43.327247][ C1] irq_exit_rcu+0x10/0x1c [ 43.328352][ C1] el1_interrupt+0x38/0x68 [ 43.329514][ C1] el1h_64_irq_handler+0x18/0x24 [ 43.330790][ C1] el1h_64_irq+0x64/0x68 [ 43.331919][ C1] arch_local_irq_enable+0x8/0xc [ 43.333180][ C1] do_idle+0xfc/0x28c [ 43.334305][ C1] cpu_startup_entry+0x34/0x38 [ 43.335548][ C1] secondary_start_kernel+0x150/0x178 [ 43.336970][ C1] __secondary_switched+0xb8/0xbc [ 43.338314][ C1] ---[ end trace 0000000000000000 ]--- [ 43.391618][ T5267] usb 1-1: USB disconnect, device number 2 [ 43.421238][ T5641] bcm5974 1-1:0.10: could not read from device [ 44.181276][ T5191] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 44.541287][ T5191] usb 1-1: config 0 has an invalid interface number: 10 but max is 0 [ 44.543516][ T5191] usb 1-1: config 0 has no interface number 0 [ 44.545161][ T5191] usb 1-1: config 0 interface 10 altsetting 0 has an invalid endpoint with address 0x0, skipping [ 44.547982][ T5191] usb 1-1: config 0 interface 10 altsetting 0 endpoint 0x81 has invalid maxpacket 21669, setting to 1024 [ 44.550922][ T5191] usb 1-1: config 0 interface 10 altsetting 0 bulk endpoint 0x81 has invalid maxpacket 1024 [ 44.553703][ T5191] usb 1-1: config 0 interface 10 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1 [ 44.711273][ T5191] usb 1-1: New USB device found, idVendor=05ac, idProduct=024e, bcdDevice=d4.d7 [ 44.713740][ T5191] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 44.715756][ T5191] usb 1-1: Product: syz [ 44.716894][ T5191] usb 1-1: Manufacturer: syz [ 44.718048][ T5191] usb 1-1: SerialNumber: syz [ 44.719718][ T5191] usb 1-1: config 0 descriptor?? [ 44.731291][ T6031] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 44.751857][ T5191] input: bcm5974 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.10/input/input3 [ 45.181279][ T5641] ------------[ cut here ]------------ [ 45.182866][ T5641] usb 1-1: BOGUS urb xfer, pipe 1 != type 3 [ 45.184637][ T5641] WARNING: CPU: 1 PID: 5641 at drivers/usb/core/urb.c:504 usb_submit_urb+0x570/0x8b8 [ 45.187172][ T5641] Modules linked in: [ 45.188207][ T5641] CPU: 1 PID: 5641 Comm: udevd Tainted: G W 6.9.0-rc1-syzkaller #0 [ 45.190529][ T5641] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/29/2024 [ 45.193214][ T5641] pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 45.195295][ T5641] pc : usb_submit_urb+0x570/0x8b8 [ 45.196644][ T5641] lr : usb_submit_urb+0x570/0x8b8 [ 45.197969][ T5641] sp : ffff8000923b3920 [ 45.199069][ T5641] x29: ffff8000923b3930 x28: ffff0000ce04fc5c x27: ffff0000c8bfb000 [ 45.201274][ T5641] x26: ffff8000851345ec x25: 0000000000000001 x24: ffff0000c8bfb0a8 [ 45.203421][ T5641] x23: ffff0000cf014e30 x22: ffff80008515e89e x21: 0000000000000002 [ 45.205505][ T5641] x20: 0000000000000cc0 x19: ffff0000ce04fc00 x18: 0000000000000000 [ 45.207586][ T5641] x17: 00000000000407c0 x16: 0000000000000020 x15: 0000000000000276 [ 45.209725][ T5641] x14: 0000000000000000 x13: ffff8000869e4000 x12: 0000000000000400 [ 45.211848][ T5641] x11: 000000009fb16957 x10: 0000000000ff0100 x9 : 44a9459915257500 [ 45.213928][ T5641] x8 : 44a9459915257500 x7 : 0000000000000000 x6 : ffff800083ef1438 [ 45.216001][ T5641] x5 : 0000000000000000 x4 : 0000000000000001 x3 : 0000000000000000 [ 45.218152][ T5641] x2 : 0000000000000000 x1 : 0000000100000000 x0 : 0000000000000000 [ 45.220195][ T5641] Call trace: [ 45.221034][ T5641] usb_submit_urb+0x570/0x8b8 [ 45.222305][ T5641] bcm5974_start_traffic+0xa0/0xfc [ 45.223661][ T5641] bcm5974_open+0x5c/0xb4 [ 45.224850][ T5641] input_open_device+0xe8/0x14c [ 45.226142][ T5641] evdev_open+0x1b4/0x258 [ 45.227280][ T5641] chrdev_open+0x25c/0x290 [ 45.228474][ T5641] do_dentry_open+0x36c/0x878 [ 45.229672][ T5641] vfs_open+0x38/0x48 [ 45.230730][ T5641] path_openat+0x1050/0x1438 [ 45.231939][ T5641] do_filp_open+0xd0/0x1a8 [ 45.233123][ T5641] do_sys_openat2+0xb0/0x128 [ 45.234299][ T5641] __arm64_sys_openat+0xb0/0xe0 [ 45.235567][ T5641] invoke_syscall+0x64/0x170 [ 45.236738][ T5641] el0_svc_common+0xb4/0x164 [ 45.237947][ T5641] do_el0_svc+0x2c/0x3c [ 45.239071][ T5641] el0_svc+0x3c/0x110 [ 45.240099][ T5641] el0t_64_sync_handler+0x84/0xfc [ 45.241414][ T5641] el0t_64_sync+0x190/0x194 [ 45.242563][ T5641] ---[ end trace 0000000000000000 ]--- [ 45.261217][ C0] ------------[ cut here ]------------ [ 45.262656][ C0] usb 1-1: BOGUS urb xfer, pipe 1 != type 3 [ 45.264530][ C0] WARNING: CPU: 0 PID: 0 at drivers/usb/core/urb.c:504 usb_submit_urb+0x570/0x8b8 [ 45.267071][ C0] Modules linked in: [ 45.268074][ C0] CPU: 0 PID: 0 Comm: swapper/0 Tainted: G W 6.9.0-rc1-syzkaller #0 [ 45.270640][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/29/2024 [ 45.273338][ C0] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 45.275384][ C0] pc : usb_submit_urb+0x570/0x8b8 [ 45.276695][ C0] lr : usb_submit_urb+0x570/0x8b8 [ 45.278035][ C0] sp : ffff800080003ba0 [ 45.279110][ C0] x29: ffff800080003bb0 x28: ffff0000ce04fc5c x27: ffff0000c8bfb000 [ 45.281295][ C0] x26: ffff8000851345ec x25: 0000000000000001 x24: ffff0000c8bfb0a8 [ 45.283448][ C0] x23: ffff0000cf014e30 x22: ffff80008515e89e x21: 0000000000000002 [ 45.285635][ C0] x20: 0000000000000820 x19: ffff0000ce04fc00 x18: 0000000000000000 [ 45.287684][ C0] x17: ffff8001792df000 x16: ffff800080000000 x15: ffff800083f2ef00 [ 45.289837][ C0] x14: 0000000000000000 x13: ffff8000869e4000 x12: 0000000000000400 [ 45.291999][ C0] x11: 000000006d38f931 x10: 0000000000ff0100 x9 : 2a978558918c6200 [ 45.294127][ C0] x8 : 2a978558918c6200 x7 : 0000000000000000 x6 : ffff800083ef1438 [ 45.296266][ C0] x5 : 0000000000000000 x4 : 0000000000000001 x3 : 0000000000000000 [ 45.298452][ C0] x2 : 0000000000000000 x1 : 0000000100000101 x0 : 0000000000000000 [ 45.300574][ C0] Call trace: [ 45.301430][ C0] usb_submit_urb+0x570/0x8b8 [ 45.302696][ C0] bcm5974_irq_trackpad+0x138/0x524 [ 45.304084][ C0] __usb_hcd_giveback_urb+0x16c/0x244 [ 45.305564][ C0] usb_hcd_giveback_urb+0x78/0x198 [ 45.306968][ C0] dummy_timer+0x2b0/0x1720 [ 45.308139][ C0] call_timer_fn+0x7c/0x14c [ 45.309392][ C0] __run_timer_base+0x63c/0x738 [ 45.310752][ C0] run_timer_softirq+0x4c/0x8c [ 45.312014][ C0] __do_softirq+0xfc/0x278 [ 45.313217][ C0] ____do_softirq+0x14/0x20 [ 45.314417][ C0] call_on_irq_stack+0x24/0x4c [ 45.315703][ C0] do_softirq_own_stack+0x20/0x2c [ 45.317077][ C0] __irq_exit_rcu+0x5c/0xd4 [ 45.318275][ C0] irq_exit_rcu+0x10/0x1c [ 45.319470][ C0] el1_interrupt+0x38/0x68 [ 45.320580][ C0] el1h_64_irq_handler+0x18/0x24 [ 45.321893][ C0] el1h_64_irq+0x64/0x68 [ 45.322971][ C0] arch_local_irq_enable+0x8/0xc [ 45.324261][ C0] do_idle+0xfc/0x28c [ 45.325306][ C0] cpu_startup_entry+0x34/0x38 [ 45.326618][ C0] kernel_init+0x0/0x290 [ 45.327734][ C0] start_kernel+0x2e0/0x3b8 [ 45.328932][ C0] __primary_switched+0x80/0x88 [ 45.330300][ C0] ---[ end trace 0000000000000000 ]--- [ 45.331850][ C0] ------------[ cut here ]------------ [ 45.333328][ C0] usb 1-1: BOGUS urb xfer, pipe 1 != type 3 [ 45.335081][ C0] WARNING: CPU: 0 PID: 0 at drivers/usb/core/urb.c:504 usb_submit_urb+0x570/0x8b8 [ 45.337525][ C0] Modules linked in: [ 45.338506][ C0] CPU: 0 PID: 0 Comm: swapper/0 Tainted: G W 6.9.0-rc1-syzkaller #0 [ 45.340984][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/29/2024 [ 45.343655][ C0] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 45.345706][ C0] pc : usb_submit_urb+0x570/0x8b8 [ 45.347041][ C0] lr : usb_submit_urb+0x570/0x8b8 [ 45.348403][ C0] sp : ffff800080003ba0 [ 45.349486][ C0] x29: ffff800080003bb0 x28: ffff0000ce04fc5c x27: ffff0000c8bfb000 [ 45.351517][ C0] x26: ffff8000851345ec x25: 0000000000000001 x24: ffff0000c8bfb0a8 [ 45.353619][ C0] x23: ffff0000cf014e30 x22: ffff80008515e89e x21: 0000000000000002 [ 45.355738][ C0] x20: 0000000000000820 x19: ffff0000ce04fc00 x18: 0000000000000000 [ 45.357835][ C0] x17: ffff8001792df000 x16: ffff800080000000 x15: ffff800080011ae8 [ 45.359972][ C0] x14: 0000000000000000 x13: ffff8000869e4000 x12: 0000000000000400 [ 45.362084][ C0] x11: 000000006d38f931 x10: 0000000000ff0100 x9 : 2a978558918c6200 [ 45.364271][ C0] x8 : 2a978558918c6200 x7 : 0000000000000000 x6 : ffff800083ef1438 [ 45.366413][ C0] x5 : 0000000000000000 x4 : 0000000000000001 x3 : 0000000000000000 [ 45.368483][ C0] x2 : 0000000000000000 x1 : 0000000000000101 x0 : 0000000000000000 [ 45.370622][ C0] Call trace: [ 45.371473][ C0] usb_submit_urb+0x570/0x8b8 [ 45.372663][ C0] bcm5974_irq_trackpad+0x138/0x524 [ 45.374037][ C0] __usb_hcd_giveback_urb+0x16c/0x244 [ 45.375444][ C0] usb_hcd_giveback_urb+0x78/0x198 [ 45.376813][ C0] dummy_timer+0x2b0/0x1720 [ 45.377973][ C0] call_timer_fn+0x7c/0x14c [ 45.379227][ C0] __run_timer_base+0x63c/0x738 [ 45.380470][ C0] run_timer_softirq+0x4c/0x8c [ 45.381749][ C0] __do_softirq+0xfc/0x278 [ 45.382921][ C0] ____do_softirq+0x14/0x20 [ 45.384104][ C0] call_on_irq_stack+0x24/0x4c [ 45.385348][ C0] do_softirq_own_stack+0x20/0x2c [ 45.386664][ C0] __irq_exit_rcu+0x5c/0xd4 [ 45.387856][ C0] irq_exit_rcu+0x10/0x1c [ 45.388969][ C0] el1_interrupt+0x38/0x68 [ 45.390170][ C0] el1h_64_irq_handler+0x18/0x24 [ 45.391413][ C0] el1h_64_irq+0x64/0x68 [ 45.392477][ C0] arch_local_irq_enable+0x8/0xc [ 45.393750][ C0] do_idle+0xfc/0x28c [ 45.394778][ C0] cpu_startup_entry+0x34/0x38 [ 45.396017][ C0] kernel_init+0x0/0x290 [ 45.397117][ C0] start_kernel+0x2e0/0x3b8 [ 45.398303][ C0] __primary_switched+0x80/0x88 [ 45.399573][ C0] ---[ end trace 0000000000000000 ]--- [ 45.401024][ C0] ------------[ cut here ]------------ [ 45.402151][ T5191] usb 1-1: USB disconnect, device number 3 [ 45.402503][ C0] usb 1-1: BOGUS urb xfer, pipe 1 != type 3 [ 45.405834][ C0] WARNING: CPU: 0 PID: 0 at drivers/usb/core/urb.c:504 usb_submit_urb+0x570/0x8b8 [ 45.408322][ C0] Modules linked in: [ 45.409318][ C0] CPU: 0 PID: 0 Comm: swapper/0 Tainted: G W 6.9.0-rc1-syzkaller #0 [ 45.411897][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/29/2024 [ 45.414682][ C0] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 45.416831][ C0] pc : usb_submit_urb+0x570/0x8b8 [ 45.418183][ C0] lr : usb_submit_urb+0x570/0x8b8 [ 45.419492][ C0] sp : ffff800080003ba0 [ 45.420632][ C0] x29: ffff800080003bb0 x28: ffff0000ce04fc5c x27: ffff0000c8bfb000 [ 45.422879][ C0] x26: ffff8000851345ec x25: 0000000000000001 x24: ffff0000c8bfb0a8 [ 45.425039][ C0] x23: ffff0000cf014e30 x22: ffff80008515e89e x21: 0000000000000002 [ 45.427213][ C0] x20: 0000000000000820 x19: ffff0000ce04fc00 x18: ffff800083f2ef00 [ 45.429458][ C0] x17: 0000000000000000 x16: 0000000000000008 x15: 0000000000000010 [ 45.431681][ C0] x14: 0000000000000000 x13: ffff8000869e4000 x12: 0000000000000400 [ 45.433831][ C0] x11: 000000006d38f931 x10: 0000000000ff0100 x9 : 2a978558918c6200 [ 45.435938][ C0] x8 : 2a978558918c6200 x7 : 0000000000000000 x6 : ffff800083ef1438 [ 45.438012][ C0] x5 : 0000000000000000 x4 : 0000000000000001 x3 : 0000000000000000 [ 45.440164][ C0] x2 : 0000000000000000 x1 : 0000000000000101 x0 : 0000000000000000 [ 45.442349][ C0] Call trace: [ 45.443218][ C0] usb_submit_urb+0x570/0x8b8 [ 45.444453][ C0] bcm5974_irq_trackpad+0x138/0x524 [ 45.445834][ C0] __usb_hcd_giveback_urb+0x16c/0x244 [ 45.447248][ C0] usb_hcd_giveback_urb+0x78/0x198 [ 45.448604][ C0] dummy_timer+0x2b0/0x1720 [ 45.449807][ C0] call_timer_fn+0x7c/0x14c [ 45.451002][ C0] __run_timer_base+0x63c/0x738 [ 45.452289][ C0] run_timer_softirq+0x4c/0x8c [ 45.453624][ C0] __do_softirq+0xfc/0x278 [ 45.454794][ C0] ____do_softirq+0x14/0x20 [ 45.455959][ C0] call_on_irq_stack+0x24/0x4c [ 45.457252][ C0] do_softirq_own_stack+0x20/0x2c [ 45.458604][ C0] __irq_exit_rcu+0x5c/0xd4 [ 45.459815][ C0] irq_exit_rcu+0x10/0x1c [ 45.461018][ C0] el1_interrupt+0x38/0x68 [ 45.462250][ C0] el1h_64_irq_handler+0x18/0x24 [ 45.463587][ C0] el1h_64_irq+0x64/0x68 [ 45.464777][ C0] arch_local_irq_enable+0x8/0xc [ 45.466127][ C0] do_idle+0xfc/0x28c [ 45.467158][ C0] cpu_startup_entry+0x34/0x38 [ 45.468500][ C0] kernel_init+0x0/0x290 [ 45.469626][ C0] start_kernel+0x2e0/0x3b8 [ 45.470812][ C0] __primary_switched+0x80/0x88 [ 45.472049][ C0] ---[ end trace 0000000000000000 ]--- [ 45.473500][ C0] bcm5974 1-1:0.10: trackpad urb failed: -2 [ 45.481290][ T5641] bcm5974 1-1:0.10: could not read from device [ 46.181242][ T5191] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 46.571336][ T5191] usb 1-1: config 0 has an invalid interface number: 10 but max is 0 [ 46.573588][ T5191] usb 1-1: config 0 has no interface number 0 [ 46.575125][ T5191] usb 1-1: config 0 interface 10 altsetting 0 has an invalid endpoint with address 0x0, skipping [ 46.577828][ T5191] usb 1-1: config 0 interface 10 altsetting 0 endpoint 0x81 has invalid maxpacket 21669, setting to 1024 [ 46.580739][ T5191] usb 1-1: config 0 interface 10 altsetting 0 bulk endpoint 0x81 has invalid maxpacket 1024 [ 46.583428][ T5191] usb 1-1: config 0 interface 10 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1 [ 46.761309][ T5191] usb 1-1: New USB device found, idVendor=05ac, idProduct=024e, bcdDevice=d4.d7 [ 46.763787][ T5191] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 46.765850][ T5191] usb 1-1: Product: syz [ 46.766891][ T5191] usb 1-1: Manufacturer: syz [ 46.768163][ T5191] usb 1-1: SerialNumber: syz [ 46.769800][ T5191] usb 1-1: config 0 descriptor?? [ 46.781306][ T6033] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 46.801910][ T5191] input: bcm5974 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.10/input/input4 [ 47.231261][ T5641] ------------[ cut here ]------------ [ 47.232820][ T5641] usb 1-1: BOGUS urb xfer, pipe 1 != type 3 [ 47.234651][ T5641] WARNING: CPU: 1 PID: 5641 at drivers/usb/core/urb.c:504 usb_submit_urb+0x570/0x8b8 [ 47.237172][ T5641] Modules linked in: [ 47.238197][ T5641] CPU: 1 PID: 5641 Comm: udevd Tainted: G W 6.9.0-rc1-syzkaller #0 [ 47.240700][ T5641] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/29/2024 [ 47.243325][ T5641] pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 47.245417][ T5641] pc : usb_submit_urb+0x570/0x8b8 [ 47.246725][ T5641] lr : usb_submit_urb+0x570/0x8b8 [ 47.248116][ T5641] sp : ffff8000923b3920 [ 47.249240][ T5641] x29: ffff8000923b3930 x28: ffff0000ce04fb9c x27: ffff0000c7272800 [ 47.251385][ T5641] x26: ffff8000851345ec x25: 0000000000000001 x24: ffff0000c72728a8 [ 47.253593][ T5641] x23: ffff0000cf014e70 x22: ffff80008515e89e x21: 0000000000000002 [ 47.255816][ T5641] x20: 0000000000000cc0 x19: ffff0000ce04fb40 x18: 0000000000000000 [ 47.258016][ T5641] x17: 00000000000605c6 x16: 0000000000000020 x15: 000000000000018f [ 47.260289][ T5641] x14: 0000000000000000 x13: ffff8000869e4000 x12: 0000000000000400 [ 47.262435][ T5641] x11: 000000009fb16957 x10: 0000000000ff0100 x9 : 44a9459915257500 [ 47.264642][ T5641] x8 : 44a9459915257500 x7 : 0000000000000000 x6 : ffff800083ef1438 [ 47.266733][ T5641] x5 : 0000000000000000 x4 : 0000000000000001 x3 : 0000000000000000 [ 47.268896][ T5641] x2 : 0000000000000000 x1 : 0000000100000000 x0 : 0000000000000000 [ 47.271078][ T5641] Call trace: [ 47.271897][ T5641] usb_submit_urb+0x570/0x8b8 [ 47.273157][ T5641] bcm5974_start_traffic+0xa0/0xfc [ 47.274562][ T5641] bcm5974_open+0x5c/0xb4 [ 47.275684][ T5641] input_open_device+0xe8/0x14c [ 47.276946][ T5641] evdev_open+0x1b4/0x258 [ 47.278184][ T5641] chrdev_open+0x25c/0x290 [ 47.279394][ T5641] do_dentry_open+0x36c/0x878 [ 47.280760][ T5641] vfs_open+0x38/0x48 [ 47.281858][ T5641] path_openat+0x1050/0x1438 [ 47.283048][ T5641] do_filp_open+0xd0/0x1a8 [ 47.284312][ T5641] do_sys_openat2+0xb0/0x128 [ 47.285526][ T5641] __arm64_sys_openat+0xb0/0xe0 [ 47.286784][ T5641] invoke_syscall+0x64/0x170 [ 47.288069][ T5641] el0_svc_common+0xb4/0x164 [ 47.289303][ T5641] do_el0_svc+0x2c/0x3c [ 47.290445][ T5641] el0_svc+0x3c/0x110 [ 47.291537][ T5641] el0t_64_sync_handler+0x84/0xfc [ 47.292908][ T5641] el0t_64_sync+0x190/0x194 [ 47.294152][ T5641] ---[ end trace 0000000000000000 ]--- [ 47.311258][ C1] ------------[ cut here ]------------ [ 47.312889][ C1] usb 1-1: BOGUS urb xfer, pipe 1 != type 3 [ 47.314688][ C1] WARNING: CPU: 1 PID: 0 at drivers/usb/core/urb.c:504 usb_submit_urb+0x570/0x8b8 [ 47.317155][ C1] Modules linked in: [ 47.318210][ C1] CPU: 1 PID: 0 Comm: swapper/1 Tainted: G W 6.9.0-rc1-syzkaller #0 [ 47.320760][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/29/2024 [ 47.323558][ C1] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 47.325620][ C1] pc : usb_submit_urb+0x570/0x8b8 [ 47.327010][ C1] lr : usb_submit_urb+0x570/0x8b8 [ 47.328353][ C1] sp : ffff80008000bba0 [ 47.329481][ C1] x29: ffff80008000bbb0 x28: ffff0000ce04fb9c x27: ffff0000c7272800 [ 47.331708][ C1] x26: ffff8000851345ec x25: 0000000000000001 x24: ffff0000c72728a8 [ 47.333837][ C1] x23: ffff0000cf014e70 x22: ffff80008515e89e x21: 0000000000000002 [ 47.336128][ C1] x20: 0000000000000820 x19: ffff0000ce04fb40 x18: 0000000000000000 [ 47.338226][ C1] x17: ffff8001792fa000 x16: ffff800080008000 x15: ffff800083f2ef00 [ 47.340372][ C1] x14: 0000000000000000 x13: ffff8000869e4000 x12: 0000000000000400 [ 47.342597][ C1] x11: 000000006d38f931 x10: 0000000000ff0100 x9 : 283f83edf3354100 [ 47.344681][ C1] x8 : 283f83edf3354100 x7 : 0000000000000000 x6 : ffff800083ef1438 [ 47.346899][ C1] x5 : 0000000000000000 x4 : 0000000000000001 x3 : 0000000000000000 [ 47.349072][ C1] x2 : 0000000000000000 x1 : 0000000000000101 x0 : 0000000000000000 [ 47.351245][ C1] Call trace: [ 47.352122][ C1] usb_submit_urb+0x570/0x8b8 [ 47.353374][ C1] bcm5974_irq_trackpad+0x138/0x524 [ 47.354763][ C1] __usb_hcd_giveback_urb+0x16c/0x244 [ 47.356179][ C1] usb_hcd_giveback_urb+0x78/0x198 [ 47.357548][ C1] dummy_timer+0x2b0/0x1720 [ 47.358759][ C1] call_timer_fn+0x7c/0x14c [ 47.359973][ C1] __run_timer_base+0x63c/0x738 [ 47.361361][ C1] run_timer_softirq+0x4c/0x8c [ 47.362627][ C1] __do_softirq+0xfc/0x278 [ 47.363812][ C1] ____do_softirq+0x14/0x20 [ 47.365002][ C1] call_on_irq_stack+0x24/0x4c [ 47.366355][ C1] do_softirq_own_stack+0x20/0x2c [ 47.367756][ C1] __irq_exit_rcu+0x5c/0xd4 [ 47.368987][ C1] irq_exit_rcu+0x10/0x1c [ 47.370166][ C1] el1_interrupt+0x38/0x68 [ 47.371364][ C1] el1h_64_irq_handler+0x18/0x24 [ 47.372700][ C1] el1h_64_irq+0x64/0x68 [ 47.373900][ C1] arch_local_irq_enable+0x8/0xc [ 47.375294][ C1] do_idle+0xfc/0x28c [ 47.376393][ C1] cpu_startup_entry+0x34/0x38 [ 47.377678][ C1] secondary_start_kernel+0x150/0x178 [ 47.379121][ C1] __secondary_switched+0xb8/0xbc [ 47.380495][ C1] ---[ end trace 0000000000000000 ]--- [ 47.391230][ C1] ------------[ cut here ]------------ [ 47.392676][ C1] usb 1-1: BOGUS urb xfer, pipe 1 != type 3 [ 47.394443][ C1] WARNING: CPU: 1 PID: 0 at drivers/usb/core/urb.c:504 usb_submit_urb+0x570/0x8b8 [ 47.396795][ C1] Modules linked in: [ 47.397838][ C1] CPU: 1 PID: 0 Comm: swapper/1 Tainted: G W 6.9.0-rc1-syzkaller #0 [ 47.400327][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/29/2024 [ 47.403027][ C1] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 47.405047][ C1] pc : usb_submit_urb+0x570/0x8b8 [ 47.406406][ C1] lr : usb_submit_urb+0x570/0x8b8 [ 47.407774][ C1] sp : ffff80008000bba0 [ 47.408816][ C1] x29: ffff80008000bbb0 x28: ffff0000ce04fb9c x27: ffff0000c7272800 [ 47.411006][ C1] x26: ffff8000851345ec x25: 0000000000000001 x24: ffff0000c72728a8 [ 47.413077][ C1] x23: ffff0000cf014e70 x22: ffff80008515e89e x21: 0000000000000002 [ 47.415215][ C1] x20: 0000000000000820 x19: ffff0000ce04fb40 x18: 0000000000000000 [ 47.417310][ C1] x17: ffff8001792fa000 x16: ffff800080008000 x15: ffff800083f2ef00 [ 47.419425][ C1] x14: 0000000000000000 x13: ffff8000869e4000 x12: 0000000000000400 [ 47.421538][ C1] x11: 000000006d38f931 x10: 0000000000ff0100 x9 : 283f83edf3354100 [ 47.423649][ C1] x8 : 283f83edf3354100 x7 : 0000000000000000 x6 : ffff800083ef1438 [ 47.425718][ C1] x5 : 0000000000000000 x4 : 0000000000000001 x3 : 0000000000000000 [ 47.427827][ C1] x2 : 0000000000000000 x1 : 0000000100000101 x0 : 0000000000000000 [ 47.429958][ C1] Call trace: [ 47.430859][ C1] usb_submit_urb+0x570/0x8b8 [ 47.432035][ T8] usb 1-1: USB disconnect, device number 4 [ 47.432045][ C1] bcm5974_irq_trackpad+0x138/0x524 [ 47.434919][ C1] __usb_hcd_giveback_urb+0x16c/0x244 [ 47.436366][ C1] usb_hcd_giveback_urb+0x78/0x198 [ 47.437708][ C1] dummy_timer+0x2b0/0x1720 [ 47.438921][ C1] call_timer_fn+0x7c/0x14c [ 47.440069][ C1] __run_timer_base+0x63c/0x738 [ 47.441346][ C1] run_timer_softirq+0x4c/0x8c [ 47.442657][ C1] __do_softirq+0xfc/0x278 [ 47.443845][ C1] ____do_softirq+0x14/0x20 [ 47.445065][ C1] call_on_irq_stack+0x24/0x4c [ 47.446355][ C1] do_softirq_own_stack+0x20/0x2c [ 47.447697][ C1] __irq_exit_rcu+0x5c/0xd4 [ 47.448963][ C1] irq_exit_rcu+0x10/0x1c [ 47.450102][ C1] el1_interrupt+0x38/0x68 [ 47.451263][ C1] el1h_64_irq_handler+0x18/0x24 [ 47.452531][ C1] el1h_64_irq+0x64/0x68 [ 47.453668][ C1] arch_local_irq_enable+0x8/0xc [ 47.454948][ C1] do_idle+0xfc/0x28c [ 47.455991][ C1] cpu_startup_entry+0x34/0x38 [ 47.457246][ C1] secondary_start_kernel+0x150/0x178 [ 47.458664][ C1] __secondary_switched+0xb8/0xbc [ 47.460020][ C1] ---[ end trace 0000000000000000 ]--- [ 47.461467][ C1] bcm5974 1-1:0.10: trackpad urb failed: -2 [ 47.463378][ T5641] bcm5974 1-1:0.10: could not read from device 2024/03/28 05:52:06 executed programs: 3 [ 48.201230][ T8] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 48.561425][ T8] usb 1-1: config 0 has an invalid interface number: 10 but max is 0 [ 48.563591][ T8] usb 1-1: config 0 has no interface number 0 [ 48.565178][ T8] usb 1-1: config 0 interface 10 altsetting 0 has an invalid endpoint with address 0x0, skipping [ 48.567899][ T8] usb 1-1: config 0 interface 10 altsetting 0 endpoint 0x81 has invalid maxpacket 21669, setting to 1024 [ 48.570811][ T8] usb 1-1: config 0 interface 10 altsetting 0 bulk endpoint 0x81 has invalid maxpacket 1024 [ 48.573440][ T8] usb 1-1: config 0 interface 10 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1 [ 48.731246][ T8] usb 1-1: New USB device found, idVendor=05ac, idProduct=024e, bcdDevice=d4.d7 [ 48.733583][ T8] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 48.735616][ T8] usb 1-1: Product: syz [ 48.736694][ T8] usb 1-1: Manufacturer: syz [ 48.737833][ T8] usb 1-1: SerialNumber: syz [ 48.739494][ T8] usb 1-1: config 0 descriptor?? [ 48.761311][ T6035] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 48.781901][ T8] input: bcm5974 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.10/input/input5 [ 49.211290][ T5641] ------------[ cut here ]------------ [ 49.212651][ T5641] usb 1-1: BOGUS urb xfer, pipe 1 != type 3 [ 49.214469][ T5641] WARNING: CPU: 0 PID: 5641 at drivers/usb/core/urb.c:504 usb_submit_urb+0x570/0x8b8 [ 49.217160][ T5641] Modules linked in: [ 49.218186][ T5641] CPU: 0 PID: 5641 Comm: udevd Tainted: G W 6.9.0-rc1-syzkaller #0 [ 49.220565][ T5641] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/29/2024 [ 49.223249][ T5641] pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 49.225339][ T5641] pc : usb_submit_urb+0x570/0x8b8 [ 49.226692][ T5641] lr : usb_submit_urb+0x570/0x8b8 [ 49.227971][ T5641] sp : ffff8000923b3920 [ 49.229102][ T5641] x29: ffff8000923b3930 x28: ffff0000cf13be9c x27: ffff0000cb3f7800 [ 49.231168][ T5641] x26: ffff8000851345ec x25: 0000000000000001 x24: ffff0000cb3f78a8 [ 49.233200][ T5641] x23: ffff0000ce2edd30 x22: ffff80008515e89e x21: 0000000000000002 [ 49.235370][ T5641] x20: 0000000000000cc0 x19: ffff0000cf13be40 x18: 0000000000000000 [ 49.237440][ T5641] x17: 0000000000000000 x16: 0000000000000020 x15: 0000000000000000 [ 49.239454][ T5641] x14: 0000000000000000 x13: ffff8000869e4000 x12: 0000000000000400 [ 49.241508][ T5641] x11: 000000009fb16957 x10: 0000000000ff0100 x9 : 44a9459915257500 [ 49.243574][ T5641] x8 : 44a9459915257500 x7 : 0000000000000000 x6 : ffff800083ef1438 [ 49.245652][ T5641] x5 : 0000000000000000 x4 : 0000000000000001 x3 : 0000000000000000 [ 49.247812][ T5641] x2 : 0000000000000000 x1 : 0000000100000000 x0 : 0000000000000000 [ 49.249886][ T5641] Call trace: [ 49.250722][ T5641] usb_submit_urb+0x570/0x8b8 [ 49.251935][ T5641] bcm5974_start_traffic+0xa0/0xfc [ 49.253290][ T5641] bcm5974_open+0x5c/0xb4 [ 49.254417][ T5641] input_open_device+0xe8/0x14c [ 49.255705][ T5641] evdev_open+0x1b4/0x258 [ 49.256824][ T5641] chrdev_open+0x25c/0x290 [ 49.257963][ T5641] do_dentry_open+0x36c/0x878 [ 49.259195][ T5641] vfs_open+0x38/0x48 [ 49.260280][ T5641] path_openat+0x1050/0x1438 [ 49.261528][ T5641] do_filp_open+0xd0/0x1a8 [ 49.262673][ T5641] do_sys_openat2+0xb0/0x128 [ 49.263878][ T5641] __arm64_sys_openat+0xb0/0xe0 [ 49.265138][ T5641] invoke_syscall+0x64/0x170 [ 49.266268][ T5641] el0_svc_common+0xb4/0x164 [ 49.267469][ T5641] do_el0_svc+0x2c/0x3c [ 49.268564][ T5641] el0_svc+0x3c/0x110 [ 49.269581][ T5641] el0t_64_sync_handler+0x84/0xfc [ 49.270933][ T5641] el0t_64_sync+0x190/0x194 [ 49.272085][ T5641] ---[ end trace 0000000000000000 ]--- [ 49.291239][ C0] ------------[ cut here ]------------ [ 49.292806][ C0] usb 1-1: BOGUS urb xfer, pipe 1 != type 3 [ 49.294523][ C0] WARNING: CPU: 0 PID: 0 at drivers/usb/core/urb.c:504 usb_submit_urb+0x570/0x8b8 [ 49.296877][ C0] Modules linked in: [ 49.297873][ C0] CPU: 0 PID: 0 Comm: swapper/0 Tainted: G W 6.9.0-rc1-syzkaller #0 [ 49.300363][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/29/2024 [ 49.302950][ C0] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 49.305009][ C0] pc : usb_submit_urb+0x570/0x8b8 [ 49.306311][ C0] lr : usb_submit_urb+0x570/0x8b8 [ 49.307597][ C0] sp : ffff800080003ba0 [ 49.308664][ C0] x29: ffff800080003bb0 x28: ffff0000cf13be9c x27: ffff0000cb3f7800 [ 49.310721][ C0] x26: ffff8000851345ec x25: 0000000000000001 x24: ffff0000cb3f78a8 [ 49.312846][ C0] x23: ffff0000ce2edd30 x22: ffff80008515e89e x21: 0000000000000002 [ 49.314909][ C0] x20: 0000000000000820 x19: ffff0000cf13be40 x18: 0000000000000000 [ 49.316957][ C0] x17: ffff8001792df000 x16: ffff800080000000 x15: ffff800083f2ef00 [ 49.319082][ C0] x14: 0000000000000000 x13: ffff8000869e4000 x12: 0000000000000400 [ 49.321219][ C0] x11: 000000006d38f931 x10: 0000000000ff0100 x9 : 2a978558918c6200 [ 49.323285][ C0] x8 : 2a978558918c6200 x7 : 0000000000000000 x6 : ffff800083ef1438 [ 49.325330][ C0] x5 : 0000000000000000 x4 : 0000000000000001 x3 : 0000000000000000 [ 49.327322][ C0] x2 : 0000000000000000 x1 : 0000000100000101 x0 : 0000000000000000 [ 49.329347][ C0] Call trace: [ 49.330190][ C0] usb_submit_urb+0x570/0x8b8 [ 49.331405][ C0] bcm5974_irq_trackpad+0x138/0x524 [ 49.332775][ C0] __usb_hcd_giveback_urb+0x16c/0x244 [ 49.334173][ C0] usb_hcd_giveback_urb+0x78/0x198 [ 49.335512][ C0] dummy_timer+0x2b0/0x1720 [ 49.336687][ C0] call_timer_fn+0x7c/0x14c [ 49.337844][ C0] __run_timer_base+0x63c/0x738 [ 49.339114][ C0] run_timer_softirq+0x4c/0x8c [ 49.340392][ C0] __do_softirq+0xfc/0x278 [ 49.341547][ C0] ____do_softirq+0x14/0x20 [ 49.342769][ C0] call_on_irq_stack+0x24/0x4c [ 49.344002][ C0] do_softirq_own_stack+0x20/0x2c [ 49.345347][ C0] __irq_exit_rcu+0x5c/0xd4 [ 49.346556][ C0] irq_exit_rcu+0x10/0x1c [ 49.347635][ C0] el1_interrupt+0x38/0x68 [ 49.348704][ C0] el1h_64_irq_handler+0x18/0x24 [ 49.349950][ C0] el1h_64_irq+0x64/0x68 [ 49.351065][ C0] arch_local_irq_enable+0x8/0xc [ 49.352343][ C0] do_idle+0xfc/0x28c [ 49.353370][ C0] cpu_startup_entry+0x34/0x38 [ 49.354616][ C0] kernel_init+0x0/0x290 [ 49.355702][ C0] start_kernel+0x2e0/0x3b8 [ 49.356891][ C0] __primary_switched+0x80/0x88 [ 49.358167][ C0] ---[ end trace 0000000000000000 ]--- [ 49.371243][ C0] ------------[ cut here ]------------ [ 49.372678][ C0] usb 1-1: BOGUS urb xfer, pipe 1 != type 3 [ 49.374334][ C0] WARNING: CPU: 0 PID: 0 at drivers/usb/core/urb.c:504 usb_submit_urb+0x570/0x8b8 [ 49.376641][ C0] Modules linked in: [ 49.377603][ C0] CPU: 0 PID: 0 Comm: swapper/0 Tainted: G W 6.9.0-rc1-syzkaller #0 [ 49.379987][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/29/2024 [ 49.382639][ C0] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 49.384731][ C0] pc : usb_submit_urb+0x570/0x8b8 [ 49.386037][ C0] lr : usb_submit_urb+0x570/0x8b8 [ 49.387421][ C0] sp : ffff800080003ba0 [ 49.388524][ C0] x29: ffff800080003bb0 x28: ffff0000cf13be9c x27: ffff0000cb3f7800 [ 49.390556][ C0] x26: ffff8000851345ec x25: 0000000000000001 x24: ffff0000cb3f78a8 [ 49.392639][ C0] x23: ffff0000ce2edd30 x22: ffff80008515e89e x21: 0000000000000002 [ 49.394680][ C0] x20: 0000000000000820 x19: ffff0000cf13be40 x18: 0000000000000000 [ 49.396787][ C0] x17: 0000000000000008 x16: 0000000000000113 x15: 000000000128943b [ 49.398891][ C0] x14: 0000000000000000 x13: ffff8000869e4000 x12: 0000000000000400 [ 49.401015][ C0] x11: 000000006d38f931 x10: 0000000000ff0100 x9 : 2a978558918c6200 [ 49.403024][ C0] x8 : 2a978558918c6200 x7 : 0000000000000000 x6 : ffff800083ef1438 [ 49.405154][ C0] x5 : 0000000000000000 x4 : 0000000000000001 x3 : 0000000000000000 [ 49.407237][ C0] x2 : 0000000000000000 x1 : 0000000000000101 x0 : 0000000000000000 [ 49.409374][ C0] Call trace: [ 49.410238][ C0] usb_submit_urb+0x570/0x8b8 [ 49.411459][ C0] bcm5974_irq_trackpad+0x138/0x524 [ 49.412036][ T5191] usb 1-1: USB disconnect, device number 5 [ 49.412793][ C0] __usb_hcd_giveback_urb+0x16c/0x244 [ 49.415662][ C0] usb_hcd_giveback_urb+0x78/0x198 [ 49.416958][ C0] dummy_timer+0x2b0/0x1720 [ 49.418140][ C0] call_timer_fn+0x7c/0x14c [ 49.419346][ C0] __run_timer_base+0x63c/0x738 [ 49.420632][ C0] run_timer_softirq+0x4c/0x8c [ 49.421858][ C0] __do_softirq+0xfc/0x278 [ 49.423012][ C0] ____do_softirq+0x14/0x20 [ 49.424149][ C0] call_on_irq_stack+0x24/0x4c [ 49.425373][ C0] do_softirq_own_stack+0x20/0x2c [ 49.426651][ C0] __irq_exit_rcu+0x5c/0xd4 [ 49.427779][ C0] irq_exit_rcu+0x10/0x1c [ 49.428884][ C0] el1_interrupt+0x38/0x68 [ 49.430020][ C0] el1h_64_irq_handler+0x18/0x24 [ 49.431393][ C0] el1h_64_irq+0x64/0x68 [ 49.432454][ C0] arch_local_irq_enable+0x8/0xc [ 49.433756][ C0] do_idle+0xfc/0x28c [ 49.434812][ C0] cpu_startup_entry+0x34/0x38 [ 49.436033][ C0] kernel_init+0x0/0x290 [ 49.437186][ C0] start_kernel+0x2e0/0x3b8 [ 49.438347][ C0] __primary_switched+0x80/0x88 [ 49.439594][ C0] ---[ end trace 0000000000000000 ]--- [ 49.441007][ C0] bcm5974 1-1:0.10: trackpad urb failed: -2 [ 49.451295][ T5641] bcm5974 1-1:0.10: could not read from device [ 50.191257][ T8] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 50.551264][ T8] usb 1-1: config 0 has an invalid interface number: 10 but max is 0 [ 50.553825][ T8] usb 1-1: config 0 has no interface number 0 [ 50.555439][ T8] usb 1-1: config 0 interface 10 altsetting 0 has an invalid endpoint with address 0x0, skipping [ 50.558244][ T8] usb 1-1: config 0 interface 10 altsetting 0 endpoint 0x81 has invalid maxpacket 21669, setting to 1024 [ 50.561154][ T8] usb 1-1: config 0 interface 10 altsetting 0 bulk endpoint 0x81 has invalid maxpacket 1024 [ 50.563824][ T8] usb 1-1: config 0 interface 10 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1 [ 50.721336][ T8] usb 1-1: New USB device found, idVendor=05ac, idProduct=024e, bcdDevice=d4.d7 [ 50.723954][ T8] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 50.726197][ T8] usb 1-1: Product: syz [ 50.727241][ T8] usb 1-1: Manufacturer: syz [ 50.728541][ T8] usb 1-1: SerialNumber: syz [ 50.730341][ T8] usb 1-1: config 0 descriptor?? [ 50.761328][ T6037] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 50.781964][ T8] input: bcm5974 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.10/input/input6 [ 51.221290][ T5641] ------------[ cut here ]------------ [ 51.222689][ T5641] usb 1-1: BOGUS urb xfer, pipe 1 != type 3 [ 51.224526][ T5641] WARNING: CPU: 1 PID: 5641 at drivers/usb/core/urb.c:504 usb_submit_urb+0x570/0x8b8 [ 51.227347][ T5641] Modules linked in: [ 51.228400][ T5641] CPU: 1 PID: 5641 Comm: udevd Tainted: G W 6.9.0-rc1-syzkaller #0 [ 51.230921][ T5641] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/29/2024 [ 51.233655][ T5641] pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 51.235715][ T5641] pc : usb_submit_urb+0x570/0x8b8 [ 51.237157][ T5641] lr : usb_submit_urb+0x570/0x8b8 [ 51.238540][ T5641] sp : ffff8000923b3920 [ 51.239741][ T5641] x29: ffff8000923b3930 x28: ffff0000cf13be9c x27: ffff0000c7277000 [ 51.242036][ T5641] x26: ffff8000851345ec x25: 0000000000000001 x24: ffff0000c72770a8 [ 51.244157][ T5641] x23: ffff0000ce2ed358 x22: ffff80008515e89e x21: 0000000000000002 [ 51.246326][ T5641] x20: 0000000000000cc0 x19: ffff0000cf13be40 x18: 0000000000000000 [ 51.248520][ T5641] x17: 0000000000013216 x16: 0000000000000021 x15: 00000000000252e5 [ 51.250578][ T5641] x14: 0000000000000000 x13: ffff8000869e4000 x12: 0000000000000400 [ 51.252711][ T5641] x11: 000000009fb16957 x10: 0000000000ff0100 x9 : 44a9459915257500 [ 51.254789][ T5641] x8 : 44a9459915257500 x7 : 0000000000000000 x6 : ffff800083ef1438 [ 51.256874][ T5641] x5 : 0000000000000000 x4 : 0000000000000001 x3 : 0000000000000000 [ 51.258939][ T5641] x2 : 0000000000000000 x1 : 0000000100000000 x0 : 0000000000000000 [ 51.261050][ T5641] Call trace: [ 51.261914][ T5641] usb_submit_urb+0x570/0x8b8 [ 51.263138][ T5641] bcm5974_start_traffic+0xa0/0xfc [ 51.264502][ T5641] bcm5974_open+0x5c/0xb4 [ 51.265654][ T5641] input_open_device+0xe8/0x14c [ 51.267001][ T5641] evdev_open+0x1b4/0x258 [ 51.268190][ T5641] chrdev_open+0x25c/0x290 [ 51.269407][ T5641] do_dentry_open+0x36c/0x878 [ 51.270742][ T5641] vfs_open+0x38/0x48 [ 51.271799][ T5641] path_openat+0x1050/0x1438 [ 51.273009][ T5641] do_filp_open+0xd0/0x1a8 [ 51.274218][ T5641] do_sys_openat2+0xb0/0x128 [ 51.275486][ T5641] __arm64_sys_openat+0xb0/0xe0 [ 51.276761][ T5641] invoke_syscall+0x64/0x170 [ 51.277982][ T5641] el0_svc_common+0xb4/0x164 [ 51.279184][ T5641] do_el0_svc+0x2c/0x3c [ 51.280240][ T5641] el0_svc+0x3c/0x110 [ 51.281259][ T5641] el0t_64_sync_handler+0x84/0xfc [ 51.282582][ T5641] el0t_64_sync+0x190/0x194 [ 51.283767][ T5641] ---[ end trace 0000000000000000 ]--- [ 51.301224][ C1] ------------[ cut here ]------------ [ 51.302716][ C1] usb 1-1: BOGUS urb xfer, pipe 1 != type 3 [ 51.304474][ C1] WARNING: CPU: 1 PID: 0 at drivers/usb/core/urb.c:504 usb_submit_urb+0x570/0x8b8 [ 51.306817][ C1] Modules linked in: [ 51.307881][ C1] CPU: 1 PID: 0 Comm: swapper/1 Tainted: G W 6.9.0-rc1-syzkaller #0 [ 51.310393][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/29/2024 [ 51.313044][ C1] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 51.315224][ C1] pc : usb_submit_urb+0x570/0x8b8 [ 51.316583][ C1] lr : usb_submit_urb+0x570/0x8b8 [ 51.317956][ C1] sp : ffff80008000bba0 [ 51.319109][ C1] x29: ffff80008000bbb0 x28: ffff0000cf13be9c x27: ffff0000c7277000 [ 51.321207][ C1] x26: ffff8000851345ec x25: 0000000000000001 x24: ffff0000c72770a8 [ 51.323325][ C1] x23: ffff0000ce2ed358 x22: ffff80008515e89e x21: 0000000000000002 [ 51.325439][ C1] x20: 0000000000000820 x19: ffff0000cf13be40 x18: 0000000000000000 [ 51.327587][ C1] x17: ffff8001792fa000 x16: ffff800080008000 x15: ffff800083f2ef00 [ 51.329735][ C1] x14: 0000000000000000 x13: ffff8000869e4000 x12: 0000000000000400 [ 51.331980][ C1] x11: 000000006d38f931 x10: 0000000000ff0100 x9 : 283f83edf3354100 [ 51.334120][ C1] x8 : 283f83edf3354100 x7 : 0000000000000000 x6 : ffff800083ef1438 [ 51.336276][ C1] x5 : 0000000000000000 x4 : 0000000000000001 x3 : 0000000000000000 [ 51.338464][ C1] x2 : 0000000000000000 x1 : 0000000100000101 x0 : 0000000000000000 [ 51.340727][ C1] Call trace: [ 51.341602][ C1] usb_submit_urb+0x570/0x8b8 [ 51.342798][ C1] bcm5974_irq_trackpad+0x138/0x524 [ 51.344152][ C1] __usb_hcd_giveback_urb+0x16c/0x244 [ 51.345568][ C1] usb_hcd_giveback_urb+0x78/0x198 [ 51.346849][ C1] dummy_timer+0x2b0/0x1720 [ 51.348082][ C1] call_timer_fn+0x7c/0x14c [ 51.349312][ C1] __run_timer_base+0x63c/0x738 [ 51.350647][ C1] run_timer_softirq+0x4c/0x8c [ 51.351888][ C1] __do_softirq+0xfc/0x278 [ 51.353043][ C1] ____do_softirq+0x14/0x20 [ 51.354225][ C1] call_on_irq_stack+0x24/0x4c [ 51.355465][ C1] do_softirq_own_stack+0x20/0x2c [ 51.356814][ C1] __irq_exit_rcu+0x5c/0xd4 [ 51.357976][ C1] irq_exit_rcu+0x10/0x1c [ 51.359127][ C1] el1_interrupt+0x38/0x68 [ 51.360362][ C1] el1h_64_irq_handler+0x18/0x24 [ 51.361618][ C1] el1h_64_irq+0x64/0x68 [ 51.362804][ C1] arch_local_irq_enable+0x8/0xc [ 51.364146][ C1] do_idle+0xfc/0x28c [ 51.365188][ C1] cpu_startup_entry+0x34/0x38 [ 51.366435][ C1] secondary_start_kernel+0x150/0x178 [ 51.367896][ C1] __secondary_switched+0xb8/0xbc [ 51.369225][ C1] ---[ end trace 0000000000000000 ]--- [ 51.421507][ T5191] usb 1-1: USB disconnect, device number 6 [ 51.441239][ T5641] bcm5974 1-1:0.10: could not read from device [ 52.201250][ T5191] usb 1-1: new high-speed USB device number 7 using dummy_hcd [ 52.561248][ T5191] usb 1-1: config 0 has an invalid interface number: 10 but max is 0 [ 52.563416][ T5191] usb 1-1: config 0 has no interface number 0 [ 52.565072][ T5191] usb 1-1: config 0 interface 10 altsetting 0 has an invalid endpoint with address 0x0, skipping [ 52.567835][ T5191] usb 1-1: config 0 interface 10 altsetting 0 endpoint 0x81 has invalid maxpacket 21669, setting to 1024 [ 52.570760][ T5191] usb 1-1: config 0 interface 10 altsetting 0 bulk endpoint 0x81 has invalid maxpacket 1024 [ 52.573462][ T5191] usb 1-1: config 0 interface 10 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1 [ 52.731245][ T5191] usb 1-1: New USB device found, idVendor=05ac, idProduct=024e, bcdDevice=d4.d7 [ 52.733620][ T5191] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 52.735723][ T5191] usb 1-1: Product: syz [ 52.736814][ T5191] usb 1-1: Manufacturer: syz [ 52.737975][ T5191] usb 1-1: SerialNumber: syz [ 52.739562][ T5191] usb 1-1: config 0 descriptor?? [ 52.751331][ T6039] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 52.771833][ T5191] input: bcm5974 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.10/input/input7