syzbot

------------[ cut here ]------------
usb 5-1: BOGUS urb xfer, pipe 1 != type 3
WARNING: CPU: 0 PID: 4607 at drivers/usb/core/urb.c:504 usb_submit_urb+0xed6/0x1880 drivers/usb/core/urb.c:504
Modules linked in:
CPU: 0 PID: 4607 Comm: acpid Not tainted 6.4.0-rc4-syzkaller-00078-g929ed21dfdb6 #0
Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.14.0-2 04/01/2014
RIP: 0010:usb_submit_urb+0xed6/0x1880 drivers/usb/core/urb.c:504
Code: 7c 24 18 e8 ac 1d 5c fb 48 8b 7c 24 18 e8 52 13 f0 fe 41 89 d8 44 89 e1 4c 89 ea 48 89 c6 48 c7 c7 80 9e fc 8a e8 1a db 23 fb <0f> 0b e9 58 f8 ff ff e8 7e 1d 5c fb 48 81 c5 c0 05 00 00 e9 84 f7
RSP: 0018:ffffc900033af838 EFLAGS: 00010286
RAX: 0000000000000000 RBX: 0000000000000003 RCX: 0000000000000000
RDX: ffff888028e91b80 RSI: ffffffff814b2457 RDI: 0000000000000001
RBP: ffff888016281d00 R08: 0000000000000001 R09: 0000000000000000
R10: 0000000000000000 R11: 3a312d3520627375 R12: 0000000000000001
R13: ffff88802418bc40 R14: 0000000000000002 R15: ffff88801ed17c00
FS:  00007f4602ea2740(0000) GS:ffff88806b600000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00005640eb2db080 CR3: 000000002ad2c000 CR4: 0000000000350ef0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 <TASK>
 bcm5974_start_traffic drivers/input/mouse/bcm5974.c:799 [inline]
 bcm5974_start_traffic+0xbd/0x180 drivers/input/mouse/bcm5974.c:783
 bcm5974_open+0xa3/0x170 drivers/input/mouse/bcm5974.c:839
 input_open_device+0x1bf/0x320 drivers/input/input.c:652
 mousedev_open_device+0xe0/0x140 drivers/input/mousedev.c:430
 mousedev_open+0x2fc/0x580 drivers/input/mousedev.c:556
 chrdev_open+0x26a/0x770 fs/char_dev.c:414
 do_dentry_open+0x6cc/0x13f0 fs/open.c:920
 do_open fs/namei.c:3636 [inline]
 path_openat+0x1baa/0x2750 fs/namei.c:3791
 do_filp_open+0x1ba/0x410 fs/namei.c:3818
 do_sys_openat2+0x16d/0x4c0 fs/open.c:1356
 do_sys_open fs/open.c:1372 [inline]
 __do_sys_openat fs/open.c:1388 [inline]
 __se_sys_openat fs/open.c:1383 [inline]
 __x64_sys_openat+0x143/0x1f0 fs/open.c:1383
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x39/0xb0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x63/0xcd
RIP: 0033:0x7f4602f6c9a4
Code: 24 20 48 8d 44 24 30 48 89 44 24 28 64 8b 04 25 18 00 00 00 85 c0 75 2c 44 89 e2 48 89 ee bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 76 60 48 8b 15 55 a4 0d 00 f7 d8 64 89 02 48 83
RSP: 002b:00007ffce4a655a0 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
RAX: ffffffffffffffda RBX: 00007ffce4a65888 RCX: 00007f4602f6c9a4
RDX: 0000000000080800 RSI: 00007ffce4a65788 RDI: 00000000ffffff9c
RBP: 00007ffce4a65788 R08: 00000000000000f4 R09: 00007ffce4a65788
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000080800
R13: 0000000000000040 R14: 00007ffce4a65888 R15: 00007ffce4a65788
 </TASK>