WARNING in bcm5974_start_traffic/usb_submit

WARNING in bcm5974_start_traffic/usb_submit_urb
Status: upstream: reported C repro on 2019/11/08 13:54
Reported-by: syzbot+348331f63b034f89b622@syzkaller.appspotmail.com
First crash: 720d, last: 3d09h

Cause bisection: failed (bisect log)

Patch testing requests:
Created	Duration	User	Patch	Repo	Result
2020/09/11 09:36	11m	anant.thazhemadam@gmail.com		https://github.com/google/kasan.git usb-fuzzer	report log

Sample crash report:

------------[ cut here ]------------
usb 1-1: BOGUS urb xfer, pipe 1 != type 3
WARNING: CPU: 0 PID: 8466 at drivers/usb/core/urb.c:493 usb_submit_urb+0xd27/0x1540 drivers/usb/core/urb.c:493
Modules linked in:
CPU: 1 PID: 8466 Comm: systemd-udevd Tainted: G        W         5.13.0-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
RIP: 0010:usb_submit_urb+0xd27/0x1540 drivers/usb/core/urb.c:493
Code: 84 d4 02 00 00 e8 a9 78 23 fc 4c 89 ef e8 a1 85 0c ff 41 89 d8 44 89 e1 4c 89 f2 48 89 c6 48 c7 c7 20 f2 26 8a e8 c0 65 8e 03 <0f> 0b e9 81 f8 ff ff e8 7d 78 23 fc 48 81 c5 40 06 00 00 e9 ad f7
RSP: 0018:ffffc90001897870 EFLAGS: 00010286
RAX: 0000000000000000 RBX: 0000000000000003 RCX: 0000000000000000
RDX: ffff888032522040 RSI: ffffffff815ca6f5 RDI: fffff52000312f00
RBP: ffff888027e48f00 R08: 0000000000000000 R09: 0000000000000000
R10: ffffffff815c452e R11: 0000000000000000 R12: 0000000000000001
R13: ffff8880187360a8 R14: ffff888022e0a4c0 R15: ffff8880163b8b00
FS:  00007f5a7d2608c0(0000) GS:ffff8880b9d00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007f2aaf2cb000 CR3: 000000003261e000 CR4: 00000000001506e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 bcm5974_start_traffic drivers/input/mouse/bcm5974.c:799 [inline]
 bcm5974_start_traffic+0xbd/0x170 drivers/input/mouse/bcm5974.c:783
 bcm5974_open+0x9f/0x160 drivers/input/mouse/bcm5974.c:839
 input_open_device+0x1bb/0x320 drivers/input/input.c:629
 evdev_open_device drivers/input/evdev.c:400 [inline]
 evdev_open+0x538/0x6a0 drivers/input/evdev.c:487
 chrdev_open+0x266/0x770 fs/char_dev.c:414

Fix bisection attempts:
Manager	Time	Kernel	Commit	Syzkaller	Config	Log	Report	Syz repro	C repro
ci-upstream-kasan-gce-selinux-root	2021/10/21 16:40	upstream	2f111a6fd5b5	8f5a7b8c	.config	log	report	syz	C
ci-upstream-kasan-gce-selinux-root	2021/09/14 07:01	upstream	d0ee23f9d78b	8f5a7b8c	.config	log	report	syz	C
ci-upstream-kasan-gce-selinux-root	2021/08/15 01:31	upstream	ba31f97d43be	8f5a7b8c	.config	log	report	syz	C

Crashes (15):
Manager	Time	Kernel	Commit	Syzkaller	Config	Log	Report	Syz repro	C repro	VM info	Title
ci-upstream-kasan-gce-selinux-root	2021/07/10 15:52	upstream	3dbdb38e2869	8f5a7b8c	.config	log	report	syz	C		WARNING in bcm5974_start_traffic/usb_submit_urb
ci-upstream-kasan-gce-smack-root	2021/05/31 11:23	upstream	8124c8a6b353	325a8dab	.config	log	report	syz	C		WARNING in bcm5974_start_traffic/usb_submit_urb
ci-upstream-kasan-gce-root	2021/05/28 11:23	upstream	97e5bf604b7a	858ea628	.config	log	report	syz	C		WARNING in bcm5974_start_traffic/usb_submit_urb
ci-upstream-linux-next-kasan-gce-root	2021/06/21 12:53	linux-next	a1f92694393a	aba2b2fb	.config	log	report	syz	C		WARNING in bcm5974_start_traffic/usb_submit_urb
ci2-upstream-usb	2020/12/09 11:50	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	b175d273d4e4	99917735	.config	log	report	syz	C
ci2-upstream-usb	2020/05/14 03:56	https://github.com/google/kasan.git usb-fuzzer	059e7e0ff26c	a885920d	.config	log	report	syz	C
ci2-upstream-usb	2019/11/08 02:46	https://github.com/google/kasan.git usb-fuzzer	d60bbfea36c1	f39aff9e	.config	log	report	syz	C
ci2-upstream-usb	2021/10/25 05:18	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	c26f1c109d21	4f0000ee	.config	log	report			info	WARNING in bcm5974_start_traffic/usb_submit_urb
ci2-upstream-usb	2021/09/21 16:19	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	a0f497199090	169724fe	.config	log	report			info	WARNING in bcm5974_start_traffic/usb_submit_urb
ci2-upstream-usb	2020/12/09 06:51	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	b175d273d4e4	40cc414d	.config	log	report			info
ci2-upstream-usb	2020/06/26 16:05	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	fb5746826a0c	9506ea6d	.config	log	report
ci2-upstream-usb	2020/06/20 18:40	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	f8f02d5c671f	c655ec77	.config	log	report
ci2-upstream-usb	2020/06/11 03:06	https://github.com/google/kasan.git usb-fuzzer	2089c6ed5a17	3ab7a05a	.config	log	report
ci2-upstream-usb	2020/02/29 02:38	https://github.com/google/kasan.git usb-fuzzer	d6ff8147a51c	c88c7b75	.config	log	report
ci2-upstream-usb	2020/02/27 10:34	https://github.com/google/kasan.git usb-fuzzer	d6ff8147a51c	40bcfdd5	.config	log	report