syzbot

aiptek 4-1:0.16: Aiptek using 400 ms programming speed
input: Aiptek as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.16/input/input5
------------[ cut here ]------------
usb 4-1: BOGUS urb xfer, pipe 1 != type 3
WARNING: CPU: 1 PID: 4887 at drivers/usb/core/urb.c:477 usb_submit_urb+0x119a/0x13c0 drivers/usb/core/urb.c:477
Kernel panic - not syncing: panic_on_warn set ...
CPU: 1 PID: 4887 Comm: kworker/1:2 Not tainted 5.1.0-rc3+ #8
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Workqueue: usb_hub_wq hub_event
Call Trace:
 __dump_stack lib/dump_stack.c:77 [inline]
 dump_stack+0xca/0x13e lib/dump_stack.c:113
 panic+0x292/0x5e1 kernel/panic.c:214
 __warn.cold+0x20/0x53 kernel/panic.c:571
 report_bug+0x262/0x2a0 lib/bug.c:186
 fixup_bug arch/x86/kernel/traps.c:179 [inline]
 fixup_bug arch/x86/kernel/traps.c:174 [inline]
 do_error_trap+0x12b/0x1e0 arch/x86/kernel/traps.c:272
 do_invalid_op+0x32/0x40 arch/x86/kernel/traps.c:291
 invalid_op+0x14/0x20 arch/x86/entry/entry_64.S:973
RIP: 0010:usb_submit_urb+0x119a/0x13c0 drivers/usb/core/urb.c:477
Code: ea fd 48 8b 04 24 48 8d b8 a0 00 00 00 e8 9e 3f 12 ff 41 89 d8 44 89 e1 4c 89 ea 48 89 c6 48 c7 c7 e0 90 16 86 e8 e1 23 c0 fd <0f> 0b e9 14 f4 ff ff e8 3a 15 ea fd 49 8d be b0 00 00 00 48 b8 00
RSP: 0018:ffff8881ca0b7030 EFLAGS: 00010282
RAX: 0000000000000000 RBX: 0000000000000003 RCX: 0000000000000000
RDX: 0000000000000000 RSI: ffffffff8127bbcd RDI: ffffed1039416df8
RBP: ffff8881d7c90500 R08: ffff8881ca179800 R09: ffffed103b663cd3
R10: ffffed103b663cd2 R11: ffff8881db31e697 R12: 0000000000000001
R13: ffff8881d85f5150 R14: ffff8881d2db8000 R15: ffff8881d865ed00
 aiptek_open+0xd5/0x130 drivers/input/tablet/aiptek.c:843
 input_open_device+0x173/0x280 drivers/input/input.c:611
 kbd_connect+0xfe/0x160 drivers/tty/vt/keyboard.c:1546
 input_attach_handler+0x19c/0x200 drivers/input/input.c:1004
 input_register_device.cold+0xfd/0x24e drivers/input/input.c:2159
 aiptek_probe.cold+0x284/0x307 drivers/input/tablet/aiptek.c:1886
 usb_probe_interface+0x30d/0x7b0 drivers/usb/core/driver.c:361
 really_probe+0x296/0x680 drivers/base/dd.c:509
 driver_probe_device+0xf9/0x200 drivers/base/dd.c:671
 __device_attach_driver+0x1c4/0x230 drivers/base/dd.c:778
 bus_for_each_drv+0x15e/0x1e0 drivers/base/bus.c:454
 __device_attach+0x21e/0x360 drivers/base/dd.c:844
 bus_probe_device+0x1ec/0x2a0 drivers/base/bus.c:514
 device_add+0xaf4/0x1700 drivers/base/core.c:2106
 usb_set_configuration+0xdf2/0x1670 drivers/usb/core/message.c:2023
 generic_probe+0x9d/0xd5 drivers/usb/core/generic.c:210
 usb_probe_device+0xa8/0x110 drivers/usb/core/driver.c:266
 really_probe+0x296/0x680 drivers/base/dd.c:509
 driver_probe_device+0xf9/0x200 drivers/base/dd.c:671
 __device_attach_driver+0x1c4/0x230 drivers/base/dd.c:778
 bus_for_each_drv+0x15e/0x1e0 drivers/base/bus.c:454
 __device_attach+0x21e/0x360 drivers/base/dd.c:844
 bus_probe_device+0x1ec/0x2a0 drivers/base/bus.c:514
 device_add+0xaf4/0x1700 drivers/base/core.c:2106
 usb_new_device.cold+0x8b8/0x1030 drivers/usb/core/hub.c:2534
 hub_port_connect drivers/usb/core/hub.c:5089 [inline]
 hub_port_connect_change drivers/usb/core/hub.c:5204 [inline]
 port_event drivers/usb/core/hub.c:5350 [inline]
 hub_event+0x1ac9/0x35a0 drivers/usb/core/hub.c:5432
 process_one_work+0x90a/0x1580 kernel/workqueue.c:2269
 worker_thread+0x96/0xe20 kernel/workqueue.c:2415
 kthread+0x30e/0x420 kernel/kthread.c:253
 ret_from_fork+0x3a/0x50 arch/x86/entry/entry_64.S:352
Kernel Offset: disabled
Rebooting in 86400 seconds..