WARNING: ODEBUG bug in smsusb_term

WARNING: ODEBUG bug in smsusb_term_device
Status: upstream: reported C repro on 2019/07/23 12:48
Reported-by: syzbot+25ddf1bb485cd9400ca4@syzkaller.appspotmail.com
First crash: 217d, last: 17h19m

Sample crash report:

smsusb:smsusb_init_device: smscore_start_device(...) failed
------------[ cut here ]------------
ODEBUG: free active (active state 0) object type: work_struct hint: do_submit_urb+0x0/0x60 drivers/media/usb/siano/smsusb.c:155
WARNING: CPU: 0 PID: 12 at lib/debugobjects.c:485 debug_print_object+0x160/0x250 lib/debugobjects.c:485
Kernel panic - not syncing: panic_on_warn set ...
CPU: 0 PID: 12 Comm: kworker/0:1 Not tainted 5.6.0-rc3-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Workqueue: usb_hub_wq hub_event
Call Trace:
 __dump_stack lib/dump_stack.c:77 [inline]
 dump_stack+0xef/0x16e lib/dump_stack.c:118
 panic+0x2aa/0x6e1 kernel/panic.c:221
 __warn.cold+0x2f/0x30 kernel/panic.c:582
 report_bug+0x27b/0x2f0 lib/bug.c:195
 fixup_bug arch/x86/kernel/traps.c:174 [inline]
 fixup_bug arch/x86/kernel/traps.c:169 [inline]
 do_error_trap+0x12b/0x1e0 arch/x86/kernel/traps.c:267
 do_invalid_op+0x32/0x40 arch/x86/kernel/traps.c:286
 invalid_op+0x23/0x30 arch/x86/entry/entry_64.S:1027
RIP: 0010:debug_print_object+0x160/0x250 lib/debugobjects.c:485
Code: dd c0 34 fc 85 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 bf 00 00 00 48 8b 14 dd c0 34 fc 85 48 c7 c7 00 29 fc 85 e8 38 22 29 ff <0f> 0b 83 05 2b 43 fb 05 01 48 83 c4 20 5b 5d 41 5c 41 5d c3 48 89
RSP: 0018:ffff8881da226f28 EFLAGS: 00010282
RAX: 0000000000000000 RBX: 0000000000000003 RCX: 0000000000000000
RDX: 0000000000000000 RSI: ffffffff812977dd RDI: ffffed103b444dd7
RBP: 0000000000000001 R08: ffff8881da211880 R09: fffffbfff1266c8f
R10: fffffbfff1266c8e R11: ffffffff89336477 R12: ffffffff870d8ac0
R13: ffffffff8119fc90 R14: ffff8881ce93cac0 R15: ffff8881c80be658
 __debug_check_no_obj_freed lib/debugobjects.c:967 [inline]
 debug_check_no_obj_freed+0x2e1/0x445 lib/debugobjects.c:998
 slab_free_hook mm/slub.c:1441 [inline]
 slab_free_freelist_hook mm/slub.c:1477 [inline]
 slab_free mm/slub.c:3024 [inline]
 kfree+0x18a/0x300 mm/slub.c:3976
 smsusb_term_device+0xd9/0x160 drivers/media/usb/siano/smsusb.c:350
 smsusb_init_device+0xa5c/0xae6 drivers/media/usb/siano/smsusb.c:487
 smsusb_probe+0xd5f/0xdfd drivers/media/usb/siano/smsusb.c:566
 usb_probe_interface+0x310/0x800 drivers/usb/core/driver.c:374
 really_probe+0x290/0xac0 drivers/base/dd.c:551
 driver_probe_device+0x223/0x350 drivers/base/dd.c:724
 __device_attach_driver+0x1d1/0x290 drivers/base/dd.c:831
 bus_for_each_drv+0x162/0x1e0 drivers/base/bus.c:431
 __device_attach+0x217/0x390 drivers/base/dd.c:897
 bus_probe_device+0x1e4/0x290 drivers/base/bus.c:491
 device_add+0x1459/0x1bf0 drivers/base/core.c:2487
 usb_set_configuration+0xe47/0x17d0 drivers/usb/core/message.c:2023
 usb_generic_driver_probe+0x9d/0xe0 drivers/usb/core/generic.c:241
 usb_probe_device+0xd9/0x230 drivers/usb/core/driver.c:272
 really_probe+0x290/0xac0 drivers/base/dd.c:551
 driver_probe_device+0x223/0x350 drivers/base/dd.c:724
 __device_attach_driver+0x1d1/0x290 drivers/base/dd.c:831
 bus_for_each_drv+0x162/0x1e0 drivers/base/bus.c:431
 __device_attach+0x217/0x390 drivers/base/dd.c:897
 bus_probe_device+0x1e4/0x290 drivers/base/bus.c:491
 device_add+0x1459/0x1bf0 drivers/base/core.c:2487
 usb_new_device.cold+0x540/0xcd0 drivers/usb/core/hub.c:2544
 hub_port_connect drivers/usb/core/hub.c:5191 [inline]
 hub_port_connect_change drivers/usb/core/hub.c:5331 [inline]
 port_event drivers/usb/core/hub.c:5477 [inline]
 hub_event+0x21cb/0x4300 drivers/usb/core/hub.c:5559
 process_one_work+0x94b/0x1620 kernel/workqueue.c:2264
 worker_thread+0x96/0xe20 kernel/workqueue.c:2410
 kthread+0x318/0x420 kernel/kthread.c:255
 ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:352
Kernel Offset: disabled
Rebooting in 86400 seconds..

Crashes (13):
Manager	Time	Kernel	Commit	Syzkaller	Config	Log	Report	Syz repro	C repro	Maintainers
ci2-upstream-usb	2020/02/24 23:18	https://github.com/google/kasan.git usb-fuzzer	d6ff8147	59b57593	.config	log	report	syz	C	gregkh@linuxfoundation.org, kstewart@linuxfoundation.org, linux-kernel@vger.kernel.org, linux-media@vger.kernel.org, mchehab@kernel.org, stern@rowland.harvard.edu, tglx@linutronix.de
ci2-upstream-usb	2020/01/31 16:23	https://github.com/google/kasan.git usb-fuzzer	cd234325	5ed23f9a	.config	log	report	syz	C	allison@lohutok.net, gregkh@linuxfoundation.org, kstewart@linuxfoundation.org, linux-kernel@vger.kernel.org, linux-media@vger.kernel.org, mchehab@kernel.org, stern@rowland.harvard.edu, tglx@linutronix.de
ci2-upstream-usb	2020/01/23 01:16	https://github.com/google/kasan.git usb-fuzzer	4cc301ee	3334d684	.config	log	report	syz	C	allison@lohutok.net, gregkh@linuxfoundation.org, linux-kernel@vger.kernel.org, linux-media@vger.kernel.org, mchehab@kernel.org, stern@rowland.harvard.edu, tglx@linutronix.de
ci2-upstream-usb	2019/12/17 05:09	https://github.com/google/kasan.git usb-fuzzer	4cc037ec	d13d7958	.config	log	report	syz	C	gregkh@linuxfoundation.org, kstewart@linuxfoundation.org, linux-kernel@vger.kernel.org, linux-media@vger.kernel.org, mchehab@kernel.org, opensource@jilayne.com, stern@rowland.harvard.edu, tglx@linutronix.de
ci2-upstream-usb	2019/09/22 10:56	https://github.com/google/kasan.git usb-fuzzer	e0bd8d79	d96e88f3	.config	log	report	syz	C	gregkh@linuxfoundation.org, kstewart@linuxfoundation.org, linux-kernel@vger.kernel.org, linux-media@vger.kernel.org, mchehab@kernel.org, stern@rowland.harvard.edu, tglx@linutronix.de, wen.yang99@zte.com.cn
ci2-upstream-usb	2019/07/23 03:06	https://github.com/google/kasan.git usb-fuzzer	6a3599ce	55e0c077	.config	log	report	syz	C
ci2-upstream-usb	2019/12/14 10:38	https://github.com/google/kasan.git usb-fuzzer	4cc037ec	eef6e580	.config	log	report			allison@lohutok.net, gregkh@linuxfoundation.org, johan@kernel.org, linux-kernel@vger.kernel.org, linux-media@vger.kernel.org, mchehab@kernel.org, stern@rowland.harvard.edu, tglx@linutronix.de
ci2-upstream-usb	2019/12/14 00:45	https://github.com/google/kasan.git usb-fuzzer	4cc037ec	a5c1ab05	.config	log	report			gregkh@linuxfoundation.org, kstewart@linuxfoundation.org, linux-kernel@vger.kernel.org, linux-media@vger.kernel.org, mchehab@kernel.org, opensource@jilayne.com, stern@rowland.harvard.edu, tglx@linutronix.de
ci2-upstream-usb	2019/09/07 07:12	https://github.com/google/kasan.git usb-fuzzer	f0df5c1b	a60cb4cd	.config	log	report			gregkh@linuxfoundation.org, linux-kernel@vger.kernel.org, linux-media@vger.kernel.org, mchehab@kernel.org, stern@rowland.harvard.edu, tglx@linutronix.de, wen.yang99@zte.com.cn
ci2-upstream-usb	2019/09/02 10:24	https://github.com/google/kasan.git usb-fuzzer	eea39f24	db7c31ca	.config	log	report			gregkh@linuxfoundation.org, kstewart@linuxfoundation.org, linux-kernel@vger.kernel.org, linux-media@vger.kernel.org, mchehab@kernel.org, stern@rowland.harvard.edu, swinslow@gmail.com, tglx@linutronix.de, wen.yang99@zte.com.cn
ci2-upstream-usb	2019/09/01 18:17	https://github.com/google/kasan.git usb-fuzzer	eea39f24	bad3cce2	.config	log	report			allison@lohutok.net, gregkh@linuxfoundation.org, kstewart@linuxfoundation.org, linux-kernel@vger.kernel.org, linux-media@vger.kernel.org, mchehab@kernel.org, stern@rowland.harvard.edu, tglx@linutronix.de, wen.yang99@zte.com.cn
ci2-upstream-usb	2019/08/31 10:26	https://github.com/google/kasan.git usb-fuzzer	eea39f24	bcd7bcc2	.config	log	report			gregkh@linuxfoundation.org, johan@kernel.org, linux-kernel@vger.kernel.org, linux-media@vger.kernel.org, mchehab@kernel.org, opensource@jilayne.com, stern@rowland.harvard.edu, tglx@linutronix.de, wen.yang99@zte.com.cn
ci2-upstream-usb	2019/08/30 22:38	https://github.com/google/kasan.git usb-fuzzer	eea39f24	9adfa876	.config	log	report			allison@lohutok.net, gregkh@linuxfoundation.org, linux-kernel@vger.kernel.org, linux-media@vger.kernel.org, mchehab@kernel.org, opensource@jilayne.com, stern@rowland.harvard.edu, tglx@linutronix.de, wen.yang99@zte.com.cn