WARNING: ODEBUG bug in smsusb_term

WARNING: ODEBUG bug in smsusb_term_device
Status: upstream: reported C repro on 2019/07/23 12:48
Reported-by: syzbot+25ddf1bb485cd9400ca4@syzkaller.appspotmail.com
First crash: 84d, last: 22d

Sample crash report:

smsusb:smsusb_init_device: smscore_start_device(...) failed
------------[ cut here ]------------
ODEBUG: free active (active state 0) object type: work_struct hint: do_submit_urb+0x0/0x60 /drivers/media/usb/siano/smsusb.c:155
WARNING: CPU: 1 PID: 22 at lib/debugobjects.c:325 debug_print_object+0x160/0x250 /lib/debugobjects.c:325
Kernel panic - not syncing: panic_on_warn set ...
CPU: 1 PID: 22 Comm: kworker/1:1 Not tainted 5.2.0-rc6+ #15
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Workqueue: usb_hub_wq hub_event
Call Trace:
 __dump_stack /lib/dump_stack.c:77 [inline]
 dump_stack+0xca/0x13e /lib/dump_stack.c:113
 panic+0x292/0x6c9 /kernel/panic.c:219
 __warn.cold+0x20/0x4b /kernel/panic.c:576
 report_bug+0x262/0x2a0 /lib/bug.c:186
 fixup_bug /arch/x86/kernel/traps.c:179 [inline]
 fixup_bug /arch/x86/kernel/traps.c:174 [inline]
 do_error_trap+0x12b/0x1e0 /arch/x86/kernel/traps.c:272
 do_invalid_op+0x32/0x40 /arch/x86/kernel/traps.c:291
 invalid_op+0x14/0x20 /arch/x86/entry/entry_64.S:986
RIP: 0010:debug_print_object+0x160/0x250 /lib/debugobjects.c:325
Code: dd e0 16 ba 85 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 bf 00 00 00 48 8b 14 dd e0 16 ba 85 48 c7 c7 c0 0c ba 85 e8 db c7 33 ff <0f> 0b 83 05 03 6e 86 05 01 48 83 c4 20 5b 5d 41 5c 41 5d c3 48 89
RSP: 0018:ffff8881d9f8efb8 EFLAGS: 00010082
RAX: 0000000000000000 RBX: 0000000000000003 RCX: 0000000000000000
RDX: 0000000000000000 RSI: ffffffff8127ef3d RDI: ffffed103b3f1de9
RBP: 0000000000000001 R08: ffff8881d9f80000 R09: ffffed103b663ed7
R10: ffffed103b663ed6 R11: ffff8881db31f6b7 R12: ffffffff86ac9ea0
R13: ffffffff81187f60 R14: ffffffff88f0e3e8 R15: ffff8881cf581bc0
 __debug_check_no_obj_freed /lib/debugobjects.c:785 [inline]
 debug_check_no_obj_freed+0x2a3/0x42e /lib/debugobjects.c:817
 slab_free_hook /mm/slub.c:1418 [inline]
 slab_free_freelist_hook /mm/slub.c:1448 [inline]
 slab_free /mm/slub.c:2994 [inline]
 kfree+0x101/0x280 /mm/slub.c:3949
 smsusb_term_device+0xc2/0x120 /drivers/media/usb/siano/smsusb.c:350
 smsusb_init_device+0x987/0x9d5 /drivers/media/usb/siano/smsusb.c:487
 smsusb_probe+0x986/0xa24 /drivers/media/usb/siano/smsusb.c:566
 usb_probe_interface+0x305/0x7a0 /drivers/usb/core/driver.c:361
 really_probe+0x281/0x660 /drivers/base/dd.c:509
 driver_probe_device+0x104/0x210 /drivers/base/dd.c:670
 __device_attach_driver+0x1c2/0x220 /drivers/base/dd.c:777
 bus_for_each_drv+0x15c/0x1e0 /drivers/base/bus.c:454
 __device_attach+0x217/0x360 /drivers/base/dd.c:843
 bus_probe_device+0x1e4/0x290 /drivers/base/bus.c:514
 device_add+0xae6/0x16f0 /drivers/base/core.c:2111
 usb_set_configuration+0xdf6/0x1670 /drivers/usb/core/message.c:2023
 generic_probe+0x9d/0xd5 /drivers/usb/core/generic.c:210
 usb_probe_device+0x99/0x100 /drivers/usb/core/driver.c:266
 really_probe+0x281/0x660 /drivers/base/dd.c:509
 driver_probe_device+0x104/0x210 /drivers/base/dd.c:670
 __device_attach_driver+0x1c2/0x220 /drivers/base/dd.c:777
 bus_for_each_drv+0x15c/0x1e0 /drivers/base/bus.c:454
 __device_attach+0x217/0x360 /drivers/base/dd.c:843
 bus_probe_device+0x1e4/0x290 /drivers/base/bus.c:514
 device_add+0xae6/0x16f0 /drivers/base/core.c:2111
 usb_new_device.cold+0x6a4/0xe61 /drivers/usb/core/hub.c:2536
 hub_port_connect /drivers/usb/core/hub.c:5098 [inline]
 hub_port_connect_change /drivers/usb/core/hub.c:5213 [inline]
 port_event /drivers/usb/core/hub.c:5359 [inline]
 hub_event+0x1abd/0x3550 /drivers/usb/core/hub.c:5441
 process_one_work+0x905/0x1570 /kernel/workqueue.c:2269
 worker_thread+0x96/0xe20 /kernel/workqueue.c:2415
 kthread+0x30b/0x410 /kernel/kthread.c:255
 ret_from_fork+0x24/0x30 /arch/x86/entry/entry_64.S:352

======================================================

Crashes (7):
Manager	Time	Kernel	Commit	Syzkaller	Config	Log	Report	Syz repro	C repro	Maintainers
ci2-upstream-usb	2019/07/23 03:06	https://github.com/google/kasan.git usb-fuzzer	6a3599ce	55e0c077	.config	log	report	syz	C
ci2-upstream-usb	2019/09/22 10:56	https://github.com/google/kasan.git usb-fuzzer	e0bd8d79	d96e88f3	.config	log	report	syz	C	gregkh@linuxfoundation.org, kstewart@linuxfoundation.org, linux-kernel@vger.kernel.org, linux-media@vger.kernel.org, mchehab@kernel.org, stern@rowland.harvard.edu, tglx@linutronix.de, wen.yang99@zte.com.cn
ci2-upstream-usb	2019/09/07 07:12	https://github.com/google/kasan.git usb-fuzzer	f0df5c1b	a60cb4cd	.config	log	report			gregkh@linuxfoundation.org, linux-kernel@vger.kernel.org, linux-media@vger.kernel.org, mchehab@kernel.org, stern@rowland.harvard.edu, tglx@linutronix.de, wen.yang99@zte.com.cn
ci2-upstream-usb	2019/09/02 10:24	https://github.com/google/kasan.git usb-fuzzer	eea39f24	db7c31ca	.config	log	report			gregkh@linuxfoundation.org, kstewart@linuxfoundation.org, linux-kernel@vger.kernel.org, linux-media@vger.kernel.org, mchehab@kernel.org, stern@rowland.harvard.edu, swinslow@gmail.com, tglx@linutronix.de, wen.yang99@zte.com.cn
ci2-upstream-usb	2019/09/01 18:17	https://github.com/google/kasan.git usb-fuzzer	eea39f24	bad3cce2	.config	log	report			allison@lohutok.net, gregkh@linuxfoundation.org, kstewart@linuxfoundation.org, linux-kernel@vger.kernel.org, linux-media@vger.kernel.org, mchehab@kernel.org, stern@rowland.harvard.edu, tglx@linutronix.de, wen.yang99@zte.com.cn
ci2-upstream-usb	2019/08/31 10:26	https://github.com/google/kasan.git usb-fuzzer	eea39f24	bcd7bcc2	.config	log	report			gregkh@linuxfoundation.org, johan@kernel.org, linux-kernel@vger.kernel.org, linux-media@vger.kernel.org, mchehab@kernel.org, opensource@jilayne.com, stern@rowland.harvard.edu, tglx@linutronix.de, wen.yang99@zte.com.cn
ci2-upstream-usb	2019/08/30 22:38	https://github.com/google/kasan.git usb-fuzzer	eea39f24	9adfa876	.config	log	report			allison@lohutok.net, gregkh@linuxfoundation.org, linux-kernel@vger.kernel.org, linux-media@vger.kernel.org, mchehab@kernel.org, opensource@jilayne.com, stern@rowland.harvard.edu, tglx@linutronix.de, wen.yang99@zte.com.cn