LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 audit: type=1800 audit(1607233584.840:151): pid=10084 uid=0 auid=0 ses=4 op="collect_data" cause="failed" comm="syz-executor.2" name="cgroup.controllers" dev="sda1" ino=15880 res=0 vhci_hcd: connection closed IDTR: limit=0x0000ffff, base=0x0000000000000000 IDTR: limit=0x0000ffff, base=0x0000000000000000 BUG: unable to handle kernel NULL pointer dereference at 000000000000001c IP: atomic_inc arch/x86/include/asm/atomic.h:92 [inline] IP: kthread_stop+0x47/0x640 kernel/kthread.c:525 TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 PGD 2331a8067 P4D 2331a8067 PUD 231f1d067 PMD 0 Oops: 0002 [#1] PREEMPT SMP KASAN Modules linked in: CPU: 0 PID: 2917 Comm: kworker/u4:4 Not tainted 4.14.210-syzkaller #0 EFER = 0x0000000000000000 PAT = 0x0007040600070406 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Workqueue: usbip_event event_handler task: ffff8880abd78180 task.stack: ffff8880abd80000 RIP: 0010:atomic_inc arch/x86/include/asm/atomic.h:92 [inline] RIP: 0010:kthread_stop+0x47/0x640 kernel/kthread.c:525 DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 RSP: 0018:ffff8880abd87c70 EFLAGS: 00010297 RAX: ffff8880abd78180 RBX: 0000000000000000 RCX: 0000000000000000 RDX: 0000000000000000 RSI: 00000000ffffffff RDI: 0000000000000286 RBP: fffffffffffffffc R08: ffffffff8b9c3800 R09: 0000000000000000 Interruptibility = 00000000 ActivityState = 00000000 R10: 0000000000000000 R11: 0000000000000000 R12: ffff888237d54998 R13: ffff888237d54988 R14: fffffbfff1924130 R15: ffffffff89857e40 FS: 0000000000000000(0000) GS:ffff8880ba400000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 000000000000001c CR3: 000000022d50f000 CR4: 00000000001426f0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: vhci_shutdown_connection+0x12a/0x240 drivers/usb/usbip/vhci_hcd.c:1035 *** Host State *** event_handler+0x1c3/0x4a0 drivers/usb/usbip/usbip_event.c:92 process_one_work+0x793/0x14a0 kernel/workqueue.c:2116 RIP = 0xffffffff81162b8e RSP = 0xffff8882326879b8 CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 worker_thread+0x5cc/0xff0 kernel/workqueue.c:2250 FSBase=00007f74e02a5700 GSBase=ffff8880ba400000 TRBase=fffffe0000034000 kthread+0x30d/0x420 kernel/kthread.c:232 GDTBase=fffffe0000032000 IDTBase=fffffe0000000000 ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:404 CR0=0000000080050033 CR3=000000022d50f000 CR4=00000000001426f0 Code: 00 65 8b 1d Sysenter RSP=fffffe0000034000 CS:RIP=0010:ffffffff87401690 bc 17 c9 7e 83 fb 07 0f EFER = 0x0000000000000d01 PAT = 0x0407050600070106 87 5b 04 00 00 e8 be d5 1e 00 89 db 48 0f a3 1d 0c 42 d0 08 0f 82 a2 03 00 00 e8 a9 d5 1e 00 ff 45 20 48 8d 7d 24 48 b8 00 00 00 00 00 fc ff df 48 89 fa RIP: atomic_inc arch/x86/include/asm/atomic.h:92 [inline] RSP: ffff8880abd87c70 RIP: kthread_stop+0x47/0x640 kernel/kthread.c:525 RSP: ffff8880abd87c70 CR2: 000000000000001c ---[ end trace e04980ad1dd8a469 ]---