vhci_hcd vhci_hcd.0: pdev(4) rhport(1) sockfd(3)
vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
vhci_hcd: connection closed
==================================================================
BUG: KASAN: null-ptr-deref in atomic_inc include/asm-generic/atomic-instrumented.h:109 [inline]
BUG: KASAN: null-ptr-deref in kthread_stop+0x72/0x6b0 kernel/kthread.c:583
Write of size 4 at addr 000000000000001c by task kworker/u4:8/10673

CPU: 1 PID: 10673 Comm: kworker/u4:8 Not tainted 4.19.180-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Workqueue: usbip_event event_handler
Call Trace:
 __dump_stack lib/dump_stack.c:77 [inline]
 dump_stack+0x1fc/0x2ef lib/dump_stack.c:118
 kasan_report_error.cold+0x15b/0x1b9 mm/kasan/report.c:352
 kasan_report+0x8f/0xa0 mm/kasan/report.c:412
 atomic_inc include/asm-generic/atomic-instrumented.h:109 [inline]
 kthread_stop+0x72/0x6b0 kernel/kthread.c:583
 vhci_shutdown_connection+0x14e/0x280 drivers/usb/usbip/vhci_hcd.c:1023
 event_handler+0x1f0/0x4f0 drivers/usb/usbip/usbip_event.c:78
 process_one_work+0x864/0x1570 kernel/workqueue.c:2152
 worker_thread+0x64c/0x1130 kernel/workqueue.c:2295
 kthread+0x33f/0x460 kernel/kthread.c:259
 ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:415
==================================================================
FAULT_INJECTION: forcing a failure.
name failslab, interval 1, probability 0, space 0, times 1
CPU: 1 PID: 12516 Comm: syz-executor.4 Tainted: G    B             4.19.180-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
 __dump_stack lib/dump_stack.c:77 [inline]
 dump_stack+0x1fc/0x2ef lib/dump_stack.c:118
 fail_dump lib/fault-inject.c:51 [inline]
 should_fail.cold+0xa/0xf lib/fault-inject.c:149
 __should_failslab+0x115/0x180 mm/failslab.c:32
 should_failslab+0x5/0x10 mm/slab_common.c:1588
 slab_pre_alloc_hook mm/slab.h:424 [inline]
 slab_alloc mm/slab.c:3383 [inline]
 kmem_cache_alloc+0x277/0x370 mm/slab.c:3557
 getname_flags+0xce/0x590 fs/namei.c:140
 getname fs/namei.c:211 [inline]
 user_path_create fs/namei.c:3696 [inline]
 do_mknodat.part.0+0xb9/0x480 fs/namei.c:3757
 do_mknodat fs/namei.c:3795 [inline]
 __do_sys_mknod fs/namei.c:3797 [inline]
 __se_sys_mknod fs/namei.c:3795 [inline]
 __x64_sys_mknod+0xf8/0x120 fs/namei.c:3795
 do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293
 entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x465f69
Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007fe872a55188 EFLAGS: 00000246 ORIG_RAX: 0000000000000085
RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 0000000000465f69
RDX: 0000000000000708 RSI: 0000000000002000 RDI: 0000000020000340
RBP: 00007fe872a551d0 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
R13: 00007fffa3372d7f R14: 00007fe872a55300 R15: 0000000000022000