kernel BUG at arch/x86/mm/physaddr.c:LINE! (6)

kernel BUG at arch/x86/mm/physaddr.c:LINE! (6)
Status: upstream: reported on 2020/07/29 21:34
Reported-by: syzbot+dfb45ba0aafa4329fd19@syzkaller.appspotmail.com
First crash: 219d, last: 43d

similar bugs (9):
Kernel	Title	Repro	Cause bisect	Fix bisect	Count	Last	Reported	Patched	Status
upstream	kernel BUG at arch/x86/mm/physaddr.c:LINE! (2)	C	done		522	626d	836d	13/21	fixed on 2019/06/14 18:22
linux-4.19	kernel BUG at arch/x86/mm/physaddr.c:LINE! (2)	C		done	82	284d	425d	1/1	fixed on 2020/06/20 23:56
linux-4.19	kernel BUG at arch/x86/mm/physaddr.c:LINE!	syz		done	1	612d	611d	1/1	fixed on 2019/12/16 09:09
linux-4.14	kernel BUG at arch/x86/mm/physaddr.c:LINE!	C		inconclusive	21	9d21h	432d	0/1	upstream: reported C repro on 2019/12/26 02:01
upstream	kernel BUG at arch/x86/mm/physaddr.c:LINE! (5)	C	done		241	231d	304d	17/21	fixed on 2020/07/17 17:58
upstream	kernel BUG at arch/x86/mm/physaddr.c:LINE! (3)				4	618d	617d	0/21	auto-closed as invalid on 2019/10/25 08:46
upstream	kernel BUG at arch/x86/mm/physaddr.c:LINE!	C			10	841d	873d	12/21	fixed on 2018/11/12 21:25
linux-4.19	kernel BUG at arch/x86/mm/physaddr.c:LINE! (3)				20	66d	230d	0/1	upstream: reported on 2020/07/14 16:42
upstream	kernel BUG at arch/x86/mm/physaddr.c:LINE! (4)	C			18	339d	374d	17/21	fixed on 2020/04/15 17:19

Sample crash report:

------------[ cut here ]------------
kernel BUG at arch/x86/mm/physaddr.c:28!
invalid opcode: 0000 [#1] PREEMPT SMP KASAN
CPU: 0 PID: 5 Comm: kworker/0:0 Not tainted 5.11.0-rc3-next-20210115-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Workqueue: md_misc mddev_delayed_delete
RIP: 0010:__phys_addr+0xd3/0x140 arch/x86/mm/physaddr.c:28
Code: e3 44 89 e9 31 ff 48 d3 eb 48 89 de e8 66 30 40 00 48 85 db 75 0f e8 6c 28 40 00 4c 89 e0 5b 5d 41 5c 41 5d c3 e8 5d 28 40 00 <0f> 0b e8 56 28 40 00 48 c7 c0 10 50 0b 8b 48 ba 00 00 00 00 00 fc
RSP: 0018:ffffc90000ca7c28 EFLAGS: 00010293
RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
RDX: ffff888010d18000 RSI: ffffffff8132e0b3 RDI: 0000000000000003
RBP: 0000000080000000 R08: 0000000080000000 R09: ffffffff8ed3d98f
R10: ffffffff8132e02e R11: 000000000000015f R12: 0000778000000000
R13: 0000000000000000 R14: 0000000000000007 R15: 1ffff1100518b5b1
FS:  0000000000000000(0000) GS:ffff8880b9e00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 000000000074ab98 CR3: 0000000068f49000 CR4: 00000000001526f0
Call Trace:
 virt_to_head_page include/linux/mm.h:875 [inline]
 __ksize+0x13/0x110 mm/slub.c:4166
 kasan_unpoison_element mm/mempool.c:115 [inline]
 remove_element mm/mempool.c:133 [inline]
 mempool_exit+0x1ba/0x330 mm/mempool.c:152
 md_free+0x171/0x200 drivers/md/md.c:5606
 kobject_cleanup lib/kobject.c:705 [inline]
 kobject_release lib/kobject.c:736 [inline]
 kref_put include/linux/kref.h:65 [inline]
 kobject_put+0x1c8/0x540 lib/kobject.c:753
 process_one_work+0x98d/0x15f0 kernel/workqueue.c:2275
 worker_thread+0x64c/0x1120 kernel/workqueue.c:2421
 kthread+0x3b1/0x4a0 kernel/kthread.c:292
 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:296
Modules linked in:
---[ end trace a81827a93050a370 ]---
RIP: 0010:__phys_addr+0xd3/0x140 arch/x86/mm/physaddr.c:28
Code: e3 44 89 e9 31 ff 48 d3 eb 48 89 de e8 66 30 40 00 48 85 db 75 0f e8 6c 28 40 00 4c 89 e0 5b 5d 41 5c 41 5d c3 e8 5d 28 40 00 <0f> 0b e8 56 28 40 00 48 c7 c0 10 50 0b 8b 48 ba 00 00 00 00 00 fc
RSP: 0018:ffffc90000ca7c28 EFLAGS: 00010293
RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
RDX: ffff888010d18000 RSI: ffffffff8132e0b3 RDI: 0000000000000003
RBP: 0000000080000000 R08: 0000000080000000 R09: ffffffff8ed3d98f
R10: ffffffff8132e02e R11: 000000000000015f R12: 0000778000000000
R13: 0000000000000000 R14: 0000000000000007 R15: 1ffff1100518b5b1
FS:  0000000000000000(0000) GS:ffff8880b9e00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007fe742bd7000 CR3: 0000000017bab000 CR4: 00000000001526f0

Crashes (67):
Manager	Time	Kernel	Commit	Syzkaller	Config	Log	Report	VM info	Title
ci-upstream-linux-next-kasan-gce-root	2021/01/17 17:06	linux-next	b3a3cbde	813be542	.config	log	report	info	kernel BUG at arch/x86/mm/physaddr.c:LINE!
ci-upstream-kasan-gce	2020/10/09 15:59	upstream	583090b1	d81b165e	.config	log	report	info
ci-upstream-kasan-gce	2020/10/05 16:41	upstream	549738f1	5ef9c291	.config	log	report	info
ci-upstream-kasan-gce	2020/10/04 10:10	upstream	22fbc037	5ef9c291	.config	log	report	info
ci-upstream-kasan-gce	2020/10/02 22:21	upstream	472e5b05	4969d6ca	.config	log	report	info
ci-upstream-kasan-gce-smack-root	2020/09/30 16:01	upstream	02de58b2	8516f6d3	.config	log	report	info
ci-upstream-kasan-gce-root	2020/09/29 01:24	upstream	fb0155a0	1b88c6d5	.config	log	report	info
ci-upstream-kasan-gce	2020/09/28 16:04	upstream	a1b8638b	6bfdbe89	.config	log	report	info
ci-upstream-kasan-gce-root	2020/09/28 12:58	upstream	a1b8638b	6bfdbe89	.config	log	report	info
ci-upstream-kasan-gce	2020/09/28 00:11	upstream	16bc1d54	5dd8aee8	.config	log	report	info
ci-upstream-kasan-gce	2020/09/27 22:55	upstream	a1bffa48	5dd8aee8	.config	log	report	info
ci-upstream-kasan-gce	2020/09/24 15:52	upstream	c9c9e6a4	54289b08	.config	log	report	info
ci-upstream-kasan-gce	2020/09/24 05:47	upstream	c9c9e6a4	54289b08	.config	log	report	info
ci-upstream-kasan-gce	2020/09/23 12:35	upstream	805c6d3c	287cd75a	.config	log	report	info
ci-upstream-kasan-gce	2020/09/22 17:27	upstream	98477740	3e8f6c27	.config	log	report	info
ci-upstream-kasan-gce	2020/09/22 14:59	upstream	98477740	3e8f6c27	.config	log	report	info
ci-upstream-kasan-gce	2020/09/22 05:57	upstream	98477740	9e1fa68e	.config	log	report	info
ci-upstream-kasan-gce	2020/09/20 17:57	upstream	325d0eab	9564d2e9	.config	log	report	info
ci-upstream-kasan-gce	2020/09/20 15:15	upstream	325d0eab	9564d2e9	.config	log	report	info
ci-upstream-kasan-gce	2020/09/19 18:25	upstream	eb5f95f1	53ce8104	.config	log	report	info
ci-upstream-kasan-gce	2020/09/18 21:50	upstream	92ab97ad	53ce8104	.config	log	report	info
ci-upstream-kasan-gce	2020/09/18 13:56	upstream	10b82d51	38962c8b	.config	log	report	info
ci-upstream-kasan-gce	2020/09/18 08:00	upstream	10b82d51	38962c8b	.config	log	report	info
ci-upstream-kasan-gce-smack-root	2020/09/18 06:53	upstream	10b82d51	38962c8b	.config	log	report	info
ci-upstream-kasan-gce	2020/09/18 02:09	upstream	10b82d51	8247808b	.config	log	report	info
ci-upstream-kasan-gce	2020/09/17 01:15	upstream	5925fa68	8247808b	.config	log	report	info
ci-upstream-kasan-gce	2020/09/16 19:15	upstream	fc4f28bb	18d7d030	.config	log	report	info
ci-upstream-kasan-gce	2020/09/16 02:38	upstream	fc4f28bb	6989d6f6	.config	log	report	info
ci-upstream-kasan-gce	2020/09/15 09:11	upstream	fc4f28bb	6989d6f6	.config	log	report	info
ci-upstream-kasan-gce	2020/09/14 01:03	upstream	e4c26faa	2d3cdd63	.config	log	report
ci-upstream-kasan-gce	2020/09/10 06:47	upstream	34d4ddd3	409809d8	.config	log	report
ci-upstream-kasan-gce	2020/09/10 00:52	upstream	34d4ddd3	409809d8	.config	log	report
ci-upstream-kasan-gce-selinux-root	2020/09/09 23:17	upstream	34d4ddd3	409809d8	.config	log	report
ci-upstream-kasan-gce	2020/09/09 17:29	upstream	34d4ddd3	0ea7a887	.config	log	report
ci-upstream-kasan-gce-smack-root	2020/09/08 22:22	upstream	6f6a73c8	abf9ba4f	.config	log	report
ci-upstream-kasan-gce	2020/09/08 20:04	upstream	612ab8ad	abf9ba4f	.config	log	report
ci-upstream-kasan-gce-selinux-root	2020/09/07 22:28	upstream	f4d51dff	abf9ba4f	.config	log	report
ci-upstream-kasan-gce	2020/09/07 18:58	upstream	f4d51dff	abf9ba4f	.config	log	report
ci-upstream-kasan-gce	2020/09/07 02:33	upstream	a8205e31	abf9ba4f	.config	log	report
ci-upstream-kasan-gce-root	2020/09/06 12:32	upstream	dd9fb9bb	abf9ba4f	.config	log	report
ci-upstream-kasan-gce-smack-root	2020/09/05 05:28	upstream	c70672d8	abf9ba4f	.config	log	report
ci-upstream-kasan-gce	2020/09/04 01:00	upstream	e28f0104	abf9ba4f	.config	log	report
ci-upstream-kasan-gce	2020/09/03 23:06	upstream	e28f0104	abf9ba4f	.config	log	report
ci-upstream-kasan-gce-smack-root	2020/09/02 17:06	upstream	9c7d619b	abf9ba4f	.config	log	report
ci-upstream-kasan-gce	2020/09/02 04:32	upstream	b765a32a	abf9ba4f	.config	log	report
ci-upstream-kasan-gce-smack-root	2020/09/02 00:10	upstream	b765a32a	abf9ba4f	.config	log	report
ci-upstream-kasan-gce	2020/09/01 21:38	upstream	b51594df	d5a3ae1f	.config	log	report
ci-upstream-kasan-gce	2020/09/01 07:48	upstream	b51594df	d5a3ae1f	.config	log	report
ci-upstream-kasan-gce	2020/08/31 18:33	upstream	f75aef39	d5a3ae1f	.config	log	report
ci-upstream-kasan-gce	2020/08/31 18:00	upstream	f75aef39	d5a3ae1f	.config	log	report
ci-upstream-kasan-gce	2020/08/31 03:06	upstream	dcc5c6f0	d5a3ae1f	.config	log	report
ci-upstream-kasan-gce	2020/08/28 18:52	upstream	15bc20c6	d5a3ae1f	.config	log	report
ci-upstream-kasan-gce-smack-root	2020/08/26 08:18	upstream	abb3438d	344da168	.config	log	report
ci-upstream-kasan-gce-smack-root	2020/08/22 02:00	upstream	cd02217a	6436ce4b	.config	log	report
ci-upstream-kasan-gce	2020/08/19 12:55	upstream	18445bf4	e1c29030	.config	log	report
ci-upstream-kasan-gce-smack-root	2020/08/18 03:53	upstream	06a4ec1d	424dd8e7	.config	log	report
ci-upstream-kasan-gce-386	2020/10/04 01:40	upstream	22fbc037	1a3f9408	.config	log	report	info
ci-upstream-kasan-gce-386	2020/10/02 01:00	upstream	fcadab74	9602ddf4	.config	log	report	info
ci-upstream-kasan-gce-386	2020/09/25 18:58	upstream	171d4ff7	4a006f63	.config	log	report	info
ci-upstream-kasan-gce-386	2020/09/04 18:42	upstream	59126901	abf9ba4f	.config	log	report
ci-upstream-kasan-gce-386	2020/09/02 17:15	upstream	9c7d619b	abf9ba4f	.config	log	report
ci-upstream-kasan-gce-386	2020/09/02 03:30	upstream	b765a32a	abf9ba4f	.config	log	report
ci-upstream-kasan-gce-386	2020/08/19 15:45	upstream	18445bf4	94b45706	.config	log	report
ci-upstream-kasan-gce-386	2020/07/25 21:30	upstream	23ee3e4e	1f7cc1ca	.config	log	report
ci-upstream-linux-next-kasan-gce-root	2020/09/02 09:10	linux-next	b36c9697	abf9ba4f	.config	log	report
ci-upstream-linux-next-kasan-gce-root	2020/09/02 01:13	linux-next	b36c9697	abf9ba4f	.config	log	report