kernel BUG at arch/x86/mm/physaddr.c:LINE! (6)

kernel BUG at arch/x86/mm/physaddr.c:LINE! (6)
Status: upstream: reported on 2020/07/29 21:34
Reported-by: syzbot+dfb45ba0aafa4329fd19@syzkaller.appspotmail.com
First crash: 459d, last: 33d

similar bugs (9):
Kernel	Title	Repro	Cause bisect	Fix bisect	Count	Last	Reported	Patched	Status
upstream	kernel BUG at arch/x86/mm/physaddr.c:LINE! (2)	C	done		522	867d	1076d	13/22	fixed on 2019/06/14 18:22
linux-4.19	kernel BUG at arch/x86/mm/physaddr.c:LINE! (2)	C		done	82	524d	665d	1/1	fixed on 2020/06/20 23:56
linux-4.19	kernel BUG at arch/x86/mm/physaddr.c:LINE!	syz		done	1	852d	852d	1/1	fixed on 2019/12/16 09:09
linux-4.14	kernel BUG at arch/x86/mm/physaddr.c:LINE!	C		inconclusive	23	215d	672d	0/1	upstream: reported C repro on 2019/12/26 02:01
upstream	kernel BUG at arch/x86/mm/physaddr.c:LINE! (5)	C	done		241	472d	545d	17/22	fixed on 2020/07/17 17:58
upstream	kernel BUG at arch/x86/mm/physaddr.c:LINE! (3)				4	858d	858d	0/22	auto-closed as invalid on 2019/10/25 08:46
upstream	kernel BUG at arch/x86/mm/physaddr.c:LINE!	C			10	1081d	1113d	12/22	fixed on 2018/11/12 21:25
linux-4.19	kernel BUG at arch/x86/mm/physaddr.c:LINE! (3)				48	2d03h	470d	0/1	upstream: reported on 2020/07/14 16:42
upstream	kernel BUG at arch/x86/mm/physaddr.c:LINE! (4)	C			18	579d	614d	17/22	fixed on 2020/04/15 17:19

Sample crash report:

------------[ cut here ]------------
kernel BUG at arch/x86/mm/physaddr.c:28!
invalid opcode: 0000 [#1] PREEMPT SMP KASAN
CPU: 0 PID: 5 Comm: kworker/0:0 Not tainted 5.11.0-rc3-next-20210115-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Workqueue: md_misc mddev_delayed_delete
RIP: 0010:__phys_addr+0xd3/0x140 arch/x86/mm/physaddr.c:28
Code: e3 44 89 e9 31 ff 48 d3 eb 48 89 de e8 66 30 40 00 48 85 db 75 0f e8 6c 28 40 00 4c 89 e0 5b 5d 41 5c 41 5d c3 e8 5d 28 40 00 <0f> 0b e8 56 28 40 00 48 c7 c0 10 50 0b 8b 48 ba 00 00 00 00 00 fc
RSP: 0018:ffffc90000ca7c28 EFLAGS: 00010293
RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
RDX: ffff888010d18000 RSI: ffffffff8132e0b3 RDI: 0000000000000003
RBP: 0000000080000000 R08: 0000000080000000 R09: ffffffff8ed3d98f
R10: ffffffff8132e02e R11: 000000000000015f R12: 0000778000000000
R13: 0000000000000000 R14: 0000000000000007 R15: 1ffff1100518b5b1
FS:  0000000000000000(0000) GS:ffff8880b9e00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 000000000074ab98 CR3: 0000000068f49000 CR4: 00000000001526f0
Call Trace:
 virt_to_head_page include/linux/mm.h:875 [inline]
 __ksize+0x13/0x110 mm/slub.c:4166
 kasan_unpoison_element mm/mempool.c:115 [inline]
 remove_element mm/mempool.c:133 [inline]
 mempool_exit+0x1ba/0x330 mm/mempool.c:152
 md_free+0x171/0x200 drivers/md/md.c:5606
 kobject_cleanup lib/kobject.c:705 [inline]
 kobject_release lib/kobject.c:736 [inline]
 kref_put include/linux/kref.h:65 [inline]
 kobject_put+0x1c8/0x540 lib/kobject.c:753
 process_one_work+0x98d/0x15f0 kernel/workqueue.c:2275
 worker_thread+0x64c/0x1120 kernel/workqueue.c:2421
 kthread+0x3b1/0x4a0 kernel/kthread.c:292
 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:296
Modules linked in:
---[ end trace a81827a93050a370 ]---
RIP: 0010:__phys_addr+0xd3/0x140 arch/x86/mm/physaddr.c:28
Code: e3 44 89 e9 31 ff 48 d3 eb 48 89 de e8 66 30 40 00 48 85 db 75 0f e8 6c 28 40 00 4c 89 e0 5b 5d 41 5c 41 5d c3 e8 5d 28 40 00 <0f> 0b e8 56 28 40 00 48 c7 c0 10 50 0b 8b 48 ba 00 00 00 00 00 fc
RSP: 0018:ffffc90000ca7c28 EFLAGS: 00010293
RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
RDX: ffff888010d18000 RSI: ffffffff8132e0b3 RDI: 0000000000000003
RBP: 0000000080000000 R08: 0000000080000000 R09: ffffffff8ed3d98f
R10: ffffffff8132e02e R11: 000000000000015f R12: 0000778000000000
R13: 0000000000000000 R14: 0000000000000007 R15: 1ffff1100518b5b1
FS:  0000000000000000(0000) GS:ffff8880b9e00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007fe742bd7000 CR3: 0000000017bab000 CR4: 00000000001526f0

Crashes (85):
Manager	Time	Kernel	Commit	Syzkaller	Config	Log	Report	VM info	Title
ci-upstream-linux-next-kasan-gce-root	2021/01/17 17:06	linux-next	b3a3cbdec55b	813be542	.config	log	report	info	kernel BUG at arch/x86/mm/physaddr.c:LINE!
ci-upstream-kasan-gce	2021/09/25 11:19	upstream	7d42e9818258	8cac236e	.config	log	report	info	kernel BUG in __phys_addr
ci-upstream-kasan-gce-selinux-root	2021/09/19 23:10	upstream	bc1abb9e55ce	70b76c1d	.config	log	report	info	kernel BUG in __phys_addr
ci-upstream-kasan-gce-smack-root	2021/08/18 09:11	upstream	794c7931a242	a2fe1cb5	.config	log	report	info	kernel BUG in __phys_addr
ci-upstream-kasan-gce-selinux-root	2021/08/14 03:29	upstream	dfa377c35d70	2489ab88	.config	log	report	info	kernel BUG in __phys_addr
ci-upstream-kasan-gce	2021/07/04 21:54	upstream	3dbdb38e2869	55aa55c2	.config	log	report	info	kernel BUG in __phys_addr
ci-upstream-kasan-gce-selinux-root	2021/05/26 11:08	upstream	ad9f25d33860	54f0bcf1	.config	log	report	info	kernel BUG in __phys_addr
ci-upstream-kasan-gce	2020/10/09 15:59	upstream	583090b1b823	d81b165e	.config	log	report	info
ci-upstream-kasan-gce	2020/10/05 16:41	upstream	549738f15da0	5ef9c291	.config	log	report	info
ci-upstream-kasan-gce	2020/10/04 10:10	upstream	22fbc037cd32	5ef9c291	.config	log	report	info
ci-upstream-kasan-gce	2020/10/02 22:21	upstream	472e5b056f00	4969d6ca	.config	log	report	info
ci-upstream-kasan-gce-smack-root	2020/09/30 16:01	upstream	02de58b24d2e	8516f6d3	.config	log	report	info
ci-upstream-kasan-gce-root	2020/09/29 01:24	upstream	fb0155a09b02	1b88c6d5	.config	log	report	info
ci-upstream-kasan-gce	2020/09/28 16:04	upstream	a1b8638ba132	6bfdbe89	.config	log	report	info
ci-upstream-kasan-gce-root	2020/09/28 12:58	upstream	a1b8638ba132	6bfdbe89	.config	log	report	info
ci-upstream-kasan-gce	2020/09/28 00:11	upstream	16bc1d5432eb	5dd8aee8	.config	log	report	info
ci-upstream-kasan-gce	2020/09/27 22:55	upstream	a1bffa48745a	5dd8aee8	.config	log	report	info
ci-upstream-kasan-gce	2020/09/24 15:52	upstream	c9c9e6a49f89	54289b08	.config	log	report	info
ci-upstream-kasan-gce	2020/09/24 05:47	upstream	c9c9e6a49f89	54289b08	.config	log	report	info
ci-upstream-kasan-gce	2020/09/23 12:35	upstream	805c6d3c1921	287cd75a	.config	log	report	info
ci-upstream-kasan-gce	2020/09/22 17:27	upstream	98477740630f	3e8f6c27	.config	log	report	info
ci-upstream-kasan-gce	2020/09/22 14:59	upstream	98477740630f	3e8f6c27	.config	log	report	info
ci-upstream-kasan-gce	2020/09/22 05:57	upstream	98477740630f	9e1fa68e	.config	log	report	info
ci-upstream-kasan-gce	2020/09/20 17:57	upstream	325d0eab4f31	9564d2e9	.config	log	report	info
ci-upstream-kasan-gce	2020/09/20 15:15	upstream	325d0eab4f31	9564d2e9	.config	log	report	info
ci-upstream-kasan-gce	2020/09/19 18:25	upstream	eb5f95f1593f	53ce8104	.config	log	report	info
ci-upstream-kasan-gce	2020/09/18 21:50	upstream	92ab97adeefc	53ce8104	.config	log	report	info
ci-upstream-kasan-gce	2020/09/18 13:56	upstream	10b82d517648	38962c8b	.config	log	report	info
ci-upstream-kasan-gce	2020/09/18 08:00	upstream	10b82d517648	38962c8b	.config	log	report	info
ci-upstream-kasan-gce-smack-root	2020/09/18 06:53	upstream	10b82d517648	38962c8b	.config	log	report	info
ci-upstream-kasan-gce	2020/09/18 02:09	upstream	10b82d517648	8247808b	.config	log	report	info
ci-upstream-kasan-gce	2020/09/17 01:15	upstream	5925fa68fe82	8247808b	.config	log	report	info
ci-upstream-kasan-gce	2020/09/16 19:15	upstream	fc4f28bb3daf	18d7d030	.config	log	report	info
ci-upstream-kasan-gce	2020/09/16 02:38	upstream	fc4f28bb3daf	6989d6f6	.config	log	report	info
ci-upstream-kasan-gce	2020/09/15 09:11	upstream	fc4f28bb3daf	6989d6f6	.config	log	report	info
ci-upstream-kasan-gce	2020/09/14 01:03	upstream	e4c26faa426c	2d3cdd63	.config	log	report
ci-upstream-kasan-gce	2020/09/10 06:47	upstream	34d4ddd359db	409809d8	.config	log	report
ci-upstream-kasan-gce	2020/09/10 00:52	upstream	34d4ddd359db	409809d8	.config	log	report
ci-upstream-kasan-gce-selinux-root	2020/09/09 23:17	upstream	34d4ddd359db	409809d8	.config	log	report
ci-upstream-kasan-gce	2020/08/31 18:33	upstream	f75aef392f86	d5a3ae1f	.config	log	report
ci-upstream-kasan-gce	2020/08/31 18:00	upstream	f75aef392f86	d5a3ae1f	.config	log	report
ci-upstream-kasan-gce	2020/08/31 03:06	upstream	dcc5c6f013d8	d5a3ae1f	.config	log	report
ci-upstream-kasan-gce	2020/08/28 18:52	upstream	15bc20c6af4c	d5a3ae1f	.config	log	report
ci-upstream-kasan-gce-smack-root	2020/08/26 08:18	upstream	abb3438d69fb	344da168	.config	log	report
ci-upstream-kasan-gce-smack-root	2020/08/22 02:00	upstream	cd02217a5d81	6436ce4b	.config	log	report
ci-upstream-kasan-gce	2020/08/19 12:55	upstream	18445bf405cb	e1c29030	.config	log	report
ci-upstream-kasan-gce-smack-root	2020/08/18 03:53	upstream	06a4ec1d9dc6	424dd8e7	.config	log	report
ci-upstream-kasan-gce-386	2021/08/12 22:26	upstream	f8fbb47c6e86	3fd2ea69	.config	log	report	info	kernel BUG in __phys_addr
ci-upstream-kasan-gce-386	2021/08/10 04:15	upstream	9a73fa375d58	6972b106	.config	log	report	info	kernel BUG in __phys_addr
ci-upstream-kasan-gce-386	2021/08/05 18:44	upstream	251a1524293d	d2d6e680	.config	log	report	info	kernel BUG in __phys_addr
ci-upstream-kasan-gce-386	2021/08/02 10:37	upstream	c500bee1c5b2	6c236867	.config	log	report	info	kernel BUG in __phys_addr
ci-upstream-kasan-gce-386	2021/07/29 14:24	upstream	4010a528219e	b44001ce	.config	log	report	info	kernel BUG in __phys_addr
ci-upstream-kasan-gce-386	2021/07/28 20:42	upstream	4010a528219e	9a4781d4	.config	log	report	info	kernel BUG in __phys_addr
ci-upstream-kasan-gce-386	2021/07/25 03:36	upstream	7ffca2bb9d8b	4d1b57d4	.config	log	report	info	kernel BUG in __phys_addr
ci-upstream-kasan-gce-386	2021/07/07 08:56	upstream	3dbdb38e2869	4846d5c1	.config	log	report	info	kernel BUG in __phys_addr
ci-upstream-kasan-gce-386	2021/06/29 04:23	upstream	233a806b00e3	9d2ab5df	.config	log	report	info	kernel BUG in __phys_addr
ci-upstream-kasan-gce-386	2021/06/26 20:43	upstream	625acffd7ae2	9d2ab5df	.config	log	report	info	kernel BUG in __phys_addr
ci-upstream-kasan-gce-386	2020/10/04 01:40	upstream	22fbc037cd32	1a3f9408	.config	log	report	info
ci-upstream-kasan-gce-386	2020/10/02 01:00	upstream	fcadab740480	9602ddf4	.config	log	report	info
ci-upstream-kasan-gce-386	2020/09/25 18:58	upstream	171d4ff79f96	4a006f63	.config	log	report	info
ci-upstream-kasan-gce-386	2020/08/19 15:45	upstream	18445bf405cb	94b45706	.config	log	report
ci-upstream-kasan-gce-386	2020/07/25 21:30	upstream	23ee3e4e5bd2	1f7cc1ca	.config	log	report
ci-upstream-linux-next-kasan-gce-root	2021/04/26 07:52	linux-next	e3d35712f85a	2a82f1b3	.config	log	report	info	kernel BUG in __phys_addr