------------[ cut here ]------------
kernel BUG at arch/x86/mm/physaddr.c:27!
invalid opcode: 0000 [#1] PREEMPT SMP KASAN
CPU: 0 PID: 6645 Comm: syz-executor.2 Not tainted 4.19.133-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
RIP: 0010:__phys_addr+0xa7/0x110 arch/x86/mm/physaddr.c:27
Code: e1 7c 08 4c 89 e3 31 ff 48 d3 eb 48 89 de e8 00 be 38 00 48 85 db 75 0d e8 66 bc 38 00 4c 89 e0 5b 5d 41 5c c3 e8 59 bc 38 00 <0f> 0b e8 52 bc 38 00 48 c7 c0 10 50 c7 88 48 ba 00 00 00 00 00 fc
RSP: 0018:ffff88806c9bfaf0 EFLAGS: 00010093
RAX: ffff888084b62140 RBX: 00000000001c6f80 RCX: ffffffff8130ec18
RDX: 0000000000000000 RSI: ffffffff8130ec77 RDI: 0000000000000006
RBP: 00000000801c6f80 R08: 0000000000000000 R09: 00000000801c6f80
R10: 0000000000000006 R11: 0000000000000000 R12: 00007780001c6f80
R13: 0000000000000007 R14: fffffbfff135bd06 R15: ffff888000197008
FS:  000000000229f940(0000) GS:ffff8880ae600000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000000000743694 CR3: 00000000a4508000 CR4: 00000000001426f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 virt_to_head_page include/linux/mm.h:665 [inline]
 virt_to_cache mm/slab.c:399 [inline]
 kfree+0x77/0x210 mm/slab.c:3818
 kvfree+0x59/0x60 mm/util.c:452
 xt_free_table_info+0xb6/0x180 net/netfilter/x_tables.c:1197
 __do_replace+0x6ab/0x870 net/ipv6/netfilter/ip6_tables.c:1107
 do_replace net/ipv6/netfilter/ip6_tables.c:1160 [inline]
 do_ip6t_set_ctl+0x2d2/0x425 net/ipv6/netfilter/ip6_tables.c:1684
 nf_sockopt net/netfilter/nf_sockopt.c:106 [inline]
 nf_setsockopt+0x6f/0xc0 net/netfilter/nf_sockopt.c:115
 ipv6_setsockopt+0x103/0x160 net/ipv6/ipv6_sockglue.c:944
 tcp_setsockopt+0x86/0xd0 net/ipv4/tcp.c:3095
 __sys_setsockopt+0x14d/0x240 net/socket.c:1901
 __do_sys_setsockopt net/socket.c:1912 [inline]
 __se_sys_setsockopt net/socket.c:1909 [inline]
 __x64_sys_setsockopt+0xba/0x150 net/socket.c:1909
 do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293
 entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x45ed0a
Code: 49 89 ca b8 37 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 4a 8b fb ff c3 66 0f 1f 84 00 00 00 00 00 49 89 ca b8 36 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 2a 8b fb ff c3 66 0f 1f 84 00 00 00 00 00
RSP: 002b:00007fff0e8aea18 EFLAGS: 00000206 ORIG_RAX: 0000000000000036
RAX: ffffffffffffffda RBX: 00007fff0e8aea40 RCX: 000000000045ed0a
RDX: 0000000000000040 RSI: 0000000000000029 RDI: 0000000000000003
RBP: 0000000000743ca0 R08: 00000000000003b8 R09: 0000000000004000
R10: 0000000000743640 R11: 0000000000000206 R12: 0000000000000003
R13: 0000000000000000 R14: 0000000000000029 R15: 00000000007435e0
Modules linked in:
---[ end trace 6ce52ef3642b2cad ]---
RIP: 0010:__phys_addr+0xa7/0x110 arch/x86/mm/physaddr.c:27
Code: e1 7c 08 4c 89 e3 31 ff 48 d3 eb 48 89 de e8 00 be 38 00 48 85 db 75 0d e8 66 bc 38 00 4c 89 e0 5b 5d 41 5c c3 e8 59 bc 38 00 <0f> 0b e8 52 bc 38 00 48 c7 c0 10 50 c7 88 48 ba 00 00 00 00 00 fc
RSP: 0018:ffff88806c9bfaf0 EFLAGS: 00010093
RAX: ffff888084b62140 RBX: 00000000001c6f80 RCX: ffffffff8130ec18
RDX: 0000000000000000 RSI: ffffffff8130ec77 RDI: 0000000000000006
RBP: 00000000801c6f80 R08: 0000000000000000 R09: 00000000801c6f80
R10: 0000000000000006 R11: 0000000000000000 R12: 00007780001c6f80
R13: 0000000000000007 R14: fffffbfff135bd06 R15: ffff888000197008
FS:  000000000229f940(0000) GS:ffff8880ae600000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000000000743694 CR3: 00000000a4508000 CR4: 00000000001426f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400