RHEL8.3 crashes due to a possible biovec-max slab use-after-free that causes the freelist corruption.

Issue

• RHEL8.3 crashes due to a possible biovec-max slab use-after-free that causes the freelist corruption.

[1044213.838325] stack segment: 0000 [#1] SMP PTI
[1044213.838366] CPU: 103 PID: 508968 Comm: postgres Kdump: loaded Not tainted 4.18.0-240.el8.x86_64 #1
[1044213.838400] Hardware name: HP ProLiant DL580 Gen9/ProLiant DL580 Gen9, BIOS U17 10/21/2019
[1044213.838437] RIP: 0010:kmem_cache_alloc+0x78/0x1b0
[1044213.838459] Code: 01 00 00 4d 8b 06 65 49 8b 50 08 65 4c 03 05 8f 88 f6 65 49 8b 28 48 85 ed 0f 84 03 01 00 00 41 8b 46 20 49 8b 3e 48 8d 4a 01 <48> 8b 5c 05 00 48 89 e8 65 48 0f c7 0f 0f 94 c0 84 c0 74 c5 41 8b
[1044213.838522] RSP: 0018:ffffc2a35b66fa78 EFLAGS: 00010286
[1044213.838544] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00000000000ad5e5
[1044213.838569] RDX: 00000000000ad5e4 RSI: 0000000000411200 RDI: 0000000000033770
[1044213.838595] RBP: 8bb99b37a072f8fa R08: ffffa18f7f8f3770 R09: 0000000000000000
[1044213.838620] R10: 0000000000000006 R11: 000000000000000f R12: 0000000000411200
[1044213.838645] R13: ffffffff9a02fac7 R14: ffffa0d0812ff980 R15: ffffa0d0812ff980
[1044213.838671] FS:  00007f67ae36a7c0(0000) GS:ffffa18f7f8c0000(0000) knlGS:0000000000000000
[1044213.838699] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[1044213.838720] CR2: 0000000000b6e4d8 CR3: 0000006424622005 CR4: 00000000003606e0
[1044213.838746] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[1044213.838771] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[1044213.838796] Call Trace:
[1044213.838820]  ? finish_wait+0x80/0x80
[1044213.838844]  mempool_alloc+0x67/0x190
[1044213.838863]  ? finish_wait+0x80/0x80
[1044213.838880]  ? mempool_alloc+0x67/0x190
[1044213.838899]  bvec_alloc+0x82/0xe0
[1044213.838915]  bio_alloc_bioset+0x1ad/0x210
[1044213.838936]  iomap_writepage_map+0x1fc/0x6b0
[1044213.838958]  write_cache_pages+0x1aa/0x440
[1044213.838977]  ? iomap_invalidatepage+0xe0/0xe0
[1044213.838997]  ? submit_bio+0x3c/0x160
[1044213.839013]  iomap_writepages+0x1c/0x40
[1044213.839131]  xfs_vm_writepages+0x64/0x90 [xfs]
[1044213.839153]  do_writepages+0x41/0xd0
[1044213.839176]  ? __switch_to_asm+0x35/0x70
[1044213.839194]  ? __switch_to_asm+0x41/0x70
[1044213.839211]  ? __switch_to_asm+0x35/0x70
[1044213.839229]  ? __switch_to_asm+0x41/0x70
[1044213.839254]  ? __switch_to_asm+0x35/0x70
[1044213.839271]  ? __switch_to_asm+0x41/0x70
[1044213.839288]  ? __switch_to_asm+0x35/0x70
[1044213.839307]  __filemap_fdatawrite_range+0xbe/0xf0
[1044213.839330]  sync_file_range+0xb3/0xe0
[1044213.839348]  ksys_sync_file_range+0x3c/0x80
[1044213.839368]  __x64_sys_sync_file_range+0x1a/0x20
[1044213.839953]  do_syscall_64+0x5b/0x1a0
[1044213.840507]  entry_SYSCALL_64_after_hwframe+0x65/0xca
[1044213.841067] RIP: 0033:0x7f67ae7ce7db
[1044213.841621] Code: 48 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 f3 0f 1e fa 48 8d 05 85 fd 2c 00 41 89 ca 8b 00 85 c0 75 14 b8 15 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 5d c3 0f 1f 40 00 41 55 41 89 cd 41 54 49 89
[1044213.842788] RSP: 002b:00007ffedc39d0f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000115
[1044213.843371] RAX: ffffffffffffffda RBX: 00000000000005e3 RCX: 00007f67ae7ce7db
[1044213.843943] RDX: 0000000000004000 RSI: 000000001ba56000 RDI: 00000000000000af
[1044213.844506] RBP: 000000000285b3f0 R08: 0000000000000440 R09: 00007ffedc39d0bc
[1044213.845060] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000004000
[1044213.845638] R13: 00000000000178c0 R14: 000000001ba56000 R15: 00000000000164a8
[1044213.846177] Modules linked in: binfmt_misc nft_fib_inet nft_fib_ipv4 nft_fib_ipv6 nft_fib ip6_tables ip_tables nft_compat 8021q garp mrp stp llc bonding nft_reject_inet nf_reject_ipv4 nf_reject_ipv6 nft_reject nft_ct nf_tables_set nft_chain_nat nf_nat nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 ip_set nf_tables nfnetlink vfat fat intel_rapl_msr iTCO_wdt iTCO_vendor_support intel_rapl_common sb_edac x86_pkg_temp_thermal intel_powerclamp ipmi_ssif coretemp kvm_intel kvm irqbypass crct10dif_pclmul crc32_pclmul ghash_clmulni_intel intel_cstate intel_uncore intel_rapl_perf pcspkr joydev lpc_ich hpwdt hpilo ioatdma dca wmi ipmi_si ipmi_devintf ipmi_msghandler acpi_tad acpi_power_meter xfs sd_mod sg mgag200 drm_kms_helper bnx2x syscopyarea sysfillrect sysimgblt fb_sys_fops drm_vram_helper drm_ttm_helper ttm drm hpsa mdio libcrc32c crc32c_intel tg3 i2c_algo_bit scsi_transport_sas dm_mirror dm_region_hash dm_log dm_mod [last unloaded: ip_tables]