Hi,
I'm one of the maintainers of the beyond linux from scratch book [1]. I hope I
am at the right place for reporting this. I'm sorry I have not found a simple
reproducer. Please tell me if I need to file a bug too. Here is the bug report:

[1.] Summary: SLUB allocator generates GPF + freeze while SLAB is OK

[2.] Full description: While running the "shell/thin-flags.sh" test of the
LVM2-2.03.10 testsuite, the test seems to hang after a while, then a few
seconds or minutes later, the computer stops working (unresponsive
keyboard/mouse). Examining the logs after restart shows that a few GPF have
been issued before the freeze. Changing the SLUB allocator to the SLAB one,
the test finishes (it fails), but there are no GPF and no freeze.

[3.] Keywords: memory allocation, device mapper

[4.] Kernel information
[4.1.] Kernel version (from /proc/version): Linux version 5.8.1-lfs-1-amd64
(gcc (Debian 10.2.0-5) 10.2.0, GNU ld (GNU Binutils for Debian) 2.35) #1 SMP
Wed Aug 12 09:09:32 CEST 2020 (built with make dpkg-deb on Debian sid)
[4.2.] Kernel .config file: see attached

[5.] Most recent kernel version which did not have the bug: unkown: tried also
5.7.12 and 5.7.9, with similar results.

[6.] Output of Oops.. message (if applicable) with symbolic information
     resolved (see Documentation/admin-guide/oops-tracing.rst)
Here are the first two GPF for one case: note that the stack trace is not
always the same (for the first GPF), and it may happen that the RIP is not
always in __kmalloc_track_caller+0x93/0x1b0: it may also be in
__kmalloc_node+0xc4/0x2c0
(see attached "gpf-report")
symbolic information:
l *__kmalloc_track_caller+0x93/0x1b0
0xffffffff811ed010 is in __kmalloc_track_caller (mm/slub.c:4422).
4417	void *__kmalloc_track_caller(size_t size, gfp_t gfpflags, unsigned long
caller)
4418	{
4419		struct kmem_cache *s;
4420		void *ret;
4421	
4422		if (unlikely(size > KMALLOC_MAX_CACHE_SIZE))
4423			return kmalloc_large(size, gfpflags);
4424	
4425		s = kmalloc_slab(size, gfpflags);
4426
l *__kmalloc_node
0xffffffff811ed690 is in __kmalloc_node (mm/slub.c:3927).
3922	void *__kmalloc_node(size_t size, gfp_t flags, int node)
3923	{
3924		struct kmem_cache *s;
3925		void *ret;
3926	
3927		if (unlikely(size > KMALLOC_MAX_CACHE_SIZE)) {
3928			ret = kmalloc_large_node(size, flags, node);
3929	
3930			trace_kmalloc_node(_RET_IP_, ret,
3931					   size, PAGE_SIZE << get_order(size),

[7.] A small shell script or example program which triggers the
     problem (if possible)
This is where I feel sorry: I am unable to track down what triggers the fault.
The lvm testsuite is complicated, and I am unable to step through it... So my
way to do it is:
- download https://sourceware.org/pub/lvm2/LVM2.2.03.10.tgz
- unpack it, change to the LVM2.2.03.10 directory.
- make sure you have the dependencies (libaio-dev, thin-provisioning, and lvm2
installed)
- run:
SAVEPATH=$PATH                  &&
PATH=$PATH:/sbin:/usr/sbin      &&
./configure --prefix=/usr       \
            --exec-prefix=      \
            --enable-cmdlib     \
            --enable-pkgconfig  \
            --enable-udev_sync  &&
make                            &&
PATH=$SAVEPATH                  &&
unset SAVEPATH

then:
sudo make T=thin-flags check_local

there is always a GPF (or more) generated, then a freeze after a while (or
immediately). With the same config, but SLAB allocator, the test completes
(with failure), and there is no GPF.
Note that this is the same with the debian stock kernel (test fails but no GPF)

[8.] Environment
[8.1.] Software (add the output of the ver_linux script here)

Linux turboli 5.8.1-lfs-1-amd64 #1 SMP Wed Aug 12 09:09:32 CEST 2020 x86_64
GNU/Linux

GNU C               	10
GNU Make            	4.3
Binutils            	2.35
Util-linux          	2.36
Mount               	2.36
Bison               	3.7
Flex                	2.6.4
Dynamic linker (ldd)	2.31
Procps              	3.3.16
Kbd                 	2.0.4
Console-tools       	2.0.4
Sh-utils            	8.32
Udev                	246
Modules Loaded      	aesni_intel coretemp crc32_pclmul crct10dif_pclmul cryptd
crypto_simd ghash_clmulni_intel glue_helper intel_powerclamp intel_rapl_common
intel_rapl_msr nfc regmap_i2c snd_compress snd_soc_core snd_soc_rl6231
snd_soc_rt5640 x86_pkg_temp_thermal

[8.2.] Processor information (from /proc/cpuinfo):
processor	: 0
vendor_id	: GenuineIntel
cpu family	: 6
model		: 60
model name	: Intel(R) Core(TM) i7-4790 CPU @ 3.60GHz
stepping	: 3
microcode	: 0x28
cpu MHz		: 3593.104
cache size	: 8192 KB
physical id	: 0
siblings	: 8
core id		: 0
cpu cores	: 4
apicid		: 0
initial apicid	: 0
fpu		: yes
fpu_exception	: yes
cpuid level	: 13
wp		: yes
flags		: fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat
pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb
rdtscp lm constant_tsc arch_perfmon pebs bts rep_good nopl xtopology
nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est
tm2 ssse3 sdbg fma cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt
tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm cpuid_fault epb
invpcid_single pti ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid
ept_ad fsgsbase tsc_adjust bmi1 avx2 smep bmi2 erms invpcid xsaveopt dtherm
ida arat pln pts md_clear flush_l1d
vmx flags	: vnmi preemption_timer invvpid ept_x_only ept_ad ept_1gb
flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest ple shadow_vmcs
bugs		: cpu_meltdown spectre_v1 spectre_v2 spec_store_bypass l1tf mds swapgs
itlb_multihit srbds
bogomips	: 7183.94
clflush size	: 64
cache_alignment	: 64
address sizes	: 39 bits physical, 48 bits virtual
power management:
(+ same entries for processors 1-7)

[8.3.] Module information (from /proc/modules):
nfc 73728 0 - Live 0x0000000000000000
snd_soc_rt5640 114688 0 - Live 0x0000000000000000
regmap_i2c 16384 1 snd_soc_rt5640, Live 0x0000000000000000
snd_soc_rl6231 16384 1 snd_soc_rt5640, Live 0x0000000000000000
snd_soc_core 139264 1 snd_soc_rt5640, Live 0x0000000000000000
intel_rapl_msr 16384 0 - Live 0x0000000000000000
intel_rapl_common 20480 1 intel_rapl_msr, Live 0x0000000000000000
x86_pkg_temp_thermal 16384 0 - Live 0x0000000000000000
intel_powerclamp 16384 0 - Live 0x0000000000000000
coretemp 16384 0 - Live 0x0000000000000000
crct10dif_pclmul 16384 1 - Live 0x0000000000000000
crc32_pclmul 16384 0 - Live 0x0000000000000000
ghash_clmulni_intel 16384 0 - Live 0x0000000000000000
aesni_intel 368640 0 - Live 0x0000000000000000
snd_compress 20480 1 snd_soc_core, Live 0x0000000000000000
glue_helper 16384 1 aesni_intel, Live 0x0000000000000000
crypto_simd 16384 1 aesni_intel, Live 0x0000000000000000
cryptd 20480 2 ghash_clmulni_intel,crypto_simd, Live 0x0000000000000000

[8.4.] Loaded driver and hardware information (/proc/ioports, /proc/iomem)
cat /proc/ioports
0000-0000 : PCI Bus 0000:00
  0000-0000 : dma1
  0000-0000 : pic1
  0000-0000 : timer0
  0000-0000 : timer1
  0000-0000 : keyboard
  0000-0000 : keyboard
  0000-0000 : rtc0
  0000-0000 : dma page reg
  0000-0000 : pic2
  0000-0000 : dma2
  0000-0000 : fpu
    0000-0000 : PNP0C04:00
  0000-0000 : pnp 00:04
  0000-0000 : pnp 00:04
  0000-0000 : serial
  0000-0000 : pnp 00:05
  0000-0000 : pnp 00:01
  0000-0000 : pnp 00:04
0000-0000 : PCI conf1
0000-0000 : PCI Bus 0000:00
  0000-0000 : ACPI PM1a_EVT_BLK
  0000-0000 : ACPI PM1a_CNT_BLK
  0000-0000 : ACPI PM_TMR
  0000-0000 : ACPI GPE0_BLK
  0000-0000 : ACPI PM2_CNT_BLK
  0000-0000 : pnp 00:03
  0000-0000 : PCI Bus 0000:02
  0000-0000 : PCI Bus 0000:03
    0000-0000 : 0000:03:00.0
  0000-0000 : 0000:00:02.0
  0000-0000 : 0000:00:1f.3
  0000-0000 : 0000:00:1f.2
    0000-0000 : ahci
  0000-0000 : 0000:00:1f.2
    0000-0000 : ahci
  0000-0000 : 0000:00:1f.2
    0000-0000 : ahci
  0000-0000 : 0000:00:1f.2
    0000-0000 : ahci
  0000-0000 : 0000:00:1f.2
    0000-0000 : ahci

cat /proc/iomem
00000000-00000000 : Reserved
00000000-00000000 : System RAM
00000000-00000000 : Reserved
00000000-00000000 : System RAM
00000000-00000000 : Reserved
00000000-00000000 : PCI Bus 0000:00
00000000-00000000 : Video ROM
00000000-00000000 : PCI Bus 0000:00
00000000-00000000 : PCI Bus 0000:00
00000000-00000000 : PCI Bus 0000:00
00000000-00000000 : PCI Bus 0000:00
00000000-00000000 : System ROM
00000000-00000000 : System RAM
  00000000-00000000 : Kernel code
  00000000-00000000 : Kernel rodata
  00000000-00000000 : Kernel data
  00000000-00000000 : Kernel bss
00000000-00000000 : ACPI Non-volatile Storage
00000000-00000000 : System RAM
00000000-00000000 : Reserved
00000000-00000000 : System RAM
00000000-00000000 : Reserved
00000000-00000000 : ACPI Tables
00000000-00000000 : ACPI Non-volatile Storage
00000000-00000000 : Reserved
00000000-00000000 : Unknown E820 type
00000000-00000000 : System RAM
00000000-00000000 : RAM buffer
00000000-00000000 : Reserved
  00000000-00000000 : Graphics Stolen Memory
00000000-00000000 : PCI Bus 0000:00
  00000000-00000000 : PCI Bus 0000:02
  00000000-00000000 : PCI Bus 0000:02
  00000000-00000000 : 0000:00:02.0
  00000000-00000000 : PCI Bus 0000:03
    00000000-00000000 : 0000:03:00.0
  00000000-00000000 : 0000:00:02.0
  00000000-00000000 : PCI Bus 0000:03
    00000000-00000000 : 0000:03:00.0
      00000000-00000000 : r8169
  00000000-00000000 : 0000:00:14.0
    00000000-00000000 : xhci-hcd
  00000000-00000000 : 0000:00:1b.0
    00000000-00000000 : ICH HD audio
  00000000-00000000 : 0000:00:03.0
    00000000-00000000 : ICH HD audio
  00000000-00000000 : 0000:00:1f.3
  00000000-00000000 : 0000:00:1f.2
    00000000-00000000 : ahci
  00000000-00000000 : 0000:00:1d.0
    00000000-00000000 : ehci_hcd
  00000000-00000000 : 0000:00:1a.0
    00000000-00000000 : ehci_hcd
  00000000-00000000 : 0000:00:16.0
  00000000-00000000 : pnp 00:07
  00000000-00000000 : PCI MMCONFIG 0000 [bus 00-3f]
    00000000-00000000 : Reserved
      00000000-00000000 : pnp 00:07
00000000-00000000 : Reserved
  00000000-00000000 : IOAPIC 0
00000000-00000000 : Reserved
  00000000-00000000 : HPET 0
    00000000-00000000 : PNP0103:00
00000000-00000000 : pnp 00:07
00000000-00000000 : pnp 00:07
00000000-00000000 : pnp 00:07
00000000-00000000 : Reserved
  00000000-00000000 : pnp 00:07
00000000-00000000 : pnp 00:07
00000000-00000000 : pnp 00:00
00000000-00000000 : pnp 00:07
00000000-00000000 : pnp 00:07
00000000-00000000 : Local APIC
  00000000-00000000 : Reserved
00000000-00000000 : Reserved
  00000000-00000000 : INT0800:00
    00000000-00000000 : pnp 00:07
00000000-00000000 : System RAM
00000000-00000000 : RAM buffer

[8.5.] PCI information ('lspci -vvv' as root)
attached lspci-output
[8.6.] SCSI information (from /proc/scsi/scsi)
Attached devices:
Host: scsi0 Channel: 00 Id: 00 Lun: 00
  Vendor: ATA      Model: WDC WD10EADS-65M Rev: 0A01
  Type:   Direct-Access                    ANSI  SCSI revision: 05
Host: scsi2 Channel: 00 Id: 00 Lun: 00
  Vendor: ATA      Model: WDC WD10EZEX-08M Rev: 1A01
  Type:   Direct-Access                    ANSI  SCSI revision: 05
Host: scsi3 Channel: 00 Id: 00 Lun: 00
  Vendor: Optiarc  Model: DVD RW AD-7241S  Rev: 1.03
  Type:   CD-ROM                           ANSI  SCSI revision: 05

[8.7.] Other information that might be relevant to the problem
       (please look in /proc and include all information that you
       think to be relevant):
pleas ask if you need something more. I am not sure.

[X.] Other notes, patches, fixes, workarounds:
Other than the kernel (compiled with make deb-pkg), the system is debian sid
as of August 12th, around 10:00 UTC

Pierre Labastie

[1] http://www.linuxfromscratch.org/blfs