FYI, we noticed the following commit (built with gcc-6): commit: 7ae76449bd30c850421db82844cfce9dc60a5bfe ("mm/vmalloc.c: keep track of free blocks for vmap allocation") https://git.kernel.org/cgit/linux/kernel/git/next/linux-next.git master in testcase: trinity with following parameters: runtime: 300s test-description: Trinity is a linux system call fuzz tester. test-url: http://codemonkey.org.uk/projects/trinity/ on test machine: qemu-system-x86_64 -enable-kvm -cpu SandyBridge -smp 2 -m 2G caused below changes (please refer to attached dmesg/kmsg for entire log/backtrace): +------------------------------------------+------------+------------+ | | 7a866571a8 | 7ae76449bd | +------------------------------------------+------------+------------+ | boot_successes | 12 | 0 | | boot_failures | 0 | 12 | | kernel_BUG_at_lib/list_debug.c | 0 | 12 | | invalid_opcode:#[##] | 0 | 12 | | RIP:__list_add_valid | 0 | 12 | | Kernel_panic-not_syncing:Fatal_exception | 0 | 12 | +------------------------------------------+------------+------------+ [ 0.391862] kernel BUG at lib/list_debug.c:28! [ 0.392842] invalid opcode: 0000 [#1] PREEMPT PTI [ 0.394813] CPU: 0 PID: 1 Comm: swapper Not tainted 5.1.0-rc2-00363-g7ae7644 #1 [ 0.395722] RIP: 0010:__list_add_valid+0x4a/0x70 [ 0.395722] Code: 00 00 00 c3 48 89 d1 48 c7 c7 20 b4 f6 81 4c 89 c2 e8 33 be e3 ff 0f 0b 4c 89 c1 48 89 c6 48 c7 c7 a0 b4 f6 81 e8 1f be e3 ff <0f> 0b 48 89 f2 48 89 c1 48 89 fe 48 c7 c7 f8 b4 f6 81 e8 08 be e3 [ 0.395722] RSP: 0000:ffff888079063bf0 EFLAGS: 00010086 [ 0.395722] RAX: 0000000000000075 RBX: ffff8880790f9f98 RCX: 0000000000000000 [ 0.395722] RDX: 0000000000000000 RSI: 000000001750044f RDI: 00000000ffffffff [ 0.395722] RBP: 0000000000000068 R08: 0000000000000004 R09: 0000000000000000 [ 0.395722] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000dc0 [ 0.395722] R13: ffffffff82413b10 R14: ffffffff82413b10 R15: ffffea0001a7bb50 [ 0.395722] FS: 0000000000000000(0000) GS:ffffffff82231000(0000) knlGS:0000000000000000 [ 0.395722] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 0.395722] CR2: 0000000000000000 CR3: 0000000002220000 CR4: 00000000000406b0 [ 0.395722] Call Trace: [ 0.395722] slob_alloc+0x1c9/0x240 [ 0.395722] kmem_cache_alloc+0x70/0x80 [ 0.395722] acpi_ps_alloc_op+0xc0/0xca [ 0.395722] acpi_ps_get_next_arg+0x3fa/0x6ed [ 0.395722] acpi_ps_parse_loop+0x45d/0x87c [ 0.395722] acpi_ps_parse_aml+0x1a6/0x54a [ 0.395722] acpi_ps_execute_table+0xc9/0x12a [ 0.395722] acpi_ns_execute_table+0x251/0x2fc [ 0.395722] ? set_debug_rodata+0xc/0xc [ 0.395722] acpi_ns_parse_table+0x6e/0x9a [ 0.395722] acpi_ns_load_table+0x8c/0x1b9 [ 0.395722] acpi_tb_load_namespace+0xc9/0x273 [ 0.395722] ? acpi_sleep_proc_init+0x1f/0x1f [ 0.395722] ? set_debug_rodata+0xc/0xc [ 0.395722] acpi_load_tables+0x65/0xc0 [ 0.395722] ? acpi_sleep_proc_init+0x1f/0x1f [ 0.395722] acpi_init+0x7b/0x326 [ 0.395722] ? kset_register+0x2b/0x40 [ 0.395722] ? kset_create_and_add+0x63/0x90 [ 0.395722] ? pci_create_slot+0x270/0x270 [ 0.395722] ? acpi_sleep_proc_init+0x1f/0x1f [ 0.395722] do_one_initcall+0x45/0x1b0 [ 0.395722] ? set_debug_rodata+0xc/0xc [ 0.395722] kernel_init_freeable+0x123/0x1ab [ 0.395722] ? rest_init+0x130/0x130 [ 0.395722] kernel_init+0x5/0x100 [ 0.395722] ret_from_fork+0x1f/0x30 [ 0.395722] Modules linked in: [ 0.395722] ---[ end trace 83af5a28bbf5641b ]--- To reproduce: # build kernel cd linux cp config-5.1.0-rc2-00363-g7ae7644 .config make HOSTCC=gcc-6 CC=gcc-6 ARCH=x86_64 olddefconfig make HOSTCC=gcc-6 CC=gcc-6 ARCH=x86_64 prepare make HOSTCC=gcc-6 CC=gcc-6 ARCH=x86_64 modules_prepare make HOSTCC=gcc-6 CC=gcc-6 ARCH=x86_64 SHELL=/bin/bash make HOSTCC=gcc-6 CC=gcc-6 ARCH=x86_64 bzImage git clone https://github.com/intel/lkp-tests.git cd lkp-tests bin/lkp qemu -k <bzImage> job-script # job-script is attached in this email Thanks, lkp