FYI, we noticed the following commit (built with gcc-7): commit: 2533a63618fcfd5fb0c7bb7549913e173a1908af ("x86/mm/kasan: Don't use vmemmap_populate() to initialize shadow") https://git.kernel.org/cgit/linux/kernel/git/next/linux-next.git master in testcase: trinity with following parameters: runtime: 300s test-description: Trinity is a linux system call fuzz tester. test-url: http://codemonkey.org.uk/projects/trinity/ on test machine: qemu-system-x86_64 -enable-kvm -cpu SandyBridge -m 512M caused below changes (please refer to attached dmesg/kmsg for entire log/backtrace): +--------------------------------------------+------------+------------+ | | fe9e139482 | 2533a63618 | +--------------------------------------------+------------+------------+ | boot_successes | 56 | 0 | | boot_failures | 0 | 65 | | BUG:KASAN:use-after-scope_in__lock_acquire | 0 | 65 | +--------------------------------------------+------------+------------+ [ 0.003333] BUG: KASAN: use-after-scope in __lock_acquire+0x19a0/0x20d6 [ 0.003333] BUG: KASAN: use-after-scope in __lock_acquire+0x19a0/0x20d6 [ 0.003333] Write of size 64 at addr ffffffff83007510 by task swapper/0 [ 0.003333] Write of size 64 at addr ffffffff83007510 by task swapper/0 [ 0.003333] [ 0.003333] [ 0.003333] CPU: 0 PID: 0 Comm: swapper Not tainted 4.14.0-00072-g2533a636 #1 [ 0.003333] CPU: 0 PID: 0 Comm: swapper Not tainted 4.14.0-00072-g2533a636 #1 [ 0.003333] Call Trace: [ 0.003333] Call Trace: [ 0.003333] dump_stack+0x106/0x1ca [ 0.003333] dump_stack+0x106/0x1ca [ 0.003333] ? arch_local_irq_restore+0xd/0xd [ 0.003333] ? arch_local_irq_restore+0xd/0xd [ 0.003333] ? printk+0x8f/0xab [ 0.003333] ? printk+0x8f/0xab [ 0.003333] ? cpumask_weight+0x49/0x49 [ 0.003333] ? cpumask_weight+0x49/0x49 [ 0.003333] ? __lock_acquire+0x19a0/0x20d6 [ 0.003333] ? __lock_acquire+0x19a0/0x20d6 [ 0.003333] print_address_description+0x86/0x226 [ 0.003333] print_address_description+0x86/0x226 [ 0.003333] ? __lock_acquire+0x19a0/0x20d6 [ 0.003333] ? __lock_acquire+0x19a0/0x20d6 [ 0.003333] kasan_report+0x21e/0x247 [ 0.003333] kasan_report+0x21e/0x247 [ 0.003333] __asan_report_store_n_noabort+0x12/0x14 [ 0.003333] __asan_report_store_n_noabort+0x12/0x14 [ 0.003333] __lock_acquire+0x19a0/0x20d6 [ 0.003333] __lock_acquire+0x19a0/0x20d6 [ 0.003333] ? debug_show_all_locks+0x37c/0x37c [ 0.003333] ? debug_show_all_locks+0x37c/0x37c [ 0.003333] ? debug_show_all_locks+0x37c/0x37c [ 0.003333] ? debug_show_all_locks+0x37c/0x37c [ 0.003333] ? put_dec+0x6c/0x73 [ 0.003333] ? put_dec+0x6c/0x73 [ 0.003333] ? do_raw_spin_trylock+0x15b/0x15b [ 0.003333] ? do_raw_spin_trylock+0x15b/0x15b [ 0.003333] ? down_trylock+0x49/0x60 [ 0.003333] ? down_trylock+0x49/0x60 [ 0.003333] lock_acquire+0xd6/0x12f [ 0.003333] lock_acquire+0xd6/0x12f [ 0.003333] ? lock_acquire+0xd6/0x12f [ 0.003333] ? lock_acquire+0xd6/0x12f [ 0.003333] ? console_unlock+0x232/0x608 [ 0.003333] ? console_unlock+0x232/0x608 [ 0.003333] _raw_spin_lock+0x2d/0x3c [ 0.003333] _raw_spin_lock+0x2d/0x3c [ 0.003333] ? console_unlock+0x232/0x608 [ 0.003333] ? console_unlock+0x232/0x608 [ 0.003333] console_unlock+0x232/0x608 [ 0.003333] console_unlock+0x232/0x608 [ 0.003333] ? vprintk_emit+0x2b5/0x2cf [ 0.003333] ? vprintk_emit+0x2b5/0x2cf [ 0.003333] vprintk_emit+0x2be/0x2cf [ 0.003333] vprintk_emit+0x2be/0x2cf [ 0.003333] vprintk_default+0x18/0x1a [ 0.003333] vprintk_default+0x18/0x1a [ 0.003333] vprintk_func+0xb5/0xbe [ 0.003333] vprintk_func+0xb5/0xbe [ 0.003333] printk+0x8f/0xab [ 0.003333] printk+0x8f/0xab [ 0.003333] ? cpumask_weight+0x49/0x49 [ 0.003333] ? cpumask_weight+0x49/0x49 [ 0.003333] ? arch_local_save_flags+0xb/0xd [ 0.003333] ? arch_local_save_flags+0xb/0xd [ 0.003333] ? trace_hardirqs_off_caller+0xd1/0x217 [ 0.003333] ? trace_hardirqs_off_caller+0xd1/0x217 [ 0.003333] mp_register_ioapic+0xad9/0xb7f [ 0.003333] mp_register_ioapic+0xad9/0xb7f [ 0.003333] ? mp_map_gsi_to_irq+0x68/0x68 [ 0.003333] ? mp_map_gsi_to_irq+0x68/0x68 [ 0.003333] ? acpi_os_map_memory+0x9/0xb [ 0.003333] ? acpi_os_map_memory+0x9/0xb [ 0.003333] ? acpi_tb_acquire_table+0xb6/0x1de [ 0.003333] ? acpi_tb_acquire_table+0xb6/0x1de [ 0.003333] acpi_parse_ioapic+0x2ee/0x31a [ 0.003333] acpi_parse_ioapic+0x2ee/0x31a [ 0.003333] ? acpi_tb_validate_table+0x4a/0x82 [ 0.003333] ? acpi_tb_validate_table+0x4a/0x82 [ 0.003333] ? acpi_parse_nmi_src+0x5f/0x5f [ 0.003333] ? acpi_parse_nmi_src+0x5f/0x5f [ 0.003333] ? acpi_ut_release_mutex+0xb5/0xbf [ 0.003333] ? acpi_ut_release_mutex+0xb5/0xbf [ 0.003333] ? acpi_get_table+0x164/0x17c [ 0.003333] ? acpi_get_table+0x164/0x17c [ 0.003333] acpi_table_parse_entries_array+0x383/0x499 [ 0.003333] acpi_table_parse_entries_array+0x383/0x499 [ 0.003333] ? acpi_parse_apic_instance+0x3c/0x3c [ 0.003333] ? acpi_parse_apic_instance+0x3c/0x3c [ 0.003333] ? acpi_ut_release_mutex+0xb5/0xbf [ 0.003333] ? acpi_ut_release_mutex+0xb5/0xbf [ 0.003333] ? acpi_put_table+0xcc/0xd8 [ 0.003333] ? acpi_put_table+0xcc/0xd8 [ 0.003333] ? acpi_parse_nmi_src+0x5f/0x5f [ 0.003333] ? acpi_parse_nmi_src+0x5f/0x5f [ 0.003333] acpi_table_parse_entries+0x14f/0x17b [ 0.003333] acpi_table_parse_entries+0x14f/0x17b [ 0.003333] ? acpi_table_parse_entries_array+0x499/0x499 [ 0.003333] ? acpi_table_parse_entries_array+0x499/0x499 [ 0.003333] ? acpi_parse_nmi_src+0x5f/0x5f [ 0.003333] ? acpi_parse_nmi_src+0x5f/0x5f To reproduce: git clone https://github.com/intel/lkp-tests.git cd lkp-tests bin/lkp qemu -k <bzImage> job-script # job-script is attached in this email Thanks, Xiaolong