FYI, we noticed the following commit: commit: 538463ac2c80ed4fd046af8ed55daa06a59d1a68 ("mm, page_alloc: Split buffered_rmqueue") https://git.kernel.org/pub/scm/linux/kernel/git/mel/linux.git mm-pagealloc-noirq-percpu-v2r5 in testcase: trinity with following parameters: runtime: 300s test-description: Trinity is a linux system call fuzz tester. test-url: http://codemonkey.org.uk/projects/trinity/ on test machine: qemu-system-x86_64 -enable-kvm -m 320M caused below changes (please refer to attached dmesg/kmsg for entire log/backtrace): +------------------------------------------------------------------+-----------+------------+ | | v4.10-rc4 | 538463ac2c | +------------------------------------------------------------------+-----------+------------+ | boot_successes | 134 | 30 | | boot_failures | 93 | 22 | | BUG:kernel_reboot-without-warning_in_test_stage | 30 | | | BUG:kernel_hang_in_test_stage | 3 | | | invoked_oom-killer:gfp_mask=0x | 60 | 6 | | Mem-Info | 60 | 6 | | Out_of_memory:Kill_process | 17 | 3 | | Kernel_panic-not_syncing:Out_of_memory_and_no_killable_processes | 2 | | | kernel_BUG_at_mm/page_alloc.c | 0 | 14 | | invalid_opcode:#[##]SMP_KASAN | 0 | 14 | | Kernel_panic-not_syncing:Fatal_exception | 0 | 16 | | BUG:unable_to_handle_kernel | 0 | 2 | | Oops | 0 | 2 | +------------------------------------------------------------------+-----------+------------+ [ 43.254567] raw: 0000000000000000 58870a6700000000 0000000000000000 0000000000000400 [ 43.257945] page dumped because: VM_BUG_ON_PAGE(bad_range(zone, page)) [ 43.260281] ------------[ cut here ]------------ [ 43.262237] kernel BUG at mm/page_alloc.c:2702! [ 43.264536] invalid opcode: 0000 [#1] SMP KASAN [ 43.266439] CPU: 0 PID: 59 Comm: kswapd0 Not tainted 4.10.0-rc4-00001-g538463a #2 [ 43.269762] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.9.3-20161025_171302-gandalf 04/01/2014 [ 43.273649] task: ffff88000d480000 task.stack: ffff88000df58000 [ 43.275864] RIP: 0010:get_page_from_freelist+0x5df/0x720 [ 43.277926] RSP: 0000:ffff88000df5f290 EFLAGS: 00010086 [ 43.279969] RAX: 0000000000000000 RBX: ffffffff82af1000 RCX: 0000000000000006 [ 43.282416] RDX: 0000000000000007 RSI: 0000000000000007 RDI: ffff88000fe17a60 [ 43.284871] RBP: ffff88000df5f3e0 R08: 0000000000000001 R09: 0000000000000001 [ 43.287317] R10: 0000000000000001 R11: 0000000000000198 R12: ffff88000df5f4b0 [ 43.289767] R13: ffffffff82afd000 R14: 0000000000000000 R15: 0000000000000004 [ 43.292232] FS: 0000000000000000(0000) GS:ffff88000fe00000(0000) knlGS:0000000000000000 [ 43.295674] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 43.297832] CR2: 0000000008bc4000 CR3: 000000000a647000 CR4: 00000000000006f0 [ 43.300286] Call Trace: [ 43.301739] ? T.2204+0x11d/0x130 [ 43.303385] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 43.305300] ? kasan_unpoison_shadow+0x1e/0x50 To reproduce: git clone git://git.kernel.org/pub/scm/linux/kernel/git/wfg/lkp-tests.git cd lkp-tests bin/lkp qemu -k <bzImage> job-script # job-script is attached in this email Thanks, Xiaolong