FYI, we noticed the following commit: https://github.com/0day-ci/linux Andrea-Arcangeli/mm-vma_merge-fix-vm_page_prot-SMP-race-condition-against-rmap_walk/20160920-022739 commit 2129957506a96179654b0c1aa2bc4f03da59bde8 ("mm: vma_merge: fix vm_page_prot SMP race condition against rmap_walk") in testcase: trinity with following parameters: runtime: 300s Trinity is a linux system call fuzz tester. on test machine: qemu-system-i386 -enable-kvm -smp 2 -m 320M caused below changes: +------------------------------------------+------------+------------+ | | 3b5629cd1e | 2129957506 | +------------------------------------------+------------+------------+ | boot_successes | 7 | 4 | | boot_failures | 1 | 4 | | invoked_oom-killer:gfp_mask=0x | 1 | | | Mem-Info | 1 | | | kernel_BUG_at_mm/mmap.c | 0 | 4 | | invalid_opcode:#[##]DEBUG_PAGEALLOC | 0 | 4 | | EIP_is_at_validate_mm_rb | 0 | 4 | | calltrace:SyS_mprotect | 0 | 4 | | Kernel_panic-not_syncing:Fatal_exception | 0 | 4 | +------------------------------------------+------------+------------+ [ 40.024169] pgoff b7779 file (null) private_data (null) [ 40.024169] flags: 0x200173(read|write|mayread|maywrite|mayexec|growsdown|noreserve) [ 40.026758] ------------[ cut here ]------------ [ 40.027167] kernel BUG at mm/mmap.c:329! [ 40.027647] invalid opcode: 0000 [#1] DEBUG_PAGEALLOC [ 40.028093] CPU: 0 PID: 248 Comm: trinity-main Not tainted 4.8.0-rc6-mm1-00268-g2129957 #52 [ 40.028817] task: d0a08040 task.stack: d0a0a000 [ 40.029219] EIP: 0060:[<c10cfbff>] EFLAGS: 00010296 CPU: 0 [ 40.029706] EIP is at validate_mm_rb+0x29/0x3d [ 40.030094] EAX: 000000f3 EBX: d2714a30 ECX: c1ccf134 EDX: c1cc99a4 [ 40.030639] ESI: d2714a20 EDI: d2714600 EBP: d0a0be5c ESP: d0a0be50 [ 40.031185] DS: 007b ES: 007b FS: 0000 GS: 00e0 SS: 0068 [ 40.031655] CR0: 80050033 CR2: 0912704c CR3: 11d88860 CR4: 000006b0 [ 40.032197] DR0: 00000000 DR1: 00000000 DR2: 00000000 DR3: 00000000 [ 40.032728] DR6: fffe0ff0 DR7: 00000400 [ 40.033073] Stack: [ 40.033255] d2714600 d2714a20 d2714a20 d0a0be80 c10cfdb4 c89ade60 00000009 d2714600 [ 40.034022] d1b6d324 d2714600 d2714a20 d2714a20 d0a0bed8 c10d03bf d0a0be94 00000000 [ 40.034787] d2714a60 0100bea0 b7779000 00000000 00000000 00000000 00000000 b777b000 [ 40.035550] Call Trace: [ 40.035769] [<c10cfdb4>] vma_rb_erase+0x19/0x17a [ 40.036178] [<c10d03bf>] __vma_adjust+0x380/0x5ba [ 40.036598] [<c10655d9>] ? __lock_acquire+0x579/0x63f [ 40.037041] [<c10d0911>] vma_merge+0x1e3/0x21e [ 40.037437] [<c10d30c8>] mprotect_fixup+0xc4/0x1d8 [ 40.037859] [<c10d332d>] do_mprotect_pkey+0x151/0x1a5 [ 40.038303] [<c10d3394>] SyS_mprotect+0x13/0x15 [ 40.038706] [<c1002a5b>] do_int80_syscall_32+0x59/0x12b [ 40.039168] [<c1722746>] entry_INT80_32+0x36/0x36 [ 40.039588] Code: 5d c3 55 89 e5 57 56 53 89 d7 e8 48 59 0b 00 eb 23 8d 73 f0 39 fe 74 15 89 f0 e8 ab fb ff ff 39 43 0c 74 09 89 f0 e8 f7 7c ff ff <0f> 0b 89 d8 e8 4f 59 0b 00 85 c0 89 c3 75 d7 5b 5e 5f 5d c3 55 [ 40.042000] EIP: [<c10cfbff>] validate_mm_rb+0x29/0x3d SS:ESP 0068:d0a0be50 [ 40.042654] ---[ end trace 8d8d0f9da09a78ba ]--- [ 40.047837] Kernel panic - not syncing: Fatal exception To reproduce: git clone git://git.kernel.org/pub/scm/linux/kernel/git/wfg/lkp-tests.git cd lkp-tests bin/lkp install job.yaml # job file is attached in this email bin/lkp run job.yaml Thanks, Xiaolong