Hello, FYI this happens in mainline kernel 4.17.0-rc1. It looks like a new regression. It occurs in 4 out of 4 boots. [ 12.345562] Write protecting the kernel text: 14376k [ 12.346649] Write protecting the kernel read-only data: 4740k [ 12.347584] rodata_test: all tests were successful [ 12.348499] ------------[ cut here ]------------ [ 12.349193] attempted to set unsupported pgprot: 8000000000000025 bits: 8000000000000000 supported: 7fffffffffffffff [ 12.350792] WARNING: CPU: 0 PID: 1 at arch/x86/include/asm/pgtable.h:540 handle_mm_fault+0xfc1/0xfe0: check_pgprot at arch/x86/include/asm/pgtable.h:535 (inlined by) pfn_pte at arch/x86/include/asm/pgtable.h:549 (inlined by) do_anonymous_page at mm/memory.c:3169 (inlined by) handle_pte_fault at mm/memory.c:3961 (inlined by) __handle_mm_fault at mm/memory.c:4087 (inlined by) handle_mm_fault at mm/memory.c:4124 [ 12.352294] CPU: 0 PID: 1 Comm: swapper/0 Not tainted 4.17.0-rc1 #172 [ 12.353357] EIP: handle_mm_fault+0xfc1/0xfe0: check_pgprot at arch/x86/include/asm/pgtable.h:535 (inlined by) pfn_pte at arch/x86/include/asm/pgtable.h:549 (inlined by) do_anonymous_page at mm/memory.c:3169 (inlined by) handle_pte_fault at mm/memory.c:3961 (inlined by) __handle_mm_fault at mm/memory.c:4087 (inlined by) handle_mm_fault at mm/memory.c:4124 [ 12.354047] EFLAGS: 00210296 CPU: 0 [ 12.354581] EAX: 00000068 EBX: 80000000 ECX: 00000002 EDX: 00000038 [ 12.362768] ESI: 00000025 EDI: cc679000 EBP: cf02de70 ESP: cf02ddf0 [ 12.363657] DS: 007b ES: 007b FS: 00d8 GS: 00e0 SS: 0068 [ 12.364458] CR0: 80050033 CR2: c1e1e110 CR3: 024a6000 CR4: 000006b0 [ 12.365413] Call Trace: [ 12.365885] ? touch_atime+0x5e/0xa0: touch_atime at include/linux/fs.h:1502 [ 12.366451] __get_user_pages+0x104/0x3a0: faultin_page at mm/gup.c:503 (inlined by) __get_user_pages at mm/gup.c:699 [ 12.374172] get_user_pages_remote+0xf3/0x1c0: __get_user_pages_locked at mm/gup.c:872 (inlined by) get_user_pages_remote at mm/gup.c:1062 [ 12.374959] copy_strings+0x12d/0x380: get_arg_page at fs/exec.c:218 (inlined by) copy_strings at fs/exec.c:557 [ 12.375478] copy_strings_kernel+0x26/0x40: set_fs at arch/x86/include/asm/uaccess.h:32 (inlined by) copy_strings_kernel at fs/exec.c:603 [ 12.376087] do_execveat_common+0x486/0x6a0: do_execveat_common at fs/exec.c:1803 [ 12.376718] ? rest_init+0x100/0x100: kernel_init at init/main.c:1050 [ 12.377275] do_execve+0x14/0x20: do_execve at fs/exec.c:1863 [ 12.377769] run_init_process+0x1c/0x20: run_init_process at init/main.c:1006 [ 12.378364] kernel_init+0x46/0x100: kernel_init at init/main.c:1067 [ 12.378876] ret_from_fork+0x2e/0x40: ret_from_fork at arch/x86/entry/entry_32.S:311 [ 12.379408] Code: ff c6 05 55 fc 3b c2 01 52 50 8b 5d b0 89 4d a0 31 f3 89 d8 8b 5d b4 31 cb 53 50 ff 75 b4 ff 75 b0 68 18 b0 15 c2 e8 bf cc f0 ff <0f> 0b 8b 4d a0 83 c4 1c 89 75 b0 89 4d b4 e9 ee fa ff ff be 02 [ 12.382173] ---[ end trace 0276fe2191187186 ]--- [ 12.383485] ------------[ cut here ]------------ [ 12.383485] ------------[ cut here ]------------ [ 12.384245] attempted to set unsupported pgprot: 8000000000000025 bits: 8000000000000000 supported: 7fffffffffffffff [ 12.391613] WARNING: CPU: 0 PID: 1 at arch/x86/include/asm/pgtable.h:540 change_protection_range+0x721/0x8a0: check_pgprot at arch/x86/include/asm/pgtable.h:535 (inlined by) pte_modify at arch/x86/include/asm/pgtable.h:573 (inlined by) change_pte_range at mm/mprotect.c:114 (inlined by) change_pmd_range at mm/mprotect.c:210 (inlined by) change_pud_range at mm/mprotect.c:238 (inlined by) change_p4d_range at mm/mprotect.c:258 (inlined by) change_protection_range at mm/mprotect.c:283 [ 12.393324] CPU: 0 PID: 1 Comm: init Tainted: G W 4.17.0-rc1 #172 [ 12.394400] EIP: change_protection_range+0x721/0x8a0: check_pgprot at arch/x86/include/asm/pgtable.h:535 (inlined by) pte_modify at arch/x86/include/asm/pgtable.h:573 (inlined by) change_pte_range at mm/mprotect.c:114 (inlined by) change_pmd_range at mm/mprotect.c:210 (inlined by) change_pud_range at mm/mprotect.c:238 (inlined by) change_p4d_range at mm/mprotect.c:258 (inlined by) change_protection_range at mm/mprotect.c:283 [ 12.395106] EFLAGS: 00010292 CPU: 0 [ 12.395607] EAX: 00000068 EBX: 00000000 ECX: 00000003 EDX: 00000054 [ 12.396527] ESI: b7f40000 EDI: cc67ea00 EBP: cf02df10 ESP: cf02de60 [ 12.397472] DS: 007b ES: 007b FS: 00d8 GS: 00e0 SS: 0068 [ 12.398286] CR0: 80050033 CR2: b7f40dc4 CR3: 0c698000 CR4: 000006b0 [ 12.399207] Call Trace: [ 12.399582] mprotect_fixup+0xba/0x240: mprotect_fixup at mm/mprotect.c:389 [ 12.400109] sys_mprotect+0x13d/0x220: do_mprotect_pkey at mm/mprotect.c:507 (inlined by) __do_sys_mprotect at mm/mprotect.c:531 (inlined by) __se_sys_mprotect at mm/mprotect.c:528 [ 12.400637] do_int80_syscall_32+0x49/0x140: do_syscall_32_irqs_on at arch/x86/entry/common.c:331 (inlined by) do_int80_syscall_32 at arch/x86/entry/common.c:346 [ 12.401250] entry_INT80_32+0x31/0x31: restore_all at arch/x86/entry/entry_32.S:551 [ 12.401802] EIP: 0xb7f858fd [ 12.402237] EFLAGS: 00000206 CPU: 0 [ 12.402761] EAX: ffffffda EBX: b7f40000 ECX: 00001000 EDX: 00000001 [ 12.403681] ESI: b7f7d8b0 EDI: b7f7d8b0 EBP: bff7cd94 ESP: bff7cd88 [ 12.404633] DS: 007b ES: 007b FS: 0000 GS: 0033 SS: 007b [ 12.405416] Code: 89 9d 74 ff ff ff 8b 45 88 89 85 78 ff ff ff ff b5 78 ff ff ff ff b5 74 ff ff ff ff 75 0c ff 75 08 68 18 b0 15 c2 e8 9f 48 f0 ff <0f> 0b 83 c4 1c 8b 85 70 ff ff ff 8b 95 6c ff ff ff e9 27 fe ff [ 12.408185] ---[ end trace 0276fe2191187187 ]--- [ 12.422790] init: Console is alive Attached the full dmesg, kconfig and reproduce scripts. Thanks, Fengguang