Hello, kernel test robot noticed "WARNING:at_mm/mmap.c:#vma_merge" on: commit: 75cd8305a0bd360c3fedaefce1801c13b58e2311 ("mm/mempolicy: fix use-after-free of VMA iterator") https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable-rc.git linux-6.2.y in testcase: trinity version: trinity-static-x86_64-x86_64-f93256fb_2019-08-28 with following parameters: runtime: 300s group: group-03 test-description: Trinity is a linux system call fuzz tester. test-url: http://codemonkey.org.uk/projects/trinity/ compiler: gcc-11 test machine: qemu-system-x86_64 -enable-kvm -cpu SandyBridge -smp 2 -m 16G (please refer to attached dmesg/kmsg for entire log/backtrace) If you fix the issue, kindly add following tag | Reported-by: kernel test robot | Link: https://lore.kernel.org/oe-lkp/202304292203.44ddeff6-oliver.sang@intel.com [ 243.207570][T13896] ------------[ cut here ]------------ [ 243.208292][T13896] WARNING: CPU: 0 PID: 13896 at mm/mmap.c:1027 vma_merge+0xa2/0x1ff [ 243.209400][T13896] Modules linked in: fuse tun can_bcm can_raw can cn scsi_transport_iscsi sr_mod cdrom [ 243.212203][T13896] CPU: 0 PID: 13896 Comm: trinity-c5 Not tainted 6.2.13-00004-g75cd8305a0bd #1 [ 243.213374][T13896] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.0-debian-1.16.0-5 04/01/2014 [ 243.217188][T13896] RIP: 0010:vma_merge+0xa2/0x1ff [ 243.219317][T13896] Code: 4c 89 ee e8 5f f1 ff ff 49 89 c7 e9 57 01 00 00 45 31 ff 4d 85 f6 74 14 4d 39 26 72 02 0f 0b 48 85 ed 74 08 4c 39 6d 08 73 02 <0f> 0b 4d 39 e5 77 02 0f 0b 4d 85 f6 75 04 31 db eb 3b 4d 39 66 08 [ 243.224749][T13896] RSP: 0018:ffffc900035f3d80 EFLAGS: 00010287 [ 243.225621][T13896] RAX: ffff88812c362000 RBX: 000000000000009c RCX: 000000000000000e [ 243.226772][T13896] RDX: 0000000000000000 RSI: 000000000000000e RDI: ffff88811f01ea80 [ 243.227942][T13896] RBP: ffff88812c362000 R08: ffff88812c362000 R09: ffffc900035f3d00 [ 243.229141][T13896] R10: ffff88812c362000 R11: ffff88811e54fc0c R12: 00007fa0cfd32000 [ 243.230309][T13896] R13: 00007fa0cfdce000 R14: ffff888138bf1a20 R15: ffff88812c362000 [ 243.231297][T13896] FS: 00000000010a2880(0000) GS:ffff88842fc00000(0000) knlGS:0000000000000000 [ 243.232281][T13896] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 243.233128][T13896] CR2: 00007fa0d0b5a8c8 CR3: 0000000132990000 CR4: 00000000000406f0 [ 243.234283][T13896] Call Trace: [ 243.236028][T13896] [ 243.236538][T13896] mbind_range+0x91/0x120 [ 243.237215][T13896] do_mbind+0x217/0x26a [ 243.237848][T13896] kernel_mbind+0x7c/0x9e [ 243.238482][T13896] do_syscall_64+0x71/0x84 [ 243.240472][T13896] entry_SYSCALL_64_after_hwframe+0x5e/0xc8 [ 243.242628][T13896] RIP: 0033:0x453b29 [ 243.244265][T13896] Code: 00 f3 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 3b 84 00 00 c3 66 2e 0f 1f 84 00 00 00 00 [ 243.272141][T13896] RSP: 002b:00007ffe90ad6568 EFLAGS: 00000246 ORIG_RAX: 00000000000000ed [ 243.273335][T13896] RAX: ffffffffffffffda RBX: 00000000000000ed RCX: 0000000000453b29 [ 243.274282][T13896] RDX: 0000000000000001 RSI: 00000000000de000 RDI: 00007fa0cfcf0000 [ 243.279694][T13896] RBP: 00007ffe90ad6610 R08: 0000000000008000 R09: 0000000000000000 [ 243.280918][T13896] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 243.283680][T13896] R13: 00007fa0cfe02058 R14: 00000000010a2830 R15: 00007fa0cfe02000 [ 243.286212][T13896] [ 243.287250][T13896] ---[ end trace 0000000000000000 ]--- To reproduce: # build kernel cd linux cp config-6.2.13-00004-g75cd8305a0bd .config make HOSTCC=gcc-11 CC=gcc-11 ARCH=x86_64 olddefconfig prepare modules_prepare bzImage modules make HOSTCC=gcc-11 CC=gcc-11 ARCH=x86_64 INSTALL_MOD_PATH= modules_install cd find lib/ | cpio -o -H newc --quiet | gzip > modules.cgz git clone https://github.com/intel/lkp-tests.git cd lkp-tests bin/lkp qemu -k -m modules.cgz job-script # job-script is attached in this email # if come across any failure that blocks the test, # please remove ~/.lkp and /lkp dir to run from a clean state. -- 0-DAY CI Kernel Test Service https://github.com/intel/lkp-tests