Greeting, FYI, we noticed the following commit (built with gcc-9): commit: b922393a2c5c06b9262c46d5f7d3682a5b9f70d4 ("RFC: dma-buf: Require VM_SPECIAL vma for mmap") https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git Daniel-Vetter/RFC-dma-buf-Require-VM_SPECIAL-vma-for-mmap/20210204-052229 in testcase: igt version: igt-x86_64-e230cd8d-1_20210106 with following parameters: group: group-06 ucode: 0xe2 on test machine: 8 threads Intel(R) Core(TM) i7-6700 CPU @ 3.40GHz with 28G memory caused below changes (please refer to attached dmesg/kmsg for entire log/backtrace): If you fix the issue, kindly add following tag Reported-by: kernel test robot [ 615.523538] WARNING: CPU: 1 PID: 6792 at drivers/dma-buf/dma-buf.c:136 dma_buf_mmap_internal (kbuild/src/consumer/drivers/dma-buf/dma-buf.c:136 (discriminator 1)) [ 615.528827] Subtest atomic-pipe-F-tiling-yf: SKIP [ 615.529645] Modules linked in: i915 drm_kms_helper drm ipmi_devintf ipmi_msghandler btrfs [ 615.538950] [ 615.543650] blake2b_generic xor zstd_compress raid6_pq libcrc32c sd_mod t10_pi [ 615.553212] 2021-02-04 20:38:34 build/tests/prime_mmap_kms --run-subtest buffer-sharing [ 615.553344] sg [ 615.560620] [ 615.568616] intel_rapl_msr intel_rapl_common x86_pkg_temp_thermal intel_powerclamp coretemp kvm_intel intel_gtt kvm syscopyarea irqbypass crct10dif_pclmul sysfillrect crc32_pclmul crc32c_intel sysimgblt ahci ghash_clmulni_intel mei_wdt dell_wmi libahci fb_sys_fops rapl mei_me dell_smbios intel_cstate wmi_bmof sparse_keymap dell_wmi_descriptor i2c_i801 dcdbas i2c_smbus libata intel_uncore mei joydev intel_pch_thermal wmi video intel_pmc_core acpi_pad ip_tables [last unloaded: drm] [ 615.614440] CPU: 1 PID: 6792 Comm: prime_mmap_kms Tainted: G I 5.11.0-rc1-00007-gb922393a2c5c #1 [ 615.624521] Hardware name: Dell Inc. OptiPlex 7040/0Y7WYT, BIOS 1.2.8 01/26/2016 [ 615.631923] RIP: 0010:dma_buf_mmap_internal (kbuild/src/consumer/drivers/dma-buf/dma-buf.c:136 (discriminator 1)) [ 615.636986] Code: 46 08 48 2b 06 48 c1 e8 0c 48 c1 ea 0c 48 03 86 98 00 00 00 48 39 d0 77 1b e8 d6 03 69 00 48 f7 43 50 00 44 04 10 74 02 5b c3 <0f> 0b 5b c3 b8 ea ff ff ff c3 b8 ea ff ff ff 5b c3 66 66 2e 0f 1f All code ======== 0: 46 08 48 2b rex.RX or %r9b,0x2b(%rax) 4: 06 (bad) 5: 48 c1 e8 0c shr $0xc,%rax 9: 48 c1 ea 0c shr $0xc,%rdx d: 48 03 86 98 00 00 00 add 0x98(%rsi),%rax 14: 48 39 d0 cmp %rdx,%rax 17: 77 1b ja 0x34 19: e8 d6 03 69 00 callq 0x6903f4 1e: 48 f7 43 50 00 44 04 testq $0x10044400,0x50(%rbx) 25: 10 26: 74 02 je 0x2a 28: 5b pop %rbx 29: c3 retq 2a:* 0f 0b ud2 <-- trapping instruction 2c: 5b pop %rbx 2d: c3 retq 2e: b8 ea ff ff ff mov $0xffffffea,%eax 33: c3 retq 34: b8 ea ff ff ff mov $0xffffffea,%eax 39: 5b pop %rbx 3a: c3 retq 3b: 66 data16 3c: 66 data16 3d: 2e cs 3e: 0f .byte 0xf 3f: 1f (bad) Code starting with the faulting instruction =========================================== 0: 0f 0b ud2 2: 5b pop %rbx 3: c3 retq 4: b8 ea ff ff ff mov $0xffffffea,%eax 9: c3 retq a: b8 ea ff ff ff mov $0xffffffea,%eax f: 5b pop %rbx 10: c3 retq 11: 66 data16 12: 66 data16 13: 2e cs 14: 0f .byte 0xf 15: 1f (bad) [ 615.655745] RSP: 0018:ffffc900013ffd98 EFLAGS: 00010246 [ 615.660968] RAX: 0000000000000000 RBX: ffff8887580ee3e8 RCX: 00000000601c5b4b [ 615.668101] RDX: 00007f840ba00000 RSI: 0000000000000001 RDI: ffff888757b34800 [ 615.675232] RBP: 00000000000000d1 R08: ffff888757b34800 R09: 0000000000015428 [ 615.682362] R10: 00007f840bbfe000 R11: ffff8882013c28c0 R12: ffff8882013c28b8 [ 615.689493] R13: ffff88874588eec0 R14: ffff8887580ee3e8 R15: ffff8882013c2898 [ 615.696624] FS: 00007f840816cc00(0000) GS:ffff888759c40000(0000) knlGS:0000000000000000 [ 615.704710] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 615.710460] CR2: 00007f840bc742a0 CR3: 00000001c9ee0001 CR4: 00000000003706e0 [ 615.717601] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 615.724744] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 615.731893] Call Trace: [ 615.734356] mmap_region (kbuild/src/consumer/mm/mmap.c:1808) [ 615.737935] do_mmap (kbuild/src/consumer/mm/mmap.c:1583) [ 615.741161] ? security_mmap_file (kbuild/src/consumer/security/security.c:1523) [ 615.745343] vm_mmap_pgoff (kbuild/src/consumer/include/linux/mmap_lock.h:104 kbuild/src/consumer/mm/util.c:521) [ 615.749005] ksys_mmap_pgoff (kbuild/src/consumer/mm/mmap.c:1634) [ 615.752940] do_syscall_64 (kbuild/src/consumer/arch/x86/entry/common.c:46) [ 615.756515] entry_SYSCALL_64_after_hwframe (kbuild/src/consumer/arch/x86/entry/entry_64.S:127) [ 615.761565] RIP: 0033:0x7f840bb09133 [ 615.765138] Code: 54 41 89 d4 55 48 89 fd 53 4c 89 cb 48 85 ff 74 56 49 89 d9 45 89 f8 45 89 f2 44 89 e2 4c 89 ee 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 7d 5b 5d 41 5c 41 5d 41 5e 41 5f c3 66 2e 0f All code ======== 0: 54 push %rsp 1: 41 89 d4 mov %edx,%r12d 4: 55 push %rbp 5: 48 89 fd mov %rdi,%rbp 8: 53 push %rbx 9: 4c 89 cb mov %r9,%rbx c: 48 85 ff test %rdi,%rdi f: 74 56 je 0x67 11: 49 89 d9 mov %rbx,%r9 14: 45 89 f8 mov %r15d,%r8d 17: 45 89 f2 mov %r14d,%r10d 1a: 44 89 e2 mov %r12d,%edx 1d: 4c 89 ee mov %r13,%rsi 20: 48 89 ef mov %rbp,%rdi 23: b8 09 00 00 00 mov $0x9,%eax 28: 0f 05 syscall 2a:* 48 3d 00 f0 ff ff cmp $0xfffffffffffff000,%rax <-- trapping instruction 30: 77 7d ja 0xaf 32: 5b pop %rbx 33: 5d pop %rbp 34: 41 5c pop %r12 36: 41 5d pop %r13 38: 41 5e pop %r14 3a: 41 5f pop %r15 3c: c3 retq 3d: 66 data16 3e: 2e cs 3f: 0f .byte 0xf Code starting with the faulting instruction =========================================== 0: 48 3d 00 f0 ff ff cmp $0xfffffffffffff000,%rax 6: 77 7d ja 0x85 8: 5b pop %rbx 9: 5d pop %rbp a: 41 5c pop %r12 c: 41 5d pop %r13 e: 41 5e pop %r14 10: 41 5f pop %r15 12: c3 retq 13: 66 data16 14: 2e cs 15: 0f .byte 0xf To reproduce: git clone https://github.com/intel/lkp-tests.git cd lkp-tests bin/lkp install job.yaml # job file is attached in this email bin/lkp split-job --compatible job.yaml bin/lkp run compatible-job.yaml Thanks, Oliver Sang