Re: [BUG] KVM: NULL pointer dereference in kvm_tdp_mmu_map under memory pressure

[Sean Christopherson]

On Wed, Apr 08, 2026, punixcorn wrote:
> To be honest, it could be days. The original crash happened only once 
> in a month of heavy use, 

Oof.  Can you provide the full splat from the original crash?  I want to look
at the register state to see if there are any clues.

> though my system has been hitting 100% RAM usage frequently. 
> 
> I suspect a specific transition-like a guest memory zap during high 
> host contention-is the trigger. 

It's counter-intuitive, but that's actually not very likely to manifest as this
type of failure.  When zapping SPTEs in response to reclaim, KVM only zaps leaf
SPTEs.  This specifically requires zapping and freeing a non-leaf, upper-level
SPTE.  Reclaim could still definitely be contributing to whatever is going wrong,
but I don't think it would directly trigger this type of failure.

> I am currently trying to reproduce this by scripting a loop that reloads the
> guest project (Android emulator) while the host is under heavy memory load,
> as that was the environment when the crash occurred.
> 
> I’ll keep the current debug patch running. If I can't catch it within 
> the next 48 hours, I’d be very interested in that more elaborate 
> debug patch you mentioned to help track the SPTE lifecycle more 
> closely.

Honestly, until you're able to reproduce the failure, I wouldn't bother trying
to concoct and run a debug patch.  Given how much this particular code gets
exercised, if you only ever see the one crash, something like a single bit flip,
e.g. due to radiation, is probably just as likely as a kernel bug.