While running LTP tests (getpid02) on a Power10 server booted with 6.6.0-rc6-next-20231016 following crash was seen: [ 76.386628] Kernel attempted to read user page (d8) - exploit attempt? (uid: 0) [ 76.386649] BUG: Kernel NULL pointer dereference on read at 0x000000d8 [ 76.386653] Faulting instruction address: 0xc0000000004cda90 [ 76.386658] Oops: Kernel access of bad area, sig: 11 [#1] [ 76.386661] LE PAGE_SIZE=64K MMU=Radix SMP NR_CPUS=8192 NUMA pSeries [ 76.386667] Modules linked in: rpadlpar_io rpaphp xsk_diag nft_fib_inet nft_fib_ipv4 nft_fib_ipv6 nft_fib nft_reject_inet nf_reject_ipv4 nf_reject_ipv6 nft_reject nft_ct nft_chain_nat nf_nat nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 bonding rfkill tls ip_set nf_tables nfnetlink sunrpc pseries_rng vmx_crypto aes_gcm_p10_crypto binfmt_misc xfs libcrc32c sd_mod t10_pi sr_mod cdrom crc64_rocksoft crc64 sg ibmvscsi ibmveth scsi_transport_srp fuse [ 76.386709] CPU: 22 PID: 5763 Comm: getpid02 Kdump: loaded Not tainted 6.6.0-rc6-next-20231016 #3 [ 76.386713] Hardware name: IBM,9080-HEX POWER10 (raw) 0x800200 0xf000006 of:IBM,FW1030.20 (NH1030_058) hv:phyp pSeries [ 76.386718] NIP: c0000000004cda90 LR: c0000000004cd840 CTR: 0000000000000000 [ 76.386721] REGS: c0000001f491b840 TRAP: 0300 Not tainted (6.6.0-rc6-next-20231016) [ 76.386724] MSR: 8000000000009033 <SF,EE,ME,IR,DR,RI,LE> CR: 48082804 XER: 00000000 [ 76.386733] CFAR: c0000000004cd848 DAR: 00000000000000d8 DSISR: 40000000 IRQMASK: 0 [ 76.386733] GPR00: c0000000004cd840 c0000001f491bae0 c000000001471a00 0000000000000000 [ 76.386733] GPR04: 00000000000000fb 0000000000000000 0000000000000000 0000000000000001 [ 76.386733] GPR08: 00000000000001c4 c0000001fb8aa830 c0000001e5140d00 c0000001eccfac00 [ 76.386733] GPR12: 000000000000001f c000000e87bf7300 0000000000000000 0000000000000000 [ 76.386733] GPR16: 0000000000000000 0000000000000000 0000000000000000 0000000000000000 [ 76.386733] GPR20: 00007fff9944ffff 0000000000000000 c0000001e86bdd60 c0000001e86be8e0 [ 76.386733] GPR24: 0000000000000001 0000000000000001 0000000000000001 0000000000000000 [ 76.386733] GPR28: 00000000000000fb c0000001e5140d00 00007fff99440000 c0000001fb8aa830 [ 76.386773] NIP [c0000000004cda90] mmap_region+0x8b0/0xb30 [ 76.386781] LR [c0000000004cd840] mmap_region+0x660/0xb30 [ 76.386784] Call Trace: [ 76.386786] [c0000001f491bae0] [c0000000004cd840] mmap_region+0x660/0xb30 (unreliable) [ 76.386791] [c0000001f491bc10] [c0000000004ce0dc] do_mmap+0x3cc/0x5c0 [ 76.386794] [c0000001f491bca0] [c000000000486724] vm_mmap_pgoff+0x134/0x240 [ 76.386800] [c0000001f491bd80] [c0000000004c98a8] ksys_mmap_pgoff+0x158/0x2b0 [ 76.386806] [c0000001f491bdf0] [c000000000011834] do_mmap2+0x54/0xc0 [ 76.386811] [c0000001f491be10] [c000000000036624] system_call_exception+0x134/0x330 [ 76.386817] [c0000001f491be50] [c00000000000d6a0] system_call_common+0x160/0x2e4 [ 76.386822] --- interrupt: c00 at 0x7fff9932ff68 [ 76.386825] NIP: 00007fff9932ff68 LR: 0000000010005074 CTR: 0000000000000000 [ 76.386828] REGS: c0000001f491be80 TRAP: 0c00 Not tainted (6.6.0-rc6-next-20231016) [ 76.386831] MSR: 800000000280f033 <SF,VEC,VSX,EE,PR,FP,ME,IR,DR,RI,LE> CR: 24002204 XER: 00000000 [ 76.386840] IRQMASK: 0 [ 76.386840] GPR00: 000000000000005a 00007fffd709f9f0 00007fff99407300 0000000000000000 [ 76.386840] GPR04: 0000000000000004 0000000000000003 0000000000000021 ffffffffffffffff [ 76.386840] GPR08: 0000000000000000 0000000000000000 0000000000000000 0000000000000000 [ 76.386840] GPR12: 0000000000000000 00007fff994ea3d0 0000000000000000 0000000000000000 [ 76.386840] GPR16: ffffffffffffffff 0000000010034498 0000000010034be8 00000000100336a8 [ 76.386840] GPR20: 0000000010034ba8 0000000000000001 000000001007c418 0000000010033770 [ 76.386840] GPR24: 0000000000000000 0000000000000000 0000000010034bd0 000000001007c438 [ 76.386840] GPR28: 0000000010061c88 00007fffd70afed5 000000001007c438 0000000010033770 [ 76.386876] NIP [00007fff9932ff68] 0x7fff9932ff68 [ 76.386879] LR [0000000010005074] 0x10005074 [ 76.386881] --- interrupt: c00 [ 76.386883] Code: 73890008 4082012c e93f0020 3b000000 fb7f0078 4bfffc74 60000000 60000000 e87f0088 3b000000 4bffff20 60000000 <e93b00d8> 39490044 7d005028 3108ffff [ 76.386896] ---[ end trace 0000000000000000 ]--- [ 76.388667] pstore: backend (nvram) writing error (-1) Git bisect points to following patch commit 1db41d29b79ad271674081c752961edd064bbbac mm: perform the mapping_map_writable() check after call_mmap() Reverting the patch allows the test to complete. - Sachin