From: bugzilla-daemon--- via Linux-f2fs-devel <linux-f2fs-devel@lists.sourceforge.net>
To: linux-f2fs-devel@lists.sourceforge.net
Subject: [f2fs-dev] [Bug 220575] Unable to handle kernel NULL pointer dereference at virtual address 0000000000000000
Date: Wed, 24 Sep 2025 06:50:28 +0000 [thread overview]
Message-ID: <bug-220575-202145-eLRXzVYrxm@https.bugzilla.kernel.org/> (raw)
In-Reply-To: <bug-220575-202145@https.bugzilla.kernel.org/>
https://bugzilla.kernel.org/show_bug.cgi?id=220575
--- Comment #4 from JY (JY.Ho@mediatek.com) ---
(In reply to Chao Yu from comment #3)
> I meant using trace32 to dump field value of victim page, something like
> that. :)
For some reasons, I can't dump the victim page with trace32.
So I'm using 'page_owner' and add new member '_private' to the struct page.
I Modified the function 'set_page_private()' in include/linux/mm_types.h
static inline void set_page_private(...)
{
page->private = private;
+ if (!private)
+ page->_private = private;
}
also modified the function 'f2fs_is_cp_guaranteed'
bool f2fs_is_cp_guaranteed(const struct page *page)
{
struct address_space *mapping = page->mapping;
struct inode *inode;
struct f2fs_sb_info *sbi;
if (fscrypt_is_bounce_page(page)) {
+ pr_crit("bounced_page:0xpx, pp:0x%px,
fscrypt_pagecache_page(page):0x%px\n", page, page->_private,
fscrypt_pagecache_page(page));
+ if (page->_private)
+ dump_page(page->_private, "dump _private page");
+ else
+ dump_page(page, "dump bounce page");
return page_private_gcing(fscrypt_pagecache_page(page));
}
And I got the log as below:
[2025-09-23 12:54:07.401] [ 2223.580361][T18170]
bounced_page:0xfffffffe82282290, pp:0x0000000000000000,
fscrypt_pagecache_page(page):0x0000000000000000
[2025-09-23 12:54:07.522] [ 2223.636124][T18170] page: refcount:1 mapcount:0
mapping:0000000000000000 index:0xc02b7 pfn:0x6e6d5
[2025-09-23 12:54:07.577] [ 2223.656779][T18170] flags: 0x0(zone=0)
[2025-09-23 12:54:07.577] [ 2223.665281][T18170] page_type: f2(table)
[2025-09-23 12:54:07.577] [ 2223.673618][T18170] raw: 0000000000000000
0000000000000000 0000000000000000 0000000000000000
[2025-09-23 12:54:07.577] [ 2223.691017][T18170] raw: 00000000000c02b7
0000000000000000 00000001f2000000 0000000000000000
[2025-09-23 12:54:07.577] [ 2223.709638][T18170] raw: 0000000000000000
0000000000000000
[2025-09-23 12:54:07.633] [ 2223.734520][T18170] page_owner tracks the page as
allocated
[2025-09-23 12:54:07.633] [ 2223.740836][T18170] page last allocated via order
0, migratetype Unmovable, gfp_mask
0x540dc0(GFP_USER|__GFP_COMP|__GFP_ZERO|__GFP_ACCOUNT), pid 23744, tgid 23744
(sync), ts 2223627020157, free_ts 2223626903324
[2025-09-23 12:54:07.690] [ 2223.760701][T18170] post_alloc_hook+0x1d4/0x1ec
[2025-09-23 12:54:07.690] [ 2223.765688][T18170] prep_new_page+0x30/0x154
[2025-09-23 12:54:07.690] [ 2223.770483][T18170]
get_page_from_freelist+0x11e8/0x127c
[2025-09-23 12:54:07.690] [ 2223.776402][T18170]
__alloc_pages_noprof+0x1b0/0x448
[2025-09-23 12:54:07.690] [ 2223.781758][T18170]
pmd_alloc_one_noprof+0x40/0x110
[2025-09-23 12:54:07.690] [ 2223.787714][T18170] __pmd_alloc+0x34/0x1a8
[2025-09-23 12:54:07.690] [ 2223.792274][T18170] move_page_tables+0x868/0x928
[2025-09-23 12:54:07.690] [ 2223.797303][T18170] relocate_vma_down+0x118/0x1f8
[2025-09-23 12:54:07.690] [ 2223.802601][T18170] setup_arg_pages+0x204/0x33c
[2025-09-23 12:54:07.690] [ 2223.807480][T18170] load_elf_binary+0x4f0/0xd68
[2025-09-23 12:54:07.690] [ 2223.822457][T18170] bprm_execve+0x2c8/0x57c
[2025-09-23 12:54:07.745] [ 2223.827615][T18170]
do_execveat_common+0x26c/0x2c4
[2025-09-23 12:54:07.745] [ 2223.832943][T18170]
__arm64_compat_sys_execve+0x48/0x60
[2025-09-23 12:54:07.745] [ 2223.839441][T18170] invoke_syscall+0x60/0x114
[2025-09-23 12:54:07.745] [ 2223.844123][T18170] el0_svc_common+0xb0/0xe4
[2025-09-23 12:54:07.745] [ 2223.850297][T18170] do_el0_svc_compat+0x24/0x30
[2025-09-23 12:54:07.745] [ 2223.856538][T18170] page last free pid 23744 tgid
23744 stack trace:
[2025-09-23 12:54:07.745] [ 2223.865252][T18170] free_unref_page+0x828/0x978
[2025-09-23 12:54:07.801] [ 2223.870493][T18170] __free_pages+0xe4/0x238
[2025-09-23 12:54:07.801] [ 2223.875113][T18170] free_pages+0x80/0x9c
[2025-09-23 12:54:07.801] [ 2223.879228][T18170] pgd_free+0x20/0x30
[2025-09-23 12:54:07.801] [ 2223.883162][T18170] __mmdrop+0x54/0x168
[2025-09-23 12:54:07.801] [ 2223.887624][T18170] __mmput+0x14c/0x170
[2025-09-23 12:54:07.801] [ 2223.891790][T18170] mmput+0x38/0xd8
[2025-09-23 12:54:07.801] [ 2223.895457][T18170] exec_mmap+0x1c4/0x238
[2025-09-23 12:54:07.801] [ 2223.899907][T18170] begin_new_exec+0x3cc/0x654
[2025-09-23 12:54:07.801] [ 2223.905047][T18170] load_elf_binary+0x39c/0xd68
[2025-09-23 12:54:07.801] [ 2223.909934][T18170] bprm_execve+0x2c8/0x57c
[2025-09-23 12:54:07.801] [ 2223.914547][T18170]
do_execveat_common+0x26c/0x2c4
[2025-09-23 12:54:07.801] [ 2223.919902][T18170]
__arm64_compat_sys_execve+0x48/0x60
[2025-09-23 12:54:07.861] [ 2223.925625][T18170] invoke_syscall+0x60/0x114
[2025-09-23 12:54:07.861] [ 2223.930483][T18170] el0_svc_common+0xb0/0xe4
[2025-09-23 12:54:07.861] [ 2223.935095][T18170] do_el0_svc_compat+0x24/0x30
--
You may reply to this email to add a comment.
You are receiving this mail because:
You are watching the assignee of the bug.
_______________________________________________
Linux-f2fs-devel mailing list
Linux-f2fs-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/linux-f2fs-devel
next prev parent reply other threads:[~2025-09-24 6:50 UTC|newest]
Thread overview: 20+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-09-15 3:33 [f2fs-dev] [Bug 220575] New: Unable to handle kernel NULL pointer dereference at virtual address 0000000000000000 bugzilla-daemon--- via Linux-f2fs-devel
2025-09-15 12:27 ` [f2fs-dev] [Bug 220575] " bugzilla-daemon--- via Linux-f2fs-devel
2025-09-16 2:19 ` bugzilla-daemon--- via Linux-f2fs-devel
2025-09-16 2:52 ` bugzilla-daemon--- via Linux-f2fs-devel
2025-09-24 6:50 ` bugzilla-daemon--- via Linux-f2fs-devel [this message]
2025-09-24 8:47 ` bugzilla-daemon--- via Linux-f2fs-devel
2025-09-24 9:51 ` bugzilla-daemon--- via Linux-f2fs-devel
2025-09-24 13:22 ` bugzilla-daemon--- via Linux-f2fs-devel
2025-09-25 3:38 ` bugzilla-daemon--- via Linux-f2fs-devel
2025-09-25 3:41 ` bugzilla-daemon--- via Linux-f2fs-devel
2025-09-25 8:40 ` bugzilla-daemon--- via Linux-f2fs-devel
2025-09-25 9:23 ` bugzilla-daemon--- via Linux-f2fs-devel
2025-09-28 10:30 ` bugzilla-daemon--- via Linux-f2fs-devel
2025-09-28 13:55 ` bugzilla-daemon--- via Linux-f2fs-devel
2025-09-30 10:45 ` bugzilla-daemon--- via Linux-f2fs-devel
2025-10-01 7:51 ` bugzilla-daemon--- via Linux-f2fs-devel
2025-10-01 8:01 ` bugzilla-daemon--- via Linux-f2fs-devel
2025-10-03 2:33 ` bugzilla-daemon--- via Linux-f2fs-devel
2025-10-03 2:44 ` bugzilla-daemon--- via Linux-f2fs-devel
2025-10-03 3:13 ` bugzilla-daemon--- via Linux-f2fs-devel
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=bug-220575-202145-eLRXzVYrxm@https.bugzilla.kernel.org/ \
--to=linux-f2fs-devel@lists.sourceforge.net \
--cc=bugzilla-daemon@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.