Comment # 21
on bug 1199355
from Stefan Seyfried
[ 9341.426047] pstate: 00400005 (nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
[ 9341.426054] pc : blk_mq_submit_bio+0x17c/0x6b0
[ 9341.426075] lr : blk_mq_submit_bio+0x160/0x6b0
[ 9341.426081] sp : ffff800008ee2d90
[ 9341.426086] x29: ffff800008ee2d90 x28: ffff470cc3861980 x27:
fffffd1c36145648
[ 9341.426096] x26: fffffd1c36145640 x25: ffff800008ee3128 x24:
0000000000000001
[ 9341.426106] x23: 0000000000000000 x22: ffff470cc25c48e0 x21:
ffff470cc4f8b138
[ 9341.426116] x20: ffff470cc2b43800 x19: ffff470cc4f90f00 x18:
0000000095f27000
[ 9341.426125] x17: 0000000000000001 x16: ffffab5ab3275db0 x15:
0000000000000000
[ 9341.426134] x14: 0000000000000000 x13: 0000000000000038 x12:
0000000000000000
[ 9341.426143] x11: 0000000000000000 x10: 0000000000001b80 x9 :
ffffab5ab34bf1e0
[ 9341.426152] x8 : ffff470cc6fb7b20 x7 : 0000000000ac7ada x6 :
ffffab5ab3ce3dc0
[ 9341.426160] x5 : 00000000410fd080 x4 : 0000000000000000 x3 :
ffff470cc38ebc50
[ 9341.426169] x2 : 0000000000000000 x1 : 0000000000000000 x0 :
0000000004000001
[ 9341.426178] Call trace:
[ 9341.426183] blk_mq_submit_bio+0x17c/0x6b0
[ 9341.426190] __submit_bio+0x118/0x17c
[ 9341.426198] submit_bio_noacct+0x1ec/0x240
[ 9341.426204] submit_bio+0xa8/0x140
[ 9341.426210] __swap_writepage+0x1ac/0x494
[ 9341.426218] swap_writepage+0x50/0x10c
[ 9341.426224] pageout+0x104/0x340
[ 9341.426232] shrink_page_list+0x66c/0xe9c
[ 9341.426240] shrink_lruvec+0x548/0xb64
[ 9341.426247] shrink_node+0x3ec/0x74c
[ 9341.426253] do_try_to_free_pages+0xf0/0x580
[ 9341.426260] try_to_free_pages+0x118/0x20c
[ 9341.426266] __alloc_pages+0x48c/0xd60
[ 9341.426273] alloc_pages+0xb8/0x16c
[ 9341.426280] folio_alloc+0x28/0x64
[ 9341.426286] filemap_alloc_folio+0xd8/0xf0
[ 9341.426292] page_cache_ra_unbounded+0xac/0x224
[ 9341.426314] ondemand_readahead+0x28c/0x2c0
[ 9341.426324] page_cache_sync_ra+0xe0/0xec
[ 9341.426333] filemap_get_pages+0xb8/0x6b4
[ 9341.426342] filemap_read+0xc4/0x31c
[ 9341.426351] generic_file_read_iter+0x114/0x1b0
[ 9341.426361] xfs_file_buffered_read+0xb4/0xdc [xfs
096b9df6336e2333cf64584a5f3515ae55e87984]
[ 9341.426732] xfs_file_read_iter+0xa8/0x124 [xfs
096b9df6336e2333cf64584a5f3515ae55e87984]
[ 9341.426915] io_read+0x104/0x3dc
[ 9341.426932] io_issue_sqe+0x1f8/0x1c74
[ 9341.426944] io_submit_sqes+0x2a4/0x1614
[ 9341.426954] __arm64_sys_io_uring_enter+0x4c8/0x79c
[ 9341.426965] invoke_syscall+0x78/0x100
[ 9341.426984] el0_svc_common.constprop.0+0x18c/0x190
[ 9341.426996] do_el0_svc+0x30/0x94
[ 9341.427006] el0_svc+0x28/0xe0
[ 9341.427020] el0t_64_sync_handler+0x10c/0x140
[ 9341.427031] el0t_64_sync+0x1a4/0x1a8
[ 9341.427045] Code: 37c00060 72001c1f 1a9f17e1 f9400a62 (79426842)
[ 9341.427068] SMP: stopping secondary CPUs
[ 9341.427111] Starting crashdump kernel...
crash> dis -s blk_mq_submit_bio+0x17c
FILE: ../block/blk-mq.c
LINE: 2764
2759 return NULL;
2760 }
2761
2762 rq_qos_throttle(q, *bio);
2763
* 2764 if (blk_mq_get_hctx_type((*bio)->bi_opf) != rq->mq_hctx->type)
2765 return NULL;
2766 if (op_is_flush(rq->cmd_flags) != op_is_flush((*bio)->bi_opf))
2767 return NULL;
2768
2769 rq->cmd_flags = (*bio)->bi_opf;
2770 plug->cached_rq = rq_list_next(rq);
2771 INIT_LIST_HEAD(&rq->queuelist);
2772 return rq;
2773 }
Unfortuantely I'm not able to find out the address of "bio" to check if it is
sane :-(
0x17c == 380dec
0xffffab5ab34ab104 <blk_mq_submit_bio+324>: cbz x0, 0xffffab5ab34ab124
<blk_mq_submit_bio+356>
/usr/src/debug/kernel-default-5.17.7-1.1.aarch64/linux-5.17/linux-obj/../include/linux/bio.h:
238
0xffffab5ab34ab108 <blk_mq_submit_bio+328>: ldrh w0, [x20, #20]
/usr/src/debug/kernel-default-5.17.7-1.1.aarch64/linux-5.17/linux-obj/../block/blk-rq-qos.h:
194
0xffffab5ab34ab10c <blk_mq_submit_bio+332>: mov x1, x20
/usr/src/debug/kernel-default-5.17.7-1.1.aarch64/linux-5.17/linux-obj/../include/linux/bio.h:
238
0xffffab5ab34ab110 <blk_mq_submit_bio+336>: orr w0, w0, #0x400
0xffffab5ab34ab114 <blk_mq_submit_bio+340>: strh w0, [x20, #20]
/usr/src/debug/kernel-default-5.17.7-1.1.aarch64/linux-5.17/linux-obj/../block/blk-rq-qos.h:
194
0xffffab5ab34ab118 <blk_mq_submit_bio+344>: ldr x0, [x21, #40]
0xffffab5ab34ab11c <blk_mq_submit_bio+348>: bl 0xffffab5ab34bf1a0
<__rq_qos_throttle>
/usr/src/debug/kernel-default-5.17.7-1.1.aarch64/linux-5.17/linux-obj/../block/blk-mq.c:
2764
0xffffab5ab34ab120 <blk_mq_submit_bio+352>: ldr x20, [sp, #72]
0xffffab5ab34ab124 <blk_mq_submit_bio+356>: mov w1, #0x2
// #2
0xffffab5ab34ab128 <blk_mq_submit_bio+360>: ldr w0, [x20, #16]
/usr/src/debug/kernel-default-5.17.7-1.1.aarch64/linux-5.17/linux-obj/../block/blk-mq.h:
96
0xffffab5ab34ab12c <blk_mq_submit_bio+364>: tbnz w0, #24,
0xffffab5ab34ab138 <blk_mq_submit_bio+376>
/usr/src/debug/kernel-default-5.17.7-1.1.aarch64/linux-5.17/linux-obj/../block/blk-mq.h:
98
0xffffab5ab34ab130 <blk_mq_submit_bio+368>: tst w0, #0xff
0xffffab5ab34ab134 <blk_mq_submit_bio+372>: cset w1, eq // eq = none
/usr/src/debug/kernel-default-5.17.7-1.1.aarch64/linux-5.17/linux-obj/../block/blk-mq.h:
100
0xffffab5ab34ab138 <blk_mq_submit_bio+376>: ldr x2, [x19, #16]
/usr/src/debug/kernel-default-5.17.7-1.1.aarch64/linux-5.17/linux-obj/../block/blk-mq.c:
2764
0xffffab5ab34ab13c <blk_mq_submit_bio+380>: ldrh w2, [x2, #308]
0xffffab5ab34ab140 <blk_mq_submit_bio+384>: cmp w2, w1
0xffffab5ab34ab144 <blk_mq_submit_bio+388>: b.ne 0xffffab5ab34ab310
<blk_mq_submit_bio+836> // b.any
Unfortunately, I speak absolutely no assembler newer than Z80 :-(