Commit d2d27f72 authored by Bart Van Assche's avatar Bart Van Assche
Browse files

ANDROID: block: Partially revert "Send requeued requests to the I/O scheduler" 



See also commit 91022175.

Revert the code that sends requests back to the I/O scheduler if
dispatching fails because it is suspected to have introduced the
following BFQ crash:

==================================================================
BUG: KASAN: invalid-access in bfq_get_queue+0x500/0x560
Write at addr faffff8056fd8b30 by task Thread-11/27396
Pointer tag: [fa], memory tag: [fe]

CPU: 5 PID: 27396 Comm: Thread-11 Tainted: G S      W  OE     5.15.110-android14-7-00150-gf82b53108826-ab10234611 #1
Call trace:
 dump_backtrace+0xf8/0x1e8
 dump_stack_lvl+0x74/0xa4
 print_report+0x344/0x958
 kasan_report+0x90/0xe4
 __do_kernel_fault+0xc4/0x2ac
 do_bad_area+0x3c/0x154
 do_tag_check_fault+0x18/0x24
 do_mem_abort+0x60/0x134
 el1_abort+0x38/0x54
 el1h_64_sync_handler+0x54/0x88
 el1h_64_sync+0x78/0x7c
 bfq_get_queue+0x500/0x560
 bfq_insert_requests+0x98c/0x1474
 blk_mq_sched_insert_requests+0xec/0x334
 blk_mq_flush_plug_list+0x138/0x234
 blk_flush_plug_list+0x118/0x164
 read_pages+0x38c/0x408
 page_cache_ra_unbounded+0x22c/0x2f4
 do_sync_mmap_readahead+0x1a4/0x208
 filemap_fault+0x27c/0x8f4
 f2fs_filemap_fault+0x28/0xfc
 __do_fault+0xc0/0x204
 handle_pte_fault+0x28c/0xdf8
 do_handle_mm_fault+0x504/0x7b8
 do_page_fault+0x5dc/0x798
 do_translation_fault+0x40/0x54
 do_mem_abort+0x60/0x134
 el0_ia+0x74/0x158
 el0t_64_sync_handler+0xac/0xe4
 el0t_64_sync+0x1b0/0x1b4

The buggy address belongs to the object at ffffff8056fd8a50
 which belongs to the cache bfq_io_cq of size 232
The buggy address is located 224 bytes inside of
 232-byte region [ffffff8056fd8a50, ffffff8056fd8b38)

The buggy address belongs to the physical page:
page:00000000a0db99e0 refcount:1 mapcount:0 mapping:0000000000000000 index:0xfaffff8056fd8a50 pfn:0xd6fd8
head:00000000a0db99e0 order:1 compound_mapcount:0
flags: 0x4000000000010200(slab|head|zone=1|kasantag=0x0)
raw: 4000000000010200 fffffffe2306b300 0000000400000004 f2ffff800a71f700
raw: faffff8056fd8a50 000000008022001d 00000001ffffffff 0000000000000000
page dumped because: kasan: bad access detected

Memory state around the buggy address:
 ffffff8056fd8900: fe fe fe fe fe fe fd fd fd fd fd fd fd fd fd fd
 ffffff8056fd8a00: fd fd fd fd fd fe fe fe fe fe fe fe fe fe fe fe
>ffffff8056fd8b00: fe fe fe fe fb fb fb fb fb fb fb fb fb fb fb fb
                            ^
 ffffff8056fd8c00: fb fb fb f4 f4 f4 f4 f4 f4 f4 f4 f4 f4 f4 f4 f4
 ffffff8056fd8d00: f4 f4 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9
==================================================================

Bug: 285769645
Change-Id: Ia870feee81988ae47a2be0e1b145d18165588f8a
Signed-off-by: default avatarBart Van Assche <bvanassche@google.com>
parent cc244e96
Show whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please to comment