Re: Umount failing due to a file leak on 3.18 Android

From: Nikhilesh Reddy
Date: Tue Apr 19 2016 - 21:30:00 EST

On Tue 19 Apr 2016 06:26:27 PM PDT, Nikhilesh Reddy wrote:

I am looking into a bug that results in umount failures ( since there is a mount ref from the leaked file that is never freed on the mount )

The issue seems to be a result of the following callstack

39.958104: <6> Call trace:
39.958108: <2> [<ffffffc0001baa58>] fput+0x1e0/0x1f8
39.958113: <2> [<ffffffc0001b6ce8>] filp_close+0xa0/0xb8
39.958119: <2> [<ffffffc0001d3ca8>] put_files_struct+0x88/0xf0
39.958123: <2> [<ffffffc000973c40>] binder_deferred_func+0x6a8/0x704
39.958129: <2> [<ffffffc0000ba32c>] process_one_work+0x238/0x3f0
39.958133: <2> [<ffffffc0000bb160>] worker_thread+0x2f8/0x418

What seems to occur is that once in a while a file ( say a.txt) is fput in the above stack
right as the task is being killed

And then we see that the fput schedules a delayed_fput_work on this file

But when the function delayed_fput() is actually run :
the file that was put i.e this a.txt is not in the delayed_fput_list

Any chance you can help me get to the bottom of this leak?
I dont understand why the delayed_fput_list is missing the file.

Is there some sort of race condition?

I will appreciate any pointers you can give me to debug this issue
Thanks so much in advance for your help.

Nikhilesh Reddy

Qualcomm Innovation Center, Inc.
The Qualcomm Innovation Center, Inc. is a member of the Code Aurora Forum,
a Linux Foundation Collaborative Project.