Re: [syzbot] [fs?] INFO: task hung in pipe_release (4)

From: David Howells
Date: Sat Jul 29 2023 - 11:28:47 EST

Next message: Paul E. McKenney: "Re: [PATCH RFC bootconfig] 2/2] fs/proc: Add /proc/cmdline_image for embedded arguments"
Previous message: Jonathan Corbet: "Re: [PATCH v2 0/6] docs/zh_TW: update zh_TW's documentation from an ascensive aspect"
In reply to: David Howells: "Re: [syzbot] [fs?] INFO: task hung in pipe_release (4)"
Next in thread: syzbot: "Re: [syzbot] [fs?] INFO: task hung in pipe_release (4)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

David Howells <dhowells@xxxxxxxxxx> wrote:

> I've managed to reproduce it finally. Instrumenting the pipe_lock/unlock
> functions, splice_to_socket() and pipe_release() seems to show that
> pipe_release() is being called whilst splice_to_socket() is still running.

That's actually a bit of a red herring. pipe_release() is so-called because
it's called as the release file op for an end of the pipe. It doesn't
automatically free the pipe_inode_info struct - there's refcounting on that.

So the problem is that udp_sendmsg() didn't return; pipe_release() hanging on
the pipe_lock() is merely a noisy symptom thereof.

David

Next message: Paul E. McKenney: "Re: [PATCH RFC bootconfig] 2/2] fs/proc: Add /proc/cmdline_image for embedded arguments"
Previous message: Jonathan Corbet: "Re: [PATCH v2 0/6] docs/zh_TW: update zh_TW's documentation from an ascensive aspect"
In reply to: David Howells: "Re: [syzbot] [fs?] INFO: task hung in pipe_release (4)"
Next in thread: syzbot: "Re: [syzbot] [fs?] INFO: task hung in pipe_release (4)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]