Re: [syzbot] [netfs?] INFO: task hung in netfs_unbuffered_write_iter
From: Oleg Nesterov
Date: Sun Mar 23 2025 - 14:50:04 EST
On 03/22, syzbot wrote:
>
> HEAD commit: fc444ada1310 Merge tag 'soc-fixes-6.14-2' of git://git.ker..
> git tree: upstream
> console+strace: https://syzkaller.appspot.com/x/log.txt?x=1397319b980000
> kernel config: https://syzkaller.appspot.com/x/.config?x=2e330e9768b5b8ff
> dashboard link: https://syzkaller.appspot.com/bug?extid=62262fdc0e01d99573fc
> compiler: gcc (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40
> syz repro: https://syzkaller.appspot.com/x/repro.syz?x=1057319b980000
> C reproducer: https://syzkaller.appspot.com/x/repro.c?x=10d6a44c580000
>
> Downloadable assets:
> disk image: https://storage.googleapis.com/syzbot-assets/924e6055daef/disk-fc444ada.raw.xz
> vmlinux: https://storage.googleapis.com/syzbot-assets/0cd40093a53e/vmlinux-fc444ada.xz
> kernel image: https://storage.googleapis.com/syzbot-assets/7370bbe4e1b8/bzImage-fc444ada.xz
>
> The issue was bisected to:
>
> commit aaec5a95d59615523db03dd53c2052f0a87beea7
> Author: Oleg Nesterov <oleg@xxxxxxxxxx>
> Date: Thu Jan 2 14:07:15 2025 +0000
>
> pipe_read: don't wake up the writer if the pipe is still full
OMG :/
Just to ensure it does not help,
#syz test: upstream aaec5a95d59615523db03dd53c2052f0a87beea7
diff --git a/fs/pipe.c b/fs/pipe.c
index 82fede0f2111..7e36f54d21a5 100644
--- a/fs/pipe.c
+++ b/fs/pipe.c
@@ -417,8 +417,8 @@ static inline int is_packetized(struct file *file)
/* Done while waiting without holding the pipe lock - thus the READ_ONCE() */
static inline bool pipe_writable(const struct pipe_inode_info *pipe)
{
- unsigned int head = READ_ONCE(pipe->head);
unsigned int tail = READ_ONCE(pipe->tail);
+ unsigned int head = READ_ONCE(pipe->head);
unsigned int max_usage = READ_ONCE(pipe->max_usage);
return !pipe_full(head, tail, max_usage) ||