Re: Endless loop in udp with MSG_SPLICE_READ - Re: [syzbot] [fs?] INFO: task hung in pipe_release (4)

From: David Howells
Date: Tue Aug 01 2023 - 10:04:56 EST

Willem de Bruijn <willemdebruijn.kernel@xxxxxxxxx> wrote:

> What causes the infinite loop: does skb_splice_from_iter return 0 and
> therefore the loop neither decrements copy, nor breaks out with error?

Yeah. skb_splice_from_iter() starts returning 0 because the iterator is
empty, but it's still being asked to copy data. Possibly it should break out
of the loop (or give an error) in such a case.