Re: INFO: task hung in io_uring_cancel_generic

[Hao Sun]

Pavel Begunkov <asml.silence@xxxxxxxxx> 于2021年9月13日周一 下午4:30写道：
>
> On 9/13/21 3:26 AM, Hao Sun wrote:
> > Hi
> >
> > Healer found a C reproducer for this crash ("INFO: task hung in
> > io_ring_exit_work").
> >
> > HEAD commit: 4b93c544e90e-thunderbolt: test: split up test cases
> > git tree: upstream
> > console output:
> > https://drive.google.com/file/d/1NswMU2yMRTc8-EqbZcVvcJejV92cuZIk/view?usp=sharing
> > kernel config: https://drive.google.com/file/d/1c0u2EeRDhRO-ZCxr9MP2VvAtJd6kfg-p/view?usp=sharing
> > C reproducer: https://drive.google.com/file/d/170wk5_T8mYDaAtDcrdVi2UU9_dW1894s/view?usp=sharing
> > Syzlang reproducer:
> > https://drive.google.com/file/d/1eo-jAS9lncm4i-1kaCBkexrjpQHXboBq/view?usp=sharing
> >
> > If you fix this issue, please add the following tag to the commit:
> > Reported-by: Hao Sun <sunhao.th@xxxxxxxxx>
>
> I don't see the repro using io_uring at all. Can it be because of
> the delay before the warning shows itself? 120 secs, this appeared
> after 143.
>

I think the crash was most likely fixed. Here is what I've done.
First, I re-run the whole execution history
(https://drive.google.com/file/d/1NswMU2yMRTc8-EqbZcVvcJejV92cuZIk/view?usp=sharing)
with `syz-repro` on  latest kernel (6880fa6c5660 Linux 5.15-rc1). The
kernel did not crash at all.
Then, I re-run the history on the original version of the kernel
(4b93c544e90e-thunderbolt: test: split up test cases). It crashed and
task hang happened but with a different location
("io_wq_submit_work").
Since `syz-repro` is smart enough and will give prog enough timeout to
be executed when the crash type is `Hang` (see
https://github.com/google/syzkaller/blob/master/pkg/repro/repro.go#L98),
the delay before a warning can be handled properly.

However, I'll still keep track of this crash since it was still not
reproduced yet.

> [...]

>
> --
> Pavel Begunkov