| Message ID | 20240410043450.416752-1-lulu@redhat.com (mailing list archive) |
|---|---|
| Headers | show |
| Series | virtio-pci: Fix the crash that the vector was used after released | expand |
Sorry, send to the wrong mail list, please ignore it On Wed, Apr 10, 2024 at 12:35 PM Cindy Lu <lulu@redhat.com> wrote: > > During the booting process of the Vyatta image, the behavior of the > called function in qemu is as follows: > > 1. vhost_net_stop() was triggered by guest image . This will call the function > virtio_pci_set_guest_notifiers() with assgin= false, and > virtio_pci_set_guest_notifiers() will release the irqfd for vector 0 > > 2. virtio_reset() was called -->set configure vector to VIRTIO_NO_VECTOR > > 3.vhost_net_start() was called (at this time, the configure vector is > still VIRTIO_NO_VECTOR) and call virtio_pci_set_guest_notifiers() with > assgin= true, so the irqfd for vector 0 is still not "init" during this process > > 4. The system continues to boot,set the vector back to 0, and msix_fire_vector_notifier() was triggered > unmask the vector 0 and then met the crash > [msix_fire_vector_notifier] 112 called vector 0 is_masked 1 > [msix_fire_vector_notifier] 112 called vector 0 is_masked 0 > > To fix this, we need to call the function "kvm_virtio_pci_vector_use_one()" > when the vector changes back from VIRTIO_NO_VECTOR. > > The reason that we don't need to call kvm_virtio_pci_vector_release_one while the vector changes to > VIRTIO_NO_VECTOR is this function will called in vhost_net_stop(), > So this step will not lost during this process. > > Change from V1 > 1.add the check for if using irqfd > 2.remove the check for bool recovery, irqfd's user is enough to check status > > Cindy Lu (1): > virtio-pci: Fix the crash that the vector was used after released. > > hw/virtio/virtio-pci.c | 35 +++++++++++++++++++++++++++++++++++ > 1 file changed, 35 insertions(+) > > -- > 2.43.0 >