[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-stable] [PATCH for 2.11] virtio-net: don't touch virtqueue if
From: |
Stefan Hajnoczi |
Subject: |
Re: [Qemu-stable] [PATCH for 2.11] virtio-net: don't touch virtqueue if vm is stopped |
Date: |
Thu, 23 Nov 2017 10:59:34 +0000 |
User-agent: |
Mutt/1.9.1 (2017-09-22) |
On Thu, Nov 23, 2017 at 11:37:46AM +0800, Jason Wang wrote:
> Guest state should not be touched if VM is stopped, unfortunately we
> didn't check running state and tried to drain tx queue unconditionally
> in virtio_net_set_status(). A crash was then noticed as a migration
> destination when user type quit after virtqueue state is loaded but
> before region cache is initialized. In this case,
> virtio_net_drop_tx_queue_data() tries to access the uninitialized
> region cache.
>
> Fix this by only dropping tx queue data when vm is running.
hw/virtio/virtio.c:virtio_load() does the following:
for (i = 0; i < num; i++) {
if (vdev->vq[i].vring.desc) {
uint16_t nheads;
/*
* VIRTIO-1 devices migrate desc, used, and avail ring addresses so
* only the region cache needs to be set up. Legacy devices need
* to calculate used and avail ring addresses based on the desc
* address.
*/
if (virtio_vdev_has_feature(vdev, VIRTIO_F_VERSION_1)) {
virtio_init_region_cache(vdev, i);
} else {
virtio_queue_update_rings(vdev, i);
}
So the region caches should be initialized after virtqueue state is
loaded.
It's unclear to me which code path triggers this issue. Can you add a
backtrace or an explanation?
Thanks,
Stefan
signature.asc
Description: PGP signature