From: Stefano Garzarella <sgarzare@redhat.com>
To: Andrey Drobyshev <andrey.drobyshev@virtuozzo.com>
Cc: linux-kernel@vger.kernel.org, kvm@vger.kernel.org,
virtualization@lists.linux.dev, netdev@vger.kernel.org,
mst@redhat.com, stefanha@redhat.com, dongli.zhang@oracle.com,
maciej.szmigiero@oracle.com, bchaney@akamai.com,
mark.kanda@oracle.com, ptikhomirov@virtuozzo.com,
den@openvz.org
Subject: Re: [PATCH v3 3/4] vhost/vsock: re-scan TX virtqueue on device start
Date: Tue, 30 Jun 2026 14:45:46 +0200 [thread overview]
Message-ID: <akO5DNoEsjukV5az@sgarzare-redhat> (raw)
In-Reply-To: <20260625155416.480669-4-andrey.drobyshev@virtuozzo.com>
On Thu, Jun 25, 2026 at 06:54:15PM +0300, Andrey Drobyshev wrote:
>During QEMU CPR live-update (and VHOST_RESET_OWNER in general) the guest
>keeps running while the host drops and later re-attaches vhost backends.
>If the guest adds a buffer to the TX virtqueue (guest->host) and kicks
>while the backend is temporarily NULL (between vhost_vsock_drop_backends()
>and the next vhost_vsock_start()), then the kick is delivered to the
>vhost worker, handle_tx_kick() sees a NULL backend and returns, and the
>kick signal is consumed. The buffer is then left in the ring.
>
>Then upon device start vhost_vsock_start() only re-kicks the RX send
>worker, never the TX VQ, so the buffer is processed only if the guest
>happens to kick again. But if the guest itself is now waiting for data
>from the host, it will never kick TX VQ again, and we end up in a
>deadlock.
>
>The issue itself is pre-existing, but it only manifests during a brief
Why "brief"? I mean, there's no limit, and the user process could stay
there forever, right?
>pause caused by VHOST_RESET_OWNER. Namely, the deadlock is reproduced
Again, please make it clear that VHOST_RESET_OWNER support will come
later, so this is in prepartion for it.
>during active host->guest socat data transfer under multiple consecutive
>CPR live-update's.
>
>To fix this, in vhost_vsock_start(), after kicking the RX send worker, also
>queue the TX vq poll so any buffers the guest enqueued while we were paused
>get scanned.
>
>Signed-off-by: Andrey Drobyshev <andrey.drobyshev@virtuozzo.com>
>Reviewed-by: Pavel Tikhomirov <ptikhomirov@virtuozzo.com>
>---
> drivers/vhost/vsock.c | 7 +++++++
> 1 file changed, 7 insertions(+)
>
>diff --git a/drivers/vhost/vsock.c b/drivers/vhost/vsock.c
>index bec6bcfd885f..81d4f7209719 100644
>--- a/drivers/vhost/vsock.c
>+++ b/drivers/vhost/vsock.c
>@@ -646,6 +646,13 @@ static int vhost_vsock_start(struct vhost_vsock *vsock)
> */
> vhost_vq_work_queue(&vsock->vqs[VSOCK_VQ_RX], &vsock->send_pkt_work);
>
>+ /*
>+ * Some packets might've also been queued in TX VQ. That is the case
>+ * during the brief device pause caused by VHOST_RESET_OWNER. Re-scan
Ditto about "brief", I don't think is adding anything.
BTW the code LGTM.
Thanks,
Stefano
>+ * the TX VQ here, mirroring the RX send-worker kick above.
>+ */
>+ vhost_poll_queue(&vsock->vqs[VSOCK_VQ_TX].poll);
>+
> mutex_unlock(&vsock->dev.mutex);
> return 0;
>
>--
>2.47.1
>
next prev parent reply other threads:[~2026-06-30 12:45 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-06-25 15:54 [PATCH v3 0/4] vhost/vsock: add support for VHOST_RESET_OWNER and CPR migration Andrey Drobyshev
2026-06-25 15:54 ` [PATCH v3 1/4] vhost/vsock: split out vhost_vsock_drop_backends helper Andrey Drobyshev
2026-06-25 15:54 ` [PATCH v3 2/4] vhost/vsock: suppress EHOSTUNREACH fast-fail during CPR pause Andrey Drobyshev
2026-06-30 12:39 ` Stefano Garzarella
2026-06-25 15:54 ` [PATCH v3 3/4] vhost/vsock: re-scan TX virtqueue on device start Andrey Drobyshev
2026-06-30 12:45 ` Stefano Garzarella [this message]
2026-06-25 15:54 ` [PATCH v3 4/4] vhost/vsock: add VHOST_RESET_OWNER ioctl Andrey Drobyshev
2026-06-25 16:13 ` Pavel Tikhomirov
2026-06-30 13:40 ` Stefano Garzarella
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=akO5DNoEsjukV5az@sgarzare-redhat \
--to=sgarzare@redhat.com \
--cc=andrey.drobyshev@virtuozzo.com \
--cc=bchaney@akamai.com \
--cc=den@openvz.org \
--cc=dongli.zhang@oracle.com \
--cc=kvm@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=maciej.szmigiero@oracle.com \
--cc=mark.kanda@oracle.com \
--cc=mst@redhat.com \
--cc=netdev@vger.kernel.org \
--cc=ptikhomirov@virtuozzo.com \
--cc=stefanha@redhat.com \
--cc=virtualization@lists.linux.dev \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox