Re: [PATCH RFC] virtio_net: fix refill related races
From: Michael S. Tsirkin
Date: Mon Dec 12 2011 - 06:52:17 EST
On Mon, Dec 12, 2011 at 09:25:07AM +1030, Rusty Russell wrote:
> On Sun, 11 Dec 2011 16:44:29 +0200, "Michael S. Tsirkin" <mst@xxxxxxxxxx> wrote:
> > On Thu, Dec 08, 2011 at 03:07:29PM +1030, Rusty Russell wrote:
> > > On Wed, 7 Dec 2011 17:21:22 +0200, "Michael S. Tsirkin" <mst@xxxxxxxxxx> wrote:
> > > > Fix theoretical races related to refill work:
> > > > 1. After napi is disabled by ndo_stop, refill work
> > > > can run and re-enable it.
> > > > 2. Refill can reschedule itself, if this happens
> > > > it can run after cancel_delayed_work_sync,
> > > > and will access device after it is destroyed.
> > > >
> > > > As a solution, add flags to track napi state and
> > > > to disable refill, and toggle them on start, stop
> > > > and remove; check these flags on refill.
> > >
> > > Why isn't a "dont-readd" flag sufficient?
> > >
> > > Cheers,
> > > Rusty.
> >
> > I started with that, but here's the problem I wanted to
> > address:
> >
> > - we run out of descriptors and schedule refill work
> > - ndo_close runs
> > - refill work runs
> > - ndo_open runs
>
> (s/ndo_close/ndo_stop/)
>
> You don't think we should do any refills on a closed device? If so, we
> simply move the refill-stop code into ndo_stop (aka virtnet_close), and
> the refill-start code into ndo_open (aka. virtnet_open). Right?
We can do that, yes. We'll have to also cancel work if outstanding.
It seems a bigger change though. I'm especially concerned
about putting refill-start in virtnet_open, suddenly
it's always running where it used to only run after
we have consumed some buffers. I'm just concerned about
doing big changes that late in release cycle but maybe
that's OK.
> Orthogonally, the refill-stop code is still buggy, as you noted.
Sorry I don't understand how it's still buggy.
> And
> for self-rearming timers the pattern I've always used is a flag.
>
> Or am I being obtuse again? :)
> Rusty.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/