Received: by 2002:a05:6359:6284:b0:131:369:b2a3 with SMTP id se4csp4744498rwb; Tue, 8 Aug 2023 13:09:30 -0700 (PDT) X-Google-Smtp-Source: AGHT+IE4pcgmLXcCXv8zNYiA4po3k6eUdnukZWV01gm9rlb9RYNXKhJuOV2YYEdNTr6ElrV761vt X-Received: by 2002:a2e:8609:0:b0:2b7:15d:24 with SMTP id a9-20020a2e8609000000b002b7015d0024mr410027lji.41.1691525370457; Tue, 08 Aug 2023 13:09:30 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1691525370; cv=none; d=google.com; s=arc-20160816; b=YPnlBbR+Z/VLyr6439Wj186/gJjuD8tiSOw34HLKqbReSn6rFlrvykKC3UmN755rLg sQV5/bRBk7P0XyUUNvTujacI4Yn4smwvOpYOKSbRCGBfRrJz22xXn+NCcKOzKfniZRlb G+Zv0aomZVSQVJfGmwpwDX0iGlvJ+IF4+1F/YLSCyQtN3EfPXf0qCwHvhlG2UiV1GY7V 5UzGuOacXieQhgOGjNzLDB/B3SlLOvIzIIvCtXTQtjIdxqhmSPYnFf85mT7XwT8PUENo Vwl60xznVeAIF4L6UlOuCHBhtas7ZOkDoZ6PYZzkoLPMDb3j2abO8HurwyTifuPMf3JE NiUA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:cc:to:subject :message-id:date:from:in-reply-to:references:mime-version :dkim-signature; bh=9kc7HdgyVBlkH2G96tmXBgYeeZK+6xmO5vsQNUcbsFM=; fh=yk1Uvnjd7qKC8lSco/6F0K7zUcvAToq+RhlqbA2wYQE=; b=JLIoyFn88cctyA7CRMh3dkKI8AAgnnTtMnpVaVZHqebnW1eYUmasozGp5obCS5qrVD 4DT3ca5dy8DULu9ntgYnUHRpXXepnOrzDizb3dIcI1r/j8cBQ4y1oY7cu+qxhbCmT+jf qms9TOM4yLto6Pi8mCRxneTGZdFHLyCniR8KdfiuToOuq1kHyadph5GjsWN7lCBDI48I TtwNe+Yz4RWkV4pF2dhtzEz2b0QxsCEEyvplqTbrLLI0/OPAcMvn+iZ7nEE68N1d5C0c RdLNY4IF5GoouNIvMB0bJzIFHF069Wcnefa4q3PqxKGYYsToDvxwOoCySZG3W9+1Zcnm N2XA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b="i3z/JRj7"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id i7-20020a1709061e4700b0099bca0c5445si8232091ejj.363.2023.08.08.13.09.05; Tue, 08 Aug 2023 13:09:30 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b="i3z/JRj7"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234691AbjHHR3V (ORCPT + 99 others); Tue, 8 Aug 2023 13:29:21 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:47620 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S234667AbjHHR2o (ORCPT ); Tue, 8 Aug 2023 13:28:44 -0400 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 46AA420D25 for ; Tue, 8 Aug 2023 09:12:05 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1691511072; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=9kc7HdgyVBlkH2G96tmXBgYeeZK+6xmO5vsQNUcbsFM=; b=i3z/JRj7lLSXhrDNSSucgkTX0jBzHnJm+lx0wrSlhhmOezhbsw+59ZXnoi9yDXvcaOl2ll rMvgADnFq1k8P3nXcaKwn0oJz39gkMB6jjGqwLWKCJrKZP0BCuuTtq7vs69VKC4y2FhBHV V374jEyP5ZjET/M4RUAj9QVBsvyxNwM= Received: from mail-lj1-f197.google.com (mail-lj1-f197.google.com [209.85.208.197]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-627-8o91E5PYOcG4kAUIGdV8Rg-1; Tue, 08 Aug 2023 02:05:23 -0400 X-MC-Unique: 8o91E5PYOcG4kAUIGdV8Rg-1 Received: by mail-lj1-f197.google.com with SMTP id 38308e7fff4ca-2b961c3af8fso57694301fa.0 for ; Mon, 07 Aug 2023 23:05:22 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1691474721; x=1692079521; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=9kc7HdgyVBlkH2G96tmXBgYeeZK+6xmO5vsQNUcbsFM=; b=LFDaBoPk/mKt7v1EfSqwJvh0Sy9jsuF116LzkSuN6xKb6r4GBIuRoF1ckOi3abxY9b r9FJ7dSApQt2j2HyNigrt+cnaamRrxU9PbXTZo5R/G1KtrfzeqCgd3Lo21kjDOusiPls 7j0WxNPT9B6crT9AjMY4foCamRnYcG8Fb942H6fZto+A8x0PcgmjgpbB9hX9fGRUHR+7 v0U3QiZVWj79RlYxSy0PvYofF60zQIU3h5qlJUlKjZWpbjcLAMJWEsCoj+JkQ8syd7VY T8Zha/fELdLbKgexgrL2zxxqk0Iny4EvUcGdHAyGR89mvM8jXxjCHrLC5HAlkXOHTXXy sB9w== X-Gm-Message-State: AOJu0YzqXztgM99alktrJ53H5IAJO2cuEaStPIN/v8PdYKPeXYSq+pPe rx/+zIwVojs8vWMBaHXBbjuG9TU1+p+NfGXm3sRq0vGA5VTkE55fJjbmCNhfmcguNJh0W8NHX5J 7K8dCO2izj+zXx/ExTKcicKw0IZ6Wk5QGi/Qm0ZIbIk7KJgZc/+r9iw== X-Received: by 2002:a2e:95cf:0:b0:2b6:a763:5d13 with SMTP id y15-20020a2e95cf000000b002b6a7635d13mr8050847ljh.27.1691474721201; Mon, 07 Aug 2023 23:05:21 -0700 (PDT) X-Received: by 2002:a2e:95cf:0:b0:2b6:a763:5d13 with SMTP id y15-20020a2e95cf000000b002b6a7635d13mr8050828ljh.27.1691474720898; Mon, 07 Aug 2023 23:05:20 -0700 (PDT) MIME-Version: 1.0 References: <20230808051110.3492693-1-yuanyaogoog@chromium.org> <20230808015921-mutt-send-email-mst@kernel.org> In-Reply-To: <20230808015921-mutt-send-email-mst@kernel.org> From: Jason Wang Date: Tue, 8 Aug 2023 14:05:09 +0800 Message-ID: Subject: Re: [PATCH] virtio_ring: fix avail_wrap_counter in virtqueue_add_packed To: "Michael S. Tsirkin" Cc: Yuan Yao , LKML , Keiichi Watanabe , Daniel Verkamp , Takaya Saeki , Junichi Uekawa , "David S. Miller" , Tiwei Bie , Xuan Zhuo , virtualization@lists.linux-foundation.org Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF, RCVD_IN_DNSWL_BLOCKED,RCVD_IN_MSPIKE_H4,RCVD_IN_MSPIKE_WL, SPF_HELO_NONE,SPF_NONE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue, Aug 8, 2023 at 1:59=E2=80=AFPM Michael S. Tsirkin = wrote: > > On Tue, Aug 08, 2023 at 01:43:02PM +0800, Jason Wang wrote: > > On Tue, Aug 8, 2023 at 1:11=E2=80=AFPM Yuan Yao wrote: > > > > > > In current packed virtqueue implementation, the avail_wrap_counter wo= n't > > > flip, in the case when the driver supplies a descriptor chain with a > > > length equals to the queue size; total_sg =3D=3D vq->packed.vring.num= . > > > > > > Let=E2=80=99s assume the following situation: > > > vq->packed.vring.num=3D4 > > > vq->packed.next_avail_idx: 1 > > > vq->packed.avail_wrap_counter: 0 > > > > > > Then the driver adds a descriptor chain containing 4 descriptors. > > > > > > We expect the following result with avail_wrap_counter flipped: > > > vq->packed.next_avail_idx: 1 > > > vq->packed.avail_wrap_counter: 1 > > > > > > But, the current implementation gives the following result: > > > vq->packed.next_avail_idx: 1 > > > vq->packed.avail_wrap_counter: 0 > > > > > > To reproduce the bug, you can set a packed queue size as small as > > > possible, so that the driver is more likely to provide a descriptor > > > chain with a length equal to the packed queue size. For example, in > > > qemu run following commands: > > > sudo qemu-system-x86_64 \ > > > -enable-kvm \ > > > -nographic \ > > > -kernel "path/to/kernel_image" \ > > > -m 1G \ > > > -drive file=3D"path/to/rootfs",if=3Dnone,id=3Ddisk \ > > > -device virtio-blk,drive=3Ddisk \ > > > -drive file=3D"path/to/disk_image",if=3Dnone,id=3Drwdisk \ > > > -device virtio-blk,drive=3Drwdisk,packed=3Don,queue-size=3D4,\ > > > indirect_desc=3Doff \ > > > -append "console=3DttyS0 root=3D/dev/vda rw init=3D/bin/bash" > > > > > > Inside the VM, create a directory and mount the rwdisk device on it. = The > > > rwdisk will hang and mount operation will not complete. > > > > > > This commit fixes the wrap counter error by flipping the > > > packed.avail_wrap_counter, when start of descriptor chain equals to t= he > > > end of descriptor chain (head =3D=3D i). > > > > > > Fixes: 1ce9e6055fa0 ("virtio_ring: introduce packed ring support") > > > Signed-off-by: Yuan Yao > > > --- > > > > > > drivers/virtio/virtio_ring.c | 2 +- > > > 1 file changed, 1 insertion(+), 1 deletion(-) > > > > > > diff --git a/drivers/virtio/virtio_ring.c b/drivers/virtio/virtio_rin= g.c > > > index c5310eaf8b46..da1150d127c2 100644 > > > --- a/drivers/virtio/virtio_ring.c > > > +++ b/drivers/virtio/virtio_ring.c > > > @@ -1461,7 +1461,7 @@ static inline int virtqueue_add_packed(struct v= irtqueue *_vq, > > > } > > > } > > > > > > - if (i < head) > > > + if (i <=3D head) > > > vq->packed.avail_wrap_counter ^=3D 1; > > > > Would it be better to move the flipping to the place where we flip > > avail_used_flags? > > I think I prefer this patch for stable, refactoring can > be done on top. Ok. So Acked-by: Jason Wang Thanks > > > if ((unlikely(++i >=3D vq->packed.vring.num))) = { > > i =3D 0; > > vq->packed.avail_used_flags ^=3D > > 1 << VRING_PACKED_DESC_F_AVAIL = | > > 1 << VRING_PACKED_DESC_F_USED; > > } > > > > Thanks > > > > > > > > /* We're using some buffers from the free list. */ > > > -- > > > 2.41.0.640.ga95def55d0-goog > > > >