qemu/include/hw/virtio
yaozhenguo 963b027645 virtio/vhost-user: fix qemu abort when hotunplug vhost-user-net device
During the hot-unplugging of vhost-user-net type network cards,
the vhost_user_cleanup function may add the same rcu node to
the rcu linked list. The function call in this case is as follows:

vhost_user_cleanup
    ->vhost_user_host_notifier_remove
        ->call_rcu(n, vhost_user_host_notifier_free, rcu);
    ->g_free_rcu(n, rcu);

When this happens, QEMU will abort in try_dequeue:

if (head == &dummy && qatomic_mb_read(&tail) == &dummy.next) {
    abort();
}

backtrace is as follows:
0  __pthread_kill_implementation () at /usr/lib64/libc.so.6
1  raise () at /usr/lib64/libc.so.6
2  abort () at /usr/lib64/libc.so.6
3  try_dequeue () at ../util/rcu.c:235
4  call_rcu_thread (0) at ../util/rcu.c:288
5  qemu_thread_start (0) at ../util/qemu-thread-posix.c:541
6  start_thread () at /usr/lib64/libc.so.6
7  clone3 () at /usr/lib64/libc.so.6

The reason for the abort is that adding two identical nodes to
the rcu linked list will cause the rcu linked list to become a ring,
but when the dummy node is added after the two identical nodes,
the ring is opened. But only one node is added to list with
rcu_call_count added twice. This will cause rcu try_dequeue abort.

This happens when n->addr != 0. In some scenarios, this does happen.
For example, this situation will occur when using a 32-queue DPU
vhost-user-net type network card for hot-unplug testing, because
VhostUserHostNotifier->addr will be cleared during the processing of
VHOST_USER_BACKEND_VRING_HOST_NOTIFIER_MSG. However,it is asynchronous,
so we cannot guarantee that VhostUserHostNotifier->addr is zero in
vhost_user_cleanup. Therefore, it is necessary to merge g_free_rcu
and vhost_user_host_notifier_free into one rcu node.

Fixes: 503e355465 ("virtio/vhost-user: dynamically assign VhostUserHostNotifiers")
Signed-off-by: yaozhenguo <yaozhenguo@jd.com>
Message-Id: <20241011102913.45582-1-yaozhenguo@jd.com>
Reviewed-by: Stefano Garzarella <sgarzare@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2024-11-04 16:03:24 -05:00
..
vdpa-dev.h vdpa: add vdpa-dev support 2022-12-21 06:35:28 -05:00
vhost-backend.h vhost: Add worker backend callouts 2023-12-25 11:34:55 -05:00
vhost-scsi-common.h vhost-user-scsi: support reconnect to backend 2023-10-22 05:18:17 -04:00
vhost-scsi.h Use OBJECT_DECLARE_SIMPLE_TYPE when possible 2020-09-18 14:12:32 -04:00
vhost-user-base.h virtio: split into vhost-user-base and vhost-user-device 2024-02-14 06:01:39 -05:00
vhost-user-blk.h vhost-user-blk: make 'config_wce' part of 'host_features' 2022-10-07 09:41:51 -04:00
vhost-user-fs.h Clean up ill-advised or unusual header guards 2022-05-11 16:50:01 +02:00
vhost-user-gpio.h hw/virtio: derive vhost-user-gpio from vhost-user-base 2024-02-14 06:01:44 -05:00
vhost-user-i2c.h hw/virtio: derive vhost-user-i2c from vhost-user-base 2024-02-14 06:01:49 -05:00
vhost-user-rng.h hw/virtio: derive vhost-user-rng from vhost-user-base 2024-02-14 06:01:42 -05:00
vhost-user-scmi.h hw/virtio: Add a protection against duplicate vu_scmi_stop calls 2023-08-03 16:06:49 -04:00
vhost-user-scsi.h vhost-user-scsi: support reconnect to backend 2023-10-22 05:18:17 -04:00
vhost-user-snd.h hw/virtio: add vhost-user-snd and vhost-user-snd-pci devices 2024-02-14 06:09:03 -05:00
vhost-user-vsock.h Clean up ill-advised or unusual header guards 2022-05-11 16:50:01 +02:00
vhost-user.h virtio/vhost-user: fix qemu abort when hotunplug vhost-user-net device 2024-11-04 16:03:24 -05:00
vhost-vdpa.h vdpa: define SVQ transitioning state for mode switching 2024-03-12 17:56:55 -04:00
vhost-vsock-common.h qapi: Improve documentation of file descriptor socket addresses 2024-02-12 10:04:32 +01:00
vhost-vsock.h vhost-vsock: handle common features in vhost-vsock-common 2021-10-05 17:30:57 -04:00
vhost.h vhost: Remove unused vhost_dev_{load|save}_inflight 2024-10-03 17:26:06 +03:00
virtio-access.h Replace TARGET_WORDS_BIGENDIAN 2022-04-06 10:50:37 +02:00
virtio-acpi.h license: Update deprecated SPDX tag GPL-2.0+ to GPL-2.0-or-later 2024-09-20 10:11:59 +03:00
virtio-balloon.h Use OBJECT_DECLARE_SIMPLE_TYPE when possible 2020-09-18 14:12:32 -04:00
virtio-blk-common.h virtio-blk: move config size params to virtio-blk-common 2022-10-07 09:41:51 -04:00
virtio-blk.h virtio-blk: declare VirtIOBlock::rq with a type 2024-02-07 14:44:19 +01:00
virtio-bus.h virtio-bus: introduce iommu_enabled() 2021-09-04 16:35:17 -04:00
virtio-crypto.h crypto: Introduce RSA algorithm 2022-06-16 12:54:58 -04:00
virtio-dmabuf.h hw/display: introduce virtio-dmabuf 2023-10-04 18:15:06 -04:00
virtio-gpu-bswap.h virtio-gpu: blob prep 2023-10-16 11:29:56 +04:00
virtio-gpu-pci.h Use OBJECT_DECLARE_SIMPLE_TYPE when possible 2020-09-18 14:12:32 -04:00
virtio-gpu-pixman.h virtio-gpu: add a pixman helper header 2019-05-29 06:29:07 +02:00
virtio-gpu.h virtio-gpu: Support Venus context 2024-10-28 16:56:36 +00:00
virtio-input.h hw/virtio: derive vhost-user-input from vhost-user-base 2024-02-14 06:09:32 -05:00
virtio-iommu.h virtio-iommu: Remove probe_done 2024-07-22 20:15:42 -04:00
virtio-md-pci.h virtio-md-pci: Support unplug requests for compatible devices 2023-07-12 09:27:30 +02:00
virtio-mem.h virtio-mem: Use new Resettable framework instead of LegacyReset 2024-09-24 11:33:35 +02:00
virtio-mmio.h include: Include headers where needed 2023-01-08 01:54:22 -05:00
virtio-net.h virtio-net: Added property to load eBPF RSS with fds. 2024-03-12 19:31:46 +08:00
virtio-pci.h virtio-pci: fix memory_region_find for VirtIOPCIRegion's MR 2024-11-04 16:03:24 -05:00
virtio-pmem.h qapi: Restrict device memory commands to machine code 2020-09-29 15:41:36 +02:00
virtio-rng.h Use OBJECT_DECLARE_SIMPLE_TYPE when possible 2020-09-18 14:12:32 -04:00
virtio-scsi.h vhost-scsi: Add support for a worker thread per virtqueue 2023-12-25 11:34:55 -05:00
virtio-serial.h Use OBJECT_DECLARE_SIMPLE_TYPE when possible 2020-09-18 14:12:32 -04:00
virtio.h virtio: Allow .get_vhost() without vhost_started 2024-09-10 14:27:56 -04:00