mirror of
https://github.com/qemu/qemu.git
synced 2025-07-31 01:18:30 +00:00
b2b012afdd
In current implementation, packet queue flushing logic seem to suffer
from a deadlock like scenario if a packet is received by the interface
before before Rx ring is initialized by Guest's driver. Consider the
following sequence of events:
1. A QEMU instance is started against a TAP device on Linux
host, running Linux guest, e. g., something to the effect
of:
qemu-system-arm \
-net nic,model=imx.fec,netdev=lan0 \
netdev tap,id=lan0,ifname=tap0,script=no,downscript=no \
... rest of the arguments ...
2. Once QEMU starts, but before guest reaches the point where
FEC deriver is done initializing the HW, Guest, via TAP
interface, receives a number of multicast MDNS packets from
Host (not necessarily true for every OS, but it happens at
least on Fedora 25)
3. Recieving a packet in such a state results in
imx_eth_can_receive() returning '0', which in turn causes
tap_send() to disable corresponding event (tap.c:203)
4. Once Guest's driver reaches the point where it is ready to
recieve packets it prepares Rx ring descriptors and writes
ENET_RDAR_RDAR to ENET_RDAR register to indicate to HW that
more descriptors are ready. And at this points emulation
layer does this:
s->regs[index] = ENET_RDAR_RDAR;
imx_eth_enable_rx(s);
which, combined with:
if (!s->regs[ENET_RDAR]) {
qemu_flush_queued_packets(qemu_get_queue(s->nic));
}
results in Rx queue never being flushed and corresponding
I/O event beign disabled.
To prevent the problem, change the code to always flush packet queue
when ENET_RDAR transitions 0 -> ENET_RDAR_RDAR.
Cc: Peter Maydell <peter.maydell@linaro.org>
Cc: Jason Wang <jasowang@redhat.com>
Cc: Philippe Mathieu-Daudé <f4bug@amsat.org>
Cc: qemu-devel@nongnu.org
Cc: qemu-arm@nongnu.org
Cc: yurovsky@gmail.com
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Andrey Smirnov <andrew.smirnov@gmail.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
|
||
|---|---|---|
| .. | ||
| fsl_etsec | ||
| rocker | ||
| allwinner_emac.c | ||
| cadence_gem.c | ||
| dp8393x.c | ||
| e1000_regs.h | ||
| e1000.c | ||
| e1000e_core.c | ||
| e1000e_core.h | ||
| e1000e.c | ||
| e1000x_common.c | ||
| e1000x_common.h | ||
| eepro100.c | ||
| etraxfs_eth.c | ||
| ftgmac100.c | ||
| imx_fec.c | ||
| lan9118.c | ||
| lance.c | ||
| Makefile.objs | ||
| mcf_fec.c | ||
| milkymist-minimac2.c | ||
| mipsnet.c | ||
| ne2000-isa.c | ||
| ne2000.c | ||
| ne2000.h | ||
| net_rx_pkt.c | ||
| net_rx_pkt.h | ||
| net_tx_pkt.c | ||
| net_tx_pkt.h | ||
| opencores_eth.c | ||
| pcnet-pci.c | ||
| pcnet.c | ||
| pcnet.h | ||
| rtl8139.c | ||
| smc91c111.c | ||
| spapr_llan.c | ||
| stellaris_enet.c | ||
| sungem.c | ||
| sunhme.c | ||
| trace-events | ||
| vhost_net.c | ||
| virtio-net.c | ||
| vmware_utils.h | ||
| vmxnet3.c | ||
| vmxnet3.h | ||
| vmxnet_debug.h | ||
| xen_nic.c | ||
| xgmac.c | ||
| xilinx_axienet.c | ||
| xilinx_ethlite.c | ||