[Devel] [PATCH RHEL10 COMMIT] vhost/vsock: re-scan TX virtqueue on device start
Konstantin Khorenko
khorenko at virtuozzo.com
Mon Jun 29 18:42:58 MSK 2026
The commit is pushed to "branch-rh10-6.12.0-211.16.1.12.x.vz10-ovz" and will appear at git at bitbucket.org:openvz/vzkernel.git
after rh10-6.12.0-211.16.1.12.5.vz10
------>
commit 67fdd1befc4da39f114de9a2ad4e725ea442a034
Author: Andrey Drobyshev <andrey.drobyshev at virtuozzo.com>
Date: Thu Jun 4 18:46:13 2026 +0300
vhost/vsock: re-scan TX virtqueue on device start
During QEMU CPR live-update (and VHOST_RESET_OWNER in general) the guest
keeps running while the host drops and later re-attaches vhost backends.
If the guest adds a buffer to the TX virtqueue (guest->host) and kicks
while the backend is temporarily NULL (between vhost_vsock_drop_backends()
and the next vhost_vsock_start()), then the kick is delivered to the
vhost worker, handle_tx_kick() sees a NULL backend and returns, and the
kick signal is consumed. The buffer is then left in the ring.
Then upon device start vhost_vsock_start() only re-kicks the RX send
worker, never the TX VQ, so the buffer is processed only if the guest
happens to kick again. But if the guest itself is now waiting for data
from the host, it will never kick TX VQ again, and we end up in a
deadlock.
The deadlock is reproduced during active host->guest socat data transfer
under multiple consecutive qemu-update's.
To fix this, in vhost_vsock_start(), after kicking the RX send worker, also
queue the TX vq poll so any buffers the guest enqueued while we were paused
get scanned.
https://virtuozzo.atlassian.net/browse/VSTOR-131956
https://virtuozzo.atlassian.net/browse/VSTOR-101116
Reviewed-by: Pavel Tikhomirov <ptikhomirov at virtuozzo.com>
Signed-off-by: Andrey Drobyshev <andrey.drobyshev at virtuozzo.com>
Feature: vhost-vsock: VHOST_RESET_OWNER ioctl
---
drivers/vhost/vsock.c | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/drivers/vhost/vsock.c b/drivers/vhost/vsock.c
index 67cedf55cd2a3..55a4de4c4f7a4 100644
--- a/drivers/vhost/vsock.c
+++ b/drivers/vhost/vsock.c
@@ -637,6 +637,12 @@ static int vhost_vsock_start(struct vhost_vsock *vsock)
*/
vhost_vq_work_queue(&vsock->vqs[VSOCK_VQ_RX], &vsock->send_pkt_work);
+ /*
+ * Some packets might've also been queued in TX VQ. Re-scan it here,
+ * mirroring the RX send-worker kick above.
+ */
+ vhost_poll_queue(&vsock->vqs[VSOCK_VQ_TX].poll);
+
mutex_unlock(&vsock->dev.mutex);
return 0;
More information about the Devel
mailing list