On Fri, Sep 22, 2017 at 12:27 AM, Jason Wang <jasow...@redhat.com> wrote: > > > On 2017年09月19日 03:50, Andrey Smirnov wrote: >> >> In current implementation, packet queue flushing logic seem to suffer >> from a deadlock like scenario if a packet is received by the interface >> before before Rx ring is initialized by Guest's driver. Consider the >> following sequence of events: >> >> 1. A QEMU instance is started against a TAP device on Linux >> host, running Linux guest, e. g., something to the effect >> of: >> >> qemu-system-arm \ >> -net nic,model=imx.fec,netdev=lan0 \ >> netdev tap,id=lan0,ifname=tap0,script=no,downscript=no \ >> ... rest of the arguments ... >> >> 2. Once QEMU starts, but before guest reaches the point where >> FEC deriver is done initializing the HW, Guest, via TAP >> interface, receives a number of multicast MDNS packets from >> Host (not necessarily true for every OS, but it happens at >> least on Fedora 25) >> >> 3. Recieving a packet in such a state results in >> imx_eth_can_receive() returning '0', which in turn causes >> tap_send() to disable corresponding event (tap.c:203) >> >> 4. Once Guest's driver reaches the point where it is ready to >> recieve packets it prepares Rx ring descriptors and writes >> ENET_RDAR_RDAR to ENET_RDAR register to indicate to HW that >> more descriptors are ready. And at this points emulation >> layer does this: >> >> s->regs[index] = ENET_RDAR_RDAR; >> imx_eth_enable_rx(s); >> >> which, combined with: >> >> if (!s->regs[ENET_RDAR]) { >> qemu_flush_queued_packets(qemu_get_queue(s->nic)); >> } > > > Not familiar with FEC, but if you are tracking 0->1 transition, why not > simply introduce a parameter of imx_eth_enable_rx() to force the flushing? >
Not sure I fully understand you, are you proposing I get rid of "needs_flush" parameter in the device state, converting it to be a parameter to imx_eth_enable_rx(), and then force flushing every time imx_eth_enable_rx() is called in imx_eth_write()? That should work, but it'll end up making the emulator code to flush corresponding NIC queue every time the driver is done processing RX ring. If that is not a big problem I am more than happy to make that change. Thanks, Andrey Smirnov