On Thu, Aug 14, 2025 at 2:44 PM Junnan Wu [off-list ref] wrote:

On Thu, 14 Aug 2025 12:01:18 +0800 Jason Wang wrote:

quoted

On Thu, Aug 14, 2025 at 10:36 AM Junnan Wu [off-list ref] wrote:

quoted

On Wed, 13 Aug 2025 17:23:07 -0700 Jakub Kicinski wrote:

quoted

Sounds like a fix people may want to backport. Could you repost with
an appropriate Fixes tag added, pointing to the earliest commit where
the problem can be observed?

This issue is caused by commit "7b0411ef4aa69c9256d6a2c289d0a2b320414633"
After this patch, during `virtnet_poll`, function `virtnet_poll_cleantx`
will be invoked, which will wakeup tx queue and clear queue state.
If you agree with it, I will repost with this Fixes tag later.

Fixes: 7b0411ef4aa6 ("virtio-net: clean tx descriptors from rx napi")

Could you please explain why it is specific to RX NAPI but not TX?

Thanks

This issue appears in suspend flow, if a TCP connection in host VM is still
sending packet before driver suspend is completed, it will tigger RX napi schedule,
Finally "use after free" happens when tcp ack timer is up.

And in suspend flow, the action to send packet is already stopped in guest VM,
therefore TX napi will not be scheduled.

I basically mean who guarantees the TX NAPI is not scheduled?

Thanks