[libvirt] Potential deadlock in libvirt lxc driver
Eric Blake
eblake at redhat.com
Sat May 26 02:23:26 UTC 2012
On 03/14/2012 06:14 PM, Thomas Hunger wrote:
> Hi,
>
> last email hopefully. My last patch was broken because it double
> locked vm. I discovered that virDomainFindBy* locks vm before
> returning it. The new patch does not double-lock.
>
> best,
> Tom
>
>
> 0001-Use-virDomainFindbyID-and-pass-id-instead-of-a-point.patch
>
>
> From f2fd4cb72c8f2e01567320a643fe2d665308119e Mon Sep 17 00:00:00 2001
> From: Thomas Hunger <tehunger at gmail.com>
> Date: Thu, 15 Mar 2012 00:08:00 +0000
> Subject: [PATCH] Use virDomainFindbyID and pass id instead of a pointer to lxcMontitorEvent.
>
> This fixes a race condition where lxcDomainDestroyFlags would acquire the
> driver lock. It would then kill processes in the cgroup and trigger
> VIR_EVENT_HANDLE_HANGUP, which in turn triggers lxcMonitorEvent.
>
> lxcMonitorEvent tries to acquire the driver lock itself, so it would block
> until destroy has invalidated the data "vm" points to.
>
> By using virDomainFindbyID lxcMonitorEvent avoids using an invalid vm
> pointer.
I just noticed this message. Is this still a problem in 0.9.12? There
have been several patches in the meantime. Unfortunately, the patch as
is will not work:
> ---
> src/lxc/lxc_driver.c | 13 +++++++++----
> 1 files changed, 9 insertions(+), 4 deletions(-)
>
> diff --git a/src/lxc/lxc_driver.c b/src/lxc/lxc_driver.c
> index 3af8084..c55e164 100644
> --- a/src/lxc/lxc_driver.c
> +++ b/src/lxc/lxc_driver.c
> @@ -1523,12 +1523,17 @@ static void lxcMonitorEvent(int watch,
> void *data)
> {
> lxc_driver_t *driver = lxc_driver;
> - virDomainObjPtr vm = data;
> + int id = (int)data;
> + virDomainObjPtr vm = NULL;
> virDomainEventPtr event = NULL;
> lxcDomainObjPrivatePtr priv;
>
> lxcDriverLock(driver);
> - virDomainObjLock(vm);
> + vm = virDomainFindByID(&driver->domains, id);
IDs are not guaranteed to be unique (pids can cycle around), whereas
UUID is better. Worse, virDomainFindByID is a public API, and will
attempt to re-obtain public locks; we should be using internal functions
here for keeping the vm alive instead. I'm hoping that
Dan has more insight into this issue, as he's more familiar with lxc.
--
Eric Blake eblake at redhat.com +1-919-301-3266
Libvirt virtualization library http://libvirt.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 620 bytes
Desc: OpenPGP digital signature
URL: <http://listman.redhat.com/archives/libvir-list/attachments/20120525/4cfee5ba/attachment-0001.sig>
More information about the libvir-list
mailing list