libvir-list-bounces@redhat.com wrote on 08/13/2010 03:08:11 PM:

> [image removed]
>
> Re: [libvirt] [PATCH] nwfilter: serialize execution of scripts with
> ebtables cmds
>
> Eric Blake
>
> to:
>
> Stefan Berger
>
> 08/13/2010 03:17 PM
>
> Sent by:
>
> libvir-list-bounces@redhat.com
>
> Cc:
>
> libvir-list
>
> On 08/13/2010 12:35 PM, Stefan Berger wrote:
> >  While testing the SIGHUP handling and reloading of the nwfilter driver,
> > I found that when the filters are rebuilt and mutlipe threads handled
> > the individual interfaces, concurrently running multiple external bash
> > scripts causes strange failures even though the executed ebtables
> > commands are working on different tables for different interfaces. I
> > cannot say for sure where the concurrency problems are caused, but
> > introducing this lock definitely helps.
> >
> > Signed-off-by: Stefan Berger <stefanb@us.ibm.com>
>
> ACK.

I'll push this shortly. For the record, here two scripts, that each execute fine but once run concurrently cause a race.

script 1:

#!/bin/bash
dev=xyzdev
while test 1; do
   ebtables -t nat -A PREROUTING -i ${dev} -j ACCEPT
   if [ $? -ne 0 ]; then
       echo "odd!"
   fi
   ebtables -t nat -D PREROUTING -i ${dev} -j ACCEPT
   if [ $? -ne 0 ]; then
       echo "odd!"
   fi

script 2:

#!/bin/bash
dev=xyzdev2
while test 1; do
   ebtables -t nat -A PREROUTING -i ${dev} -j ACCEPT
   if [ $? -ne 0 ]; then
       echo "odd!"
   fi
   ebtables -t nat -D PREROUTING -i ${dev} -j ACCEPT
   if [ $? -ne 0 ]; then
       echo "odd!"
   fi


Output when run concurrently:

The kernel doesn't support a certain ebtables extension, consider recompiling your kernel or insmod the extension.
odd!
The kernel doesn't support a certain ebtables extension, consider recompiling your kernel or insmod the extension.
odd!


   Stefan