On Mon, Jun 23, 2025 at 17:17:06 +0100, Daniel P. Berrangé via Devel wrote:
From: Daniel P. Berrangé <berrange@redhat.com>
The main XML parser code global initializer historically had a mutex protecting it, and more recently uses a pthread_once. The RelaxNG code, however, relies on two other global initializers that are not thread safe, just relying on setting an integer "initialized" flag.
Calling the relevant initializers from libvirt in a protected global initializer will protect libvirt's own concurrent usage, however, it cannot protect against other libraries loaded in process that might be using libxml2's schema code. Fortunately:
* The chances of other loaded non-libvirt code using libxml is relatively low * The chances of other loaded non-libvirt code using the schema validation / catalog functionality inside libxml is even lower * The chances of both libvirt and the non-libvirt usage having their *1st* usage of libxml2 be concurrent is tiny
IOW, in practice, although our solution doesn't fully fix the thread safety, it is good enough.
libxml2 should none the less still be fixed to make its global initializers be thread safe without special actions by its API consumers[1].
Resolves: https://gitlab.com/libvirt/libvirt/-/issues/788 [1] https://gitlab.gnome.org/GNOME/libxml2/-/merge_requests/326 Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> ---
Changed in v3:
- Drop xmlInitializeCatalog - I misread the code wrt thread safety - it has a sufficiently protective mutex - Cope with return type change for xmlSchemaInitTypes in libxml >= 2.11.0
Reviewed-by: Peter Krempa <pkrempa@redhat.com>