On Wed, Aug 24, 2011 at 09:05:48AM -0600, Eric Blake wrote:
On 08/24/2011 08:58 AM, Daniel P. Berrange wrote:
Either we need a virDeinitialize which does the virNetTLSDeinit, and libvirtd calls virDeinitialize; or you can just drop all calls to virNetTLSDeinit.
deinitialize is really a waste of time, or even wrong. Some other libraries libvirt links to might also use TLS, so we can't ever be sure it is safe to deinitialize. Even in the daemon i think it is pretty pointless.
If init and deinit are reference counted, then deinit makes sense - reduce the reference count when our library is done using it without unloading it from any other library, and if our library was the last client, then reclaim the resources. But if this is the case, then the client that is using us as a library has to have symmetric access points - if virInitialize added a reference count to tls, then virDeinitialize needs to reduce it.
But I don't know if tls deinit is reference counted - if it is not counted in a thread-safe manner, then I agree that the only safe course of action is to never deinit tls. And even if tls deinit is safe, it is a waste of time to deinit in libvirtd, when we know we are about to exit(), except in the case where we are trying to silence valgrind.
It is reference counted, but they don't protect it with any mutex, so you can't rely on that being safe :-( The API docs recommend that users of gnutls_global_init acquire a mutex before calling it, but that advice is useless if the callers are spread across different shared libraries linked into one application :-( So, IMHO, gnutls_global_deinit() can never be safely used. Daniel -- |: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :| |: http://libvirt.org -o- http://virt-manager.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|