8:56 a.m.
A deadlock occurs when `nwfilterBindingCreateXML` and `nwfilterConnectListAllNWFilters`
acquire locks in an inconsistent order. This affects both incoming migrations and
VM startups (`virsh start`), where `nwfilterBindingCreateXML` needs `updateLock`,
while `nwfilter-list` first acquires `driverMutex` and then locks individual filters.
This patch resolves the deadlock by ensuring `nwfilterBindingCreateXML` acquires
`driverMutex` before `updateLock`, following the locking pattern used by other
functions like `undefine` `nwfilterStateReload`.
Added the use of `driverMutex` in `nwfilterBindingDelete` to maintain
consistent locking order, as suggested.
Fixes: https://gitlab.com/libvirt/libvirt/-/issues/680
Dion Bosschieter (1):
nwfilter: Fix deadlock between nwfilter-list and VM startup/migration
src/nwfilter/nwfilter_driver.c | 13 ++++++++-----
1 file changed, 8 insertions(+), 5 deletions(-)
--
2.39.3 (Apple Git-146)
8:56 a.m.
New subject: [PATCH 1/1] nwfilter: Fix deadlock between nwfilter-list and VM startup/migration
A deadlock occurs when `nwfilterBindingCreateXML` and `nwfilterConnectListAllNWFilters`
acquire locks in an inconsistent order. This patch ensures `nwfilterBindingCreateXML`
acquires `driverMutex` before `updateLock`, resolving the issue.
Additionally, added `driverMutex` to `nwfilterBindingDelete` to maintain consistent
locking order.
Signed-off-by: Dion Bosschieter <dionbosschieter(a)gmail.com>
---
src/nwfilter/nwfilter_driver.c | 13 ++++++++-----
1 file changed, 8 insertions(+), 5 deletions(-)
diff --git a/src/nwfilter/nwfilter_driver.c b/src/nwfilter/nwfilter_driver.c
index 8ece91bf7c..58e9fcfd51 100644
--- a/src/nwfilter/nwfilter_driver.c
+++ b/src/nwfilter/nwfilter_driver.c
@@ -754,11 +754,13 @@ nwfilterBindingCreateXML(virConnectPtr conn,
if (!(ret = virGetNWFilterBinding(conn, def->portdevname, def->filter)))
goto cleanup;
- VIR_WITH_MUTEX_LOCK_GUARD(&driver->updateLock) {
- if (virNWFilterInstantiateFilter(driver, def) < 0) {
- virNWFilterBindingObjListRemove(driver->bindings, obj);
- g_clear_pointer(&ret, virObjectUnref);
- goto cleanup;
+ VIR_WITH_MUTEX_LOCK_GUARD(&driverMutex) {
+ VIR_WITH_MUTEX_LOCK_GUARD(&driver->updateLock) {
+ if (virNWFilterInstantiateFilter(driver, def) < 0) {
+ virNWFilterBindingObjListRemove(driver->bindings, obj);
+ g_clear_pointer(&ret, virObjectUnref);
+ goto cleanup;
+ }
}
}
@@ -783,6 +785,7 @@ nwfilterBindingCreateXML(virConnectPtr conn,
static int
nwfilterBindingDelete(virNWFilterBindingPtr binding)
{
+ VIR_LOCK_GUARD lock = virLockGuardLock(&driverMutex);
virNWFilterBindingObj *obj;
virNWFilterBindingDef *def;
int ret = -1;
--
2.39.3 (Apple Git-146)
6:44 a.m.
New subject: [PATCH 1/1] nwfilter: Fix deadlock between nwfilter-list and VM
startup/migration
On Tue, Feb 18, 2025 at 03:56:32PM +0100, Dion Bosschieter wrote:
A deadlock occurs when `nwfilterBindingCreateXML` and
`nwfilterConnectListAllNWFilters`
acquire locks in an inconsistent order. This patch ensures `nwfilterBindingCreateXML`
acquires `driverMutex` before `updateLock`, resolving the issue.
Additionally, added `driverMutex` to `nwfilterBindingDelete` to maintain consistent
locking order.
Signed-off-by: Dion Bosschieter <dionbosschieter(a)gmail.com>
---
src/nwfilter/nwfilter_driver.c | 13 ++++++++-----
1 file changed, 8 insertions(+), 5 deletions(-)
Reviewed-by: Daniel P. Berrangé <berrange(a)redhat.com>
I've pushed this (92de6563c637dec8abac7ce4794e69fd5896f825) with a massively
expanded commit message explaining how we got into this mess, and an inline
comment reminding us to try to fix it.
With regards,
Daniel
--
|: https://berrange.com -o- https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o- https://fstop138.berrange.com :|
|: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
9:43 a.m.
New subject: [PATCH 0/1] nwfilter: Fix deadlock between nwfilter-list and VM
startup/migration
Hi,
Just a gentle ping on this patch.
Any feedback would be appreciated.
Thanks!
Dion
5
days inactive
22
days old
3 comments
3 participants
participants (3)
-
Daniel P. Berrangé -
Dion Bosschieter -
dionbosschieter@gmail.com