On 10/10/22 15:11, Ilya Maximets wrote:
> Compaction thread supposed to not change anything in the database
> it is working on, since the same data can be accessed by the main
> thread at the same time. However, while converting database rows
> to JSON objects, strings in the datum will be cloned using
> json_clone(), which is a shallow copy, and that will change the
> reference counter for the JSON string object. If both the main
> thread and the compaction thread will clone/destroy the same object
> at the same time we may end up with a broken reference counter
> leading to a memory leak or use-after free.
>
> Adding a new argument to the database to JSON conversion to prevent
> use of shallow copies from the compaction thread. This way all
> the database operations will be truly read-only avoiding the race.
>
> 'ovsdb_atom_to_json' and 'ovsdb_datum_to_json' are more widely used,
> so creating separate variant for these functions instead of adding
> a new argument, to avoid changing a lot of existing code.
>
> Other solution might be to use atomic reference counters, but that
> will require API/ABI break, because counter is exposed in public
> headers. Also, we can not easily expose atomic functions, so we'll
> need to un-inline reference counting with the associated performance
> cost.
>
> Fixes: 3cd2cbd684e0 ("ovsdb: Prepare snapshot JSON in a separate thread.")
> Reported-at: https://bugzilla.redhat.com/2133431
> Signed-off-by: Ilya Maximets <[email protected]>
> ---
Looks good to me, thanks!
Acked-by: Dumitru Ceara <[email protected]>
_______________________________________________
dev mailing list
[email protected]
https://mail.openvswitch.org/mailman/listinfo/ovs-dev
