On 10/10/22 17:13, Dumitru Ceara wrote:
> On 10/10/22 15:11, Ilya Maximets wrote:
>> Compaction thread supposed to not change anything in the database
>> it is working on, since the same data can be accessed by the main
>> thread at the same time. However, while converting database rows
>> to JSON objects, strings in the datum will be cloned using
>> json_clone(), which is a shallow copy, and that will change the
>> reference counter for the JSON string object. If both the main
>> thread and the compaction thread will clone/destroy the same object
>> at the same time we may end up with a broken reference counter
>> leading to a memory leak or use-after free.
>>
>> Adding a new argument to the database to JSON conversion to prevent
>> use of shallow copies from the compaction thread. This way all
>> the database operations will be truly read-only avoiding the race.
>>
>> 'ovsdb_atom_to_json' and 'ovsdb_datum_to_json' are more widely used,
>> so creating separate variant for these functions instead of adding
>> a new argument, to avoid changing a lot of existing code.
>>
>> Other solution might be to use atomic reference counters, but that
>> will require API/ABI break, because counter is exposed in public
>> headers. Also, we can not easily expose atomic functions, so we'll
>> need to un-inline reference counting with the associated performance
>> cost.
>>
>> Fixes: 3cd2cbd684e0 ("ovsdb: Prepare snapshot JSON in a separate thread.")
>> Reported-at: https://bugzilla.redhat.com/2133431
>> Signed-off-by: Ilya Maximets <[email protected]>
>> ---
>
> Looks good to me, thanks!
>
> Acked-by: Dumitru Ceara <[email protected]>
Thanks! Applied and backported to 3.0.
Best regards, Ilya Maximets.
_______________________________________________
dev mailing list
[email protected]
https://mail.openvswitch.org/mailman/listinfo/ovs-dev
