[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-devel] race in vif-common.sh

  • To: xen-devel <xen-devel@xxxxxxxxxxxxx>
  • From: Andreas Kinzler <hfp@xxxxxxxxx>
  • Date: Mon, 3 Jul 2017 13:28:00 +0200
  • Delivery-date: Mon, 03 Jul 2017 11:29:10 +0000
  • List-id: Xen developer discussion <xen-devel.lists.xen.org>


in /etc/xen/scripts/vif-common.sh there is a function handle_iptable. At its start there 
is a check for a working iptables implementation. This check is outside the iptables lock 
section (claim_lock "iptables") and even if it is only a read-only operation 
the underlying iptables operation still accesses the xtables lock. I debugged a 
malfunction (=race) with multiple vif-interfaces down to the following iptables error 
message in the check section above:

iptables -L -n
Another app is currently holding the xtables lock. Perhaps you want to use the 
-w option?

So this check needs to be inside the lock or removed at all (iptables should be 

Regards Andreas

Xen-devel mailing list



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.