Possible double row.delete() call in ACL code
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
networking-ovn |
New
|
Undecided
|
Unassigned | ||
neutron |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
In the field, we've seen:
2019-11-11 14:10:04.765 54 ERROR ovsdbapp.
File "/usr/lib/
txn.
File "/usr/lib/
command.
File "/usr/lib/
acl_
File "/usr/lib64/
assert self._changes is not None
AssertionError
2019-11-11 14:10:04.767 54 ERROR networking_
2019-11-11 14:10:04.767 54 ERROR networking_
2019-11-11 14:10:04.767 54 ERROR networking_
2019-11-11 14:10:04.767 54 ERROR networking_
2019-11-11 14:10:04.767 54 ERROR networking_
2019-11-11 14:10:04.767 54 ERROR networking_
2019-11-11 14:10:04.767 54 ERROR networking_
2019-11-11 14:10:04.767 54 ERROR networking_
2019-11-11 14:10:04.767 54 ERROR networking_
2019-11-11 14:10:04.767 54 ERROR networking_
2019-11-11 14:10:04.767 54 ERROR networking_
2019-11-11 14:10:04.767 54 ERROR networking_
2019-11-11 14:10:04.767 54 ERROR networking_
2019-11-11 14:10:04.767 54 ERROR networking_
2019-11-11 14:10:04.767 54 ERROR networking_
2019-11-11 14:10:04.767 54 ERROR networking_
2019-11-11 14:10:04.767 54 ERROR networking_
2019-11-11 14:10:04.767 54 ERROR networking_
2019-11-11 14:10:04.767 54 ERROR networking_
2019-11-11 14:10:04.767 54 ERROR networking_
2019-11-11 14:10:04.767 54 ERROR networking_
2019-11-11 14:10:04.767 54 ERROR networking_
A cursory look at the python-ovs code makes it look like the maintenance thread might be trying to delete the same row twice since the only way Row._changes = None is in delete() already.
The ACL code passes around dicts which, being unhashable, can't be added to sets to ensure uniqueness. In addition, from a db-schema perspective the same ACL could be referenced from multiple objects. Ultimately this code should be refactored, but a simple workaround for now would be to do a try/except AssertionError around the row.delete() since ignoring a 2nd attempted delete of the same row in a transaction is safe.
tags: | added: neutron-proactive-backport-potential |
Related fix proposed to branch: master /review. opendev. org/700001
Review: https:/