[lxc-devel] [lxc/master] start: ensure cgroups are cleaned up

brauner on Github lxc-bot at linuxcontainers.org
Thu Aug 3 21:46:28 UTC 2017 

A non-text attachment was scrubbed...
Name: not available
Type: text/x-mailbox
Size: 821 bytes
Desc: not available
URL: <http://lists.linuxcontainers.org/pipermail/lxc-devel/attachments/20170803/6464cd49/attachment.bin>
-------------- next part --------------
From 1cfa3a44cee1a8d29c5865cdb0ffe3e38541b803 Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Thu, 3 Aug 2017 23:43:23 +0200
Subject: [PATCH] start: ensure cgroups are cleaned up

When a container is marked as being in STOPPED state it is possible
for another thread to start it again even though not all cleanup operations for
that container have finished. This is not a problem for most things like
sockets and friends which are unique to the container. It is however a problem
for cgroups which are named after that container in that we cause our cgroup
driver to waste cpu cycles finding a new cgroup name.

Closes  #1726.

Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
 src/lxc/start.c | 30 +++++++++++++++++-------------
 1 file changed, 17 insertions(+), 13 deletions(-)

diff --git a/src/lxc/start.c b/src/lxc/start.c
index d2a054bfc..60c2f9cb6 100644
--- a/src/lxc/start.c
+++ b/src/lxc/start.c
@@ -720,18 +720,6 @@ void lxc_fini(const char *name, struct lxc_handler *handler)
 		handler->netnsfd = -1;
 	}
 
-	lxc_set_state(name, handler, STOPPED);
-
-	if (run_lxc_hooks(name, "post-stop", handler->conf, handler->lxcpath, NULL)) {
-		ERROR("Failed to run lxc.hook.post-stop for container \"%s\".", name);
-		if (handler->conf->reboot) {
-			WARN("Container will be stopped instead of rebooted.");
-			handler->conf->reboot = 0;
-			if (setenv("LXC_TARGET", "stop", 1))
-				WARN("Failed to set environment variable: LXC_TARGET=stop.");
-		}
-	}
-
 	/* Reset mask set by setup_signal_fd. */
 	if (sigprocmask(SIG_SETMASK, &handler->oldmask, NULL))
 		WARN("Failed to restore signal mask.");
@@ -755,7 +743,6 @@ void lxc_fini(const char *name, struct lxc_handler *handler)
 		free(cur);
 	}
 
-	free(handler->name);
 	if (handler->ttysock[0] != -1) {
 		close(handler->ttysock[0]);
 		close(handler->ttysock[1]);
@@ -765,6 +752,23 @@ void lxc_fini(const char *name, struct lxc_handler *handler)
 		lxc_destroy_container_on_signal(handler, name);
 
 	cgroup_destroy(handler);
+
+	lxc_set_state(name, handler, STOPPED);
+
+	ret = run_lxc_hooks(name, "post-stop", handler->conf, handler->lxcpath, NULL);
+	if (ret < 0) {
+		ERROR("Failed to run lxc.hook.post-stop for container \"%s\"", name);
+		if (handler->conf->reboot) {
+			WARN("Container will be stopped instead of rebooted");
+			handler->conf->reboot = 0;
+			ret = setenv("LXC_TARGET", "stop", 1);
+			if (ret < 0)
+				WARN("Failed to set environment variable: "
+				     "LXC_TARGET=stop");
+		}
+	}
+
+	free(handler->name);
 	free(handler);
 }

More information about the lxc-devel mailing list