[lxc-devel] [lxc/master] commands: fix race when open()/close() cmd socket

brauner on Github lxc-bot at linuxcontainers.org
Thu Dec 14 20:06:52 UTC 2017 

A non-text attachment was scrubbed...
Name: not available
Type: text/x-mailbox
Size: 928 bytes
Desc: not available
URL: <http://lists.linuxcontainers.org/pipermail/lxc-devel/attachments/20171214/18fe308e/attachment.bin>
-------------- next part --------------
From f893d898079004d198064337a4879bce5b28c9d8 Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Thu, 14 Dec 2017 20:57:15 +0100
Subject: [PATCH] commands: fix race when open()/close() cmd socket

When we report STOPPED to a caller and then close the command socket it is
technically possible - and I've seen this happen on the test builders - that a
container start() right after a wait() will receive ECONNREFUSED because it
called open() before we close(). So for all new state clients simply close the
command socket. This will inform all state clients that the container is
STOPPED and also prevents a race between a open()/close() on the command socket
causing a new process to get ECONNREFUSED because we haven't yet closed the
command socket.

Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
 src/lxc/start.c | 14 ++++++++++++--
 1 file changed, 12 insertions(+), 2 deletions(-)

diff --git a/src/lxc/start.c b/src/lxc/start.c
index a144d6f8f..4911fdde3 100644
--- a/src/lxc/start.c
+++ b/src/lxc/start.c
@@ -753,12 +753,22 @@ void lxc_fini(const char *name, struct lxc_handler *handler)
 
 	cgroup_destroy(handler);
 
-	lxc_set_state(name, handler, STOPPED);
+	/* This function will try to connect to the legacy lxc-monitord state
+	 * server and only exists for backwards compatibility.
+	 */
+	lxc_monitor_send_state(name, STOPPED, handler->lxcpath);
 
 	if (handler->conf->reboot == 0) {
-		/* close command socket */
+		/* For all new state clients simply close the command socket.
+		 * This will inform all state clients that the container is
+		 * STOPPED and also prevents a race between a open()/close() on
+		 * the command socket causing a new process to get ECONNREFUSED
+		 * because we haven't yet closed the command socket.
+		 */
 		close(handler->conf->maincmd_fd);
 		handler->conf->maincmd_fd = -1;
+	} else {
+		lxc_set_state(name, handler, STOPPED);
 	}
 
 	if (run_lxc_hooks(name, "post-stop", handler->conf, handler->lxcpath, NULL)) {

More information about the lxc-devel mailing list