[release/1.7 backport] containerd-shim-runc-v2: avoid potential deadlock in create handler#9209
Merged
fuweid merged 4 commits intocontainerd:release/1.7from Oct 11, 2023
Conversation
Member
Author
|
Looks like we may be missing something in this branch; |
Member
Author
|
Signed-off-by: Marat Radchenko <[email protected]> (cherry picked from commit 9e34b8b) Signed-off-by: Sebastiaan van Stijn <[email protected]>
Previous code has already called `getContainer()`, just pass it into `s.getContainerPids` to reduce unnecessary lock and map lookup. Signed-off-by: Chen Yiyang <[email protected]> (cherry picked from commit 6604ff6) Signed-off-by: Sebastiaan van Stijn <[email protected]>
After pr containerd#8617, create handler of containerd-shim-runc-v2 will call handleStarted() to record the init process and handle its exit. Init process wouldn't quit so early in normal circumstances. But if this screnario occurs, handleStarted() will call handleProcessExit(), which will cause deadlock because create() had acquired s.mu, and handleProcessExit() will try to lock it again. So, I added a parameter muLocked to handleStarted to indicate whether or not s.mu is currently locked, and thus deciding whether or not to lock it when calling handleProcessExit. Fix: containerd#9103 Signed-off-by: Chen Yiyang <[email protected]> (cherry picked from commit 68dd47e) Signed-off-by: Sebastiaan van Stijn <[email protected]>
thaJeztah
force-pushed
the
1.7_backport_fix_deadlock
branch
from
2febc4d to
2eee3df
Compare
Member
|
Should the new test be skipped for |
Signed-off-by: Wei Fu <[email protected]> (cherry picked from commit 11a7751) Signed-off-by: Sebastiaan van Stijn <[email protected]>
thaJeztah
force-pushed
the
1.7_backport_fix_deadlock
branch
from
2eee3df to
d0a1fed
Compare
thaJeztah
commented
Oct 10, 2023
Comment on lines
+1513
to
+1515
| if getRuntimeVersion() == "v1" { | ||
| t.Skip("skip it when using shim v1") | ||
| } |
Member
Author
There was a problem hiding this comment.
thanks @fuweid (let's see if it goes green with this patch added); I'll update the 1.6 PR as well
Member
Author
|
/retest |
estesp
approved these changes
Oct 10, 2023
kiashok
approved these changes
Oct 10, 2023
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
7 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
After pr #8617, create handler of containerd-shim-runc-v2 will
call handleStarted() to record the init process and handle its exit.
Although init process wouldn't quit so early in normal circumstances.
But if this screnario occurs, handleStarted() will call
handleProcessExit(), which will cause deadlock because create() had
acquired s.mu, and handleProcessExit() will try to lock it again.
So I add handleProcessExitNoLock() function which will not lock s.mu.
It can safely be called in create handler without deadlock.