Fix race in container creation

Only register a container once it's successfully started. This avoids a race condition where the daemon is killed while in the process of calling `libcontainer.Container.Start`, and ends up killing -1. There is a time window where the container `initProcess` is not set, and its PID unknown. This commit fixes the race Engine side. Signed-off-by: Arnaud Porterie <arnaud.porterie@docker.com>
2016-03-03 19:42:54 -08:00 · 2016-03-03 19:42:54 -08:00 · ad2fa39459
parent 32d1a6cee5
commit ad2fa39459
1 changed files with 7 additions and 4 deletions
--- a/daemon/execdriver/native/driver.go
+++ b/daemon/execdriver/native/driver.go
@ -157,6 +157,10 @@ func (d *Driver) Run(c *execdriver.Command, pipes *execdriver.Pipes, hooks execd
 	if err != nil {
 		return execdriver.ExitStatus{ExitCode: -1}, err
 	}
+
+	if err := cont.Start(p); err != nil {
+		return execdriver.ExitStatus{ExitCode: -1}, err
+	}
 	d.Lock()
 	d.activeContainers[c.ID] = cont
 	d.Unlock()
@ -167,10 +171,6 @@ func (d *Driver) Run(c *execdriver.Command, pipes *execdriver.Pipes, hooks execd
 		d.cleanContainer(c.ID)
 	}()

-	if err := cont.Start(p); err != nil {
-		return execdriver.ExitStatus{ExitCode: -1}, err
-	}
-
 	//close the write end of any opened pipes now that they are dup'ed into the container
 	for _, writer := range writers {
 		writer.Close()
@ -302,6 +302,9 @@ func (d *Driver) Kill(c *execdriver.Command, sig int) error {
 	if err != nil {
 		return err
 	}
+	if state.InitProcessPid == -1 {
+		return fmt.Errorf("avoid sending signal %d to container %s with pid -1", sig, c.ID)
+	}
 	return syscall.Kill(state.InitProcessPid, syscall.Signal(sig))
 }