From cf6e0085423af8938a16c850ff5607dad4ca7c73 Mon Sep 17 00:00:00 2001 From: Li Yuxuan Date: Wed, 8 May 2019 13:26:22 +0800 Subject: [PATCH] Fix fd leak of shim log Open shim v2 log with the flag `O_RDWR` will cause the `Read()` block forever even if the pipe has been closed on the shim side. Then the `io.Copy()` would never return and lead to a fd leak. Fix typo when closing shim v1 log which causes the `stdouLog` leak. Update `numPipes` function in test case to get the opened FIFO correctly. Signed-off-by: Li Yuxuan --- container_linux_test.go | 2 +- runtime/v1/shim/client/client.go | 4 ++-- runtime/v2/shim_unix.go | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/container_linux_test.go b/container_linux_test.go index 3627073fa..8cc9555dd 100644 --- a/container_linux_test.go +++ b/container_linux_test.go @@ -330,7 +330,7 @@ func TestShimDoesNotLeakPipes(t *testing.T) { } func numPipes(pid int) (int, error) { - cmd := exec.Command("sh", "-c", fmt.Sprintf("lsof -p %d | grep pipe", pid)) + cmd := exec.Command("sh", "-c", fmt.Sprintf("lsof -p %d | grep FIFO", pid)) var stdout bytes.Buffer cmd.Stdout = &stdout diff --git a/runtime/v1/shim/client/client.go b/runtime/v1/shim/client/client.go index 6cdd9cfc2..60dfad313 100644 --- a/runtime/v1/shim/client/client.go +++ b/runtime/v1/shim/client/client.go @@ -98,9 +98,9 @@ func WithStart(binary, address, daemonAddress, cgroup string, debug bool, exitHa cmd.Wait() exitHandler() if stdoutLog != nil { - stderrLog.Close() + stdoutLog.Close() } - if stdoutLog != nil { + if stderrLog != nil { stderrLog.Close() } }() diff --git a/runtime/v2/shim_unix.go b/runtime/v2/shim_unix.go index 6738a7787..1a08be5d1 100644 --- a/runtime/v2/shim_unix.go +++ b/runtime/v2/shim_unix.go @@ -28,5 +28,5 @@ import ( ) func openShimLog(ctx context.Context, bundle *Bundle) (io.ReadCloser, error) { - return fifo.OpenFifo(ctx, filepath.Join(bundle.Path, "log"), unix.O_RDWR|unix.O_CREAT, 0700) + return fifo.OpenFifo(ctx, filepath.Join(bundle.Path, "log"), unix.O_RDONLY|unix.O_CREAT|unix.O_NONBLOCK, 0700) }