Skip to content

Use async pid fd instead of blocking waitid to wait for a child process to exit#745

Merged
Mossaka merged 6 commits intocontainerd:mainfrom
jprendes:async-shim-v3
Feb 25, 2025
Merged

Use async pid fd instead of blocking waitid to wait for a child process to exit#745
Mossaka merged 6 commits intocontainerd:mainfrom
jprendes:async-shim-v3

Conversation

@jprendes
Copy link
Collaborator

@jprendes jprendes commented Nov 22, 2024
edited
Loading

This PR replaces the blocking waitid call with an async implementation based on pid fd.
There's a race condition where containerd-shim reaps child processes.
If the child process has already been reaped, query containerd-shim to get the process status.

Note that this race condition is already present in the current implementation, but runwasi's waitid is very likely to win the race, the introduction of async evens out the odds between runwasi and containerd-shim.

This PR is in preparation to move the whole shim implementation to async.

andreiltd
andreiltd approved these changes Nov 25, 2024
View reviewed changes
Copy link
Member

@andreiltd andreiltd left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM!

Mossaka
Mossaka previously approved these changes Nov 26, 2024
View reviewed changes
Copy link
Member

@Mossaka Mossaka left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM!

@jprendes
Copy link
Collaborator Author

jprendes commented Nov 26, 2024

I still need to figure out why CI is failing. I think the http_poxy container is not receiving the SiGINT for some reason. But I don't see how that can relate to this. I'll keep digging tomorrow.

@jprendes jprendes force-pushed the async-shim-v3 branch 3 times, most recently from 29927c0 to 4a4f9b0 Compare January 23, 2025 11:02
@jprendes jprendes changed the title Use async pid fd instead of blocking waitid to wait for a child process to exit Use containerd-shim monitor to wait for child to exit Jan 23, 2025
@jprendes jprendes force-pushed the async-shim-v3 branch 2 times, most recently from f29e21c to 26d8ab0 Compare January 23, 2025 14:50
@jprendes jprendes changed the title Use containerd-shim monitor to wait for child to exit Use async pid fd instead of blocking waitid to wait for a child process to exit Jan 23, 2025
@jprendes jprendes force-pushed the async-shim-v3 branch 3 times, most recently from 92edd5b to e89619a Compare January 23, 2025 16:02
@jprendes jprendes requested review from Mossaka and andreiltd January 23, 2025 16:25
Mossaka
Mossaka previously approved these changes Jan 27, 2025
View reviewed changes
Copy link
Member

@Mossaka Mossaka left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Great! Thanks for working on this

What I'd like to see, perhaps as a follow up, is some unit tests for edge cases like

  1. What would happen if the pid does not exist
  2. what would happen if the orignal PID is reused by a new process after the first one exists.
  3. what would happen to call wait() when containerd-shim has already reaped the process

Mossaka
Mossaka reviewed Jan 27, 2025
View reviewed changes
Copy link
Member

@Mossaka Mossaka left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Great! Thanks for working on this

What I'd like to see, perhaps as a follow up, is some unit tests for edge cases like

  1. What would happen if the pid does not exist
  2. what would happen if the orignal PID is reused by a new process after the first one exists.
  3. what would happen to call wait() when containerd-shim has already reaped the process

@Mossaka
Copy link
Member

Mossaka commented Jan 27, 2025

Note that this race condition is already present in the current implementation, but runwasi's waitid is very likely to win the race, the introduction of async evens out the odds between runwasi and containerd-shim.

Just to clarify, in this PR, you did not resolve this issue, right? If yes, could you please raise an issue against the repo so that we can track this one.

@Mossaka Mossaka closed this Jan 31, 2025
@Mossaka Mossaka reopened this Jan 31, 2025
@jprendes
[stress-test] add default arguments for OCI image
eb83bcf 
Signed-off-by: Jorge Prendes <jorge.prendes@gmail.com>
@jprendes
[stress-test] account for shims processes racing to start
99e57df 
Signed-off-by: Jorge Prendes <jorge.prendes@gmail.com>
@jprendes
make clippy happy
5ed3798 
Signed-off-by: Jorge Prendes <jorge.prendes@gmail.com>
@jprendes
Copy link
Collaborator Author

jprendes commented Feb 24, 2025

Just to clarify, in this PR, you did not resolve this issue, right?

It doesn't resolve the underlying race condition, but it covers all possible outcomes, so it's not an issue for runwasi.

could you please raise an issue against the repo so that we can track this one

To be fair, we could just use the containerd_shim reaper alone, and we wouldn't need the pidfd part.
I think that's how containerd_shim intendeds it to be used.
However, that breaks our tests, as we don't bootstrap the containerd_shim reaper in tests.
If we do bootstrap the containerd_shim reaper in tests, then we would break tests that use process::Command, as they would hit the same race condition.

@jprendes
Copy link
Collaborator Author

jprendes commented Feb 24, 2025

  1. What would happen if the pid does not exist

During wait, it would hit the ECHILD branch, and then wait forever in the c8d_shim reaper. Fixed it so that we wait with a timeout.

  1. what would happen if the orignal PID is reused by a new process after the first one exists.

That's not a problem.

  • PIDFD is resilient to that by using a dedicated FD instead of the PID.
  • The reaper should send the correct event regardless. Assuming the reaper always wins, that would mean that the reaper would broadcast two events with the same PID, but we stop listening after the first hit.
  1. what would happen to call wait() when containerd-shim has already reaped the process

As long as the struct is created before the process exits, that's not a problem. That's why we create the struct BEFORE calling container.start(). I added a comment explaining this in the code.

@jprendes
Use async pid fd instead of blocking waitid to wait for a child proce…
9ff1daf 
…ss to exit

Signed-off-by: Jorge Prendes <jorge.prendes@gmail.com>
@jprendes
check containerd-shim monitor if child is already reaped
e12c1a7 
Signed-off-by: Jorge Prendes <jorge.prendes@gmail.com>
@jprendes
Add comment for future self
d490d0d 
Signed-off-by: Jorge Prendes <jorge.prendes@gmail.com>
@jprendes jprendes requested a review from Mossaka February 24, 2025 15:50
Mossaka
Mossaka previously approved these changes Feb 25, 2025
View reviewed changes
Copy link
Member

@Mossaka Mossaka left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM!

@jprendes jprendes dismissed Mossaka’s stale review February 25, 2025 23:43

The merge-base changed after approval.

@Mossaka Mossaka merged commit 99ea2d2 into containerd:main Feb 25, 2025
75 checks passed
@jprendes jprendes deleted the async-shim-v3 branch February 27, 2025 10:29
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@Mossaka Mossaka Mossaka approved these changes

@andreiltd andreiltd andreiltd approved these changes

Assignees

No one assigned

Labels

C-common C-containerd-shim-wasm

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@jprendes @Mossaka @andreiltd