From: Friedrich Weber <f.weber@proxmox.com>
To: Wolfgang Bumiller <w.bumiller@proxmox.com>
Cc: pve-devel@lists.proxmox.com
Subject: Re: [pve-devel] [RFC container 2/4] fix #4474: lxc api: add overrule-shutdown parameter to stop endpoint
Date: Tue, 2 Jan 2024 14:34:05 +0100 [thread overview]
Message-ID: <e96cbe68-058a-4d55-81b7-7a4a7c9a9f64@proxmox.com> (raw)
In-Reply-To: <8fa7891a-0ed8-46b4-8006-456d307aaa1a@proxmox.com>
On 01/12/2023 10:57, Friedrich Weber wrote:
> On 17/11/2023 14:09, Wolfgang Bumiller wrote:
> [...]
>>> return PVE::LXC::Config->lock_config($vmid, $lockcmd);
>>
>> ^ Here we lock first, then fork the worker, then do `vm_stop` with the
>> config lock inherited.
>>
>> This means that creating multiple shutdown tasks before using one with
>> override=true could cause the override task to cancel the *first* ongoing
>> shutdown task, then move on to the `lock_config` call - in the meantime
>> a second shutdown task acquires this very lock and performs another
>> long-running shutdown, causing the `override` parameter to be
>> ineffective.
>
> Just to make sure I understand correctly, the scenario is (please
> correct me if I'm wrong):
>
> * shutdown task #1 has the lock and starts long-running shutdown
> * stop API handler with override kills shutdown task #1, but does not
> acquire the lock yet
> * shutdown task #2 starts, acquires the lock and starts long-running
> shutdown
> * stop task waits for the lock => override flag was ineffective
Discussed this with Wolfgang off-list, posting here for completeness. I
suppose the scenario I sketched is technically possible, but unlikely to
occur in practice (the stop API handler will usually acquire the lock
before shutdown task #2 can).
Wolfgang actually sketched a slightly different scenario, which is
reproducible with containers pretty easily:
* shutdown task #1 has the lock and starts long-running shutdown
* API handler for shutdown task #2 waits for the lock (there is no task yet)
* API handler for stop task #3 (with overrule-shutdown) kills shutdown
task #1, but does not acquire the lock yet
* API handler for shutdown task #2 acquires the lock and runs another
long-running shutdown
* API handler for stop task #3 waits for the lock => overrule-shutdown
flag was ineffective
As pointed out by Wolfgang this happens because container shutdown
currently uses lock-then-fork. VM shutdown, on the other hand, uses
fork-then-lock, so the above can't happen (the stop task with
overrule-shutdown kills both shutdown tasks).
In the next version I'll send a separate patch that switches the
ordering as suggested by Wolfgang.
next prev parent reply other threads:[~2024-01-02 13:34 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-01-26 8:32 [pve-devel] [RFC manager/container/qemu-server/guest-common 0/4] fix #4474: stop tasks may overrule shutdown tasks Friedrich Weber
2023-01-26 8:32 ` [pve-devel] [RFC manager 1/4] fix #4474: ui: vm stop: ask if active shutdown tasks should be aborted Friedrich Weber
2023-01-26 8:32 ` [pve-devel] [RFC container 2/4] fix #4474: lxc api: add overrule-shutdown parameter to stop endpoint Friedrich Weber
2023-11-17 13:09 ` Wolfgang Bumiller
2023-12-01 9:57 ` Friedrich Weber
2024-01-02 13:34 ` Friedrich Weber [this message]
2023-01-26 8:32 ` [pve-devel] [RFC qemu-server 3/4] fix #4474: qemu " Friedrich Weber
2023-11-17 13:12 ` Wolfgang Bumiller
2023-01-26 8:32 ` [pve-devel] [RFC guest-common 4/4] guest helpers: add helper to overrule active tasks of a specific type Friedrich Weber
2023-11-17 12:53 ` Wolfgang Bumiller
2023-12-01 9:57 ` Friedrich Weber
2023-09-27 9:04 ` [pve-devel] [RFC manager/container/qemu-server/guest-common 0/4] fix #4474: stop tasks may overrule shutdown tasks Friedrich Weber
2023-11-17 12:31 ` Wolfgang Bumiller
2023-12-01 9:57 ` Friedrich Weber
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=e96cbe68-058a-4d55-81b7-7a4a7c9a9f64@proxmox.com \
--to=f.weber@proxmox.com \
--cc=pve-devel@lists.proxmox.com \
--cc=w.bumiller@proxmox.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.