Skip to content

C
criu
Commit ee7d3bec authored by Pavel Tikhomirov's avatar Pavel Tikhomirov Committed by Andrei Vagin
Browse files
Options

kdat: if iptables-restore has xtable lock support do wait on lock 

On VZ7 we have a problem in random tests on iptables restore when
running tests in parallel(one iptables-restore instance tries to lock
xtables lock and fails while other instance(some iptables* command) is
already holding the lock):

================== Run zdtm/static/socket_udp_shutdown in ns ===================
Start test
./socket_udp_shutdown --pidfile=socket_udp_shutdown.pid --outfile=socket_udp_shutdown.out
Run criu dump
Run criu restore
=[log]=> dump/zdtm/static/socket_udp_shutdown/77/1/restore.log
------------------------ grep Error ------------------------
(00.158864)      1: 	Running ip rule delete table local
(00.167319)      1: 	Running ip rule restore
(00.175647)      1: 	Running iptables-restore for iptables-restore
Another app is currently holding the xtables lock. Perhaps you want to use the -w option?
(00.185245)      1: Error (criu/util.c:719): exited, status=4
(00.185289)      1: Error (criu/net.c:1739): iptables-restore failed
(00.185301)      1: Error (criu/net.c:2382): Can't create net_ns
(00.185370)      1: Error (criu/util.c:1412): Can't wait or bad status: errno=0, status=65280(00.187281) Error (criu/mount.c:2944): mnt: Can't remove the directory /tmp/.criu.mntns.Ai5EG9: No such file or directory
(00.187298) uns: calling exit_usernsd (-1, 1)
(00.187344) uns: daemon calls 0x466a40 (93, -1, 1)
(00.187361) uns: `- daemon exits w/ 0
(00.188375) uns: daemon stopped
(00.188390) Error (criu/cr-restore.c:2450): Restoring FAILED.
------------------------ ERROR OVER ------------------------
Test zdtm/static/socket_udp_shutdown FAIL at CRIU restore

https://ci.openvz.org/job/CRIU/job/CRIU-virtuozzo/job/criu-dev/2873

It happens now in every test-suit run on VZ7 host as we had updated to
1.4.21-18 iptables package, which has patches for xlocks support in
iptables-restore ported:

* Mon Apr 24 2017 Thomas Woerner <twoerner@redhat.com> 1.4.21-18 - Add
support for --wait options to restore commands (RHBZ#1438597)

Whether these patches are ported to other distribution packages we'll
have these problem in other distributions.

Just add -w to wait lock on iptables-restore as older versions does not
error on invalid option, just warning is printed.
Signed-off-by: 's avatarPavel Tikhomirov <ptikhomirov@virtuozzo.com>
Signed-off-by: 's avatarAndrei Vagin <avagin@virtuozzo.com>
parent b2707bab
Hide whitespace changes
Inline Side-by-side
Showing with 2 additions and 2 deletions
criu/net.c
View file @ ee7d3bec
...@@ -1758,8 +1758,8 @@ int netns_keep_nsfd(void) ...@@ -1758,8 +1758,8 @@ int netns_keep_nsfd(void)
static int iptables_restore(bool ipv6, char *buf, int size) static int iptables_restore(bool ipv6, char *buf, int size)
{ {
int pfd[2], ret = -1; int pfd[2], ret = -1;
char *cmd4[] = {"iptables-restore", "--noflush", NULL}; char *cmd4[] = {"iptables-restore", "-w", "--noflush", NULL};
char *cmd6[] = {"ip6tables-restore", "--noflush", NULL}; char *cmd6[] = {"ip6tables-restore", "-w", "--noflush", NULL};
char **cmd = ipv6 ? cmd6 : cmd4;; char **cmd = ipv6 ? cmd6 : cmd4;;
if (pipe(pfd) < 0) { if (pipe(pfd) < 0) {
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment