diff options
author | Peter Hunt <pehunt@redhat.com> | 2020-03-03 15:35:29 -0500 |
---|---|---|
committer | Peter Hunt <pehunt@redhat.com> | 2020-03-03 15:43:31 -0500 |
commit | d3d97a25e8c87cf741b2e24ac01ef84962137106 (patch) | |
tree | ad8bde2cc012fb4fdb01c80d12e93a04badd4300 | |
parent | 4b72f9e4013411208751df2a92ab9f322d4da5b2 (diff) | |
download | podman-d3d97a25e8c87cf741b2e24ac01ef84962137106.tar.gz podman-d3d97a25e8c87cf741b2e24ac01ef84962137106.tar.bz2 podman-d3d97a25e8c87cf741b2e24ac01ef84962137106.zip |
Exec: use ErrorConmonRead
Before, we were using -1 as a bogus value in podman to signify something went wrong when reading from a conmon pipe. However, conmon uses negative values to indicate the runtime failed, and return the runtime's exit code.
instead, we should use a bogus value that is actually bogus. Define that value in the define package as MinInt32 (-1<< 31 - 1), which is outside of the range of possible pids (-1 << 31)
Signed-off-by: Peter Hunt <pehunt@redhat.com>
-rw-r--r-- | libpod/container_api.go | 4 | ||||
-rw-r--r-- | libpod/define/exec_codes.go | 6 | ||||
-rw-r--r-- | libpod/oci_conmon_linux.go | 8 |
3 files changed, 13 insertions, 5 deletions
diff --git a/libpod/container_api.go b/libpod/container_api.go index 37a05bb75..356da12d0 100644 --- a/libpod/container_api.go +++ b/libpod/container_api.go @@ -297,7 +297,9 @@ func (c *Container) Exec(tty, privileged bool, env map[string]string, cmd []stri // Conmon will pass a non-zero exit code from the runtime as a pid here. // we differentiate a pid with an exit code by sending it as negative, so reverse // that change and return the exit code the runtime failed with. - if pid < 0 { + // Make sure the value is not ErrorConmonRead, as that is a podman set bogus value + // and not sent by conmon (and thus has no special meaning) + if pid < 0 && pid != define.ErrorConmonRead { ec = -1 * pid } return ec, err diff --git a/libpod/define/exec_codes.go b/libpod/define/exec_codes.go index f94616b33..c2ec08666 100644 --- a/libpod/define/exec_codes.go +++ b/libpod/define/exec_codes.go @@ -1,6 +1,7 @@ package define import ( + "math" "strings" "github.com/pkg/errors" @@ -17,6 +18,11 @@ const ( ExecErrorCodeCannotInvoke = 126 // ExecErrorCodeNotFound is the error code to return when a command cannot be found ExecErrorCodeNotFound = 127 + // ErrorConmonRead is a bogus value that can neither be a valid PID or exit code. It is + // used because conmon will send a negative value when sending a PID back over a pipe FD + // to signify something went wrong in the runtime. We need to differentiate between that + // value and a failure on the podman side of reading that value. Thus, we use ErrorConmonRead + ErrorConmonRead = math.MinInt32 - 1 ) // TranslateExecErrorToExitCode takes an error and checks whether it diff --git a/libpod/oci_conmon_linux.go b/libpod/oci_conmon_linux.go index 8da6db09f..f260e3a39 100644 --- a/libpod/oci_conmon_linux.go +++ b/libpod/oci_conmon_linux.go @@ -1557,7 +1557,7 @@ func readConmonPipeData(pipe *os.File, ociLog string) DataAndErr { ch <- syncStruct{si: si} }() - data := -1 + data := define.ErrorConmonRead select { case ss := <-ch: if ss.err != nil { @@ -1567,14 +1567,14 @@ func readConmonPipeData(pipe *os.File, ociLog string) DataAndErr { var ociErr ociError if err := json.Unmarshal(ociLogData, &ociErr); err == nil { return DataAndErr{ - data: -1, + data: data, err: getOCIRuntimeError(ociErr.Msg), } } } } return DataAndErr{ - data: -1, + data: data, err: errors.Wrapf(ss.err, "container create failed (no logs from conmon)"), } } @@ -1607,7 +1607,7 @@ func readConmonPipeData(pipe *os.File, ociLog string) DataAndErr { data = ss.si.Data case <-time.After(define.ContainerCreateTimeout): return DataAndErr{ - data: -1, + data: data, err: errors.Wrapf(define.ErrInternal, "container creation timeout"), } } |