iroh icon indicating copy to clipboard operation
iroh copied to clipboard

Published 20 hours ago verified publisher icon n0-computer

Always delete an UDS file before binding it

Open fabricedesre opened this issue 2 years ago • 7 comments

The RAII struct UdsGuard works well when the binary terminates normally but this is unfortunately not always the case:

  • crashes.
  • on Android, daemons restarted by the init system.
  • power loss on mobile devices.

To avoid these failures, this patch forces the deletion before trying to bind the socket. This means that we don't really need the UdsGuard anymore - let me know if I should also remove it. cc @dignifiedquire

fabricedesre avatar Sep 11 '22 23:09 fabricedesre

I don’t think unconditionally deleting these is a good idea, because now you break an already running system if you run the binary twice, instead of erroring out.

dignifiedquire avatar Sep 12 '22 09:09 dignifiedquire

Thoughts @fabricedesre ? This is tricky, any idea how other applications typically do this?

dignifiedquire avatar Sep 22 '22 16:09 dignifiedquire

Thoughts @fabricedesre ? This is tricky, any idea how other applications typically do this?

I've seen 2 approaches:

  • use a file containing the PID of the running instance. In theory this can be racy, in practice that works well. In iroh we could provide that to all programs with a helper in iroh-utils.
  • scan /proc/$pids/cmdline or equivalent to find an already running instance. It's quite tedious and can be slow, and OS specific.

fabricedesre avatar Sep 22 '22 16:09 fabricedesre

use a file containing the PID of the running instance. In theory this can be racy, in practice that works well. In iroh we could provide that to all programs with a helper in iroh-utils.

kubo uses lockfiles, and while they're super tedious, I think this is the best approach we have. I agree they're only really racy in theory. Cleaning them up in all cases including program crashes is the hard part in my humble experience.

This problem is everywhere. For heaven's sake, Microsoft Word can't get around this

Word creates an owner file when you open a previously saved Word document. An owner file is temporary and holds the logon name of the person who opens the document.

I'd vote for a lockfile with PID of running process.

b5 avatar Oct 04 '22 21:10 b5

Cleaning them up in all cases including program crashes is the hard part in my humble experience.

Having the pid in the lock file allows you to ignore / override it after a crash because you can check that the pid is actually one of a running process. Of course pid reuse is a thing, but well...

I can take that bug if that helps.

fabricedesre avatar Oct 04 '22 22:10 fabricedesre

On linux at least fcntl works pretty well I believe, as the OS releases the lock when the process dies

dignifiedquire avatar Oct 05 '22 08:10 dignifiedquire

I can take that bug if that helps.

Yes, that would be great

dignifiedquire avatar Oct 05 '22 08:10 dignifiedquire

@fabricedesre can we close this, or is this still needed?

dignifiedquire avatar Nov 18 '22 16:11 dignifiedquire

I forgot about it because I kept it in my fork, so feel free to close. It likely less of an issue now with the lock files.

fabricedesre avatar Nov 18 '22 16:11 fabricedesre