runc icon indicating copy to clipboard operation
runc copied to clipboard
verified publisher icon opencontainers

runc 1.4 breaks the rule that cmd.Start is called only once that's why process Wait can return an error.

Open everzakov opened this issue 2 weeks ago • 1 comments

Description

In startWithCgroupFD function the cmd.Start is called twice (if the first one was unsuccessful). However it breaks the rule that:

// A Cmd cannot be reused after calling its [Cmd.Start], [Cmd.Run],
// [Cmd.Output], or [Cmd.CombinedOutput] methods.

If this rule is broken then Cmd.Wait can return an error because c.goroutine save funcs from the first try but their pipes are closed.

A common example can found in https://github.com/golang/go/issues/76746#issuecomment-3627519957

Steps to reproduce the issue

  1. Use Ubuntu 20.04
  2. Use cgroups v2
  3. Use latest golang version (go version go1.25.5 linux/amd64)

Describe the results you received and expected

Received

vboxuser@vboxuser:~/runc$ sudo make GO=/usr/local/go/bin/go localunittest TESTFLAGS="-run=TestEnter"

....

=== RUN   TestEnter
    exec_test.go:216: unexpected error: read |0: file already closed
--- FAIL: TestEnter (0.33s)
FAIL
FAIL	github.com/opencontainers/runc/libcontainer/integration	4.797s

....

make: *** [Makefile:162: localunittest] Error 1

If c.goroutine = nil is set in defer function, then the everything will be ok. Expected

vboxuser@vboxuser:~/runc$ sudo make GO=/usr/local/go/bin/go localunittest TESTFLAGS="-run=TestEnter"

....

=== RUN   TestEnter
--- PASS: TestEnter (0.25s)
PASS
ok  	github.com/opencontainers/runc/libcontainer/integration	0.313s

....

What version of runc are you using?

main / runc 1.4

Host OS information

vboxuser@vboxuser:~/runc$ cat /etc/os-release 
NAME="Ubuntu"
VERSION="20.04.6 LTS (Focal Fossa)"
ID=ubuntu
ID_LIKE=debian
PRETTY_NAME="Ubuntu 20.04.6 LTS"
VERSION_ID="20.04"
HOME_URL="https://www.ubuntu.com/"
SUPPORT_URL="https://help.ubuntu.com/"
BUG_REPORT_URL="https://bugs.launchpad.net/ubuntu/"
PRIVACY_POLICY_URL="https://www.ubuntu.com/legal/terms-and-policies/privacy-policy"
VERSION_CODENAME=focal
UBUNTU_CODENAME=focal

Host kernel information

vboxuser@vboxuser:~/runc$ uname -a
Linux vboxuser 5.4.0-216-generic #236-Ubuntu SMP Fri Apr 11 19:53:21 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux

[@kolyshkin: edited for brevity]

everzakov avatar Dec 08 '25 16:12 everzakov

/cc @kolyshkin

everzakov avatar Dec 08 '25 23:12 everzakov