Fix race in host sandbox creation

mrjana · mrjana · commit 172d095648d2 · 2015-10-30T16:08:33.000-07:00
Since we share the host sandbox with many containers we
need to serialize creation of the sandbox. Otherwise
container starts may see the namespace path in inconsistent
state.

Signed-off-by: Jana Radhakrishnan &lt;mrjana@docker.com&gt;
diff --git a/controller.go b/controller.go
@@ -507,13 +507,14 @@ func (c *controller) NewSandbox(containerID string, options ...SandboxOption) (S
 		return nil, err
 	}
 
+	c.Lock()
 	if sb.osSbox == nil && !sb.config.useExternalKey {
 		if sb.osSbox, err = osl.NewSandbox(sb.Key(), !sb.config.useDefaultSandBox); err != nil {
+			c.Unlock()
 			return nil, fmt.Errorf("failed to create new osl sandbox: %v", err)
 		}
 	}
 
-	c.Lock()
 	c.sandboxes[sb.id] = sb
 	c.Unlock()
 	defer func() {

Original file line number	Diff line number	Diff line change
`@@ -507,13 +507,14 @@ func (c *controller) NewSandbox(containerID string, options ...SandboxOption) (S`
`507`	`507`	`return nil, err`
`508`	`508`	`}`
`509`	`509`
	`510`	`+ c.Lock()`
`510`	`511`	`if sb.osSbox == nil && !sb.config.useExternalKey {`
`511`	`512`	`if sb.osSbox, err = osl.NewSandbox(sb.Key(), !sb.config.useDefaultSandBox); err != nil {`
	`513`	`+ c.Unlock()`
`512`	`514`	`return nil, fmt.Errorf("failed to create new osl sandbox: %v", err)`
`513`	`515`	`}`
`514`	`516`	`}`
`515`	`517`
`516`		`- c.Lock()`
`517`	`518`	`c.sandboxes[sb.id] = sb`
`518`	`519`	`c.Unlock()`
`519`	`520`	`defer func() {`