Protect forking services from false crash detection during reload

troglobit · troglobit · commit fa70b79b0f26 · 2026-02-22T15:51:29.000+01:00
The service_reload() sets svc_starting() to flag that a reload is in
progress.  The remaining changes use that flag to prevent the state
machine from interpreting the old PID's death as a crash:
service_monitor() doesn't zero the PID, service_step() RUNNING stays
put instead of restarting, and PAUSED doesn't drop to WAITING for
forking services.

Signed-off-by: Joachim Wiberg &lt;troglobit@gmail.com&gt;
diff --git a/src/service.c b/src/service.c
@@ -1299,10 +1299,17 @@ static int service_reload(svc_t *svc)
 	}
 
 	if (!rc) {
-		/* Declare we're waiting for svc to re-assert/touch its pidfile */
+		/*
+		 * Flag that we expect the service to (re-)assert its PID
+		 * file.  For forking services whose reload script kills and
+		 * restarts the daemon, this prevents service_step() from
+		 * treating the collected old PID as a crash.
+		 *
+		 * For services with managed pidfiles, also touch the file
+		 * to trigger an inotify event that reasserts the condition.
+		 */
 		svc_starting(svc);
 
-		/* Service does not maintain a PID file on its own */
 		if (svc_has_pidfile(svc)) {
 			sched_yield();
 			touch(pid_file(svc));
@@ -2338,10 +2345,8 @@ void service_monitor(pid_t lost, int status)
 	/* Forking sysv/services declare themselves with pid:!/path/to/pid.file  */
 	if (svc_is_forking(svc)) {
 		/* Likely start script exiting */
-		if (svc_is_starting(svc)) {
-			svc->pid = 0;	/* Expect no more activity from this one */
+		if (svc_is_starting(svc))
 			goto cont;
-		}
 
 		logit(LOG_CONSOLE | LOG_NOTICE, "Stopped %s[%d]", svc_ident(svc, NULL, 0), lost);
 	}
@@ -3036,6 +3041,16 @@ int service_step(svc_t *svc)
 		}
 
 		if (!svc->pid) {
+			/*
+			 * A reload script (e.g. frrinit.sh reload) may kill
+			 * the old daemon and start a new one.  When we collect
+			 * the old PID, stay RUNNING and wait for the new PID
+			 * file to appear -- pidfile_update_conds() will call
+			 * service_forked() to update svc->pid.
+			 */
+			if (svc_is_starting(svc) && svc_is_forking(svc))
+				goto done;
+
 			if (svc_is_daemon(svc) || svc_is_tty(svc)) {
 				int rc = WEXITSTATUS(svc->status);
 
@@ -3124,7 +3139,7 @@ int service_step(svc_t *svc)
 			break;
 		}
 
-		if (!svc->pid) {
+		if (!svc->pid && !svc_is_forking(svc)) {
 			(*restart_cnt)++;
 			svc_set_state(svc, SVC_WAITING_STATE);
 			break;
