Skip to content

🐛 Potential deadlock due to blocking accept on UnixListener #261

Description

@asmit25805

🐛 Bug · 🟠 High · Confidence: 97%

File: crates/forkd-vmm/src/lib.rs
Location: request_wp_uffd


What's wrong

The line let (stream, _) = listener.accept().context("accept FC connection")?; blocks indefinitely if the Firecracker process never connects, causing request_wp_uffd to hang and the caller to block forever.

Suggested fix

Make the listener non‑blocking and add a timeout, or use a separate thread with a bounded wait. For example:

let listener = UnixListener::bind(socket_path)
    .with_context(|| format!("bind UDS at {}", socket_path.display()))?;
listener.set_nonblocking(true).context("set non‑blocking")?;
let start = std::time::Instant::now();
let timeout = std::time::Duration::from_secs(5);
let (stream, _) = loop {
    match listener.accept() {
        Ok(pair) => break pair,
        Err(e) if e.kind() == std::io::ErrorKind::WouldBlock => {
            if start.elapsed() > timeout {
                anyhow::bail!("timeout waiting for FC to connect to UDS");
            }
            std::thread::sleep(std::time::Duration::from_millis(10));
            continue;
        }
        Err(e) => return Err(e).context("accept FC connection"),
    }
};

About this report

This finding was generated by an automated audit tool using Llama 3.3 70B + verification passes.
Only findings with ≥92% confidence that passed both LLM self-verification and line reference
verification are reported. False positives are still possible — please verify before acting.

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions