Possible race condition when deleting an image

[shadjiiski]

vic-engine version vic-engine-v1.1.0-rc2-dc7c489e

Decription According to security testing criteria, race conditions should not be possible. However, when deleting an image with docker rmi <image-name> there appears to be a certain timespan during which the image is already wiped but is still not marked as missing.

Expected output If the image is there:

$ docker rmi alpine
Deleted: 627beaf3eaaff1c0bc3311d60fb933c17ad04fe377e1043d9593646d8ae3bfe1
Untagged: alpine:latest

If the image is already deleted

$ docker rmi alpine
Error response from daemon: No such image: alpine:latest

The output is expected to be one of these no matter how many requests are handled in parallel.

Actual output Do a docker pull alpine, then in two terminals execute simultaneously docker rmi alpine. One of the terminals will show the expected output

$ docker rmi alpine
Deleted: 627beaf3eaaff1c0bc3311d60fb933c17ad04fe377e1043d9593646d8ae3bfe1
Untagged: alpine:latest

the other one, however, will display

$ docker rmi alpine
Error response from daemon: [DELETE /storage/{store_name}/info/{id}][500] DeleteImage default  &{Code:500 Message:Node http:///storage/images/4216c4f2-43c2-8ce3-5cac-c8f1068f25e1/65312f45ea0c848f517208c7d22d62417d38a6704c270f7131704dac9eff2dcd not found}

This can cause a lot of problems, if for example, a docker run and docker rmi commands were run in parallel. In my case, the docker run command failed instead of pulling the missing image (because it failed to see on time that the image was already missing):

$ docker run -itd alpine sh
C:\Program Files\Docker Toolbox\docker.exe: Error response from daemon: Server error from portlayer: Invalid configuration for device '1'..
See 'C:\Program Files\Docker Toolbox\docker.exe run --help'.

[jzt]

Related? https://github.com/vmware/vic/issues/4666