Fix stale socket recovery without connect probe in client

semihalev · semihalev · commit 9095fe830dfa · 2026-04-05T17:54:12.000+03:00
Move stale socket detection to the daemon's bind() path: on EADDRINUSE,
probe with connect() to check if a real daemon is listening. If
ECONNREFUSED (stale socket from crash), unlink and retry bind. This
avoids the client's connect probe which creates a real connection the
daemon must accept and handle.
diff --git a/ext/stoolap.c b/ext/stoolap.c
@@ -1246,31 +1246,15 @@ static int ensure_daemon_running(void)
         stoolap_daemon_init_paths((parent > 1) ? parent : getpid());
     }
 
-    /* Probe socket with connect() to verify daemon is alive.
-     * stat() alone can't distinguish a live socket from a stale one. */
+    /* Fast path: socket file exists → assume daemon is running.
+     * If it's stale (crashed daemon), proxy_connect() will fail and
+     * Database::open() falls through to direct mode. On next call,
+     * the daemon's bind() will clean up via EADDRINUSE detection.
+     * We don't probe with connect() because that creates a real
+     * connection the daemon must accept and handle. */
     struct stat st;
     if (stat(STOOLAP_DAEMON_SOCK, &st) == 0 && S_ISSOCK(st.st_mode)) {
-        int probe = socket(AF_UNIX, SOCK_STREAM, 0);
-        if (probe >= 0) {
-            struct sockaddr_un addr;
-            memset(&addr, 0, sizeof(addr));
-            addr.sun_family = AF_UNIX;
-            strncpy(addr.sun_path, STOOLAP_DAEMON_SOCK, sizeof(addr.sun_path) - 1);
-            if (connect(probe, (struct sockaddr *)&addr, sizeof(addr)) == 0) {
-                close(probe);
-                return 0; /* daemon is alive */
-            }
-            int err = errno;
-            close(probe);
-            if (err == ECONNREFUSED) {
-                /* No listener — stale socket from crashed daemon */
-                unlink(STOOLAP_DAEMON_SOCK);
-            } else {
-                /* Other error (EAGAIN, EACCES, etc.) — daemon may be alive
-                 * but busy or inaccessible. Don't unlink. Let bind() decide. */
-                return 0;
-            }
-        }
+        return 0;
     }
 
     /* Double-fork a daemon candidate. If multiple processes race here,
diff --git a/ext/stoolap_daemon.c b/ext/stoolap_daemon.c
@@ -1787,14 +1787,34 @@ static int create_listen_socket(void)
 
     if (bind(fd, (struct sockaddr *)&addr, sizeof(addr)) < 0) {
         if (errno == EADDRINUSE) {
-            /* Another daemon won the race — exit silently */
+            /* Socket exists. Probe to see if a daemon is actually listening.
+             * If ECONNREFUSED → stale socket from crash, unlink and retry.
+             * If connect succeeds → live daemon, we lost the race. */
+            int probe = socket(AF_UNIX, SOCK_STREAM, 0);
+            if (probe >= 0) {
+                if (connect(probe, (struct sockaddr *)&addr, sizeof(addr)) == 0) {
+                    close(probe); /* live daemon — we're the loser */
+                    close(fd);
+                    return -2;
+                }
+                int err = errno;
+                close(probe);
+                if (err == ECONNREFUSED) {
+                    /* Stale socket — unlink and retry bind once */
+                    unlink(STOOLAP_DAEMON_SOCK);
+                    if (bind(fd, (struct sockaddr *)&addr, sizeof(addr)) == 0) {
+                        goto bind_ok;
+                    }
+                }
+            }
             close(fd);
-            return -2; /* special: not an error, just lost the race */
+            return -2; /* give up — another daemon likely won the retry */
         }
         LOG_ERR("bind(%s) failed: %s", STOOLAP_DAEMON_SOCK, strerror(errno));
         close(fd);
         return -1;
     }
+bind_ok:
 
     if (listen(fd, 16) < 0) {
         LOG_ERR("listen() failed: %s", strerror(errno));
