New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Resolve null-dereference and enable Linux containers #9622
Conversation
After initial for-loop best might be 0x0. The patch avoids NULL-dereference issue, which causes segfaults. Signed-off-by: David Abdurachmanov <David.Abdurachmanov@cern.ch> Reported-by: Sébastien Brochet <sebastien.brochet@cern.ch>
According to glibc documentation one should use `_PATH_MOUNTED`, which by default should point to `/etc/mtab`. This file is maintained by `mount` and `umount` programs. This is wrong if we are running in a sandboxed everinment, e.g. Linux containers (OpenVZ, Docker, Rocket, LXC/LXD) or chroot/proot. Then this files comes from alternative rootfs and does not reflect actual mount points. On modern systems (incl. CentOS 7 and Fedora) `/etc/mtab` points to `/proc/self/mounts`. The patch by default reads `/proc/self/mounts` on Linux systems. By default Docker will create a `/etc/mtab` as symlink to `/proc/mounts` (which points to `/proc/self/mounts`) on any container. OpenVZ documentation also request chaging `/etc/mtab` to a symlink. Same in Linux From Scratch guide. Also reminds that `/` could be mounted as read-only, thus `/etc/mtab` could be stale. Signed-off-by: David Abdurachmanov <David.Abdurachmanov@cern.ch> Reported-by: Sébastien Brochet <sebastien.brochet@cern.ch>
A new Pull Request was created by @davidlt for CMSSW_7_4_X. Resolve null-dereference and enable Linux containers It involves the following packages: Utilities/StorageFactory @cmsbuild, @Dr15Jones can you please review it and eventually sign? Thanks. |
please test |
+1 |
The tests are being triggered in jenkins. |
This pull request is fully signed and it will be integrated in one of the next CMSSW_7_4_X IBs once checked with relvals in the development release cycle of CMSSW or unless it breaks tests. This pull request requires discussion in the ORP meeting before it's merged. @davidlange6, @Degano, @smuzaffar |
This pull request is fully signed and it will be integrated in one of the next CMSSW_7_4_X IBs once checked with relvals in the development release cycle of CMSSW (tests are also fine). This pull request requires discussion in the ORP meeting before it's merged. @davidlange6, @Degano, @smuzaffar |
This pull request is fully signed and it will be integrated in one of the next CMSSW_7_4_X IBs once checked with relvals in the development release cycle of CMSSW (tests are also fine). This pull request requires discussion in the ORP meeting before it's merged. @davidlange6, @Degano, @smuzaffar |
+1 |
Resolve null-dereference and enable Linux containers
Notice: commit messages contains more information.
CMSSW fails on at least one site where Linux containers are used (probably instead of virtual machines). You cannot trust
/etc/mtab
content, go directly for/proc/self/mounts
.Same issue happens if CMSSW is compiled with ASan, in this case
realpath
was not doing a correct job for ".
". Could be a bug in ASan interceptor.Same PR approved for CMSSW_7_5_X: #9541