Fix possible segmentation fault in namespace removal #3084
Conversation
Before this patch, if the namespace is closed or not retrievable, then
we still assign `nil` to it. In this case the interface checks for `nil`
will not work any more on removal and will trigger a segmentation fault.
This is now fixed by only touching pointers when necessary. Reproducible
via:
```bash
> sudo ./bin/crio &
> sudo crictl runp test/testdata/sandbox_config.json
> sudo pkill crio
> sudo pkill conmon
> sudo umount /run/crio/ns/*/*
> sudo ./bin/crio &
> sudo crictl rmp -fa
panic: runtime error: invalid memory address or nil pointer dereference
[signal SIGSEGV: segmentation violation code=0x1 addr=0x0 pc=0x19840d9]
goroutine 73 [running]:
sync.(*Mutex).Lock(...)
/usr/lib64/go/1.13/src/sync/mutex.go:74
github.com/cri-o/cri-o/internal/lib/sandbox.(*Namespace).Remove(0x0, 0x0, 0x0)
/home/sascha/go/src/github.com/cri-o/cri-o/internal/lib/sandbox/namespaces_linux.go:167 +0x49
github.com/cri-o/cri-o/internal/lib/sandbox.(*Sandbox).RemoveManagedNamespaces(0xc0001956c0, 0xc0004a6d40, 0x40)
/home/sascha/go/src/github.com/cri-o/cri-o/internal/lib/sandbox/namespaces.go:176 +0x84e
github.com/cri-o/cri-o/server.(*Server).RemovePodSandbox(0xc0003f4d80, 0x2251c60, 0xc0006a8000, 0xc00053b0e0, 0xc0003f4d80, 0x1, 0x1)
/home/sascha/go/src/github.com/cri-o/cri-o/server/sandbox_remove.go:99 +0x1445
```
Signed-off-by: Sascha Grunert <sgrunert@suse.com>
openshift-ci-robot
added
the
dco-signoff: yes
openshift-ci-robot
added
approved
|
/retest |
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: giuseppe, saschagrunert The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
1 similar comment
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: giuseppe, saschagrunert The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
|
/lgtm |
|
/cherrypick release-1.17 |
|
@saschagrunert: failed to push cherry-picked changes in GitHub: pushing failed, output: "To https://github.com/openshift-cherrypick-robot/cri-o\n ! [remote rejected] cherry-pick-3084-to-release-1.17 -> cherry-pick-3084-to-release-1.17 (cannot lock ref 'refs/heads/cherry-pick-3084-to-release-1.17': reference already exists)\nerror: failed to push some refs to 'https://openshift-cherrypick-robot:CENSORED@github.com/openshift-cherrypick-robot/cri-o'\n", error: exit status 1 In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
|
@saschagrunert: new pull request created: #3090 In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
Before this patch, if the namespace is closed or not retrievable, then
we still assign
nilto it. In this case the interface checks fornilwill not work any more on removal and will trigger a segmentation fault.
This is now fixed by only touching pointers when necessary. Reproducible
via:
More background information are available here:
https://www.calhoun.io/when-nil-isnt-equal-to-nil/