beenull/moby
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
moby/daemon
History
Sebastiaan van Stijn 6c7f6c2d47
daemon/containerd: fix assignment to entry in nil map during commit 
A panic would happen when converting an config that had ports exposed, because
the ExposedPorts map in the OCI-spec was not initialized. This could happen
when committing a container, or when using the classic builder and the
parent image had ports exposed, for example

    FROM busybox AS stage0
    EXPOSE 80

    FROM stage0 AS stage1
    RUN echo hello

Example of the panic:

    2023/07/07 15:13:02 http: panic serving @: assignment to entry in nil map
    goroutine 1944 [running]:
    net/http.(*conn).serve.func1()
    	/usr/local/go/src/net/http/server.go:1854 +0xbf
    panic({0x45f660, 0xb6a8d0})
    	/usr/local/go/src/runtime/panic.go:890 +0x263
    github.com/docker/docker/daemon/containerd.containerConfigToOciImageConfig(...)
    	/go/src/github.com/docker/docker/daemon/containerd/image_import.go:397
    github.com/docker/docker/daemon/containerd.generateCommitImageConfig({0xc001470498, {0x0, 0x0}, {0xc000c437d8, 0x5}, {0x0, 0x0}, {0xc000c43b27, 0x5}, {0x0, ...}, ...}, ...)
    	/go/src/github.com/docker/docker/daemon/containerd/image_commit.go:138 +0x40e
    github.com/docker/docker/daemon/containerd.(*ImageService).CommitImage(0xc0008853e0, {0xb8f660, 0xc000c4f7c0}, {{0x0, 0x0}, {0x0, 0x0}, 0xc00104b900, 0xc00104b180, {0xc0011a7640, ...}, ...})
    	/go/src/github.com/docker/docker/daemon/containerd/image_commit.go:82 +0x73b
    github.com/docker/docker/daemon/containerd.(*ImageService).CommitBuildStep(0xc0008853e0, {0xb8f660, 0xc000c4f7c0}, {{0x0, 0x0}, {0x0, 0x0}, 0xc00104b900, 0xc00104b180, {0xc0011a7640, ...}, ...})
    	/go/src/github.com/docker/docker/daemon/containerd/image_commit.go:308 +0x110
    github.com/docker/docker/builder/dockerfile.(*Builder).commitContainer(0xc0012b8cc0, {0xb8f660, 0xc000c4f7c0}, 0xc0010b2b60, {0xc0011a7640, 0x40}, 0xc00104b180)
    	/go/src/github.com/docker/docker/builder/dockerfile/internals.go:61 +0x168
    github.com/docker/docker/builder/dockerfile.(*Builder).commit(0xc0012b8cc0, {0xb8f660, 0xc000c4f7c0}, 0xc0010b2b60, {0xc0012a7d80?, 0xc001340060?})
    	/go/src/github.com/docker/docker/builder/dockerfile/internals.go:45 +0x1aa
    github.com/docker/docker/builder/dockerfile.dispatchLabel({0xb8f660, 0xc000c4f7c0}, {0xc0010b2b60, 0xc000c6b628, 0xc0012b8cc0, {0xb80f60, 0xc0011a46c0}, 0xc000bc2560}, 0x1e24a85?)
    	/go/src/github.com/docker/docker/builder/dockerfile/dispatchers.go:83 +0x258
    github.com/docker/docker/builder/dockerfile.dispatch({0xb8f660, 0xc000c4f7c0}, {0xc0010b2b60, 0xc000c6b628, 0xc0012b8cc0, {0xb80f60, 0xc0011a46c0}, 0xc000bc2560}, {0xb7be40, 0xc00111cde0})
    	/go/src/github.com/docker/docker/builder/dockerfile/evaluator.go:74 +0x529
    github.com/docker/docker/builder/dockerfile.(*Builder).dispatchDockerfileWithCancellation(0xc0012b8cc0, {0xb8f660, 0xc000c4f7c0}, {0xc000b1d380, 0x1, 0xc0011a4660?}, {0x0, 0x0, 0x0?}, 0x5c, ...)
    	/go/src/github.com/docker/docker/builder/dockerfile/builder.go:296 +0x8f2
    github.com/docker/docker/builder/dockerfile.(*Builder).build(0xc0012b8cc0, {0xb8f660, 0xc000c4f7c0}, {0xb80f60, 0xc0011a46c0}, 0xc0011a49f0)
    	/go/src/github.com/docker/docker/builder/dockerfile/builder.go:211 +0x2e5
    github.com/docker/docker/builder/dockerfile.(*BuildManager).Build(0xc0008868c0, {0xb8f708, 0xc0011a44b0}, {{0xb789c0, 0xc0011a4540}, {{0xb6b940, 0xc000c22a50}, {0xb6c5e0, 0xc000c22a68}, {0xb6c5e0, ...}, ...}, ...})
    	/go/src/github.com/docker/docker/builder/dockerfile/builder.go:98 +0x358
    github.com/docker/docker/api/server/backend/build.(*Backend).Build(0xc0007d0870, {0xb8f708, 0xc0011a44b0}, {{0xb789c0, 0xc0011a4540}, {{0xb6b940, 0xc000c22a50}, {0xb6c5e0, 0xc000c22a68}, {0xb6c5e0, ...}, ...}, ...})
    	/go/src/github.com/docker/docker/api/server/backend/build/backend.go:69 +0x186
    github.com/docker/docker/api/server/router/build.(*buildRouter).postBuild(0xc0008333c0, {0xb8f708, 0xc0011a44b0}, {0xb8e130, 0xc0000ed500}, 0xc0010d4800, 0xc0012df760?)
    	/go/src/github.com/docker/docker/api/server/router/build/build_routes.go:280 +0x7a6
    github.com/docker/docker/api/server/middleware.ExperimentalMiddleware.WrapHandler.func1({0xb8f708, 0xc0011a44b0}, {0xb8e130?, 0xc0000ed500?}, 0x36cf80?, 0xc0010ab550?)
    	/go/src/github.com/docker/docker/api/server/middleware/experimental.go:26 +0x15b
    github.com/docker/docker/api/server/middleware.VersionMiddleware.WrapHandler.func1({0xb8f708, 0xc0011a4480}, {0xb8e130, 0xc0000ed500}, 0xc000d787e8?, 0xc000d787a0?)
    	/go/src/github.com/docker/docker/api/server/middleware/version.go:62 +0x4d7
    github.com/docker/docker/pkg/authorization.(*Middleware).WrapHandler.func1({0xb8f708, 0xc0011a4480}, {0xb8e130?, 0xc0000ed500?}, 0xc0010d4800, 0xc0010ab500?)
    	/go/src/github.com/docker/docker/pkg/authorization/middleware.go:59 +0x649
    github.com/docker/docker/api/server.(*Server).makeHTTPHandler.func1({0xb8e130, 0xc0000ed500}, 0xc0010d4700)
    	/go/src/github.com/docker/docker/api/server/server.go:53 +0x1ce
    net/http.HandlerFunc.ServeHTTP(0xc0010d4600?, {0xb8e130?, 0xc0000ed500?}, 0xc000d789e8?)
    	/usr/local/go/src/net/http/server.go:2122 +0x2f
    github.com/docker/docker/vendor/github.com/gorilla/mux.(*Router).ServeHTTP(0xc0001a7e00, {0xb8e130, 0xc0000ed500}, 0xc000d37600)
    	/go/src/github.com/docker/docker/vendor/github.com/gorilla/mux/mux.go:210 +0x1cf
    net/http.serverHandler.ServeHTTP({0xb7ec58?}, {0xb8e130, 0xc0000ed500}, 0xc000d37600)
    	/usr/local/go/src/net/http/server.go:2936 +0x316
    net/http.(*conn).serve(0xc0012661b0, {0xb8f708, 0xc000fd0360})
    	/usr/local/go/src/net/http/server.go:1995 +0x612
    created by net/http.(*Server).Serve
    	/usr/local/go/src/net/http/server.go:3089 +0x5ed

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit a0e1155b28)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-07-10 11:18:31 +02:00
..
cluster Fix missing Topology in NodeCSIInfo 2023-06-26 11:01:28 +02:00
config daemon: deprecate --oom-score-adjust for the daemon 2023-04-13 00:02:39 +02:00
containerd daemon/containerd: fix assignment to entry in nil map during commit 2023-07-10 11:18:31 +02:00
events daemon/events: use strings.Cut() 2022-12-21 11:09:01 +01:00
graphdriver vendor: github.com/mistifyio/go-zfs/v3 v3.0.1 2023-06-01 17:14:33 +02:00
images fixing consistent aliases for OCI spec imports 2023-06-01 17:22:49 +02:00
initlayer pkg/containerfs: drop ContainerFS type alias 2022-09-23 16:56:53 -04:00
links daemon/links: use strings.Cut() 2022-12-21 11:09:01 +01:00
listeners Update to Go 1.17.0, and gofmt with Go 1.17 2021-08-24 23:33:27 +02:00
logger fix some comments 2023-04-25 13:39:28 +08:00
names Add canonical import comment 2018-02-05 16:51:57 -05:00
network daemon: inline filters in tests 2023-04-25 15:13:26 +02:00
snapshotter c8d: mark stargz as requiring reference-counted mounts 2023-06-21 09:02:11 -06:00
stats migrate pkg/pubsub to github.com/moby/pubsub 2022-09-30 18:40:19 +02:00
testdata Remove libtrust dep from api 2017-09-06 12:05:19 -04:00
apparmor_default.go Revert "apparmor: Check if apparmor_parser is available" 2023-02-16 08:26:25 -07:00
apparmor_default_unsupported.go Update to Go 1.17.0, and gofmt with Go 1.17 2021-08-24 23:33:27 +02:00
archive.go daemon: refactor isOnlineFSOperationPermitted 2022-10-26 12:06:31 -04:00
archive_tarcopyoptions.go Finish refactor of UID/GID usage to a new struct 2022-03-14 16:28:57 -04:00
archive_tarcopyoptions_unix.go Update to Go 1.17.0, and gofmt with Go 1.17 2021-08-24 23:33:27 +02:00
archive_tarcopyoptions_windows.go Add canonical import comment 2018-02-05 16:51:57 -05:00
archive_unix.go daemon: archive in a dedicated mount namespace 2022-10-27 12:52:14 -04:00
archive_windows.go pkg/system: move CheckSystemDriveAndRemoveDriveLetter to pkg/archive 2022-11-29 17:07:48 +01:00
attach.go Make it explicit raw|multiplexed stream implementation being used 2022-05-12 11:36:31 +02:00
auth.go daemon: use types/registry.AuthConfig 2022-07-29 23:05:18 +02:00
changes.go c8d: add support for docker diff 2023-03-30 10:29:07 +01:00
checkpoint.go Refactor libcontainerd to minimize c8d RPCs 2022-08-24 14:59:08 -04:00
cluster.go Fix libnetwork imports 2021-06-01 21:51:23 +00:00
commit.go daemon: Daemon.CreateImageFromContainer(): remove intermediate vars 2023-04-29 02:59:54 +02:00
configs.go Merge configs/secrets in unix implementation 2018-02-16 11:25:14 -05:00
configs_linux.go Add canonical import comment 2018-02-05 16:51:57 -05:00
configs_unsupported.go Update to Go 1.17.0, and gofmt with Go 1.17 2021-08-24 23:33:27 +02:00
configs_windows.go Add canonical import comment 2018-02-05 16:51:57 -05:00
container.go container: split security options to a SecurityOptions struct 2023-04-29 00:03:37 +02:00
container_linux.go container: split security options to a SecurityOptions struct 2023-04-29 00:03:37 +02:00
container_operations.go libnetwork: return concrete-typed *Endpoint 2023-01-13 14:19:06 -05:00
container_operations_unix.go move pkg/system: process to a separate package 2022-11-04 01:50:23 +01:00
container_operations_windows.go refactor: move from io/ioutil to io and os package 2021-08-27 14:56:57 +08:00
container_unix_test.go daemon: allow shimv2 runtimes to be configured 2023-02-17 18:08:06 -05:00
container_windows.go daemon: fix capitalization of some functions 2020-04-14 17:22:19 +02:00
containerfs_linux.go daemon: archive in a dedicated mount namespace 2022-10-27 12:52:14 -04:00
content.go update to golang 1.19 2022-09-07 15:27:16 +02:00
create.go fixing consistent aliases for OCI spec imports 2023-06-01 17:22:49 +02:00
create_test.go bump gotest.tools v3.0.1 for compatibility with Go 1.14 2020-02-11 00:06:42 +01:00
create_unix.go Fix pruning anon volume created from image config 2023-03-14 11:06:26 +01:00
create_windows.go Fix pruning anon volume created from image config 2023-03-14 11:06:26 +01:00
daemon.go daemon: fix restoring container with missing task 2023-06-23 18:21:29 +02:00
daemon_linux.go remove deprecated legacy "overlay" storage-driver 2023-04-19 17:06:45 +02:00
daemon_linux_test.go daemon: remove deprecated AuFS storage driver 2023-04-15 01:27:16 +02:00
daemon_test.go Use hashicorp/go-memdb instead of truncindex 2022-05-20 18:22:21 +02:00
daemon_unix.go daemon: stop setting container resources to zero 2023-06-21 22:16:22 +02:00
daemon_unix_test.go container: split security options to a SecurityOptions struct 2023-04-29 00:03:37 +02:00
daemon_unsupported.go daemon: NewDaemon(): check system requirements early 2022-10-17 15:15:55 +02:00
daemon_windows.go container: split security options to a SecurityOptions struct 2023-04-29 00:03:37 +02:00
daemon_windows_test.go Update to Go 1.17.0, and gofmt with Go 1.17 2021-08-24 23:33:27 +02:00
debugtrap_unix.go Update to Go 1.17.0, and gofmt with Go 1.17 2021-08-24 23:33:27 +02:00
debugtrap_unsupported.go Update to Go 1.17.0, and gofmt with Go 1.17 2021-08-24 23:33:27 +02:00
debugtrap_windows.go pkg/signal: move signal.DumpStacks() to a separate package 2021-07-15 18:09:43 +02:00
delete.go Implement run using the containerd snapshotter 2023-02-06 18:21:50 +01:00
delete_test.go Refactor libcontainerd to minimize c8d RPCs 2022-08-24 14:59:08 -04:00
dependency.go Bump swarmkit to v2 2022-04-21 17:33:07 -04:00
devices_linux.go Add DeviceRequests to HostConfig to support NVIDIA GPUs 2019-03-18 17:19:45 +00:00
disk_usage.go daemon/disk_usage: Use context aware singleflight 2022-11-29 16:46:19 +01:00
errors.go Merge pull request #44003 from vvoland/invalidfilter 2023-02-22 16:24:47 +00:00
events.go daemon: LogDaemonEventWithAttributes: don't call SystemInfo() 2022-06-07 22:01:12 +02:00
events_test.go daemon: rename variables that collide with imported package names 2020-04-14 17:22:23 +02:00
exec.go daemon: translateContainerdStartErr(): rename to setExitCodeFromError() 2022-12-28 09:27:42 +01:00
exec_linux.go c8d: Set the process user on exec 2023-04-07 10:53:25 +02:00
exec_linux_test.go container: split security options to a SecurityOptions struct 2023-04-29 00:03:37 +02:00
exec_windows.go Refactor libcontainerd to minimize c8d RPCs 2022-08-24 14:59:08 -04:00
export.go remove GetLayerByID from ImageService interface 2023-03-10 17:54:55 +01:00
health.go daemon: fix double-unlock in health check probe 2023-06-23 00:59:41 +02:00
health_test.go daemon: suppress logs in unit tests 2019-10-18 00:57:56 +02:00
id.go daemon: remove migrateTrustKeyID() 2022-11-28 20:28:55 +01:00
image_service.go fixing consistent aliases for OCI spec imports 2023-06-01 17:22:49 +02:00
info.go Merge pull request #45298 from thaJeztah/pkg_pkatform_cleanup 2023-04-27 02:02:41 +02:00
info_unix.go Merge pull request #45320 from akerouanton/info-no-new-privileges 2023-04-18 14:37:15 +02:00
info_unix_test.go Update to Go 1.17.0, and gofmt with Go 1.17 2021-08-24 23:33:27 +02:00
info_windows.go Add no-new-privileges to SecurityOptions returned by /info 2023-04-18 09:34:08 +02:00
inspect.go c8d: Compute container's layer size 2023-03-08 00:58:02 +01:00
inspect_linux.go c8d: Compute container's layer size 2023-03-08 00:58:02 +01:00
inspect_test.go daemon: skip TestGetInspectData when using containerd snapshotters 2023-04-18 15:02:41 +02:00
inspect_windows.go c8d: Compute container's layer size 2023-03-08 00:58:02 +01:00
keys.go daemon: use strconv instead of fmt.Sprintf() 2022-10-08 17:41:39 +02:00
keys_unsupported.go Update to Go 1.17.0, and gofmt with Go 1.17 2021-08-24 23:33:27 +02:00
kill.go fix some comments 2023-04-25 13:39:28 +08:00
licensing.go Expose license status in Info (#37612) 2018-08-17 17:05:21 -07:00
licensing_test.go bump gotest.tools v3.0.1 for compatibility with Go 1.14 2020-02-11 00:06:42 +01:00
links.go Add canonical import comment 2018-02-05 16:51:57 -05:00
list.go images/Children: Return error 2023-04-13 16:20:02 +02:00
list_test.go daemon: inline filters in tests 2023-04-25 15:13:26 +02:00
list_unix.go Update to Go 1.17.0, and gofmt with Go 1.17 2021-08-24 23:33:27 +02:00
list_windows.go pkg/containerfs: alias ContainerFS to string 2022-09-23 16:56:52 -04:00
logdrivers_linux.go Support configuration of log cacher. 2020-02-19 17:02:34 -05:00
logdrivers_windows.go Support configuration of log cacher. 2020-02-19 17:02:34 -05:00
logs.go fix some comments 2023-04-25 13:39:28 +08:00
logs_test.go Add canonical import comment 2018-02-05 16:51:57 -05:00
metrics.go health: Start probe timeout after exec starts 2022-04-28 17:21:03 -04:00
metrics_unix.go set ReadHeaderTimeout to address G112: Potential Slowloris Attack (gosec) 2022-09-22 12:13:28 +02:00
metrics_unsupported.go Update to Go 1.17.0, and gofmt with Go 1.17 2021-08-24 23:33:27 +02:00
monitor.go daemon: fix panic on failed exec start 2023-06-22 23:25:44 +02:00
mounts.go daemon: daemon.prepareMountPoints(): fix panic if mount is not a volume 2023-07-07 15:47:32 +02:00
names.go daemon: registerName(): don't reserve name twice 2023-06-20 23:48:45 +02:00
network.go Make default options for newly created networks configurable 2023-03-01 07:58:26 +01:00
network_windows.go libnetwork: return concrete-typed *Endpoint 2023-01-13 14:19:06 -05:00
nvidia_linux.go goimports: fix imports 2019-09-18 12:56:54 +02:00
oci_linux.go daemon: ensure OCI options play nicely together 2023-06-21 22:16:28 +02:00
oci_linux_test.go daemon: stop setting container resources to zero 2023-06-21 22:16:22 +02:00
oci_opts.go daemon: ensure OCI options play nicely together 2023-06-21 22:16:28 +02:00
oci_utils.go daemon: ensure OCI options play nicely together 2023-06-21 22:16:28 +02:00
oci_windows.go daemon: add annotations to container HostConfig 2023-02-23 18:59:00 -05:00
oci_windows_test.go daemon: use strings.Cut() and cleanup error messages 2022-12-21 11:09:03 +01:00
pause.go Refactor libcontainerd to minimize c8d RPCs 2022-08-24 14:59:08 -04:00
prune.go daemon/prune: Use errdefs for invalid "until" value 2023-04-21 10:25:57 +02:00
reload.go reorder load funcs to match newServiceConfig()'s order 2023-05-18 23:03:47 +02:00
reload_test.go add mirror to daemon reload test for insecure registries 2023-05-18 23:03:44 +02:00
reload_unix.go daemon: use strconv instead of fmt.Sprintf() 2022-10-08 17:41:39 +02:00
reload_windows.go Add canonical import comment 2018-02-05 16:51:57 -05:00
rename.go libnetwork: return concrete-typed *Sandbox 2023-01-13 14:19:06 -05:00
resize.go Fix npe in exec resize when exec errored 2023-05-28 19:06:35 +02:00
resize_test.go Refactor libcontainerd to minimize c8d RPCs 2022-08-24 14:59:08 -04:00
restart.go imageservice: Add context to various methods 2022-11-03 12:22:40 +01:00
runtime_unix.go daemon: allow shimv2 runtimes to be configured 2023-02-17 18:08:06 -05:00
runtime_unix_test.go daemon: allow shimv2 runtimes to be configured 2023-02-17 18:08:06 -05:00
runtime_windows.go daemon: allow shimv2 runtimes to be configured 2023-02-17 18:08:06 -05:00
seccomp_linux.go daemon: ensure OCI options play nicely together 2023-06-21 22:16:28 +02:00
seccomp_linux_test.go container: split security options to a SecurityOptions struct 2023-04-29 00:03:37 +02:00
seccomp_unsupported.go Update to Go 1.17.0, and gofmt with Go 1.17 2021-08-24 23:33:27 +02:00
secrets.go Add canonical import comment 2018-02-05 16:51:57 -05:00
secrets_linux.go Add canonical import comment 2018-02-05 16:51:57 -05:00
secrets_unsupported.go Update to Go 1.17.0, and gofmt with Go 1.17 2021-08-24 23:33:27 +02:00
secrets_windows.go Add canonical import comment 2018-02-05 16:51:57 -05:00
start.go c8d: Use reference counting while mounting a snapshot 2023-06-20 12:54:03 -06:00
start_unix.go daemon: allow shimv2 runtimes to be configured 2023-02-17 18:08:06 -05:00
start_windows.go Windows CI: Add support for testing with containerd 2021-08-17 07:09:40 -07:00
stats.go Merge pull request #40478 from cpuguy83/dont-prime-the-stats 2020-04-16 20:57:06 +02:00
stats_collector.go pkg/sysinfo: move MemInfo and ReadMemInfo to a separate package 2023-03-15 17:52:45 +01:00
stats_unix.go daemon: move code related to stats together 2023-04-08 19:00:01 +02:00
stats_windows.go daemon: move code related to stats together 2023-04-08 19:00:01 +02:00
stop.go don't cancel container stop when cancelling context 2023-06-20 23:40:57 +02:00
top_unix.go Refactor libcontainerd to minimize c8d RPCs 2022-08-24 14:59:08 -04:00
top_unix_test.go Update to Go 1.17.0, and gofmt with Go 1.17 2021-08-24 23:33:27 +02:00
top_windows.go Refactor libcontainerd to minimize c8d RPCs 2022-08-24 14:59:08 -04:00
unpause.go Refactor libcontainerd to minimize c8d RPCs 2022-08-24 14:59:08 -04:00
update.go Refactor libcontainerd to minimize c8d RPCs 2022-08-24 14:59:08 -04:00
update_linux.go daemon: stop setting container resources to zero 2023-06-21 22:16:22 +02:00
update_linux_test.go daemon: stop setting container resources to zero 2023-06-21 22:16:22 +02:00
update_windows.go Windows: Experimental: Allow containerd for runtime 2019-03-12 18:41:55 -07:00
volumes.go Restore active mount counts on live-restore 2023-06-28 09:45:07 +02:00
volumes_linux.go Fix the several typos detected by github.com/client9/misspell 2018-08-09 00:45:00 +09:00
volumes_linux_test.go daemon: rename variables that collide with imported package names 2020-04-14 17:22:23 +02:00
volumes_unit_test.go volume/mounts: remove "containerOS" argument from NewParser (LCOW code) 2021-07-02 13:51:55 +02:00
volumes_unix.go daemon: archive in a dedicated mount namespace 2022-10-27 12:52:14 -04:00
volumes_windows.go Add ADD/COPY --chown flag support to Windows 2018-08-13 21:59:11 -07:00
wait.go Switch from x/net/context -> context 2018-04-23 13:52:44 -07:00
workdir.go Add ADD/COPY --chown flag support to Windows 2018-08-13 21:59:11 -07:00