Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

"podman inspect" triggers SIGSEGV on FreeBSD #21117

Closed
bcooksley opened this issue Jan 2, 2024 · 0 comments · Fixed by #21253
Closed

"podman inspect" triggers SIGSEGV on FreeBSD #21117

bcooksley opened this issue Jan 2, 2024 · 0 comments · Fixed by #21253
Labels
kind/bug Categorizes issue or PR as related to a bug. locked - please file new issue/PR Assist humans wanting to comment on an old issue or PR with locked comments.

Comments

@bcooksley
Copy link
Contributor

Issue Description

We're currently experimenting with the use of Podman on FreeBSD to see if it is suitable for use within KDE's CI production environment.

So far, we've managed to put together an image (and have that building perfectly fine) however when getting Gitlab Runner to stand up a Podman container it appears it runs the equivalent of "podman inspect" which fails.

Code at https://github.com/containers/podman/blob/main/libpod/container_inspect.go#L319 (moved down 3 lines since 4.7.2) appears to be the issue here as it is not checking whether c.config.Spec.Linux is valid before trying to use it.

Steps to reproduce the issue

Steps to reproduce the issue

  1. Start a container, noting it's container ID
  2. Run "podman inspect $containerID"

Describe the results you received

root@node5-freebsd:~ # podman inspect b82eb05297bf
panic: runtime error: invalid memory address or nil pointer dereference
[signal SIGSEGV: segmentation violation code=0x1 addr=0x98 pc=0x212520f]

goroutine 1 [running]:
github.com/containers/podman/v4/libpod.(*Container).GetSecurityOptions(0x850687100)
/wrkdirs/usr/ports/sysutils/podman/work/podman-4.7.2/libpod/container_inspect.go:316 +0x3ef
github.com/containers/podman/v4/libpod.(*Container).generateInspectContainerHostConfig(0x850687100, 0x8501725a0, {0x26fcc28, 0x0, 0x26fcc28?}, {0x26fcc28, 0x0, 0x0?})
/wrkdirs/usr/ports/sysutils/podman/work/podman-4.7.2/libpod/container_inspect.go:494 +0x9ff
github.com/containers/podman/v4/libpod.(*Container).getContainerInspectData(0x850687100, 0x0, 0x8505bca68)
/wrkdirs/usr/ports/sysutils/podman/work/podman-4.7.2/libpod/container_inspect.go:210 +0x148a
github.com/containers/podman/v4/libpod.(*Container).inspectLocked(0x850687100, 0xa0?)
/wrkdirs/usr/ports/sysutils/podman/work/podman-4.7.2/libpod/container_inspect.go:32 +0x27f
github.com/containers/podman/v4/libpod.(*Container).Inspect(0x850687100?, 0xcf?)
/wrkdirs/usr/ports/sysutils/podman/work/podman-4.7.2/libpod/container_inspect.go:46 +0xc5
github.com/containers/podman/v4/pkg/domain/infra/abi.(*ContainerEngine).ContainerInspect(0x850128b58, {0xad82d6950c0?, 0x5?}, {0x850446d40, 0x1, 0x85081f7a0?}, {{0x5c7394, 0x4}, 0x0, 0x0, ...})
/wrkdirs/usr/ports/sysutils/podman/work/podman-4.7.2/pkg/domain/infra/abi/containers.go:521 +0x525
github.com/containers/podman/v4/cmd/podman/inspect.(*inspector).inspectAll(0x8500b96d0, {0x896b70, 0x8500460f0}, {0x85051a8e0, 0x1, 0x1})
/wrkdirs/usr/ports/sysutils/podman/work/podman-4.7.2/cmd/podman/inspect/inspect.go:214 +0x1ed
github.com/containers/podman/v4/cmd/podman/inspect.(*inspector).inspect(0x8500b96d0, {0x85051a8e0?, 0x0?, 0x5c6615?})
/wrkdirs/usr/ports/sysutils/podman/work/podman-4.7.2/cmd/podman/inspect/inspect.go:102 +0x191
github.com/containers/podman/v4/cmd/podman/inspect.Inspect({0x85051a8e0, 0x1, 0x1}, {{0x5c7394, 0x4}, 0x0, 0x0, {0x5c6615, 0x3}, 0x0})
/wrkdirs/usr/ports/sysutils/podman/work/podman-4.7.2/cmd/podman/inspect/inspect.go:46 +0x8c
main.inspectExec(0x25eecc0?, {0x85051a8e0?, 0x1?, 0x1?})
/wrkdirs/usr/ports/sysutils/podman/work/podman-4.7.2/cmd/podman/inspect.go:45 +0x6a
github.com/spf13/cobra.(*Command).execute(0x25eecc0, {0x8500401a0, 0x1, 0x1})
/wrkdirs/usr/ports/sysutils/podman/work/podman-4.7.2/vendor/github.com/spf13/cobra/command.go:940 +0x862
github.com/spf13/cobra.(*Command).ExecuteC(0x25ef560)
/wrkdirs/usr/ports/sysutils/podman/work/podman-4.7.2/vendor/github.com/spf13/cobra/command.go:1068 +0x3bd
github.com/spf13/cobra.(*Command).Execute(...)
/wrkdirs/usr/ports/sysutils/podman/work/podman-4.7.2/vendor/github.com/spf13/cobra/command.go:992
github.com/spf13/cobra.(*Command).ExecuteContext(...)
/wrkdirs/usr/ports/sysutils/podman/work/podman-4.7.2/vendor/github.com/spf13/cobra/command.go:985
main.Execute()
/wrkdirs/usr/ports/sysutils/podman/work/podman-4.7.2/cmd/podman/root.go:114 +0xcc
main.main()
/wrkdirs/usr/ports/sysutils/podman/work/podman-4.7.2/cmd/podman/main.go:60 +0x47f

Describe the results you expected

Correct output from "podman inspect $containerID"

podman info output

host:
  arch: amd64
  buildahVersion: 1.32.0
  cgroupControllers: null
  cgroupManager: ""
  cgroupVersion: ""
  conmon:
    package: conmon-2.1.7_6
    path: /usr/local/bin/conmon
    version: 'conmon version 2.1.7, commit: unknown'
  cpuUtilization:
    idlePercent: 99.76693789932746
    systemPercent: 0.11194614722325436
    userPercent: 0.11836839677552313
  cpus: 16
  databaseBackend: boltdb
  distribution:
    distribution: freebsd
    version: "14.0"
  eventLogger: file
  hostname: node5-freebsd
  idMappings:
    gidmap: null
    uidmap: null
  kernel: 14.0-RELEASE
  linkmode: dynamic
  logDriver: k8s-file
  memFree: 1083846656
  memTotal: 17137356800
  networkBackend: cni
  networkBackendInfo:
    backend: cni
    dns: {}
  ociRuntime:
    name: ocijail
    package: ocijail-0.3.0
    path: /usr/local/bin/ocijail
    version: ocijail version 0.3.0
  os: freebsd
  pasta:
    executable: ""
    package: ""
    version: ""
  remoteSocket:
    exists: true
    path: /var/run/podman/podman.sock
  security:
    apparmorEnabled: false
    capabilities: ""
    rootless: false
    seccompEnabled: false
    seccompProfilePath: ""
    selinuxEnabled: false
  serviceIsRemote: false
  slirp4netns:
    executable: ""
    package: ""
    version: ""
  swapFree: 0
  swapTotal: 0
  uptime: 73h 54m 59.00s (Approximately 3.04 days)
plugins:
  authorization: null
  log:
  - k8s-file
  - none
  - passthrough
  network:
  - bridge
  - macvlan
  - ipvlan
  volume:
  - local
registries: {}
store:
  configFile: /usr/local/etc/containers/storage.conf
  containerStore:
    number: 4
    paused: 0
    running: 1
    stopped: 3
  graphDriverName: zfs
  graphOptions: {}
  graphRoot: /var/db/containers/storage
  graphRootAllocated: 173418348544
  graphRootUsed: 129765376
  graphStatus:
    Compression: lz4
    Parent Dataset: zroot/containers
    Parent Quota: "no"
    Space Available: "173288583168"
    Space Used By Parent: "31008272384"
    Zpool: zroot
    Zpool Health: ONLINE
  imageCopyTmpDir: /var/tmp
  imageStore:
    number: 26
  runRoot: /var/run/containers/storage
  transientStore: false
  volumePath: /var/db/containers/storage/volumes
version:
  APIVersion: 4.7.2
  Built: 1702982426
  BuiltTime: Tue Dec 19 10:40:26 2023
  GitCommit: ""
  GoVersion: go1.20.12
  Os: freebsd
  OsArch: freebsd/amd64
  Version: 4.7.2

Podman in a container

No

Privileged Or Rootless

None

Upstream Latest Release

No

Additional environment details

Virtual Machine running FreeBSD 14.0.
VM Software is KVM on a Linux host running Debian Bookworm.

Additional information

No response
@bcooksley bcooksley added the kind/bug Categorizes issue or PR as related to a bug. label Jan 2, 2024
freebsd-git pushed a commit to freebsd/freebsd-ports that referenced this issue Jan 11, 2024
sysutils/podman: update to 4.8.3
094c6d2 
This also adds a fix for containers/podman#21117
which will be submitted upstream soon (credit to Ben Cooksley from KDE
for that one).
@bcooksley bcooksley mentioned this issue Jan 14, 2024
Merged
bcooksley added a commit to bcooksley/podman that referenced this issue Jan 16, 2024
@bcooksley
[NO NEW TESTS NEEDED] [FreeBSD] Fix crash when running podman inspect
971f2eb 
When preparing container inspection output, ensure we actually have masked paths to work with.
These will only be available on Linux, which is no longer always true as we also support FreeBSD now.

Fixes containers#21117

Signed-off-by: Ben Cooksley <[email protected]>
@github-actions github-actions bot added the locked - please file new issue/PR Assist humans wanting to comment on an old issue or PR with locked comments. label Apr 17, 2024
@github-actions github-actions bot locked as resolved and limited conversation to collaborators Apr 17, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
kind/bug Categorizes issue or PR as related to a bug. locked - please file new issue/PR Assist humans wanting to comment on an old issue or PR with locked comments.
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

[FreeBSD] Fix crash when running podman inspect bcooksley/podman
1 participant
@bcooksley