Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package docker for openSUSE:Factory checked in at 2022-06-30 13:18:10 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/docker (Old) and /work/SRC/openSUSE:Factory/.docker.new.1548 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "docker" Thu Jun 30 13:18:10 2022 rev:122 rq:985845 version:20.10.17_ce Changes: -------- --- /work/SRC/openSUSE:Factory/docker/docker.changes 2022-06-08 14:24:40.332483867 +0200 +++ /work/SRC/openSUSE:Factory/.docker.new.1548/docker.changes 2022-06-30 13:18:12.545526489 +0200 @@ -1,0 +2,7 @@ +Wed Jun 29 12:19:55 UTC 2022 - Aleksa Sarai <asarai@suse.com> + +- Backport <https://github.com/containerd/fifo/pull/32> to fix a crash-on-start + issue with dockerd. bsc#1200022 + + 0007-bsc1200022-fifo.Close-prevent-possible-panic-if-fifo.patch + +------------------------------------------------------------------- New: ---- 0007-bsc1200022-fifo.Close-prevent-possible-panic-if-fifo.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ docker.spec ++++++ --- /var/tmp/diff_new_pack.bboLAE/_old 2022-06-30 13:18:13.445527163 +0200 +++ /var/tmp/diff_new_pack.bboLAE/_new 2022-06-30 13:18:13.449527167 +0200 @@ -97,6 +97,8 @@ # SUSE-BACKPORT: Backport of several golang.org/x/crypto updates. # bsc#1193930 CVE-2021-43565 bsc#1197284 CVE-2022-27191 Patch302: 0006-bsc1193930-vendor-update-golang.org-x-crypto.patch +# SUSE-BACKPORT: Backport of <https://github.com/containerd/fifo/pull/32>. bsc#1200022 +Patch303: 0007-bsc1200022-fifo.Close-prevent-possible-panic-if-fifo.patch BuildRequires: audit BuildRequires: bash-completion BuildRequires: ca-certificates @@ -269,6 +271,8 @@ %patch301 -p1 # bsc#1193930 CVE-2021-43565 bsc#1197284 CVE-2022-27191 %patch302 -p1 +# bsc#1200022 +%patch303 -p1 # README_SUSE.md for documentation. cp %{SOURCE103} . ++++++ 0007-bsc1200022-fifo.Close-prevent-possible-panic-if-fifo.patch ++++++ From 078fbd36b8fecab42ac7faad973a16aed10ab28c Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn <github@gone.nl> Date: Fri, 29 Jan 2021 14:55:08 +0100 Subject: [PATCH 7/7] bsc1200022: fifo.Close(): prevent possible panic if fifo is nil I'm not sure if this is the right approach, and synchronisation should probably be added elsewhere to fix the underlying issue. Trying to prevent a panic that was seen on container restore in th docker daemon: panic: runtime error: invalid memory address or nil pointer dereference [signal SIGSEGV: segmentation violation code=0x1 addr=0x10 pc=0x5586c892a7a4] goroutine 420 [running]: github.com/docker/docker/vendor/github.com/containerd/fifo.(*fifo).Close(0x0, 0x0, 0x0) /go/src/github.com/docker/docker/vendor/github.com/containerd/fifo/fifo.go:208 +0x44 github.com/docker/docker/vendor/github.com/containerd/containerd/cio.(*cio).Close(0xc000d06f60, 0x5586cb5654d0, 0xc000d8e9e8) /go/src/github.com/docker/docker/vendor/github.com/containerd/containerd/cio/io.go:203 +0x90 github.com/docker/docker/libcontainerd/remote.(*client).Restore.func1(0xc0008bf820, 0xc0008a2040) /go/src/github.com/docker/docker/libcontainerd/remote/client.go:86 +0x5a github.com/docker/docker/libcontainerd/remote.(*client).Restore(0xc00098e5b0, 0x5586cb61c7c0, 0xc000052088, 0xc0011b6500, 0x40, 0xc0008bf810, 0x5586cb05cf00, 0xffffffffffffffff, 0x0, 0x0, ...) /go/src/github.com/docker/docker/libcontainerd/remote/client.go:107 +0x923 github.com/docker/docker/daemon.(*Daemon).restore.func3(0xc00079d9e0, 0xc000a38230, 0xc00000c1e0, 0xc00079d9a8, 0xc000d84f00, 0xc000d84ed0, 0xc000d84ea0, 0xc00128a280) /go/src/github.com/docker/docker/daemon/daemon.go:351 +0x48a created by github.com/docker/docker/daemon.(*Daemon).restore /go/src/github.com/docker/docker/daemon/daemon.go:319 +0x4b3 If the fifo is nil, there's nothing to be done in Close(), so returning early in that situation. Backport: <https://github.com/containerd/fifo/pull/32> SUSE-Bugs: bsc#1200022 Signed-off-by: Sebastiaan van Stijn <github@gone.nl> --- vendor/github.com/containerd/fifo/fifo.go | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/vendor/github.com/containerd/fifo/fifo.go b/vendor/github.com/containerd/fifo/fifo.go index 96c214f270bf..c3eec295b578 100644 --- a/vendor/github.com/containerd/fifo/fifo.go +++ b/vendor/github.com/containerd/fifo/fifo.go @@ -204,6 +204,10 @@ func (f *fifo) Write(b []byte) (int, error) { // before open(2) has returned and fifo was never opened. func (f *fifo) Close() (retErr error) { for { + if f == nil { + return + } + select { case <-f.closed: f.handle.Close() -- 2.36.1