From edeb79309c6ce320161ed7d1f688bec11a770ede Mon Sep 17 00:00:00 2001 From: Tigran Sogomonian Date: Mon, 9 Jun 2025 17:17:48 +0300 Subject: [PATCH 1/3] util_linux: add connection close in setupIO If an error occurs while creating a file descriptor using socket, err := uc.File(), this error is returned to the calling runner.run function. The runner.run function also simply returns this error, and, as a result, the connection created in the line conn, err := net.Dial("unix", sockpath) remains open. Found by Linux Verification Center (linuxtesting.org) with SVACE. Signed-off-by: Tigran Sogomonian --- utils_linux.go | 2 ++ 1 file changed, 2 insertions(+) diff --git a/utils_linux.go b/utils_linux.go index 9c9e1e83b74..55f0f73d90c 100644 --- a/utils_linux.go +++ b/utils_linux.go @@ -123,11 +123,13 @@ func setupIO(process *libcontainer.Process, container *libcontainer.Container, c } uc, ok := conn.(*net.UnixConn) if !ok { + conn.Close() return nil, errors.New("casting to UnixConn failed") } t.postStart = append(t.postStart, uc) socket, err := uc.File() if err != nil { + conn.Close() return nil, err } t.postStart = append(t.postStart, socket) From 2b3f876cce69aa7b598aee50c89be12b5087d4c0 Mon Sep 17 00:00:00 2001 From: Tigran Sogomonian Date: Fri, 4 Jul 2025 15:19:56 +0300 Subject: [PATCH 2/3] util_linux: add connection close in setupIO Make connection close using defer. Found by Linux Verification Center (linuxtesting.org) with SVACE. Signed-off-by: Tigran Sogomonian --- utils_linux.go | 21 ++++++++++++--------- 1 file changed, 12 insertions(+), 9 deletions(-) diff --git a/utils_linux.go b/utils_linux.go index 55f0f73d90c..f946aa419fb 100644 --- a/utils_linux.go +++ b/utils_linux.go @@ -95,7 +95,7 @@ func newProcess(p *specs.Process) (*libcontainer.Process, error) { } // setupIO modifies the given process config according to the options. -func setupIO(process *libcontainer.Process, container *libcontainer.Container, createTTY, detach bool, sockpath string) (*tty, error) { +func setupIO(process *libcontainer.Process, container *libcontainer.Container, createTTY, detach bool, sockpath string) (_ *tty, Err error) { if createTTY { process.Stdin = nil process.Stdout = nil @@ -117,20 +117,23 @@ func setupIO(process *libcontainer.Process, container *libcontainer.Container, c }() } else { // the caller of runc will handle receiving the console master - conn, err := net.Dial("unix", sockpath) - if err != nil { - return nil, err + conn, Err := net.Dial("unix", sockpath) + if Err != nil { + return nil, Err } + defer func() { + if Err != nil { + conn.Close() + } + }() uc, ok := conn.(*net.UnixConn) if !ok { - conn.Close() return nil, errors.New("casting to UnixConn failed") } t.postStart = append(t.postStart, uc) - socket, err := uc.File() - if err != nil { - conn.Close() - return nil, err + socket, Err := uc.File() + if Err != nil { + return nil, Err } t.postStart = append(t.postStart, socket) process.ConsoleSocket = socket From 5d12fc31ae1abd835c678d71f944120d8d9e3265 Mon Sep 17 00:00:00 2001 From: Tigran Sogomonian Date: Sat, 5 Jul 2025 14:36:09 +0300 Subject: [PATCH 3/3] util_linux: add connection close in setupIO Fix Err to err Found by Linux Verification Center (linuxtesting.org) with SVACE. Signed-off-by: Tigran Sogomonian --- utils_linux.go | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/utils_linux.go b/utils_linux.go index f946aa419fb..10ff727fcc7 100644 --- a/utils_linux.go +++ b/utils_linux.go @@ -117,9 +117,9 @@ func setupIO(process *libcontainer.Process, container *libcontainer.Container, c }() } else { // the caller of runc will handle receiving the console master - conn, Err := net.Dial("unix", sockpath) - if Err != nil { - return nil, Err + conn, err := net.Dial("unix", sockpath) + if err != nil { + return nil, err } defer func() { if Err != nil { @@ -131,9 +131,9 @@ func setupIO(process *libcontainer.Process, container *libcontainer.Container, c return nil, errors.New("casting to UnixConn failed") } t.postStart = append(t.postStart, uc) - socket, Err := uc.File() - if Err != nil { - return nil, Err + socket, err := uc.File() + if err != nil { + return nil, err } t.postStart = append(t.postStart, socket) process.ConsoleSocket = socket