From 369416b763616928715c5e191065e357a7a6ab82 Mon Sep 17 00:00:00 2001 From: Francesco Romani Date: Thu, 10 Jun 2021 16:22:43 +0200 Subject: [PATCH] cm: handle nil cpumanager avoiding segfault If the cpumanager feature gate is disabled, the corresponsing field of the containerManager will be nil. A couple functions don't check for this occurrence and happily deference the pointer unconditionally, leading to possible segfaults. The relevant functions were introduced to support the podresources API, so to trigger this segfault all the following are needed: - cpumanager feature gate has to be disabled explicitely - any podresources API must be called Worth pointing out that when the new functions were introduced (around kubernetes 1.20) the default feature gate for cpumanager was already set to true, hence this bug is expected to be triggered rarely. Signed-off-by: Francesco Romani --- pkg/kubelet/cm/container_manager_linux.go | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/pkg/kubelet/cm/container_manager_linux.go b/pkg/kubelet/cm/container_manager_linux.go index 6406e03fa3f..b4395cd359a 100644 --- a/pkg/kubelet/cm/container_manager_linux.go +++ b/pkg/kubelet/cm/container_manager_linux.go @@ -1073,11 +1073,17 @@ func (cm *containerManagerImpl) GetAllocatableDevices() []*podresourcesapi.Conta } func (cm *containerManagerImpl) GetCPUs(podUID, containerName string) []int64 { - return cm.cpuManager.GetCPUs(podUID, containerName).ToSliceNoSortInt64() + if cm.cpuManager != nil { + return cm.cpuManager.GetCPUs(podUID, containerName).ToSliceNoSortInt64() + } + return []int64{} } func (cm *containerManagerImpl) GetAllocatableCPUs() []int64 { - return cm.cpuManager.GetAllocatableCPUs().ToSliceNoSortInt64() + if cm.cpuManager != nil { + return cm.cpuManager.GetAllocatableCPUs().ToSliceNoSortInt64() + } + return []int64{} } func (cm *containerManagerImpl) ShouldResetExtendedResourceCapacity() bool {