[docker-29.x backport] daemon: buildCreateEndpointOptions: fix panic with "publish all"#51691
Merged
thaJeztah merged 2 commits intomoby:docker-29.xfrom Dec 11, 2025
Merged
Conversation
This code was added in 85b260f, but didn't account for maps.Clone returning a `nil` map if the map cloned was `nil`. This could lead to a panic, similar to the panic that was fixed in 7517464; panic: assignment to entry in nil map goroutine 498 [running]: github.com/moby/moby/v2/daemon.buildPortsRelatedCreateEndpointOptions(0x400042f348, 0xaaaabcc8f458?, 0x40006feb40) /root/build-deb/engine/daemon/network.go:1047 +0x844 github.com/moby/moby/v2/daemon.buildCreateEndpointOptions(0x400042f348, 0x4001015040, 0x400027d320, 0x40006feb40, {0x0, 0x0, 0x4001506cb8?}) /root/build-deb/engine/daemon/network.go:988 +0x20c github.com/moby/moby/v2/daemon.(*Daemon).connectToNetwork(0x4000898008, {0xaaaabe21d9f8, 0x4000f12b10}, 0x400089a008, 0x400042f348, {0x400077a9f0, 0x6}, 0x400027d320) /root/build-deb/engine/daemon/container_operations.go:738 +0x66c github.com/moby/moby/v2/daemon.(*Daemon).allocateNetwork(0x4000898008, {0xaaaabe21d9f8, 0x4000f12b10}, 0x400089a008, 0x400042f348) /root/build-deb/engine/daemon/container_operations.go:421 +0x298 github.com/moby/moby/v2/daemon.(*Daemon).initializeCreatedTask(0x4000898008, {0xaaaabe21d9f8, 0x4000f12b10}, 0x400089a008, {0xaaaabe23dc60, 0x4000eb21c8}, 0x400042f348, 0xaaaabd4db3df?) /root/build-deb/engine/daemon/start_linux.go:37 +0x260 github.com/moby/moby/v2/daemon.(*Daemon).containerStart(0x4000898008, {0xaaaabe21d9c0, 0xaaaabfa05300}, 0x400089a008, 0x400042f348, {0x0, 0x0}, {0x0, 0x0}, 0x1) /root/build-deb/engine/daemon/start.go:242 +0xba8 github.com/moby/moby/v2/daemon.(*Daemon).restore.func4(0x400042f348, 0x400117f1f0) /root/build-deb/engine/daemon/daemon.go:633 +0x308 created by github.com/moby/moby/v2/daemon.(*Daemon).restore in goroutine 1 /root/build-deb/engine/daemon/daemon.go:607 +0x5ec Signed-off-by: Sebastiaan van Stijn <[email protected]> (cherry picked from commit 695010b) Signed-off-by: Paweł Gronowski <[email protected]>
Make sure PortBindings is not a nil-map to match the behavior we have when creating a container; https://github.com/moby/moby/blob/c64b781df2387bea01720a3a3411f7d29dd40ea8/daemon/internal/runconfig/config.go#L30-L47 Signed-off-by: Sebastiaan van Stijn <[email protected]> (cherry picked from commit 2a19166) Signed-off-by: Paweł Gronowski <[email protected]>
2bcdb94 to
bb2e099
Compare
robmry
approved these changes
Dec 11, 2025
Contributor
Author
|
Hmm this one keeps reappearing |
austinvazquez
approved these changes
Dec 11, 2025
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
4 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
backport: daemon: buildCreateEndpointOptions: fix panic with "publish all" #51683
introduced in PublishAllPorts: create port mappings for exposed ports #51586
relates to / similar PublishAllPorts: don't crash with nil PortBindings #51621
fixes panic: "assignment to entry in nil map" in daemon/network.go during start with PublishAllPorts=true #51620 (comment)
This code was added in 85b260f, but didn't account for maps.Clone returning a
nilmap if the map cloned wasnil.This could lead to a panic, similar to the panic that was fixed in 7517464;
- What I did
- How I did it
- How to verify it
- Human readable description for the release notes
- A picture of a cute animal (not mandatory but encouraged)