podman network create panics

[b177y]

Is this a BUG REPORT or FEATURE REQUEST? (leave only one on its own line)

/kind bug

Description

podman network create example0 panics when not using IPAM CNI plugin.

I'm trying to create containers without having any IP addresses assigned by podman, and then I manually assign the addresses inside the containers. I have this working by removing the contents of the ipam section within the cni conflist. This allows the networking to work as expected, but it causes other podman networking functionality to panic, such as creating a new network.

Steps to reproduce the issue:

1. podman network create int0 --internal

2. open ~/.config/cni/net.d/int0.conflist and set ipam: {}

3. podman network create test0

Describe the results you received:

Panic:

[signal SIGSEGV: segmentation violation code=0x1 addr=0x0 pc=0x560c3442c313]

goroutine 1 [running]:
github.com/containers/podman/v3/libpod/network.allocatorToIPNets({0xc0004947e0, 0x2, 0x560c34aacfdb})
        github.com/containers/podman/v3/libpod/network/network.go:121 +0xb3
github.com/containers/podman/v3/libpod/network.GetFreeNetwork(0x0)
        github.com/containers/podman/v3/libpod/network/network.go:93 +0x1b9
github.com/containers/podman/v3/libpod/network.createBridge({0x7fff9b7b8092, 0x2}, {0x0, {0x560c34a2a6ca, 0x6}, {0x0, 0x0, 0x0}, 0x0, 0xc000492810, ...}, ...)
        github.com/containers/podman/v3/libpod/network/create.go:145 +0x2e5
github.com/containers/podman/v3/libpod/network.Create({0x7fff9b7b8092, 0x2}, {0x0, {0x560c34a2a6ca, 0x6}, {0x0, 0x0, 0x0}, 0x0, 0xc000492810, ...}, ...)
        github.com/containers/podman/v3/libpod/network/create.go:34 +0x191
github.com/containers/podman/v3/pkg/domain/infra/abi.(*ContainerEngine).NetworkCreate(0xc0003db800, {0xc000539d38, 0xc00045a190}, {0x7fff9b7b8092, 0x2}, {0x0, {0x560c34a2a6ca, 0x6}, {0x0, 0x0, ...}, ...})
        github.com/containers/podman/v3/pkg/domain/infra/abi/network.go:142 +0x8d
github.com/containers/podman/v3/cmd/podman/networks.networkCreate(0x560c35c17e20, {0xc00045a180, 0x1, 0x1})
        github.com/containers/podman/v3/cmd/podman/networks/create.go:110 +0x207
github.com/spf13/cobra.(*Command).execute(0x560c35c17e20, {0xc000136030, 0x1, 0x1})
        github.com/spf13/[email protected]/command.go:856 +0x60e
github.com/spf13/cobra.(*Command).ExecuteC(0x560c35c21e20)
        github.com/spf13/[email protected]/command.go:974 +0x3bc
github.com/spf13/cobra.(*Command).Execute(...)
        github.com/spf13/[email protected]/command.go:902
github.com/spf13/cobra.(*Command).ExecuteContext(...)
        github.com/spf13/[email protected]/command.go:895
main.Execute()
        github.com/containers/podman/v3/cmd/podman/root.go:91 +0xbe
main.main()
        github.com/containers/podman/v3/cmd/podman/main.go:39 +0x74

Describe the results you expected:

It should successfully create the new network

Additional information you deem important (e.g. issue happens only occasionally):

Output of podman version:

Version:      3.4.4
API Version:  3.4.4
Go Version:   go1.17.4
Git Commit:   f6526ada1025c2e3f88745ba83b8b461ca659933
Built:        Thu Dec  9 18:30:40 2021
OS/Arch:      linux/amd64

Output of podman info --debug:

host:
  arch: amd64
  buildahVersion: 1.23.1
  cgroupControllers:
  - memory
  - pids
  cgroupManager: systemd
  cgroupVersion: v2
  conmon:
    package: /usr/bin/conmon is owned by conmon 1:2.0.31-1
    path: /usr/bin/conmon
    version: 'conmon version 2.0.31, commit: 7e7eb74e52abf65a6d46807eeaea75425cc8a36c'
  cpus: 12
  distribution:
    distribution: arch
    version: unknown
  eventLogger: journald
  hostname: laptop-0xE802
  idMappings:
    gidmap:
    - container_id: 0
      host_id: 1000
      size: 1
    - container_id: 1
      host_id: 100000
      size: 65536
    uidmap:
    - container_id: 0
      host_id: 1000
      size: 1
    - container_id: 1
      host_id: 100000
      size: 65536
  kernel: 5.15.12-arch1-1
  linkmode: dynamic
  logDriver: journald
  memFree: 10338967552
  memTotal: 16408694784
  ociRuntime:
    name: crun
    package: /usr/bin/crun is owned by crun 1.4-1
    path: /usr/bin/crun
    version: |-
      crun version 1.4
      commit: 3daded072ef008ef0840e8eccb0b52a7efbd165d
      spec: 1.0.0
      +SYSTEMD +SELINUX +APPARMOR +CAP +SECCOMP +EBPF +CRIU +YAJL
  os: linux
  remoteSocket:
    exists: true
    path: /run/user/1000/podman/podman.sock
  security:
    apparmorEnabled: false
    capabilities: CAP_CHOWN,CAP_DAC_OVERRIDE,CAP_FOWNER,CAP_FSETID,CAP_KILL,CAP_NET_BIND_SERVICE,CAP_SETFCAP,CAP_SETGID,CAP_SETPCAP,CAP_SETUID,CAP_SYS_CHROOT
    rootless: true
    seccompEnabled: true
    seccompProfilePath: /etc/containers/seccomp.json
    selinuxEnabled: false
  serviceIsRemote: false
  slirp4netns:
    executable: /usr/bin/slirp4netns
    package: /usr/bin/slirp4netns is owned by slirp4netns 1.1.12-1
    version: |-
      slirp4netns version 1.1.12
      commit: 7a104a101aa3278a2152351a082a6df71f57c9a3
      libslirp: 4.6.1
      SLIRP_CONFIG_VERSION_MAX: 3
      libseccomp: 2.5.3
  swapFree: 19861590016
  swapTotal: 21474832384
  uptime: 45h 0m 29.73s (Approximately 1.88 days)
plugins:
  log:
  - k8s-file
  - none
  - journald
  network:
  - bridge
  - macvlan
  volume:
  - local
registries: {}
store:
  configFile: /home/billy/.config/containers/storage.conf
  containerStore:
    number: 1
    paused: 0
    running: 1
    stopped: 0
  graphDriverName: overlay
  graphOptions:
    overlay.mount_program:
      Executable: /usr/bin/fuse-overlayfs
      Package: /usr/bin/fuse-overlayfs is owned by fuse-overlayfs 1.8-1
      Version: |-
        fusermount3 version: 3.10.5
        fuse-overlayfs: version 1.8
        FUSE library version 3.10.5
        using FUSE kernel interface version 7.31
  graphRoot: /home/billy/.local/share/containers/storage
  graphStatus:
    Backing Filesystem: extfs
    Native Overlay Diff: "false"
    Supports d_type: "true"
    Using metacopy: "false"
  imageStore:
    number: 25
  runRoot: /run/user/1000/containers
  volumePath: /home/billy/.local/share/containers/storage/volumes
version:
  APIVersion: 3.4.4
  Built: 1639074640
  BuiltTime: Thu Dec  9 18:30:40 2021
  GitCommit: f6526ada1025c2e3f88745ba83b8b461ca659933
  GoVersion: go1.17.4
  OsArch: linux/amd64
  Version: 3.4.4

Package info (e.g. output of rpm -q podman or apt list podman):

podman 3.4.4-1

Have you tested with the latest version of Podman and have you checked the Podman Troubleshooting Guide? (https://github.com/containers/podman/blob/main/troubleshooting.md)

Yes

Additional environment details (AWS, VirtualBox, physical, etc.):

Tested on bare metal install of arch linux

[Luap99]

Any chance you can test this with podman 4.0? This part of the code was completely rewritten.

[b177y]

Using v4.0.0-RC2 it no longer panics and is now giving an error message instead:

ERRO[0000] CNI config list /home/billy/.config/cni/net.d/int0.conflist could not be converted to a libpod config, skipping: unsupported ipam plugin in /home/billy/.config/cni/net.d/int0.conflist

This happens if I set ipam: {} or if i leave out the ipam key in the conflist.

However I can no longer create containers attached to these networks as it believes they are invalid, is there another way I could create a valid CNI network that doesn't set IP addresses for the containers?

[Luap99]

Thanks for testing, and the good side it will at least not panic. I think we have to add a new ipam mode none for this. At the moment we parse the config files and try to convert this to a more generic structure.

[github-actions]

A friendly reminder that this issue had no activity for 30 days.