Skip to content

pkg/ipam: fix nil dereference during pool shrink operation#41198

Merged
aditighag merged 1 commit intocilium:mainfrom
alimehrabikoshki:fix/multipool-crash
Aug 19, 2025
Merged

pkg/ipam: fix nil dereference during pool shrink operation#41198
aditighag merged 1 commit intocilium:mainfrom
alimehrabikoshki:fix/multipool-crash

Conversation

@alimehrabikoshki
Copy link
Copy Markdown
Contributor

@alimehrabikoshki alimehrabikoshki commented Aug 15, 2025

Please ensure your pull request adheres to the following guidelines:

  • For first time contributors, read Submitting a pull request
  • All code is covered by unit and/or runtime tests where feasible.
  • All commits contain a well written commit description including a title,
    description and a Fixes: #XXX line if the commit addresses a particular
    GitHub issue.
  • If your commit description contains a Fixes: <commit-id> tag, then
    please add the commit author[s] as reviewer[s] to this issue.
  • All commits are signed off. See the section Developer’s Certificate of Origin
  • Provide a title or release-note blurb suitable for the release notes.
  • Are you a user of Cilium? Please add yourself to the Users doc
  • Thanks for contributing!

When shrinking a CiliumPodIPPool the operator could crash with a nil pointer dereference in updateCIDRSets. The loop deletes entries from the slice it is iterating over, leaving behind nil slots that are dereferenced in the next iteration. This change skips over nil items in the slice. It also introduces a new unit test for this behaviour.

Fixes: #41197

pkg/ipam: fix nil dereference during pool shrink operation

@alimehrabikoshki alimehrabikoshki requested a review from a team as a code owner August 15, 2025 23:29
@maintainer-s-little-helper maintainer-s-little-helper bot added the dont-merge/needs-release-note-label The author needs to describe the release impact of these changes. label Aug 15, 2025
@github-actions github-actions bot added the kind/community-contribution This was a contribution made by a community member. label Aug 15, 2025
@alimehrabikoshki
pkg/ipam: fix nil dereference during pool shrink operation
2e7b9fa 
When shrinking a CiliumPodIPPool the operator could crash with a nil pointer
dereference in updateCIDRSets.  The loop deletes entries from the slice it is
iterating over, leaving behind nil slots that are dereferenced in the next
iteration. This change skips over nil items in the slice.

Signed-off-by: alimehrabikoshki <79400736+alimehrabikoshki@users.noreply.github.com>
gandro
gandro approved these changes Aug 18, 2025
View reviewed changes
Copy link
Copy Markdown
Member

@gandro gandro left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nice, thanks a lot!

@gandro gandro added release-note/bug This PR fixes an issue in a previous release of Cilium. needs-backport/1.18 This PR / issue needs backporting to the v1.18 branch labels Aug 18, 2025
@maintainer-s-little-helper maintainer-s-little-helper bot removed the dont-merge/needs-release-note-label The author needs to describe the release impact of these changes. label Aug 18, 2025
@gandro gandro added the area/multipool Affects Multi-Pool IPAM label Aug 18, 2025
@gandro
Copy link
Copy Markdown
Member

gandro commented Aug 18, 2025

/test

@maintainer-s-little-helper maintainer-s-little-helper bot added the ready-to-merge This PR has passed all tests and received consensus from code owners to merge. label Aug 19, 2025
@aditighag aditighag added this pull request to the merge queue Aug 19, 2025
Merged via the queue into cilium:main with commit e69bd64 Aug 19, 2025
68 of 69 checks passed
@pippolo84 pippolo84 mentioned this pull request Aug 25, 2025
Merged
17 tasks
@pippolo84 pippolo84 added backport-pending/1.18 The backport for Cilium 1.18.x for this PR is in progress. and removed needs-backport/1.18 This PR / issue needs backporting to the v1.18 branch labels Aug 25, 2025
@github-actions github-actions bot added backport-done/1.18 The backport for Cilium 1.18.x for this PR is done. and removed backport-pending/1.18 The backport for Cilium 1.18.x for this PR is in progress. labels Sep 1, 2025
@cilium-release-bot cilium-release-bot bot moved this to Released in cilium v1.19.0 Feb 3, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@gandro gandro gandro approved these changes

Assignees

No one assigned

Labels

area/multipool Affects Multi-Pool IPAM backport-done/1.18 The backport for Cilium 1.18.x for this PR is done. kind/community-contribution This was a contribution made by a community member. ready-to-merge This PR has passed all tests and received consensus from code owners to merge. release-note/bug This PR fixes an issue in a previous release of Cilium.

Projects

No open projects
cilium v1.19.0
Status: Released

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

cilium-operator crashes when PodIPPool is shrunk

4 participants

@alimehrabikoshki @gandro @pippolo84 @aditighag