Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix a possible nil-dereference crash #478

Merged
merged 3 commits into from
Feb 20, 2020
Merged

Fix a possible nil-dereference crash #478

merged 3 commits into from
Feb 20, 2020

Conversation

krnowak
Copy link
Member

@krnowak krnowak commented Feb 14, 2020

If we get a bounded instrument from an instrument with an already set
delegate and then concurrently call Unbind and RecordOne on it, it is
possible that Unbind will trigger the sync.Once "initialize" member
with a no op function, so the sync.Once "initialize" in RecordOne will
not be triggered anymore. This in turn will not set the implPtr to the
real bound instrument, so an atomic load later in RecordOne will again
return a nil pointer which we unconditionally dereference.

Add an extra check for a nil pointer - if this is true, then Unbind
was first and RecordOne should effectively be a no op.

@krnowak
Test for a panic inside global internal meter instrument's Unbind
dcf7abd
@krnowak
Fix a possible nil-dereference crash
8890a30 
There is a nil dereference crash if we perform some operations in
certain order:

- get a global meter
- create an instrument
- bind it
- set the delegate
- unbind the instrument
- call some recording function on the not-really-bound-anymore
  instrument

Unbind will run the no op run-once initialization routine, so the
follow-up RecordOne call will not run it's initialization
routine. Which RecordOne's initialization routine being skipped, the
delegate to bounded instrument is not set, but the code is still
trying to get a pointer to it and then unconditionally dereference it.

Add an extra check for a nil pointer - if this is true, then Unbind
was first and RecordOne should effectively be a no op.
@krnowak
Copy link
Member Author

krnowak commented Feb 17, 2020

Updated, added the test.

jmacd
jmacd approved these changes Feb 19, 2020
View reviewed changes
api/global/internal/meter_test.go
func TestUnbindThenRecordOne(t *testing.T) {
internal.ResetForTest()

// Note: this test uses oppsite Float64/Int64 number kinds
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Delete this comment.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Oops, copy pasta. Will fix in a separate PR.

@jmacd jmacd merged commit 29cd0c0 into open-telemetry:master Feb 20, 2020
@krnowak krnowak deleted the fix-possible-crash branch February 20, 2020 22:09
@krnowak krnowak mentioned this pull request Feb 28, 2020
Merged
@pellared pellared added this to the untracked milestone Nov 8, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@lizthegrey lizthegrey lizthegrey left review comments

@rghetia rghetia rghetia approved these changes

@MrAlias MrAlias MrAlias approved these changes

@jmacd jmacd jmacd approved these changes

@iredelmeier iredelmeier Awaiting requested review from iredelmeier

@paivagustavo paivagustavo Awaiting requested review from paivagustavo

@tedsuo tedsuo Awaiting requested review from tedsuo

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
untracked
Development

Successfully merging this pull request may close these issues.
6 participants
@krnowak @lizthegrey @jmacd @MrAlias @rghetia @pellared