From 709e27bf4bb67e90b6888556e9185228dec38200 Mon Sep 17 00:00:00 2001 From: Evan Lezar Date: Fri, 25 Aug 2023 17:50:43 +0200 Subject: [PATCH] Fix implicit memory aliasing in for loop Signed-off-by: Evan Lezar --- internal/modifier/cdi/spec.go | 1 + internal/modifier/hook_remover.go | 1 + internal/modifier/stable.go | 1 + internal/modifier/stable_test.go | 2 ++ internal/platform-support/tegra/csv/mount_spec_test.go | 1 + pkg/nvcdi/transform/deduplicate.go | 1 + pkg/nvcdi/transform/merged-device.go | 1 + pkg/nvcdi/transform/remove.go | 1 + pkg/nvcdi/transform/root.go | 1 + pkg/nvcdi/transform/sorter.go | 1 + tools/container/docker/docker_test.go | 3 +++ 11 files changed, 14 insertions(+) diff --git a/internal/modifier/cdi/spec.go b/internal/modifier/cdi/spec.go index 57c65e9a..8c54c54a 100644 --- a/internal/modifier/cdi/spec.go +++ b/internal/modifier/cdi/spec.go @@ -34,6 +34,7 @@ var _ oci.SpecModifier = (*fromCDISpec)(nil) // Modify applies the mofiications defined by the raw CDI spec to the incomming OCI spec. func (m fromCDISpec) Modify(spec *specs.Spec) error { for _, device := range m.cdiSpec.Devices { + device := device cdiDevice := cdi.Device{ Device: &device, } diff --git a/internal/modifier/hook_remover.go b/internal/modifier/hook_remover.go index f92011fd..f9af14ba 100644 --- a/internal/modifier/hook_remover.go +++ b/internal/modifier/hook_remover.go @@ -49,6 +49,7 @@ func (m nvidiaContainerRuntimeHookRemover) Modify(spec *specs.Spec) error { var newPrestart []specs.Hook for _, hook := range spec.Hooks.Prestart { + hook := hook if isNVIDIAContainerRuntimeHook(&hook) { m.logger.Debugf("Removing hook %v", hook) continue diff --git a/internal/modifier/stable.go b/internal/modifier/stable.go index 44dbc094..c72a94c3 100644 --- a/internal/modifier/stable.go +++ b/internal/modifier/stable.go @@ -48,6 +48,7 @@ func (m stableRuntimeModifier) Modify(spec *specs.Spec) error { // If an NVIDIA Container Runtime Hook already exists, we don't make any modifications to the spec. if spec.Hooks != nil { for _, hook := range spec.Hooks.Prestart { + hook := hook if isNVIDIAContainerRuntimeHook(&hook) { m.logger.Infof("Existing nvidia prestart hook (%v) found in OCI spec", hook.Path) return nil diff --git a/internal/modifier/stable_test.go b/internal/modifier/stable_test.go index 283b9e8b..586bdbb2 100644 --- a/internal/modifier/stable_test.go +++ b/internal/modifier/stable_test.go @@ -150,6 +150,8 @@ func TestAddHookModifier(t *testing.T) { } for _, tc := range testCases { + tc := tc + logHook.Reset() t.Run(tc.description, func(t *testing.T) { diff --git a/internal/platform-support/tegra/csv/mount_spec_test.go b/internal/platform-support/tegra/csv/mount_spec_test.go index 110ca8c1..c7162d1a 100644 --- a/internal/platform-support/tegra/csv/mount_spec_test.go +++ b/internal/platform-support/tegra/csv/mount_spec_test.go @@ -70,6 +70,7 @@ func TestNewMountSpecFromLine(t *testing.T) { for i, tc := range testCases { t.Run(fmt.Sprintf("test case %d", i), func(t *testing.T) { + tc := tc target, err := NewMountSpecFromLine(tc.line) if tc.expectedError != nil { require.Error(t, err) diff --git a/pkg/nvcdi/transform/deduplicate.go b/pkg/nvcdi/transform/deduplicate.go index e53ff594..f9d6db28 100644 --- a/pkg/nvcdi/transform/deduplicate.go +++ b/pkg/nvcdi/transform/deduplicate.go @@ -39,6 +39,7 @@ func (d dedupe) Transform(spec *specs.Spec) error { } var updatedDevices []specs.Device for _, device := range spec.Devices { + device := device if err := d.transformEdits(&device.ContainerEdits); err != nil { return err } diff --git a/pkg/nvcdi/transform/merged-device.go b/pkg/nvcdi/transform/merged-device.go index 6730afeb..9bd6b99d 100644 --- a/pkg/nvcdi/transform/merged-device.go +++ b/pkg/nvcdi/transform/merged-device.go @@ -111,6 +111,7 @@ func mergeDeviceSpecs(deviceSpecs []specs.Device, mergedDeviceName string) (*spe mergedEdits := edits.NewContainerEdits() for _, d := range deviceSpecs { + d := d edit := cdi.ContainerEdits{ ContainerEdits: &d.ContainerEdits, } diff --git a/pkg/nvcdi/transform/remove.go b/pkg/nvcdi/transform/remove.go index bf49660a..06c8500d 100644 --- a/pkg/nvcdi/transform/remove.go +++ b/pkg/nvcdi/transform/remove.go @@ -39,6 +39,7 @@ func (r remove) Transform(spec *specs.Spec) error { } for _, device := range spec.Devices { + device := device if err := r.transformEdits(&device.ContainerEdits); err != nil { return fmt.Errorf("failed to remove edits from device %q: %w", device.Name, err) } diff --git a/pkg/nvcdi/transform/root.go b/pkg/nvcdi/transform/root.go index 53bcf2a4..6ff9c75e 100644 --- a/pkg/nvcdi/transform/root.go +++ b/pkg/nvcdi/transform/root.go @@ -54,6 +54,7 @@ func (t rootTransformer) Transform(spec *specs.Spec) error { } for _, d := range spec.Devices { + d := d if err := t.applyToEdits(&d.ContainerEdits); err != nil { return fmt.Errorf("failed to apply root transform to device %s: %w", d.Name, err) } diff --git a/pkg/nvcdi/transform/sorter.go b/pkg/nvcdi/transform/sorter.go index e64de305..573fcac6 100644 --- a/pkg/nvcdi/transform/sorter.go +++ b/pkg/nvcdi/transform/sorter.go @@ -44,6 +44,7 @@ func (d sorter) Transform(spec *specs.Spec) error { } var updatedDevices []specs.Device for _, device := range spec.Devices { + device := device if err := d.transformEdits(&device.ContainerEdits); err != nil { return err } diff --git a/tools/container/docker/docker_test.go b/tools/container/docker/docker_test.go index d43c7203..83aa33a4 100644 --- a/tools/container/docker/docker_test.go +++ b/tools/container/docker/docker_test.go @@ -235,6 +235,8 @@ func TestUpdateConfig(t *testing.T) { } for i, tc := range testCases { + tc := tc + o := &options{ Options: container.Options{ RuntimeName: tc.runtimeName, @@ -361,6 +363,7 @@ func TestRevertConfig(t *testing.T) { } for i, tc := range testCases { + tc := tc o := &options{} err := o.RevertConfig(&tc.config)