From 0e600c7fc45aef97eceb6ba235bd9859b976de7e Mon Sep 17 00:00:00 2001 From: Jan Scheffler Date: Mon, 15 Dec 2025 11:06:56 +0000 Subject: [PATCH 1/2] layer: Clean up init layer if initialization fails Add cleanup for the init layer directory if any operation fails after driver.CreateReadWrite() succeeds in initMount(). Previously, failures in driver.Get(), initFunc(), or driver.Put() would leave an orphaned overlay2 directory. Related to moby/moby#45939 Signed-off-by: Jan Scheffler (cherry picked from commit 3fdde529e723cd629651ae0caf804b4c198393b9) Signed-off-by: Sebastiaan van Stijn --- daemon/internal/layer/layer_store.go | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/daemon/internal/layer/layer_store.go b/daemon/internal/layer/layer_store.go index 5366f85085..3a9cfd3e4a 100644 --- a/daemon/internal/layer/layer_store.go +++ b/daemon/internal/layer/layer_store.go @@ -660,6 +660,17 @@ func (ls *layerStore) initMount(graphID, parent, mountLabel string, initFunc Mou if err := ls.driver.CreateReadWrite(initID, parent, createOpts); err != nil { return "", err } + + // Clean up init layer if any subsequent operation fails + successful := false + defer func() { + if !successful { + if err := ls.driver.Remove(initID); err != nil { + log.G(context.TODO()).WithFields(log.Fields{"init-id": initID, "error": err}).Error("Failed to clean up init layer after error") + } + } + }() + p, err := ls.driver.Get(initID, "") if err != nil { return "", err @@ -674,6 +685,7 @@ func (ls *layerStore) initMount(graphID, parent, mountLabel string, initFunc Mou return "", err } + successful = true return initID, nil } From a1f7fff7a9fe68e9fb63d5ae68c93963dc9602ae Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Pawe=C5=82=20Gronowski?= Date: Wed, 17 Dec 2025 11:31:08 +0100 Subject: [PATCH 2/2] daemon/layer_store: Use named return error for defer MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Paweł Gronowski (cherry picked from commit 26bb1af7e64c9a89c029185d24745efeb8d6976b) Signed-off-by: Sebastiaan van Stijn --- daemon/internal/layer/layer_store.go | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/daemon/internal/layer/layer_store.go b/daemon/internal/layer/layer_store.go index 3a9cfd3e4a..e5f61081a4 100644 --- a/daemon/internal/layer/layer_store.go +++ b/daemon/internal/layer/layer_store.go @@ -645,7 +645,7 @@ func (ls *layerStore) saveMount(mount *mountedLayer) error { return nil } -func (ls *layerStore) initMount(graphID, parent, mountLabel string, initFunc MountInit, storageOpt map[string]string) (string, error) { +func (ls *layerStore) initMount(graphID, parent, mountLabel string, initFunc MountInit, storageOpt map[string]string) (_ string, retErr error) { // Use "-init" to maintain compatibility with graph drivers // which are expecting this layer with this special name. If all // graph drivers can be updated to not rely on knowing about this layer @@ -662,9 +662,8 @@ func (ls *layerStore) initMount(graphID, parent, mountLabel string, initFunc Mou } // Clean up init layer if any subsequent operation fails - successful := false defer func() { - if !successful { + if retErr != nil { if err := ls.driver.Remove(initID); err != nil { log.G(context.TODO()).WithFields(log.Fields{"init-id": initID, "error": err}).Error("Failed to clean up init layer after error") } @@ -685,7 +684,6 @@ func (ls *layerStore) initMount(graphID, parent, mountLabel string, initFunc Mou return "", err } - successful = true return initID, nil }