diff options
author | Adin Scannell <ascannell@google.com> | 2021-04-26 11:40:10 -0700 |
---|---|---|
committer | gVisor bot <gvisor-bot@google.com> | 2021-04-26 11:42:49 -0700 |
commit | 5b7b7daa425ffc93e98c12cbd37ea7b15a8bcc8d (patch) | |
tree | 82079eb5110b5e36f7e657c076a12ba45c669475 /pkg/sentry/fs/mount.go | |
parent | bf64560681182b0024790f683f4c9aea142e70c5 (diff) |
nogo: enable bazel workers and other optimizations.
This is a suite of changes intended to dramatically speed up nogo speed.
First, there are minor changes that help efficiency significantly.
* Gob-based encoding is used internally, and JSON only used for the final
set of findings. This is done to preserve the existing format (which is
consumed by external tooling), and to facilitate manual debugging.
* Unnecessary regex compilation is elided in the configuration, and care is
taken for merges to prevent redundant entries. I'm not sure quite sure how,
but it turns out that this was consumed a significant amount of time,
presumably compiling the same regexes over and over again.
Second, this change enables bazel workers for nogo analyzers.
Workers enable persistent processes instead of creating and tearing down a
sandbox every invocation. A library is introduced to abstraction these details,
and allow the tools to still be written using standard flags, etc.
The key here is that these binaries and the core of nogo become aware of
caches with worker.Cache. This allows us to save significant time loading the
same set of files and findings over and over again. These caches are keyed by
the digests that are provided by bazel, and are capped in overall size.
Note that the worker package attempts to capture output during each run, but
tools are no longer permitted to write to stdout. This necessitated dropping
some spurious output from checklocks.
PiperOrigin-RevId: 370505732
Diffstat (limited to 'pkg/sentry/fs/mount.go')
0 files changed, 0 insertions, 0 deletions