Age | Commit message (Collapse) | Author |
|
PiperOrigin-RevId: 298740246
|
|
gofer.dentryReadWriter.WriteFromBlocks was not updating
gofer.dentry.size after a write operation that skips the
cache.
Updates #1198
PiperOrigin-RevId: 298708646
|
|
Properly discard segments from the segment heap.
PiperOrigin-RevId: 298704074
|
|
The support of PTRACE_SYSEMU on arm64 was added in the 5.3 kernel,
so we can be sure that the current version is higher that 5.3.
And this change moves vsyscall seccomp rules to the arch specific file,
because vsyscall isn't supported on arm64.
PiperOrigin-RevId: 298696493
|
|
PiperOrigin-RevId: 298690552
|
|
PiperOrigin-RevId: 298683693
|
|
PiperOrigin-RevId: 298683502
|
|
Ensures that all access to TransportEndpointInfo.ID is either:
* In a function ending in a Locked suffix.
* While holding the appropriate mutex.
This primary affects the checkV4Mapped method on affected endpoints, which has
been renamed to checkV4MappedLocked. Also document the method and change its
argument to be a value instead of a pointer which had caused some awkwardness.
This race was possible in the udp and icmp endpoints between Connect and uses
of TransportEndpointInfo.ID including in both itself and Bind.
The tcp endpoint did not suffer from this bug, but benefited from better
documentation.
Updates #357
PiperOrigin-RevId: 298682913
|
|
PiperOrigin-RevId: 298667595
|
|
Signed-off-by: Bin Lu <bin.lu@arm.com>
|
|
PiperOrigin-RevId: 298476533
|
|
PiperOrigin-RevId: 298457842
|
|
PiperOrigin-RevId: 298451319
|
|
It was downgraded by mistake in
e5d9a4010bdb ("Add ability to execute go.mod in gopath context.")
Signed-off-by: Andrei Vagin <avagin@gmail.com>
|
|
A deadlock may occur if a write lock on a RWMutex is blocked between
nested read lock attempts as the inner read lock attempt will be
blocked in this scenario.
Example (T1 and T2 are differnt goroutines):
T1: obtain read-lock
T2: attempt write-lock (blocks)
T1: attempt inner/nested read-lock (blocks)
Here we can see that T1 and T2 are deadlocked.
Tests: Existing tests pass.
PiperOrigin-RevId: 298426678
|
|
PiperOrigin-RevId: 298405064
|
|
DATA RACE in netstack.(*SocketOperations).fetchReadView
Write at 0x00c001dca138 by goroutine 1001:
gvisor.dev/gvisor/pkg/sentry/socket/netstack.(*SocketOperations).fetchReadView()
pkg/sentry/socket/netstack/netstack.go:418 +0x85
gvisor.dev/gvisor/pkg/sentry/socket/netstack.(*SocketOperations).coalescingRead()
pkg/sentry/socket/netstack/netstack.go:2309 +0x67
gvisor.dev/gvisor/pkg/sentry/socket/netstack.(*SocketOperations).nonBlockingRead()
pkg/sentry/socket/netstack/netstack.go:2378 +0x183d
Previous read at 0x00c001dca138 by goroutine 1111:
gvisor.dev/gvisor/pkg/sentry/socket/netstack.(*SocketOperations).Ioctl()
pkg/sentry/socket/netstack/netstack.go:2666 +0x533
gvisor.dev/gvisor/pkg/sentry/syscalls/linux.Ioctl()
Reported-by: syzbot+d4c3885fcc346f08deb6@syzkaller.appspotmail.com
PiperOrigin-RevId: 298387377
|
|
PiperOrigin-RevId: 298380654
|
|
Test command:
bazel test //test/syscalls:clock_getres_test_runsc_ptrace
Signed-off-by: Bin Lu <bin.lu@arm.com>
|
|
PiperOrigin-RevId: 297982488
|
|
This is needed for syzkaller to proper classify issues.
Right now, all watchdog issues are duped to one with the
subject "panic: Sentry detected stuck task(s). See stack
trace and message above for more details".
PiperOrigin-RevId: 297975363
|
|
There is no cpuid instruction on arm64, so we need to defined it
just to avoid a compile time error.
Signed-off-by: Andrei Vagin <avagin@gmail.com>
|
|
These dependencies do not need to be in our go.mod or go.sum files.
PiperOrigin-RevId: 297942163
|
|
Signed-off-by: Andrei Vagin <avagin@gmail.com>
|
|
PiperOrigin-RevId: 297915917
|
|
PiperOrigin-RevId: 297915815
|
|
A follow-up change will convert the networking code to use this standard
pipe implementation.
PiperOrigin-RevId: 297903206
|
|
PiperOrigin-RevId: 297895651
|
|
GO's runtime calls the write system call twice to print "panic:"
and "the reason of this panic", so here is a race window when
other threads can print something to the log and we will see
something like this:
panic: log messages from another thread
The reason of the panic.
This confuses the syzkaller blacklist and dedup detection.
It also makes the logs generally difficult to read. e.g.,
data races often have one side of the race, followed by
a large "diagnosis" dump, finally followed by the other
side of the race.
PiperOrigin-RevId: 297887895
|
|
/dev/net/tun does not currently work with hostinet. This has caused some
program starts failing because it thinks the feature exists.
PiperOrigin-RevId: 297876196
|
|
|
|
We changed syscalls to allow dup3 for ARM64.
Updates #1198
PiperOrigin-RevId: 297870816
|
|
Signed-off-by: Bin Lu <bin.lu@arm.com>
|
|
This is frequently causing the core build scripts to fail. The core ubuntu
distribution will perform an auto-update at first start, which may cause the
lock file to be held. All apt-get commands may be done in a loop in order to
retry to avoid this issue. We may want to consider retrying other pieces, but
for now this should avoid the most frequent cause of build flakes.
PiperOrigin-RevId: 297704789
|
|
Updates #1873
PiperOrigin-RevId: 297695241
|
|
PiperOrigin-RevId: 297693838
|
|
google:dependabot/bundler/benchmarks/workloads/ruby/puma-3.12.2
PiperOrigin-RevId: 297690302
|
|
Call stack.Close on stacks when we are done with them in tcp_test. This avoids
leaking resources and reduces the test's flakiness when race/gotsan is enabled.
It also provides test coverage for the race also fixed in this change, which
can be reliably triggered with the stack.Close change (and without the other
changes) when race/gotsan is enabled.
The race was possible when calling Abort (via stack.Close) on an endpoint
processing a SYN segment as part of a passive connect.
Updates #1564
PiperOrigin-RevId: 297685432
|
|
PiperOrigin-RevId: 297674924
|
|
Bumps [puma](https://github.com/puma/puma) from 3.12.1 to 3.12.2.
- [Release notes](https://github.com/puma/puma/releases)
- [Changelog](https://github.com/puma/puma/blob/master/History.md)
- [Commits](https://github.com/puma/puma/compare/v3.12.1...v3.12.2)
Signed-off-by: dependabot[bot] <support@github.com>
|
|
Bumps [puma](https://github.com/puma/puma) from 3.12.0 to 3.12.2.
<details>
<summary>Release notes</summary>
*Sourced from [puma's releases](https://github.com/puma/puma/releases).*
> v3.12.1
</details>
<details>
<summary>Changelog</summary>
*Sourced from [puma's changelog](https://github.com/puma/puma/blob/master/History.md).*
> ## 4.3.1 and 3.12.2 / 2019-12-05
>
> * Security
> * Fix: a poorly-behaved client could use keepalive requests to monopolize Puma's reactor and create a denial of service attack. CVE-2019-16770.
>
> ## 4.3.0 / 2019-11-07
>
> * Features
> * Strip whitespace at end of HTTP headers ([#2010](https://github-redirect.dependabot.com/puma/puma/issues/2010))
> * Optimize HTTP parser for JRuby ([#2012](https://github-redirect.dependabot.com/puma/puma/issues/2012))
> * Add SSL support for the control app and cli ([#2046](https://github-redirect.dependabot.com/puma/puma/issues/2046), [#2052](https://github-redirect.dependabot.com/puma/puma/issues/2052))
>
> * Bugfixes
> * Fix Errno::EINVAL when SSL is enabled and browser rejects cert ([#1564](https://github-redirect.dependabot.com/puma/puma/issues/1564))
> * Fix pumactl defaulting puma to development if an environment was not specified ([#2035](https://github-redirect.dependabot.com/puma/puma/issues/2035))
> * Fix closing file stream when reading pid from pidfile ([#2048](https://github-redirect.dependabot.com/puma/puma/issues/2048))
> * Fix a typo in configuration option `--extra_runtime_dependencies` ([#2050](https://github-redirect.dependabot.com/puma/puma/issues/2050))
>
> ## 4.2.1 / 2019-10-07
>
> * 3 bugfixes
> * Fix socket activation of systemd (pre-existing) unix binder files ([#1842](https://github-redirect.dependabot.com/puma/puma/issues/1842), [#1988](https://github-redirect.dependabot.com/puma/puma/issues/1988))
> * Deal with multiple calls to bind correctly ([#1986](https://github-redirect.dependabot.com/puma/puma/issues/1986), [#1994](https://github-redirect.dependabot.com/puma/puma/issues/1994), [#2006](https://github-redirect.dependabot.com/puma/puma/issues/2006))
> * Accepts symbols for `verify_mode` ([#1222](https://github-redirect.dependabot.com/puma/puma/issues/1222))
>
> ## 4.2.0 / 2019-09-23
>
> * 6 features
> * Pumactl has a new -e environment option and reads `config/puma/<environment>.rb` config files ([#1885](https://github-redirect.dependabot.com/puma/puma/issues/1885))
> * Semicolons are now allowed in URL paths (MRI only), useful for Angular or Redmine ([#1934](https://github-redirect.dependabot.com/puma/puma/issues/1934))
> * Allow extra dependencies to be defined when using prune_bundler ([#1105](https://github-redirect.dependabot.com/puma/puma/issues/1105))
> * Puma now reports the correct port when binding to port 0, also reports other listeners when binding to localhost ([#1786](https://github-redirect.dependabot.com/puma/puma/issues/1786))
> * Sending SIGINFO to any Puma worker now prints currently active threads and their backtraces ([#1320](https://github-redirect.dependabot.com/puma/puma/issues/1320))
> * Puma threads all now have their name set on Ruby 2.3+ ([#1968](https://github-redirect.dependabot.com/puma/puma/issues/1968))
> * 4 bugfixes
> * Fix some misbehavior with phased restart and externally SIGTERMed workers ([#1908](https://github-redirect.dependabot.com/puma/puma/issues/1908), [#1952](https://github-redirect.dependabot.com/puma/puma/issues/1952))
> * Fix socket closing on error ([#1941](https://github-redirect.dependabot.com/puma/puma/issues/1941))
> * Removed unnecessary SIGINT trap for JRuby that caused some race conditions ([#1961](https://github-redirect.dependabot.com/puma/puma/issues/1961))
> * Fix socket files being left around after process stopped ([#1970](https://github-redirect.dependabot.com/puma/puma/issues/1970))
> * Absolutely thousands of lines of test improvements and fixes thanks to [@​MSP-Greg](https://github.com/MSP-Greg)
>
> ## 4.1.1 / 2019-09-05
>
> * 3 bugfixes
> * Revert our attempt to not dup STDOUT/STDERR ([#1946](https://github-redirect.dependabot.com/puma/puma/issues/1946))
> * Fix socket close on error ([#1941](https://github-redirect.dependabot.com/puma/puma/issues/1941))
> * Fix workers not shutting down correctly ([#1908](https://github-redirect.dependabot.com/puma/puma/issues/1908))
>
> ## 4.1.0 / 2019-08-08
>
></tr></table> ... (truncated)
</details>
<details>
<summary>Commits</summary>
- [`bb29fc7`](https://github.com/puma/puma/commit/bb29fc7fe8f822d0f72706a1ae86e49af3476777) 3.12.2
- [`058df12`](https://github.com/puma/puma/commit/058df12b78e7d1ec661c3b8777f26a736c26675b) 4.3.1 and 4.2.1 release notes
- [`06053e6`](https://github.com/puma/puma/commit/06053e60908074bb38293d4449ea261cb009b53e) Merge pull request from GHSA-7xx3-m584-x994
- [`461c9e9`](https://github.com/puma/puma/commit/461c9e99783e5f69e632acedae83be55017d5fe4) Docs files
- [`7e2c88d`](https://github.com/puma/puma/commit/7e2c88d4131a1a70f551287e49b8f527d29d0469) v3.12.1
- [`36964ec`](https://github.com/puma/puma/commit/36964ec42982d7b3205760bc2bf9ccf3fec8af69) Merge pull request [#1700](https://github-redirect.dependabot.com/puma/puma/issues/1700) from schneems/schneems/fix-puma-rack-handler-config
- [`c24c0c8`](https://github.com/puma/puma/commit/c24c0c883496f581d9092bbe7f7431129eeb7190) Rack handler should use provided default host
- [`e5d566e`](https://github.com/puma/puma/commit/e5d566ed81f3663d70f0318f8bf3d858734cb74b) Merge pull request [#1682](https://github-redirect.dependabot.com/puma/puma/issues/1682) from MSP-Greg/update-travis-ruby
- [`cecc44a`](https://github.com/puma/puma/commit/cecc44aa0ae326e46031b48023253d08df706455) Merge pull request [#1701](https://github-redirect.dependabot.com/puma/puma/issues/1701) from schneems/schneems/m
- [`ce57cfb`](https://github.com/puma/puma/commit/ce57cfb8c3c8259cda13c322de32dd4ff07ec03a) Allow running individual tests via the `m` gem.
- Additional commits viewable in [compare view](https://github.com/puma/puma/compare/v3.12.0...v3.12.2)
</details>
<br />
[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=puma&package-manager=bundler&previous-version=3.12.0&new-version=3.12.2)](https://help.github.com/articles/configuring-automated-security-fixes)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot ignore this [patch|minor|major] version` will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language
- `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language
- `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language
- `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/google/gvisor/network/alerts).
</details>
COPYBARA_INTEGRATE_REVIEW=https://github.com/google/gvisor/pull/1345 from google:dependabot/bundler/benchmarks/workloads/ruby_template/puma-3.12.2 2be8d923b4cf5452e763ce369803f2729876b209
PiperOrigin-RevId: 297664218
|
|
google:dependabot/bundler/benchmarks/workloads/ruby/rack-2.2.2
PiperOrigin-RevId: 297664184
|
|
Bumps [rack](https://github.com/rack/rack) from 2.0.7 to 2.2.2.
- [Release notes](https://github.com/rack/rack/releases)
- [Changelog](https://github.com/rack/rack/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rack/rack/compare/2.0.7...v2.2.2)
Signed-off-by: dependabot[bot] <support@github.com>
|
|
PiperOrigin-RevId: 297638665
|
|
PiperOrigin-RevId: 297628615
|
|
PiperOrigin-RevId: 297494373
|
|
PiperOrigin-RevId: 297492004
|
|
PiperOrigin-RevId: 297485310
|
|
Analogous to Linux's kern_mount().
PiperOrigin-RevId: 297259580
|
|
MayDelete must lock the directory also, otherwise concurrent renames may
race. Note that this also changes the methods to be aligned with the actual
Remove and RemoveDirectory methods to minimize confusion when reading the
code. (It was hard to see that resolution was correct.)
PiperOrigin-RevId: 297258304
|