Age | Commit message (Collapse) | Author |
|
PiperOrigin-RevId: 408366542
|
|
In autogenerating the implementation of Marshallable.MarshalBytes(), we were
using the slower MarshalBytes(). Instead use MarshalUnsafe which is faster and
falls back to slow MarshalBytes() if the type is not packed.
Even if the outer struct is not packed, we can at least do fast marshalling on
its packed fields.
PiperOrigin-RevId: 408268469
|
|
Earlier this function was returning (int, error) much like the Copy{In/Out}
methods. The returned error was always nil. The returned int was never used.
Instead make it returned the shifted buffer which is more useful.
Updates #6450
PiperOrigin-RevId: 408268327
|
|
Change marshal.Marshallable method signatures to return the remaining buffer.
This makes it easier to implement these method manually. Without this, we would
have to manually do buffer shifting which is error prone.
tools/go_marshal/test:benchmark test does not show change in performance.
Additionally fixed some marshalling bugs in fsimpl/fuse.
Updated multiple callpoints to get rid of redundant slice indexing work and
simplified code using this new signature.
Updates #6450
PiperOrigin-RevId: 407857019
|
|
Consider the following benchmark, which is equivalent to
BenchmarkSleeperWaitOnSingleSelect with names changed to more closely reflect
the behavior of BenchmarkGoWaitOnSingleSelect:
var (
empty Sleeper
emptyCond Waker
full Sleeper
fullCond Waker
)
empty.AddWaker(&emptyCond)
full.AddWaker(&fullCond)
go func() {
for i := 0; i < b.N; i++ {
empty.Fetch(true)
fullCond.Assert()
}
}()
for i := 0; i < b.N; i++ {
emptyCond.Assert()
full.Fetch(true)
}
The unfairness arises because runtime.chansend and runtime.chanrecv don't
actually work this way. If runtime.chansend blocks, it has already enqueued the
element to be sent on runtime.hchan.sendq, which runtime.chanrecv dequeues
before calling goready(); in sleep-like terms, by the time empty.Fetch()
returns, fullCond.Assert() has already happened and been fetched by the other
goroutine. The same property applies to runtime.chanrecv/runtime.hchan.recvq.
This property has no correspondence to the actual usage of the sleep package,
so change the channel benchmarks to explicitly exchange control using buffered
channels instead. Also remove some stale comments and align the syncevent
benchmarks with the sleep ones.
BenchmarkSleeperWaitOnSingleSelect
BenchmarkSleeperWaitOnSingleSelect-12 2118603 472.5 ns/op
BenchmarkGoWaitOnSingleSelect
BenchmarkGoWaitOnSingleSelect-12 2224262 517.7 ns/op
BenchmarkSleeperWaitOnMultiSelect
BenchmarkSleeperWaitOnMultiSelect-12 2630569 459.8 ns/op
BenchmarkGoWaitOnMultiSelect
BenchmarkGoWaitOnMultiSelect-12 807918 1312 ns/op
BenchmarkWaiterPingPong
BenchmarkWaiterPingPong-12 2955579 385.8 ns/op
BenchmarkSleeperPingPong
BenchmarkSleeperPingPong-12 2454367 474.3 ns/op
BenchmarkChannelPingPong
BenchmarkChannelPingPong-12 2302662 513.5 ns/op
BenchmarkWaiterPingPongMulti
BenchmarkWaiterPingPongMulti-12 3023676 388.8 ns/op
BenchmarkSleeperPingPongMulti
BenchmarkSleeperPingPongMulti-12 2574064 471.5 ns/op
BenchmarkChannelPingPongMulti
BenchmarkChannelPingPongMulti-12 1000000 1088 ns/op
PiperOrigin-RevId: 407760956
|
|
In a subsequent change, the Sleeper API will be plumbed through and used for
arbitrary task wakeups. This requires a non-static association of Wakers and
Sleepers, which means that a fixed ID no longer works. This is a relatively
simple change that removes the ID from the Waker association, and simply uses
the Waker pointer itself.
That change also makes minor improvements to the tests to ensure that the
benchmarks are more representative by removing goroutine start from the hot
path (and uses Wakers for required synchronization), adds assertion checks to
AddWaker, and clears relevant fields during Done (to allow assertions to pass).
PiperOrigin-RevId: 407719630
|
|
Move ConverIntr out of syserr package and delete an unused function.
PiperOrigin-RevId: 407676258
|
|
PiperOrigin-RevId: 407638912
|
|
Lock inference will apply annotations to all fields that seem to be
protected. This is currently disabled for all code by default, but it
can be enabled as annotations are applied more broadly.
PiperOrigin-RevId: 407501915
|
|
PiperOrigin-RevId: 407392578
|
|
* Support sync.Locker.
* Prevent runaway recursion when locks are acquired in a loop.
* Allowing ignoring of anonymous functions (inherited from parent function).
* Add support for aliases.
PiperOrigin-RevId: 407221521
|
|
PiperOrigin-RevId: 407188968
|
|
These fields do not need to synchronize reads/writes with the rest of
the connection.
PiperOrigin-RevId: 407183693
|
|
PiperOrigin-RevId: 407177936
|
|
This change fixes a bug when reaping tuples of NAT-ed connections.
Previously when reaping a tuple, the other direction's tuple ID was
calculated by taking the reaping tuple's ID and inverting it. This
works when a connection is not NATed but doesn't work when NAT is
performed as the other direction's tuple may use different
addresses.
PiperOrigin-RevId: 407160930
|
|
It's safe to call SetAttr and Allocate on fsgofer because the
file path is not used to open the file, if needed.
Fixes #3654
PiperOrigin-RevId: 407149393
|
|
copy and setup PERMANENT (static) ARP entries
from CNI namespace to the sandbox
Fixes #3301
|
|
An ICMP error may not hold the full packet that triggered the ICMP
response. As long as the IP header and the transport header is
parsable, we should be able to successfully NAT as that is all that
we need to identify the connection.
PiperOrigin-RevId: 406966048
|
|
Reported-by: syzbot+f9ecb181a4b3abdde9b9@syzkaller.appspotmail.com
Reported-by: syzbot+8c5cb9d7a044a91a513b@syzkaller.appspotmail.com
PiperOrigin-RevId: 406951359
|
|
This function doesn't belong in the global context package. Move to a more
suitable package to break the dependency cycle.
PiperOrigin-RevId: 406942122
|
|
PiperOrigin-RevId: 406938082
|
|
mips was supported, but mipsle had been forgotten.
Fixes google/gvisor#6804
|
|
This is part of cgroupv2 patch set. Here we add a Cgroup interface that
both v1 and v2 need to conform to, and port cgroupv1 to use that first.
Signed-off-by: Daniel Dao <dqminh89@gmail.com>
|
|
Grammar correction.
|
|
Change the linuxerr.ErrorFromErrno to return an error type and not
a *errors.Error type. The latter results in problems comparing to nil
as <nil><nil> != <nil><*errors.Error>.
In a follow up, there will be a change to remove *errors.Error.Errno(),
which will also encourage users to not use Errnos to reference linuxerr.
PiperOrigin-RevId: 406444419
|
|
...so a NAT-ed connection's socket can handle ICMP errors.
Updates #5916.
PiperOrigin-RevId: 406270868
|
|
kernel/time.Timer allocation is expensive and not sync.Poolable (since
time.Timer only supports notification through a channel, requiring a goroutine
to receive from the channel, and sync.Pool doesn't invoke any kind of cleanup
on discarded items in the pool so it would leak timer goroutines). Using the
existing Task.blockingTimer for nanosleep(), and applicable cases in
clock_nanosleep(), at least avoids Timer allocation in common cases.
PiperOrigin-RevId: 406248394
|
|
PiperOrigin-RevId: 406027220
|
|
Reported-by: syzbot+39d434b96cf7c29a66ad@syzkaller.appspotmail.com
Reported-by: syzbot+7c38bce6353d91facca3@syzkaller.appspotmail.com
PiperOrigin-RevId: 406024052
|
|
When transmitting packets we only need to notify if the peer is not
already processing packets. sharedData region is used to enable/disable
notifications and the peer will disable notifications when its actively
processing packets and enable notifications just before it goes to
sleep waiting on packets. This allows more efficient transmit as the
sharedmem endpoint does not need to notify on eventFD and incur an
expensive host systemcall when the peer is already awake.
PiperOrigin-RevId: 406018843
|
|
Connection tracking is agnostic to whether the packet is inbound or outbound. It
cares who initiated the connection. The naming can get confusing as conntrack
can track connections originating from any host.
Part of resolving #6736.
PiperOrigin-RevId: 405997540
|
|
...so a NAT-ed connection's socket can handle ICMP errors.
Updates #5916.
PiperOrigin-RevId: 405970089
|
|
Previously, we recorded a single aggregated count. These per-protocol counts
can help us debug field issues when frames are dropped for this reason.
PiperOrigin-RevId: 405913911
|
|
vfs.NewDisconnectedMount has no error paths. Its much prettier without the
error return value.
Also simplify MountDisconnected which would immediately drop the refs taken by
NewDisconnectedMount. Instead make it directly call newMount.
PiperOrigin-RevId: 405767966
|
|
A header can't be smaller than header.ICMPv4MinimumSize.
Reported-by: syzbot+57b68b14b4f6a58bf985@syzkaller.appspotmail.com
PiperOrigin-RevId: 405748438
|
|
Right now, each vdso call triggers vmexit. VDSO and VVAR pages are
mapped with VM_IO and get_user_pages fails for such vma-s. KVM was not
able to handle this case up to the v4.8 kernel. This problem was fixed by
add6a0cd1c5ba ("KVM: MMU: try to fix up page faults before giving up").
For some unknown reasons, it still doesn't work in case of nested
virtualization.
Before:
BenchmarkKernelVDSO-6 252519 4598 ns/op
After:
BenchmarkKernelVDSO-6 34431957 34.91 ns/op
PiperOrigin-RevId: 405715941
|
|
Bug: https://fxbug.dev/81592
PiperOrigin-RevId: 405710156
|
|
As documented in FilesystemType.GetFilesystem, a reference should be taken on
the returned dentry and filesystem by GetFilesystem implementation. mqfs did
not do that.
Additionally cleanup and clarify ref counting of dentry, filesystem and mount
in mqfs.
Reported-by: syzbot+a2c54bfb6e1525228e5f@syzkaller.appspotmail.com
Reported-by: syzbot+ccd305cdab11cfebbfff@syzkaller.appspotmail.com
PiperOrigin-RevId: 405700565
|
|
PiperOrigin-RevId: 405698863
|
|
eventfd.Notify() uses unix.Write which will eventually
call unix.Syscall which will yield the current go processor
resulting in the Go scheduler parking the current goroutine
till the syscall returns.
But in most cases where Notify() is called there is no reason
to yield as the caller probably wants to continue doing something
right afterwards. Like in the case of the sharedmem endpoint
which may still have more packets to write.
PiperOrigin-RevId: 405693801
|
|
PiperOrigin-RevId: 405674425
|
|
VFS1 discards the value of f_namelen returned by the filesystem and returns
NAME_MAX unconditionally instead, so it doesn't run into this. Also set
f_frsize for completeness.
PiperOrigin-RevId: 405579707
|
|
As caught by syzkaller, we were leaking non-permission bits while passing the
user generated mode. DynamicBytesFile panics in this case.
Reported-by: syzbot+5abe52d47d56a5a98c89@syzkaller.appspotmail.com
PiperOrigin-RevId: 405481392
|
|
Wait when a child process will start to measure a blocking time more precise.
PiperOrigin-RevId: 405478376
|
|
"cri.runtimeoptions.v1" moved to "runtimeoptions.v1" and containerd
configuration format version 2 is required.
Updates #6449
PiperOrigin-RevId: 405474653
|
|
PiperOrigin-RevId: 405451989
|
|
|
|
|
|
PiperOrigin-RevId: 404901660
|
|
This change enables VFS2 by default. VFS2 is much faster than the previous
implementation and it's also more compatible. VFS1 is no longer supported and
will be deleted from the code.
Use `--vfs2=false` if you need to disable it. Make sure to report a bug if you
have the need to disable VFS2 or something is not working for you.
Closes #1035
PiperOrigin-RevId: 404898135
|