Age | Commit message (Collapse) | Author |
|
|
|
Properly discard segments from the segment heap.
PiperOrigin-RevId: 298704074
|
|
|
|
The support of PTRACE_SYSEMU on arm64 was added in the 5.3 kernel,
so we can be sure that the current version is higher that 5.3.
And this change moves vsyscall seccomp rules to the arch specific file,
because vsyscall isn't supported on arm64.
PiperOrigin-RevId: 298696493
|
|
|
|
PiperOrigin-RevId: 298690552
|
|
|
|
|
|
PiperOrigin-RevId: 298683693
|
|
PiperOrigin-RevId: 298683502
|
|
|
|
Ensures that all access to TransportEndpointInfo.ID is either:
* In a function ending in a Locked suffix.
* While holding the appropriate mutex.
This primary affects the checkV4Mapped method on affected endpoints, which has
been renamed to checkV4MappedLocked. Also document the method and change its
argument to be a value instead of a pointer which had caused some awkwardness.
This race was possible in the udp and icmp endpoints between Connect and uses
of TransportEndpointInfo.ID including in both itself and Bind.
The tcp endpoint did not suffer from this bug, but benefited from better
documentation.
Updates #357
PiperOrigin-RevId: 298682913
|
|
|
|
PiperOrigin-RevId: 298667595
|
|
Signed-off-by: Bin Lu <bin.lu@arm.com>
|
|
|
|
PiperOrigin-RevId: 298476533
|
|
|
|
PiperOrigin-RevId: 298457842
|
|
|
|
PiperOrigin-RevId: 298451319
|
|
It was downgraded by mistake in
e5d9a4010bdb ("Add ability to execute go.mod in gopath context.")
Signed-off-by: Andrei Vagin <avagin@gmail.com>
|
|
|
|
A deadlock may occur if a write lock on a RWMutex is blocked between
nested read lock attempts as the inner read lock attempt will be
blocked in this scenario.
Example (T1 and T2 are differnt goroutines):
T1: obtain read-lock
T2: attempt write-lock (blocks)
T1: attempt inner/nested read-lock (blocks)
Here we can see that T1 and T2 are deadlocked.
Tests: Existing tests pass.
PiperOrigin-RevId: 298426678
|
|
|
|
PiperOrigin-RevId: 298405064
|
|
|
|
DATA RACE in netstack.(*SocketOperations).fetchReadView
Write at 0x00c001dca138 by goroutine 1001:
gvisor.dev/gvisor/pkg/sentry/socket/netstack.(*SocketOperations).fetchReadView()
pkg/sentry/socket/netstack/netstack.go:418 +0x85
gvisor.dev/gvisor/pkg/sentry/socket/netstack.(*SocketOperations).coalescingRead()
pkg/sentry/socket/netstack/netstack.go:2309 +0x67
gvisor.dev/gvisor/pkg/sentry/socket/netstack.(*SocketOperations).nonBlockingRead()
pkg/sentry/socket/netstack/netstack.go:2378 +0x183d
Previous read at 0x00c001dca138 by goroutine 1111:
gvisor.dev/gvisor/pkg/sentry/socket/netstack.(*SocketOperations).Ioctl()
pkg/sentry/socket/netstack/netstack.go:2666 +0x533
gvisor.dev/gvisor/pkg/sentry/syscalls/linux.Ioctl()
Reported-by: syzbot+d4c3885fcc346f08deb6@syzkaller.appspotmail.com
PiperOrigin-RevId: 298387377
|
|
|
|
PiperOrigin-RevId: 298380654
|
|
|
|
PiperOrigin-RevId: 297982488
|
|
|
|
This is needed for syzkaller to proper classify issues.
Right now, all watchdog issues are duped to one with the
subject "panic: Sentry detected stuck task(s). See stack
trace and message above for more details".
PiperOrigin-RevId: 297975363
|
|
There is no cpuid instruction on arm64, so we need to defined it
just to avoid a compile time error.
Signed-off-by: Andrei Vagin <avagin@gmail.com>
|
|
|
|
These dependencies do not need to be in our go.mod or go.sum files.
PiperOrigin-RevId: 297942163
|
|
Signed-off-by: Andrei Vagin <avagin@gmail.com>
|
|
|
|
PiperOrigin-RevId: 297915917
|
|
|
|
PiperOrigin-RevId: 297915815
|
|
|
|
A follow-up change will convert the networking code to use this standard
pipe implementation.
PiperOrigin-RevId: 297903206
|
|
|
|
PiperOrigin-RevId: 297895651
|
|
|
|
GO's runtime calls the write system call twice to print "panic:"
and "the reason of this panic", so here is a race window when
other threads can print something to the log and we will see
something like this:
panic: log messages from another thread
The reason of the panic.
This confuses the syzkaller blacklist and dedup detection.
It also makes the logs generally difficult to read. e.g.,
data races often have one side of the race, followed by
a large "diagnosis" dump, finally followed by the other
side of the race.
PiperOrigin-RevId: 297887895
|
|
|
|
/dev/net/tun does not currently work with hostinet. This has caused some
program starts failing because it thinks the feature exists.
PiperOrigin-RevId: 297876196
|