Age | Commit message (Collapse) | Author |
|
Closes #5226
PiperOrigin-RevId: 351259576
|
|
This allows for use in restricted contexts.
Updates #5039
PiperOrigin-RevId: 351220385
|
|
The release was changed by bazel ಠ_ಠ:
https://github.com/bazelbuild/rules_go/issues/2779
Updates #5188
PiperOrigin-RevId: 351185440
|
|
This change works around an issue in rules_pkg, described here:
https://github.com/bazelbuild/rules_pkg/pull/263
PiperOrigin-RevId: 350869030
|
|
PiperOrigin-RevId: 350862699
|
|
This creates a TTY pair and runs `/bin/sh` in interactive mode within it.
It provides useful helper functions to interact with the shell and read the
output of commands run within it.
This is meant to be used for testing upcoming changes allowing `runsc exec` to
work in `-detach=false -tty=true` mode.
PiperOrigin-RevId: 350841006
|
|
PiperOrigin-RevId: 350823213
|
|
It isn't used on aarch64.
Signed-off-by: Andrei Vagin <avagin@gmail.com>
|
|
This is extremely convenient similar to being able to link to Go
package documentation via the canonical package names.
PiperOrigin-RevId: 350774913
|
|
This was not being tested as part of the unit test workflows, and thus was
not being hit normally. These tests are also added to the unit tests target.
PiperOrigin-RevId: 350766814
|
|
PiperOrigin-RevId: 350691246
|
|
make BAZEL_CONFIG=aarch64 arm-qemu-smoke-test
Signed-off-by: Andrei Vagin <avagin@gmail.com>
|
|
This further restricts the surface exposed only to artifacts
generated by the continuous integration system.
This change also installs appropriate root certificates, so
that objects can be fetched from https://storage.googleapis.com.
PiperOrigin-RevId: 350650197
|
|
PiperOrigin-RevId: 350646249
|
|
Read now takes a destination io.Writer, count, options. Keeping the method name
Read, in contrast to the Write method.
This enables:
* direct transfer of views under VV
* zero copy
It also eliminates the need for sentry to keep a slice of view because
userspace had requested a read that is smaller than the view returned, removing
the complexity there.
Read/Peek/ReadPacket are now consolidated together and some duplicate code is
removed.
PiperOrigin-RevId: 350636322
|
|
PiperOrigin-RevId: 350619346
|
|
PiperOrigin-RevId: 350614888
|
|
Signed-off-by: Andrei Vagin <avagin@gmail.com>
|
|
Closes #5192
PiperOrigin-RevId: 350578130
|
|
Add redirects from any module package path to its corressponding
pkg.go.dev documentation. e.g., gvisor.dev/gvisor/pkg/sentry/kernel ->
https://pkg.go.dev/gvisor.dev/gvisor/pkg/sentry/kernel.
This is a handy way to get to documentation, also used by other vanity
domains, like golang.org/x/tools.
|
|
PiperOrigin-RevId: 350509137
|
|
This allows us to link directly to profiling results from
the build results. The code uses the standard pprof http
server, exported from the Cloud Run instance.
PiperOrigin-RevId: 350440910
|
|
... Otherwise it will be mounted in via some other path, and will
not be available inside the container at all.
PiperOrigin-RevId: 350440843
|
|
PiperOrigin-RevId: 350438564
|
|
Ethernet frames are usually filtered at the hardware-level so there is
no need to filter the frames in software.
For test purposes, a new link endpoint was introduced to filter frames
based on their destination.
PiperOrigin-RevId: 350422941
|
|
IPv4 was always supported but UDP never supported joining/leaving IPv6
multicast groups via socket options.
Add: IPPROTO_IPV6, IPV6_JOIN_GROUP/IPV6_ADD_MEMBERSHIP
Remove: IPPROTO_IPV6, IPV6_LEAVE_GROUP/IPV6_DROP_MEMBERSHIP
Test: integration_test.TestUDPAddRemoveMembershipSocketOption
PiperOrigin-RevId: 350396072
|
|
PiperOrigin-RevId: 350375461
|
|
We log a warning if objdump fails, but this appears in the build log, not test
log, which can make it hard to notice.
Include it with the actual escape output as context on "(possible)" to make it
more clear when something is wrong.
PiperOrigin-RevId: 350355759
|
|
This returns all targets, and handles no targets.
PiperOrigin-RevId: 350263578
|
|
This adds significant costs to startup, since it is done for
every type in the system. Since the state package already saves
sanity checks for race builds, use this for type registration.
PiperOrigin-RevId: 350259336
|
|
PiperOrigin-RevId: 350246333
|
|
PiperOrigin-RevId: 350223482
|
|
This includes minor fix-ups:
* Handle SIGTERM in runsc debug, to exit gracefully.
* Fix cmd.debug.go opening all profiles as RDONLY.
* Fix the test name in fio_test.go, and encode the block size in the test.
PiperOrigin-RevId: 350205718
|
|
PiperOrigin-RevId: 350200437
|
|
PiperOrigin-RevId: 350197814
|
|
For validation, the "on" key in existing YAML files is changed to a literal
string. In the YAML spec, on is a keyword which encodes a boolean value, so
without relying on a specific implementation the YAML files are technically
not encoding an object that complies with the specification.
PiperOrigin-RevId: 350172147
|
|
PiperOrigin-RevId: 350159657
|
|
Reported-by: syzbot+814105309d2ae8651084@syzkaller.appspotmail.com
PiperOrigin-RevId: 350159452
|
|
Syzkaller discovered this bug in pipefs by doing something quite strange:
creat(&(0x7f0000002a00)='./file1\x00', 0x0)
mount(&(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='./file1\x00', &(0x7f0000000300)='devtmpfs\x00', 0x20000d, 0x0)
creat(&(0x7f0000000000)='./file1/file0\x00', 0x0)
This can be reproduced with:
touch mymount
mkfifo /dev/mypipe
mount -o ro -t devtmpfs devtmpfs mymount
echo 123 > mymount/mypipe
PiperOrigin-RevId: 349687714
|
|
PiperOrigin-RevId: 349616845
|
|
PiperOrigin-RevId: 349607959
|
|
This change cleans up some minor Makefile issues, and adds support for
BuildKite annotations on failure and on profiles being generated. These
annotations will make failures very clear and link to the artifacts.
This change is a stepping stone for aggregating coverage data from all
individual test jobs, as this will also happen in .buildkite/annotate.sh.
PiperOrigin-RevId: 349606598
|
|
Otherwise this pollutes the 'go' branch and doesn't conform to standards
for generate bazel files.
PiperOrigin-RevId: 349605037
|
|
Closes #5052
PiperOrigin-RevId: 349579814
|
|
PiperOrigin-RevId: 349517093
|
|
Test failure happens when `echo` writes late:
* Server nc shuts down write when it sees EOF from stdin.
* Client nc closes the connection when it detects EOF from socket and no data
in internal write buffer.
Using `-q` flag to make server not shutting down write in the beginning, while
letting connection to be closed by client. As `-q` flag's default value varies
in different netcat versions, we always specify it to prevent future breakage.
PiperOrigin-RevId: 349504016
|
|
- Tweak the benchmarks to work with b.N where appropriate. In many cases,
b.N was simply being ignored. This creates an implicit dependency in the
user passing a reasonable benchtime (less than or equal to the actual
runtime of the test, or using the X syntax) otherwise the test runs
forever.
- In cases where the above is impossible, explicitly set benchtime from
the test wrapper, to prevent the above behavior (tensorflow).
- Drop the *Reverse variants, which are simply hey benchmarks. We should
just add a hey benchmark. The platforms benchmarks already include a
native platform, and thus these benchmarks are incredibly confusing.
(In other words, BenchmarkNginxReverse has nothing to do with an nginx
benchmark for runsc.)
- Remove the redunant Harness object, which contains no state, in order
to slightly simplify the code.
- Make Block and Heap profiling actually work, but setting appropriate
runtime parameters (and plumbing them through the config).
- Split the profiling into two phases: start and stop, since some will
need to be started early, and others will need to happen at the end.
PiperOrigin-RevId: 349495377
|
|
PiperOrigin-RevId: 349491589
|
|
PiperOrigin-RevId: 349490873
|
|
This allows for a model of profiling when you can start collection, and
it will terminate when the sandbox terminates. Without this synchronous
call, it is effectively impossible to collect length blocking and mutex
profiles.
PiperOrigin-RevId: 349483418
|