| Age | Commit message (Collapse) | Author |
|---|
|
PiperOrigin-RevId: 337971497
|
|
- Check the sticky bit in overlay.filesystem.UnlinkAt(). Fixes
StickyTest.StickyBitPermDenied.
- When configuring a VFS2 overlay in runsc, copy the lower layer's root
owner/group/mode to the upper layer's root (as in the VFS1 equivalent,
boot.addOverlay()). This makes the overlay root owned by UID/GID 65534 with
mode 0755 rather than owned by UID/GID 0 with mode 01777. Fixes
CreateTest.CreateFailsOnUnpermittedDir, which assumes that the test cannot
create files in /.
- MknodTest.UnimplementedTypesReturnError assumes that the creation of device
special files is not supported. However, while the VFS2 gofer client still
doesn't support device special files, VFS2 tmpfs does, and in the overlay
test dimension mknod() targets a tmpfs upper layer. The test initially has
all capabilities, including CAP_MKNOD, so its creation of these files
succeeds. Constrain these tests to VFS1.
- Rename overlay.nonDirectoryFD to overlay.regularFileFD and only use it for
regular files, using the original FD for pipes and device special files. This
is more consistent with Linux (which gets the original inode_operations, and
therefore file_operations, for these file types from ovl_fill_inode() =>
init_special_inode()) and fixes remaining mknod and pipe tests.
- Read/write 1KB at a time in PipeTest.Streaming, rather than 4 bytes. This
isn't strictly necessary, but it makes the test less obnoxiously slow on
ptrace.
Fixes #4407
PiperOrigin-RevId: 337971042
|
|
ualarm(2) is obsolete. Move IntervalTimer into a test util, where it can be
used by flock tests.
These tests were flaky with TSAN, probably because it slowed the tests down
enough that the alarm was expiring before flock() was called. Use an interval
timer so that even if we miss the first alarm (or more), flock() is still
guaranteed to be interrupted.
PiperOrigin-RevId: 337578751
|
|
Reported-by: syzbot+5466463b7604c2902875@syzkaller.appspotmail.com
PiperOrigin-RevId: 337451896
|
|
By exposing an ALL_TESTS list in defs.bzl we can make sure all packetimpact
users get to agree on the list of all tests. A defect in this approach is that
we have to keep a list of packetimpact_testbench rules in the BUILD file. An
helper validate_all_tests has been added to help keep BUILD and .bzl files in
sync.
PiperOrigin-RevId: 337411839
|
|
Currently strace+debug is always enabled as the setting from
the upper layer isn't passed to _syscall_test(). And it will
negatively affect the performance tests. This patch fixes this
issue.
The "debug" argument of _syscall_test() is also made mandatory
to prevent this happening again.
//test/perf:getpid_benchmark_runsc_kvm
-----------------------------------------------------
Benchmark Time CPU Iterations
-----------------------------------------------------
Before:
BM_Getpid 28119 ns 28157 ns 25926
After:
BM_Getpid 947 ns 939 ns 777778
Fixes #4509
Signed-off-by: Tiwei Bie <tiwei.btw@antgroup.com>
|
|
Tests are written in C++ and there is no reason to run them with gotsan without
gVisor.
PiperOrigin-RevId: 336783276
|
|
The fix in commit 028e045da93b7c1c26417e80e4b4e388b86a713d was incorrect as
it can cause the right edge of the window to shrink when we announce
a zero window due to receive buffer being full as its done before the check
for seeing if the window is being shrunk because of the selected window.
Further the window was calculated purely on available space but in cases where
we are getting full sized segments it makes more sense to use the actual bytes
being held. This CL changes to use the lower of the total available space vs
the available space in the maximal window we could advertise minus the actual
payload bytes being held.
This change also cleans up the code so that the window selection logic is
not duplicated between getSendParams() and windowCrossedACKThresholdLocked.
PiperOrigin-RevId: 336404827
|
|
PiperOrigin-RevId: 336393190
|
|
Add parser and formatting for golang benchmarks for docker benchmarks.
Change adds a library for printing and parsing Test parameters and metrics.
Benchmarks use the library to print parameters in the Benchmark title
(e.g. the name field in b.Run()), and to report CustomMetrics. Parser
uses the library to parse printed data from benchmark output and
put it into BigQuery structs.
PiperOrigin-RevId: 336365628
|
|
PiperOrigin-RevId: 336350318
|
|
test/syscalls/linux/iptables.cc:130:3:
error: C99 designator 'name' outside aggregate initializer
130 | };
|
PiperOrigin-RevId: 336331738
|
|
This change also adds support to go_stateify for detecting an appropriate
receiver name, avoiding a large number of false positives.
PiperOrigin-RevId: 335994587
|
|
PiperOrigin-RevId: 335927821
|
|
Most of the IPv4 fragmentation code was moved in the fragmentation
package and it is reused by IPv6 fragmentation.
Test:
- pkg/tcpip/network/ipv4:ipv4_test
- pkg/tcpip/network/ipv6:ipv6_test
- pkg/tcpip/network/fragmentation:fragmentation_test
Fixes #4389
PiperOrigin-RevId: 335714280
|
|
Updates #267
PiperOrigin-RevId: 335713923
|
|
Updates #1487
PiperOrigin-RevId: 335516732
|
|
PiperOrigin-RevId: 335516625
|
|
PiperOrigin-RevId: 335429072
|
|
- When the KCOV_ENABLE_TRACE ioctl is called with the trace kind KCOV_TRACE_PC,
the kcov mode should be set to KCOV_*MODE*_TRACE_PC.
- When the owning task of kcov exits, the memory mapping should not be cleared
so it can be used by other tasks.
- Add more tests (also tested on native Linux kcov).
PiperOrigin-RevId: 335202585
|
|
PiperOrigin-RevId: 335070320
|
|
PiperOrigin-RevId: 334716351
|
|
Adds support for the IPv6-compatible redirect target. Redirection is a limited
form of DNAT, where the destination is always the localhost.
Updates #3549.
PiperOrigin-RevId: 334698344
|
|
Closes #3374
PiperOrigin-RevId: 334505627
|
|
PiperOrigin-RevId: 334478850
|
|
Like matchers, targets should use a module-like register/lookup system. This
replaces the brittle switch statements we had before.
The only behavior change is supporing IPT_GET_REVISION_TARGET. This makes it
much easier to add IPv6 redirect in the next change.
Updates #3549.
PiperOrigin-RevId: 334469418
|
|
PiperOrigin-RevId: 334419854
|
|
When the socket is set with SO_LINGER and close()'d in the initial state, it
should not linger and return immediately.
PiperOrigin-RevId: 334263149
|
|
Network or transport protocols may want to reach the stack. Support this
by letting the stack create the protocol instances so it can pass a
reference to itself at protocol creation time.
Note, protocols do not yet use the stack in this CL but later CLs will
make use of the stack from protocols.
PiperOrigin-RevId: 334260210
|
|
Fixes #1479, #317.
PiperOrigin-RevId: 334258052
|
|
Previously, we did not check the kcov mode when performing task work. As a
result, disabling kcov did not do anything.
Also avoid expensive atomic RMW when consuming coverage data. We don't need the
swap if the value is already zero (which is most of the time), and it is ok if
there are slight inconsistencies due to a race between coverage data generation
(incrementing the value) and consumption (reading a nonzero value and writing
zero).
PiperOrigin-RevId: 334049207
|
|
Regarding ThreadCpuTimeArray.java: The test starts 10 threads, each of which
does some computation, then blocks. When all threads are blocked, the test
sleeps for 200ms, then checks that less than 100ns of CPU time in userspace
elapse over the course of the sleep; AFAICT, the 100ns of slop is because a
thread indicates that it's in the WAITING state before it actually blocks, and
because signals can cause threads to be temporarily woken. gVisor's CPU clocks
have a granularity of 10ms (the interval of Kernel.cpuClockTicker is
//pkg/abi/linux.ClockTick), so a single tick pushes the test over the
threshold.
PiperOrigin-RevId: 333830287
|
|
Changes in Nginx Benchmarks in network_tests also affect Startup/Size
Nginx Benchmarks. Make sure the commands line up.
PiperOrigin-RevId: 333543697
|
|
segment_queue today has its own standalone limit of MaxUnprocessedSegments but
this can be a problem in UnlockUser() we do not release the lock till there are
segments to be processed. What can happen is as handleSegments dequeues packets
more keep getting queued and we will never release the lock. This can keep
happening even if the receive buffer is full because nothing can read() till we
release the lock.
Further having a separate limit for pending segments makes it harder to track
memory usage etc. Unifying the limits makes it easier to reason about memory in
use and makes the overall buffer behaviour more consistent.
PiperOrigin-RevId: 333508122
|
|
PiperOrigin-RevId: 333461380
|
|
Mostly simplifies SKIP_IF statements and adds some more documentation.
Also, mknod is now supported by gofer fs, so remove SKIP_IFs related to this.
PiperOrigin-RevId: 333449932
|
|
PiperOrigin-RevId: 333408633
|
|
PiperOrigin-RevId: 333400865
|
|
PiperOrigin-RevId: 332961666
|
|
Calls to recv sometimes fail with EAGAIN, so call select beforehand.
PiperOrigin-RevId: 332943156
|
|
"DefaultValueEqZero" is only valid if the test is in a
sandbox. Our CI VMs often have "/proc/sys/net/ipv4/ip_forward" set
to 1.
PiperOrigin-RevId: 332910859
|
|
PiperOrigin-RevId: 332907453
|
|
`recv` calls with MSG_DONTWAIT can fail with EAGAIN randomly
in tests. Fix this by calling `select` on sockets with a timeout
prior to attempting a `recv`.
PiperOrigin-RevId: 332873735
|
|
PiperOrigin-RevId: 332760843
|
|
Unfortunately, I think TSC misalignment means that we can't really expect any
consistent correspondence between a TSC-based VDSO and the sentry's view of
time on the KVM platform.
PiperOrigin-RevId: 332576147
|
|
PiperOrigin-RevId: 332546659
|
|
Updates #1199
PiperOrigin-RevId: 332539197
|
|
PiperOrigin-RevId: 332521647
|
|
This is more consistent with Linux (see comment on MM.NewSharedAnonMappable()).
We don't do the same thing on VFS1 for reasons documented by the updated
comment.
PiperOrigin-RevId: 332514849
|
|
Updates #3549.
PiperOrigin-RevId: 332501660
|
