For some ipv6 scope types (link local, amongo others), we need to tell the
kernel the ifindex of the interface whose address we want to bind to as
well as the address itself.
v2: use SO_BINDTODEVICE to get the ifname, and pass that through instead of
using netlink to grab all the ipv6 sockets via rtnetlink.
Signed-off-by: Tycho Andersen <tycho.andersen@canonical.com>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
CID 154853 (#1 of 1): Uninitialized scalar variable (UNINIT)
7. uninit_use_in_call: Using uninitialized value c when calling write.
Reported-by: coverity
Signed-off-by: Andrew Vagin <avagin@virtuozzo.com>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
CID 154850 (#1 of 1): Resource leak (RESOURCE_LEAK)
9. leaked_handle: Handle variable cwd_fd going out of scope leaks the handle.
Reported-by: coverity
Signed-off-by: Andrew Vagin <avagin@virtuozzo.com>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
CID 154852 (#1 of 3): Resource leak (RESOURCE_LEAK)
32. leaked_storage: Variable info going out of scope leaks the storage it points to.
Reported-by: coverity
Signed-off-by: Andrew Vagin <avagin@virtuozzo.com>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
This header is unused, and not present on kernels w/o CONFIG_BPF_SYSCALL,
so let's not require it.
Signed-off-by: Tycho Andersen <tycho.andersen@canonical.com>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
nsid->mnt.ns_fd is initialized into 0, so currently
fini_restore_mntns() closes the 0 descriptor if processes
lives in a current mount namespace (NS_CRIU).
Without this patch I get the following error:
(00.166444) 4109: Inherit fd tty:[8800:d] -> 0 has been closed
v2: typo fix
v3: do nothing when processes are restored in the local mntns
Signed-off-by: Andrew Vagin <avagin@virtuozzo.com>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
If a task is stopped, waitpid() will return its status, but
wait4() in seize_wait_task will hang forever, because a stopped
state is reported only once.
v2: don't like a file object
Reported-by: Andrey Ryabinin <aryabinin@virtuozzo.com>
Cc: Andrey Ryabinin <aryabinin@virtuozzo.com>
Signed-off-by: Andrew Vagin <avagin@virtuozzo.com>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
The timeout between iterations should be the save oder
with scheduler timeslice, which is about 100 msec.
Currently we wait for inly 10 msec, which is obviously not enough.
Signed-off-by: Andrew Vagin <avagin@virtuozzo.com>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
We need to call close_image() for "empty" images.
v2: don't touch generic functiuons
Signed-off-by: Andrew Vagin <avagin@virtuozzo.com>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
A task can be stopped and has a queued SIGSTOP, in this case we need
to resume the task twice to skip "both" signals.
v2: detect SIGSTOP in shared and per-process queues
Signed-off-by: Andrew Vagin <avagin@virtuozzo.com>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
We found that we want to know whether SIGSTOP is queue
in both or is in one of this queues.
Signed-off-by: Andrew Vagin <avagin@virtuozzo.com>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
We get the stack trace if a test failed:
Test output: ================================
09:11:34.584: 4: PASS
<<< ================================
Traceback (most recent call last):
File "zdtm.py", line 922, in <module>
do_run_test(tinfo[0], tinfo[1], tinfo[2], tinfo[3])
File "zdtm.py", line 696, in do_run_test
t.kill()
File "zdtm.py", line 302, in kill
self.__flavor.fini()
File "zdtm.py", line 168, in fini
subprocess.check_call(["mount", "--make-private", self.root])
File "/usr/lib64/python2.7/subprocess.py", line 540, in check_call
raise CalledProcessError(retcode, cmd)
subprocess.CalledProcessError: Command '['mount', '--make-private', '/tmp/criu-root-YN1t3X']' returned non-zero exit status 32
umount: /tmp/criu-root-YN1t3X: not mounted
Cc: Tycho Andersen <tycho.andersen@canonical.com>
Signed-off-by: Andrew Vagin <avagin@virtuozzo.com>
Acked-by: Tycho Andersen <tycho.andersen@canonical.com>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
If a task was in a stopped state before we started to ptrace-seize
it, this stopped state will be restored by kernel upon detach.
If SIGSTOP was only in a task queue, we need to send it by hands
again bedore detaching. Otherwise we clean stop from queue (to
run parasite) and seize will restore task as running.
And, since SIGSTOP doesn't affect states of already stopped tasks,
we can send it to then safely and not distinguish stopped from
stop-queued ones.
Reported-by: Mr Jenkins
Signed-off-by: Andrew Vagin <avagin@virtuozzo.com>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
When we restore ipv6 addresses, they go through a “tentative” phase
and sockets could not be bound to them in this moment.
v2: add more comments in code
Reported-by: Ross Boucher <boucher@gmail.com>
Signed-off-by: Andrew Vagin <avagin@virtuozzo.com>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
This include is actually unused (probably leftover from an old version of
the kernel API when I was porting the patchsets); we can delete it.
Signed-off-by: Tycho Andersen <tycho.andersen@canonical.com>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
In current implementation of thread bomb effectively only one
thread runs, the rest sit in the read from pipe.
Fix this by making threads constantly creating new ones and
just exiting.
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
Acked-by: Andrew Vagin <avagin@virtuozzo.com>
SIGSTOP can't be blocked, so we need to wait when it will be handled.
v2: don't duplicate the same code twice
Reported-by: Mr Jenkins
Signed-off-by: Andrew Vagin <avagin@virtuozzo.com>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
It's required to check the SIGSTOP signal, which can't be blocked.
Signed-off-by: Andrew Vagin <avagin@virtuozzo.com>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
Let's imagine that we have two local interconnected sockets.
Whe we are restoring tcp sockets, we need to disable the repair mode
to restore data in sending queues.
If traffic isn't blocked, a socket starts operating, but
in this time another end can be not restored yet.
$ test/zdtm.sh -r ns/static/socket-tcpbuf-local
...
(00.274632) 5: Error (sk-tcp.c:485): Can't restore 2 queue data (-1), want (1780919:1780919): Connection reset by peer
We create a separate chain to avoid conflicts with other rules.
https://bugs.openvz.org/browse/CRIU-96
v2: use iptables-restore to apply whole configuration for one call
v3: add a comment why we use iptables-restore instread of iptables.
v4: remove unused headers
Signed-off-by: Andrew Vagin <avagin@virtuozzo.com>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
So we keep it and dont close inside close_old_fds()
helper but pass into veth creation so the kernel
can fetch the net namespace of the veth peer.
v2 (by avagin@):
- don't forget to close opened descriptor
Signed-off-by: Cyrill Gorcunov <gorcunov@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
v2: use a cached value to dump ipv6 interface addesses
call get_ipv6() from kerndat_init_rst too
Signed-off-by: Andrew Vagin <avagin@virtuozzo.com>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
It returns EINTR, so we need to handle it.
$ bash test/zdtm.sh --restore-sibling ns/static/env00
...
futex(0x7fc20ec92010, FUTEX_WAIT, 1, {120, 0}) = ? ERESTART_RESTARTBLOCK (Interrupted by signal)
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
There's a sat.py script in criu-scripts repo that analyzes the strace
outputs. It's useful to check the amount of system calls criu takes to
do dump or restore of certain apps.
So add the --sat key to zdtm.py that would generate sat-able logs for
individual tests.
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
Better to obtain error if there is no free memory
than smashing the stack.
A rule of thumb for alloca() based functions is to
use them with predefined small sizes (such as we
do in swapping builtin sizes for parasite engine).
Signed-off-by: Cyrill Gorcunov <gorcunov@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
