mir/criu
2
0
Fork 0
mirror of https://github.com/checkpoint-restore/criu synced 2025-08-31 14:25:49 +00:00
Code Issues Releases Wiki Activity
10,763 Commits 12 Branches 70 Tags
7400d91f83cfbefa91f1d2207bcd65fc06a3cbbb
Commit Graph

469 Commits

Author SHA1 Message Date
Nicolas Viennot
6f9d62eb38 ci: test criu-image-streamer with all tests 
All the bugs that were in the way got fixed. We can enable all tests.

Signed-off-by: Nicolas Viennot <Nicolas.Viennot@twosigma.com>
 2022-04-28 17:53:52 -07:00
Andrei Vagin
8775cf3a50 ci: reenable the lazy-thp test in the lazy-remote mode 
Signed-off-by: Andrei Vagin <avagin@gmail.com>
 2022-04-28 17:53:52 -07:00
Radostin Stoyanov
119a798856 ci: disable glibc rseq support 
This patch sets the glibc.pthread.rseq tunable [1] to disable rseq
support in glibc as a temporary solution for the problem described in
[2]. This would allow us to run CI tests until CRIU has rseq support.

This commit also disables the rpc tests as they fail even
when GLIBC_TUNABLES is set.

[1] https://sourceware.org/git/?p=glibc.git;a=commit;h=e3e589829d16af9f7e73c7b70f74f3c5d5003e45
[2] https://github.com/checkpoint-restore/criu/issues/1696

Signed-off-by: Radostin Stoyanov <rstoyanov@fedoraproject.org>
 2022-04-28 17:53:52 -07:00
Radostin Stoyanov
9fd000c58d ci: use unstable release for cross-compile 
We added cross-compile tests with testing debian release to be able to
replicate the error reported in #1653, however, installing build
dependencies in this release currently fails with the following error:

libc6-dev:armhf : Breaks: libc6-dev-armhf-cross (< 2.33~) but 2.32-1cross4 is to be installed

This is not something we can fix, therefore using the debian unstable
release (instead of testing) could be more reliable option for our CI.
This would still replicate the problem reported in #1653.

Signed-off-by: Radostin Stoyanov <rstoyanov@fedoraproject.org>
 2022-04-28 17:53:52 -07:00
Radostin Stoyanov
d79d73e3a0 ci: install procps in Alpine 
The version of ps in Alpine image by default is very limited.
It is based on the one from busybox and doesn't support options
such as '-p'.

Signed-off-by: Radostin Stoyanov <radostin@redhat.com>
 2022-04-28 17:53:52 -07:00
Bui Quang Minh
3eba68089e ci: Enable disabled unix socket related tests 
As the unix socket broken tests have been fixed in the pull request

https://github.com/checkpoint-restore/criu/pull/1680

We re-enable these tests.

Signed-off-by: Bui Quang Minh <minhquangbui99@gmail.com>
 2022-04-28 17:53:52 -07:00
Adrian Reber
a52185ffe3 ci: disable broken tests until fixed 
Broken tests are being tracked at

 * https://github.com/checkpoint-restore/criu/issues/1669
 * https://github.com/checkpoint-restore/criu/issues/1635

This also enables previously disabled BPF related tests:

 * https://github.com/checkpoint-restore/criu/issues/1354

Signed-off-by: Adrian Reber <areber@redhat.com>
 2022-04-28 17:53:52 -07:00
Radostin Stoyanov
d514bacb40 ci: Run cross compile with debian testing 
Debian testing has newer compiler version and running
cross compilation tests would allow us to catch any compilation
errors early.

Signed-off-by: Radostin Stoyanov <radostin@redhat.com>
 2022-04-28 17:53:52 -07:00
Radostin Stoyanov
4c1330bb0c ci: Run cross compile on debian stable 
The current debian stable release is Bullseye, not Buster. However, we
can use the 'stable' release instead. This would allow the CI to
automatically pick up updates in the future.

Signed-off-by: Radostin Stoyanov <radostin@redhat.com>
 2022-04-28 17:53:52 -07:00
Pavel Tikhomirov
bbfd9031a3 clang-format: enable AlignTrailingComments 
Code becomes much more human-readable after enabling it.

Example 1:

Before:
```
struct file_desc {
	u32 id; /* File id, unique */
	struct hlist_node hash; /* Descriptor hashing and lookup */
	struct list_head fd_info_head; /* Chain of fdinfo_list_entry-s with same ID and type but different pids */
	struct file_desc_ops *ops; /* Associated operations */
	struct list_head fake_master_list; /* To chain in the list of file_desc, which don't
						    have a fle in a task, that having permissions */
};
```
After:
```
struct file_desc {
	u32 id;                            /* File id, unique */
	struct hlist_node hash;            /* Descriptor hashing and lookup */
	struct list_head fd_info_head;     /* Chain of fdinfo_list_entry-s with same ID and type but different pids */
	struct file_desc_ops *ops;         /* Associated operations */
	struct list_head fake_master_list; /* To chain in the list of file_desc, which don't
					    * have a fle in a task, that having permissions */
};
```

Example 2:

Before:
```
enum fsconfig_command {
	FSCONFIG_SET_FLAG = 0, /* Set parameter, supplying no value */
	FSCONFIG_SET_STRING = 1, /* Set parameter, supplying a string value */
	FSCONFIG_SET_BINARY = 2, /* Set parameter, supplying a binary blob value */
	FSCONFIG_SET_PATH = 3, /* Set parameter, supplying an object by path */
	FSCONFIG_SET_PATH_EMPTY = 4, /* Set parameter, supplying an object by (empty) path */
	FSCONFIG_SET_FD = 5, /* Set parameter, supplying an object by fd */
	FSCONFIG_CMD_CREATE = 6, /* Invoke superblock creation */
	FSCONFIG_CMD_RECONFIGURE = 7, /* Invoke superblock reconfiguration */
};
```
After:
```
enum fsconfig_command {
	FSCONFIG_SET_FLAG = 0,        /* Set parameter, supplying no value */
	FSCONFIG_SET_STRING = 1,      /* Set parameter, supplying a string value */
	FSCONFIG_SET_BINARY = 2,      /* Set parameter, supplying a binary blob value */
	FSCONFIG_SET_PATH = 3,        /* Set parameter, supplying an object by path */
	FSCONFIG_SET_PATH_EMPTY = 4,  /* Set parameter, supplying an object by (empty) path */
	FSCONFIG_SET_FD = 5,          /* Set parameter, supplying an object by fd */
	FSCONFIG_CMD_CREATE = 6,      /* Invoke superblock creation */
	FSCONFIG_CMD_RECONFIGURE = 7, /* Invoke superblock reconfiguration */
};
```

Example 3:

Before:
```
	ret = libnet_build_tcp(ntohs(sk->dst_addr->v4.sin_port), /* source port */
			       ntohs(sk->src_addr->v4.sin_port), /* destination port */
			       data->inq_seq, /* sequence number */
			       data->outq_seq - data->outq_len, /* acknowledgement num */
			       flags, /* control flags */
			       data->rcv_wnd, /* window size */
			       0, /* checksum */
			       10, /* urgent pointer */
			       LIBNET_TCP_H + 20, /* TCP packet size */
			       NULL, /* payload */
			       0, /* payload size */
			       l, /* libnet handle */
			       0); /* libnet id */
```
After:
```
	ret = libnet_build_tcp(ntohs(sk->dst_addr->v4.sin_port), /* source port */
			       ntohs(sk->src_addr->v4.sin_port), /* destination port */
			       data->inq_seq,                    /* sequence number */
			       data->outq_seq - data->outq_len,  /* acknowledgement num */
			       flags,                            /* control flags */
			       data->rcv_wnd,                    /* window size */
			       0,                                /* checksum */
			       10,                               /* urgent pointer */
			       LIBNET_TCP_H + 20,                /* TCP packet size */
			       NULL,                             /* payload */
			       0,                                /* payload size */
			       l,                                /* libnet handle */
			       0);                               /* libnet id */
```

Example 4:

Before:
```
static struct testcase __testcases[] = {
	{ 2, 1, 2, 1, 2, 1 }, /* session00                      */
	{ 4, 2, 4, 2, 4, 1 }, /*  |\_session00          */
	{ 15, 4, 4, 4, 15, 1 }, /*  |  |\_session00             */
	{ 16, 4, 4, 4, 15, 1 }, /*  |   \_session00             */
	{ 17, 4, 4, 4, 17, 0 }, /*  |  |\_session00             */
	{ 18, 4, 4, 4, 17, 1 }, /*  |   \_session00             */
	{ 5, 2, 2, 2, 2, 1 }, /*  |\_session00          */
	{ 8, 2, 8, 2, 8, 1 }, /*  |\_session00          */
	{ 9, 8, 2, 2, 2, 1 }, /*  |   \_session00               */
	{ 10, 2, 10, 2, 10, 1 }, /*  |\_session00               */
	{ 11, 10, 11, 2, 11, 1 }, /*  |    \_session00          */
	{ 12, 11, 2, 2, 2, 1 }, /*  |        \_session00        */
	{ 13, 2, 2, 2, 2, 0 }, /*   \_session00         */
	{ 3, 13, 2, 2, 2, 1 }, /* session00                     */
	{ 6, 2, 6, 2, 6, 0 }, /*   \_session00          */
	{ 14, 6, 6, 6, 6, 1 }, /* session00                     */
};
```
After:
```
static struct testcase __testcases[] = {
	{ 2, 1, 2, 1, 2, 1 },     /* session00                  */
	{ 4, 2, 4, 2, 4, 1 },     /*  |\_session00              */
	{ 15, 4, 4, 4, 15, 1 },   /*  |  |\_session00           */
	{ 16, 4, 4, 4, 15, 1 },   /*  |   \_session00           */
	{ 17, 4, 4, 4, 17, 0 },   /*  |  |\_session00           */
	{ 18, 4, 4, 4, 17, 1 },   /*  |   \_session00           */
	{ 5, 2, 2, 2, 2, 1 },     /*  |\_session00              */
	{ 8, 2, 8, 2, 8, 1 },     /*  |\_session00              */
	{ 9, 8, 2, 2, 2, 1 },     /*  |   \_session00           */
	{ 10, 2, 10, 2, 10, 1 },  /*  |\_session00              */
	{ 11, 10, 11, 2, 11, 1 }, /*  |    \_session00          */
	{ 12, 11, 2, 2, 2, 1 },   /*  |        \_session00      */
	{ 13, 2, 2, 2, 2, 0 },    /*   \_session00              */
	{ 3, 13, 2, 2, 2, 1 },    /* session00                  */
	{ 6, 2, 6, 2, 6, 0 },     /*   \_session00              */
	{ 14, 6, 6, 6, 6, 1 },    /* session00                  */
};
```

Signed-off-by: Pavel Tikhomirov <ptikhomirov@virtuozzo.com>
 2022-04-28 17:53:52 -07:00
Adrian Reber
f7bc3bdc91 ci: fix userfaultfd test failures 
Newer kernels (5.11) require echo 1 > /proc/sys/vm/unprivileged_userfaultfd

Without the 'echo 1' the kernel prints a message like this:

 uffd: Set unprivileged_userfaultfd sysctl knob to 1 if kernel faults must be handled without obtaining CAP_SYS_PTRACE capability

Signed-off-by: Adrian Reber <areber@redhat.com>
 2022-04-28 17:53:52 -07:00
Pavel Tikhomirov
e3a853ab99 criu-ns: make pidns init first do setsid 
We see that on criu-ns dump/restore/dump of the process which initially
was not a session leader (with --shell-job option) we see sid == 0 for
it and fail with something like:

Error (criu/cr-dump.c:1333): A session leader of 41585(41585) is outside of its pid namespace

Note: We should not dump processes with sid 0 (even with --shell-job) as
on restore we can can put such processes from multiple sessions into
one, which is wrong.

Fixes: #232

Signed-off-by: Pavel Tikhomirov <ptikhomirov@virtuozzo.com>
 2022-04-28 17:53:52 -07:00
Radostin Stoyanov
bffaa7d072 ci: enable coredump tests 
Signed-off-by: Radostin Stoyanov <radostin@redhat.com>
 2022-04-28 17:53:52 -07:00
Radostin Stoyanov
a0b738cb8f coredump: remove unused import 
Signed-off-by: Radostin Stoyanov <radostin@redhat.com>
 2022-04-28 17:53:52 -07:00
Radostin Stoyanov
a15a63fce0 criu-ns: change python shebang to python3 
PEP 394 recommends changing python shebangs to python3 when Python 3.x
is supported. This is similar to `crit-python3`.

https://www.python.org/dev/peps/pep-0394/

Signed-off-by: Radostin Stoyanov <radostin@redhat.com>
 2021-10-12 12:58:43 -07:00
Radostin Stoyanov
8567a09524 ci: Update openj9 container images 
The AdoptOpenJDK docker images have been deprecated in favor of
eclipse-temurin.

https://github.com/AdoptOpenJDK/openjdk-docker/pull/604

Signed-off-by: Radostin Stoyanov <radostin@redhat.com>
 2021-09-22 08:21:06 -07:00
Radostin Stoyanov
4db8ef15ce podman-test: use crun from git repository 
This patch allows to test the integration of libcriu
with the upstream crun.

Signed-off-by: Radostin Stoyanov <radostin@redhat.com>
 2021-09-17 10:42:21 -07:00
Radostin Stoyanov
e936a0f8ad docker-test: refactor test scenario 
The following error occurs when creating a checkpoint of
a container immediately after the container has been restored
from another checkpoint.

Error response from daemon: Cannot checkpoint container cr: content
sha256:12c69b7a9d25695dd5f9d37d4e858e2f7c3f9da738ccf86f8d3042f6973af1df:
already exists

In this patch we add a healthcheck to the test container and update the
test to perform a checkpoint only when the container is in a 'healthy'
state. In addition, this patch adds a scenario to test the
checkpoint/restore of multiple containers.

Signed-off-by: Radostin Stoyanov <rstoyanov@fedoraproject.org>
 2021-09-03 10:31:00 -07:00
Adrian Reber
1e26f170ca criu: introduce clang-format to format source code 
This is another attempt to introduce a tool to format CRIU's source
code. This time it is based on clang-format.

The .clang-format file is taken from the linux kernel git tree (5.13).

I removed all comments from lines which state that it requires at least
clang-format 4 or 5. For this resulting file at least clang-format 11
is required. See scripts/fetch-clang-format.sh for all the changes
done to the Linux kernel .clang-format file.

Acked-by: Mike Rapoport <rppt@linux.ibm.com>
Signed-off-by: Adrian Reber <areber@redhat.com>
 2021-09-03 10:31:00 -07:00
Adrian Reber
d62e747e91 ci: fix Fedora Rawhide 
Fedora Rawhide updated to a glibc using clone3(). clone3() is, however,
not yet part of the seccomp filter. Unfortunately 'docker build' does
not allow dropping seccomp but luckily 'podman build' does.

This switches the Fedora Rawhide test to use Podman. Podman is part of
GitHub Actions and no additional packages need to be installed.

Signed-off-by: Adrian Reber <areber@redhat.com>
 2021-09-03 10:31:00 -07:00
Adrian Reber
01fa34f1eb ci: use pre-installed Podman 
GitHub Actions already has Podman installed. No need to install it a
second time.

Signed-off-by: Adrian Reber <areber@redhat.com>
 2021-09-03 10:31:00 -07:00
Radostin Stoyanov
6be9345fb1 criu-ns: add support for 'check' action 
Signed-off-by: Radostin Stoyanov <rstoyanov@fedoraproject.org>
 2021-09-03 10:31:00 -07:00
Radostin Stoyanov
868bffba4d criu-ns: add top-level conditional execution 
Execute actions only if run as a script.
https://docs.python.org/3/library/__main__.html

Signed-off-by: Radostin Stoyanov <rstoyanov@fedoraproject.org>
 2021-09-03 10:31:00 -07:00
Radostin Stoyanov
f70605ef1e criu-ns: update script name in help message 
Signed-off-by: Radostin Stoyanov <rstoyanov@fedoraproject.org>
 2021-09-03 10:31:00 -07:00
Zeyad Yasser
00ca2b519e scripts/build: add a docker file for archlinux 
Signed-off-by: Zeyad Yasser <zeyady98@gmail.com>
 2021-09-03 10:31:00 -07:00
Adrian Reber
ac27562f09 ci: add msgque test case to crit-recode 
crit-recode on msgque tests was broken in Jenkins. Run it also in GitHub
CI.

Signed-off-by: Adrian Reber <areber@redhat.com>
 2021-09-03 10:31:00 -07:00
Radostin Stoyanov
5034885974 ci/openj9: run mrproper before make 
Make sure to remove all files created from previous local build
before compiling in the container.

Reported-by: Rajneesh Bhardwaj <rajneesh.bhardwaj@amd.com>
Signed-off-by: Radostin Stoyanov <rstoyanov@fedoraproject.org>
 2021-09-03 10:31:00 -07:00
Adrian Reber
8f2b8c7be0 scripts: run lint also on criu-ns 
Signed-off-by: Adrian Reber <areber@redhat.com>
 2021-09-03 10:31:00 -07:00
Adrian Reber
bd648cc8d9 ci: also test tcp stream crit recoding 
Signed-off-by: Adrian Reber <areber@redhat.com>
 2021-09-03 10:31:00 -07:00
Adrian Reber
0ca36c95ee ci: combine cross compile container definitions 
The cross compile container definitions for each architecture were
almost the same files except for the architecture.

This moves the architecture to variables so that all cross compile
setups can use the same container definition.

Signed-off-by: Adrian Reber <areber@redhat.com>
 2021-09-03 10:31:00 -07:00
Adrian Reber
1a197d4d86 criu: add unit testing for config file parser 
This tries to add a unit test for the configuration file parser.

Signed-off-by: Adrian Reber <areber@redhat.com>
 2021-09-03 10:31:00 -07:00
Adrian Reber
45bde968a2 test: add tests for configuration file parsing 
This adds a test run to ensure known (but fixed) configuration file
parser errors are not crashing CRIU anymore.

Based on missing test code coverage this script also tests code paths of
the option handling which have not been tested until now.

Signed-off-by: Adrian Reber <areber@redhat.com>
 2021-09-03 10:31:00 -07:00
Adrian Reber
63ca464bcb ci: remove old workarounds 
This commit removes a couple of workaround for old kernels and
distributions which we no longer use in CI.

Signed-off-by: Adrian Reber <areber@redhat.com>
 2021-09-03 10:31:00 -07:00
Adrian Reber
1fbe876242 ci: disable -x during print_env() 
Signed-off-by: Adrian Reber <areber@redhat.com>
 2021-09-03 10:31:00 -07:00
Radostin Stoyanov
a92833818b scripts/vagrant: Use vagrant 2.2.16 
Signed-off-by: Radostin Stoyanov <rstoyanov@fedoraproject.org>
 2021-09-03 10:31:00 -07:00
Radostin Stoyanov
eda3ac2ff3 scripts/vagrant: Use Fedora 34 
Signed-off-by: Radostin Stoyanov <rstoyanov@fedoraproject.org>
 2021-09-03 10:31:00 -07:00
Mike Frysinger
2967bed64e build: respect $PKG_CONFIG settings 
The build needs to respect $PKG_CONFIG env var like other standard
build systems and the the upstream pkg-config project itself.  This
allows the package builder to point it to the right tool when doing
a cross-compile build.  Otherwise the host pkg-config tool is used
which won't have access to the packages in the cross sysroot.

Signed-off-by: Mike Frysinger <vapier@chromium.org>
 2021-09-03 10:31:00 -07:00
Radostin Stoyanov
81a68ad3b2 docker-test: use latest containerd release 
This patch improves the changes from 19be9ced9.

To use the newer version of containerd, we need to make sure that the
containerd service has been restarted after install. Instead of
hard-coding a version number, we can use github API to get the latest
release. In addition, the tar file contains all binary files in a
'./bin' sub-folder. Thus, it should be extracted in '/usr'.

Signed-off-by: Radostin Stoyanov <rstoyanov@fedoraproject.org>
 2021-09-03 10:31:00 -07:00
Adrian Reber
a8525c07d4 ci: no longer avoid overlayfs 
Now that the Ubuntu kernel is no longer broken with regards to
overlayfs, let's switch back to overlayfs instead of devicemapper and
vfs graphdrivers.

Signed-off-by: Adrian Reber <areber@redhat.com>
 2021-09-03 10:31:00 -07:00
Zeyad Yasser
1c08709cdb zdtm: add pidfd store based pid reuse test 
This is just a symlink to the original transition/pid_reuse test with
the right options passed to trigger the pidfd store based pid reuse
detection code path.

Pidfd store based detection is supported only in RPC mode which
requires passing a unix socket fd to be used as pidfd store and
the kernel should support pidfd_open and pidfd_getfd syscalls
{'feature': 'pidfd_store'} for this test to work.

Signed-off-by: Zeyad Yasser <zeyady98@gmail.com>
 2021-09-03 10:31:00 -07:00
Radostin Stoyanov
e2c352e4f8 tools.mk: Use Python 3 by default 
As of January 1st, 2020 Python 2 is no longer supported and
many distributions no longer provide packages for Python 2
dependencies.

This patch allows CRIU to use Python 3 by default when both
major versions are available on the system.

Signed-off-by: Radostin Stoyanov <rstoyanov@fedoraproject.org>
 2021-09-03 10:31:00 -07:00
Kir Kolyshkin
2166d47482 scripts: fix shellcheck warnings 
On my system (shellcheck v0.7.1) make lint shows a few warnings about
needing to quote variables.

Fix those.

PS I am not sure why those are not shown by GHA CI, I assume there is
different shellcheck version used. Add shellcheck -- version to the
appropriate Makefile target to avoid confusion.

Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
 2021-09-03 10:31:00 -07:00
Radostin Stoyanov
3ca09f5c9f ci: exclude lazy-thp for remote pages over tls 
Temporarily disable this test until the #1380 is resolved.

Signed-off-by: Radostin Stoyanov <rstoyanov@fedoraproject.org>
 2021-09-03 10:31:00 -07:00
Radostin Stoyanov
e3c0fa7011 Dockerfile: add missing test dependencies 
This patch adds missing dependencies required to run
the zdtm tests.

Signed-off-by: Radostin Stoyanov <rstoyanov@fedoraproject.org>
 2021-09-03 10:31:00 -07:00
Radostin Stoyanov
3074b6d5a2 Dockerfile: re-build criu after clean 
In order to be able to run the zdtm tests inside a container,
we have to make sure that all protobuf sources have been compiled.

Signed-off-by: Radostin Stoyanov <rstoyanov@fedoraproject.org>
 2021-09-03 10:31:00 -07:00
Radostin Stoyanov
f432186e73 Dockerfile: use 'git clean' before build 
The 'make docker-build' command creates a copy of all files from the
in local CRIU clone inside a container.

Then it runs 'make mrproper' inside the container, followed by
compilation of criu, followed by another 'make mrproper'.

After the last mrproper command, it attempts to check if
the clean was successful by running 'git clean'.

However, this check fails when the local repository contains
files that are not part of the repository.

For example, the vscode editor creates the folder '.vscode/'
which would be copied inside the docker container and cause
'make docker-build' to fail.

Signed-off-by: Radostin Stoyanov <rstoyanov@fedoraproject.org>
 2021-09-03 10:31:00 -07:00
Radostin Stoyanov
e3b694392d scripts/build: drop obsolete ENV1 variable 
The ENV1 variable was first introduced with commit
7290de5 (travis: enable ccache for docker/qemu builds)
and it is not used anymore.

Signed-off-by: Radostin Stoyanov <rstoyanov@fedoraproject.org>
 2021-09-03 10:31:00 -07:00
Adrian Reber
9c18c63d2a ci: enable crit tests in CI 
Signed-off-by: Adrian Reber <areber@redhat.com>
 2021-09-03 10:31:00 -07:00
Adrian Reber
228e510d21 ci: move CentOS 8 based test to Cirrus 
The kernel on GitHub Actions has a bug

https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1919472

which breaks our CI. It works on Cirrus. Let's move it there.

Signed-off-by: Adrian Reber <areber@redhat.com>
 2021-09-03 10:31:00 -07:00
fedor
069d92e513 Use a real VM instead of a privileged container 2021-09-03 10:31:00 -07:00