1) Let's do test_init earlier so that max_nr test_msg is now visible in
thread-bomb.out.
2) Also lets check errors from malloc and pthread_... functions, print
messages about their errors and do proper deallocation at least.
Signed-off-by: Pavel Tikhomirov <ptikhomirov@virtuozzo.com>
With Travis dramatically reducing the minutes available for CI, CRIU
needs a new place to run tests. This moves the Vagrant based Fedora 32
no VDSO test cases to Cirrus CI. Cirrus CI seems to be one of the very
few free CI services allowing access to /dev/kvm.
Signed-off-by: Adrian Reber <areber@redhat.com>
open_handle and first part of alloc_openable do the same work. Both these
function are called from check_open_handle. Rework check_open_handle to call
only alloc_openable.
Signed-off-by: Andrey Zhadchenko <andrey.zhadchenko@virtuozzo.com>
mnt_is_dir is used when looking up for suitable mount point. In some cases
that function may fail several times. Error level seems to strict for this
cases.
Added error message to lookup_mnt_sdev in case all mnt_is_dir failed.
As for open_handle and alloc_openable which are calling mnt_is_dir, they are
used in check_open_handle, which will call error afterwards.
Adjusted log level for __open_mountpoint result in open_handle since it is
allowed to fail several times. open_handle caller get_mark_path expect
possible failure and will print error in case.
Signed-off-by: Andrey Zhadchenko <andrey.zhadchenko@virtuozzo.com>
In case get_clean_mnt fails open_mountpoint is still able to resolve mounts
by helper process or print error in the worst case. Using pr_warn instead of
pr_perror.
Signed-off-by: Andrey Zhadchenko <andrey.zhadchenko@virtuozzo.com>
Stats often call 'get_timing' function which has a BUG() assertion to
catch cases when stats failed to initialize correctly.
If stats haven't initialized yet assertion will also be triggered.
We dont want the trigger to happen in a case when criu fails at early
steps before initializing stats, but this can happen in the following
case:
- at cr_dump_tasks criu can catch error before the call to init_stats.
- it then decides to gracefully quit with error and
calls cr_dump_finish.
- cr_dump_finish will call timing_stop -> get_timing
and BUG() gets triggered
But because criu is already quitting gracefully, BUG() is not needed.
In this code path we can call timing_stop under proper condition.
[avagin: rebase on top of criu-dev and a few minor changes]
Signed-off-by: Andrei Vagin <avagin@gmail.com>
criu/fdstore.c:110: negative_return_fn: Function "get_service_fd(FDSTORE_SK_OFF)" returns a negative number.
criu/fdstore.c:110: assign: Assigning: "sk" = "get_service_fd(FDSTORE_SK_OFF)".
criu/fdstore.c:114: negative_returns: "sk" is passed to a parameter that cannot be negative.
criu/namespaces.c:1366: negative_return_fn: Function "get_service_fd(USERNSD_SK)" returns a negative number.
criu/namespaces.c:1366: assign: Assigning: "sk" = "get_service_fd(USERNSD_SK)".
criu/namespaces.c:1389: negative_returns: "sk" is passed to a parameter that cannot be negative.
Signed-off-by: Adrian Reber <areber@redhat.com>
Signed-off-by: Andrei Vagin <avagin@gmail.com>
criu/cr-restore.c:3230:3: note: Value stored to 'ret' is never read
ret = false;
^ ~~~~~
3228| if (n == -1) {
3229| pr_perror("Failed to get number of supplementary groups");
3230|-> ret = false;
3231| }
3232| if (n != n_groups)
Signed-off-by: Adrian Reber <areber@redhat.com>
This looks better for me, should be no functional change.
Another implication of this is nested pid namespaces, when we will
support them "__open_proc(getpid()...)" will try to open file of the
process which has the same pid but in NS_ROOT pidns, which is bad.
See also aa2d92082 ("files: use PROC_SELF when a process accesses its
/proc/PID") for a similar change.
Signed-off-by: Pavel Tikhomirov <ptikhomirov@virtuozzo.com>
We need this to avoid conflicts with file descriptors which has to be
restored. Currently open_proc PROC_SELF is not used during restoring
file descriptors, but we are going to use it for memfd restore.
Note: in get_proc_fd let's not close service fd if we detect service fd
is not ours, it will be replaced in open_pid_proc anyway, and e.g. in
protected sfd context we can't close or open sfd, but can replace it
without any problems.
While on it also add FIXME because the check in get_proc_fd is error
prone in some rare cases (nested pidns is not supported yet).
We need to populate this new SELF service fd in populate_pid_proc, so
that it is later available in protected context. Also don't close
/proc/self service fd in prep_unix_sk_cwd as it can be called from
protected context and there is no much point of closing it anyway.
Close proc self servicefd in close_old_fds, because first we don't wan't
to reuse it from some ancestor, second there can be some junk fd as we
are yet only in the beginning of close_old_fds. This junk fd can come
from service fds of other tasks from parent's shared fdtable, and this
fd would not allow us to do opendir_proc(PROC_SELF).
Signed-off-by: Pavel Tikhomirov <ptikhomirov@virtuozzo.com>
Improve the check to skip moving service fds in clone_service_fd because
we don't need to move anything if old service fds resulting offset is
the same as new service fds resulting offset. It saves us from excess
calls to dup/fcntl(F_DUPFD).
Currently we check that base is the same and shared fdt ids are the
same, but there also can be situations where different bases with
different shared fdt ids still give the same offset sum (running zdtm in
Virtuozzo CT we've seen such a case where service_fd_base=512,
new_base=128, service_fd_id=24, id=0, SERVICE_FD_MAX=16).
Signed-off-by: Pavel Tikhomirov <ptikhomirov@virtuozzo.com>
musl defines 'loff_t' in fcntl.h as 'off_t'.
This patch resolves the following error when running the compel tests
on Alpine Linux:
gcc -O2 -g -Wall -Werror -c -Wstrict-prototypes -fno-stack-protector -nostdlib -fomit-frame-pointer -ffreestanding -fpie -I ../../../compel/include/uapi -o parasite.o parasite.c
In file included from ../../../compel/include/uapi/compel/plugins/std/syscall.h:8,
from ../../../compel/include/uapi/compel/plugins/std.h:5,
from parasite.c:3:
../../../compel/include/uapi/compel/plugins/std/syscall-64.h:19:66: error: unknown type name 'loff_t'; did you mean 'off_t'?
19 | extern long sys_pread (unsigned int fd, char *buf, size_t count, loff_t pos) ;
| ^~~~~~
| off_t
../../../compel/include/uapi/compel/plugins/std/syscall-64.h:96:46: error: unknown type name 'loff_t'; did you mean 'off_t'?
96 | extern long sys_fallocate (int fd, int mode, loff_t offset, loff_t len) ;
| ^~~~~~
| off_t
../../../compel/include/uapi/compel/plugins/std/syscall-64.h:96:61: error: unknown type name 'loff_t'; did you mean 'off_t'?
96 | extern long sys_fallocate (int fd, int mode, loff_t offset, loff_t len) ;
| ^~~~~~
| off_t
make[1]: *** [Makefile:32: parasite.o] Error 1
Signed-off-by: Radostin Stoyanov <rstoyanov@fedoraproject.org>
These changes enable running all compel tests with a single
command from the root path of the repository:
# sudo make -C compel/test
Signed-off-by: Radostin Stoyanov <rstoyanov@fedoraproject.org>
1. The -ERESTART_RESTARTBLOCK case in get_task_regs() depends on kernel
internals too much, and for no reason. We shouldn't rely on fact that
a) we are going to do sigreturn() and b) restore_sigcontext() always
sets restart_block->fn = do_no_restart_syscall which returns -EINTR.
Just change this code to enforce -EINTR after restore, this is what
we actually want until we teach criu to handle ERESTART_RESTARTBLOCK.
2. Add pr_warn() to make the potential bug-reports more understandable,
a sane application should handle -EINTR correctly but this is not
always the case.
Fixes: #1325
Report-by: Mr Travis
Inspired-by: dd71cca58a ("dump/x86: sanitize the ERESTART_RESTARTBLOCK -> EINTR transition")
Signed-off-by: Andrei Vagin <avagin@gmail.com>
This is a copy of stale.yml from the Podman repository to automatically
close tickets after 365 days. After 30 days tickets and issues are
marked as stale and after 365 tickets and issues are finally closed.
Signed-off-by: Adrian Reber <areber@redhat.com>
Before the 5.11 kernel, there is a known issue.
start_time in /proc/pid/stat is printed in the host time namespace,
but /proc/uptime is shown in a current namespace, but criu compares them
to detect when a new task has reused one of old pids.
Fixes: #1266
Signed-off-by: Andrei Vagin <avagin@gmail.com>
As CRIU is using multiple different CI systems this adds a printout to
each CI run about the CI environment for easier debugging of possible
errors.
Also use V=1 to build CRIU and the tests to easily see which compiler
and which options are used.
Signed-off-by: Adrian Reber <areber@redhat.com>
Circle CI provides bare metal test systems which are a very good
environment for the CRIU test cases. This adds two CI runs on Circle CI.
On Circle CI it is necessary to tell clang to use '-Wl,-z,now', because
gcc has it hard-coded in Ubuntu and clang does not.
Signed-off-by: Adrian Reber <areber@redhat.com>
If one will do "git log --oneline", it is quite easy to see that we
don't begin subject lines with a capital letter. We start subjects with
component prefixes where components (mostly) are lowercase. So let's fix
it in contribution guide not to mislead newcomers.
Signed-off-by: Pavel Tikhomirov <ptikhomirov@virtuozzo.com>
Build on Ubuntu 18.04 amd64 with command "make DEBUG=1" produces the following error:
include/common/asm/bitops.h: Assembler messages:
include/common/asm/bitops.h:71: Error: incorrect register `%edx' used with `q' suffix
Signed-off-by: anatasluo <luolongjuna@gmail.com>
It is quiet a common case to move the process from one pidns to another
existing pidns with criu (only restriction is pids should not
intersect). Let's check it works.
v2: - use pipe-s to synchronize processes
- run the test in a pid namespace to avoid pid conflicts in the host
pid namespace
- grep errors in restore.log
- add some more comments
v3: use 1000 for ns_last_pid so that test works on systems with low
pid_max; remove excess ';'s.
Co-Developed-by: Andrei Vagin <avagin@gmail.com>
Signed-off-by: Pavel Tikhomirov <ptikhomirov@virtuozzo.com>
All other tasks will inherit, let's remove excess steps. While on it
also add some info message about external pidns used.
Signed-off-by: Pavel Tikhomirov <ptikhomirov@virtuozzo.com>
---
v2: add new external_pidns variable to sinchronize all uses of external
pidns case
I) Make root_ns_mask always display namespaces of root task which are
different from criu ones. All this play with temporary unsetting it
makes this variable hard to understand (more over it is not in shared
memory).
II) Disable "INIT_PID + pidns is dumped" check for external pidns
explicitly.
III) On dump we should check that pidns of root task is external, not
just any pidns is external (in case in future we would support nested
pidns-es it would be wrong). That also allows us to use regular
lookup_ns_by_id search.
IV) On error when killing tasks we should kill only root task if it is
an init of pidns. Previousely we had CLONE_NEWPID set in root_ns_mask
for external pidns but root task was not init and we killed only root
task on error cleanup.
Signed-off-by: Pavel Tikhomirov <ptikhomirov@virtuozzo.com>
I) Let's make CLONE_NEWPID in rsti(item)->clone_flags always only mean
that we need to clone with CLONE_NEWPID to create this task. Only pidns
reaper would have this flag because only they can be restored via clone
with CLONE_NEWPID flag. If we have non pidns reaper root task but its
pidns is different from criu this can be only restored into external
pidns.
II) Let's remove clone_flags variable from fork_with_pid as it does not
actually needed now:
clone_flags was introduced to be able to restore into external pidns
rsti(item)->clone_flags is determined in prepare_pstree_kobj_ids and
before (I) it means 1) parent has different namespace from item or 2)
item is root task and criu has different namespace from it. We don't
support nested pid namespaces so (1) is always false. And for (2) we
have two cases a) pid == INIT_PID - when it is not possible to restore
into external pidns b) pid != INIT_PID - when it is only possible to
restore into external pidns.
For (b) we previousely had CLONE_NEWPID flag in rsti(item)->clone_flags
and to workaround it we've added this extra clone_flags variable, but I
think it is not needed because we can simply remove CLONE_NEWPID from
non-reaper processes initially.
Also the code with removing CLONE_NEWPID from clone_flags and adding the
same flag to rsti(item)->clone_flags is super strange because I don't
see any other place where we later can use rsti(item)->clone_flags.
III) Also don't print differen flags in "Forking task with ..." from
which we actually use in clone.
Signed-off-by: Pavel Tikhomirov <ptikhomirov@virtuozzo.com>
We've seen addresses in parasite.built-in.o precalculated by linker but
in some unexpected manner:
readelf -WS criu/pie/parasite.built-in.o
Section Headers:
[Nr] Name Type Address Off Size ES Flg Lk Inf Al
[ 1] .text PROGBITS 0000000000000000 000040 00400a 00 AX 0 0 16
[87] .data PROGBITS 0000000000000000 005000 000068 00 WA 0 0 4096
[88] .rodata PROGBITS 0000000000000080 005080 001016 00 A 0 0 32
(Notes: All other sections does not have SHF_ALLOC or are of size 0, so I
skip them. Need to add "-specs=/usr/lib/rpm/redhat/redhat-annobin-cc1" to
CFLAGS to reproduce.)
Section 88 has address 0x80 in elf file but in our "consequent"
addresses precalculation algorithm it should be at 0x5080:
addr(.text) == 0x0
addr(.data) == 0x400a + (0x1000 - 0x400a % 0x1000) + 0x68 == 0x5068
addr(.rodata) == 0x5068 + (0x20 - 0x5068 % 0x20) == 0x5080
Probably the linker advises us to move 4096 aligned section to the
beginning to save some space, but it's just a guess.
So probably we should be ready to "non-consequent" alignments
precalculated and just override them.
https://github.com/checkpoint-restore/criu/issues/1301
Signed-off-by: Pavel Tikhomirov <ptikhomirov@virtuozzo.com>
There is a small typo in test/zdtm/static/socket_aio.c, test/zdtm/static/socket_listen.c, test/zdtm/static/socket_listen4v6.c, test/zdtm/static/socket_listen6.c, test/zdtm/static/socket_udp-corked.c, test/zdtm/static/socket_udp.c, test/zdtm/static/socket_udplite.c.
Should read `client` rather than `clietn`.
Signed-off-by: Tim Gates <tim.gates@iress.com>
We see strange cases there page-server or lazy-pages are exiting with
non-zero but print no errors, probably the tail of the log can help us
to understand what happened.
There are some other uses of grep_errors but let's only change cases
where we explicitly through an exeption on bad ret. For others I'm not
sure if we need extra output, e.g. for validly failing fault injections.
To debug #1280
Signed-off-by: Pavel Tikhomirov <ptikhomirov@virtuozzo.com>
Sometimes there are uffd messages in a queue of a dying task and by the
time these messages are processed in handle_request, the uffd is no
longer valid and reading from it causes errors.
Add processing of EBADF in handle_uffd_event() to gracefully handle such
situation.
Signed-off-by: Mike Rapoport <rppt@linux.ibm.com>
Currently the code checks for SIGSTOP only if (!current).
Let's provide better status checks for debug-ability.
Signed-off-by: Dmitry Safonov <dima@arista.com>
For the schedule daily special definitions were needed for MIPS as it is
not part of the release branch. Now that the release branch contains
MIPS, it is no longer necessary to have separate files for MIPS.
This also changes to make the scheduled runs actually daily and not
hourly.
Signed-off-by: Adrian Reber <areber@redhat.com>
Using travis-ci.com instead of travis-ci.org offers access to bare metal
aarch64 based systems and thus enabling us to run the full CRIU CI test
suite.
Switch arm64 based tests to arm64-graviton2 for tests.
This is the first non x86_64 architecture running tests and not just
compile in Travis.
Signed-off-by: Adrian Reber <areber@redhat.com>
Log messages showing the send/recv errno value would
help us to debug issues such as #1280.
Example:
Error (criu/tls.c:321): tls: Pull callback recv failed: Connection reset by peer'
Error (criu/tls.c:147): tls: Failed receiving data: Error in the pull function.'
Error (criu/page-xfer.c:1225): page-xfer: Can't read pagemap from socket: I/O error"
Signed-off-by: Radostin Stoyanov <rstoyanov@fedoraproject.org>
%u is quite common and I remember there were workarounds to print
(unsigned long) as long or whatever.
Just support it from now - it's not hard and not much code.
Signed-off-by: Dmitry Safonov <dima@arista.com>
Currently if the specifier can't be parsed - error message is printed
and parsing of the format string continues. That's wrong as the argument
for the specifier will be used for the next specifier. I.e:
pr_info("[%zu]`%s`\n", 0UL, "")
will crash PIE because %u is not known and the argument (0UL) will be
used for dereferencing string for %s.
Stop parsing printf position arguments at an unknown specifier.
Make this string visible so that `grep Error` in zdtm.py will catch it:
=[log]=> dump/zdtm/static/busyloop00/52/1/restore.log
------------------------ grep Error ------------------------
b'(00.001847) pie: 52: vdso: ['
b'Error: Unknown printf format %u'
------------------------ ERROR OVER ------------------------
Send the 15 signal to 52
Wait for zdtm/static/busyloop00(52) to die for 0.100000
======================= Test zdtm/static/busyloop00 PASS =======================
Reported-by: @ashwani29
Signed-off-by: Dmitry Safonov <dima@arista.com>
When vdso symbol is copied, it should be zero-terminated.
The logging code wants to print vdso names that differ
between vdso from images and vdso that's provided by kernel:
: pr_info("[%zu]`%s` offset differs: %lx != %lx (rt)\n",
: i, sym_name, sym_offset, rt_sym_offset);
In unlikely event when vdso function name is longer than 32
(not any currently), null-terminator is missing.
Signed-off-by: Dmitry Safonov <dima@arista.com>
In the case, that xrealloc() fails do not overwrite the original pointer
to be able to free the original pointer on exit.
Signed-off-by: Adrian Reber <areber@redhat.com>
One of the previous static code analyzer fixes added a xfree() at the
end of cr_lazy_pages(). It can, however, happen that during
complete_forks() the memory location for events is moved by xrealloc()
and the final xfree() will be done on the wrong address.
Passing &events to handle_requests() enables the xfree() to free the
correct and changed memory location.
Signed-off-by: Adrian Reber <areber@redhat.com>
