Bump golang.org/x/text from 0.3.7 to 0.3.8 in /packages/firecracker-task-driver#4
Closed
dependabot[bot] wants to merge 1 commit intomainfrom
Conversation
Bumps [golang.org/x/text](https://github.com/golang/text) from 0.3.7 to 0.3.8. - [Release notes](https://github.com/golang/text/releases) - [Commits](golang/text@v0.3.7...v0.3.8) --- updated-dependencies: - dependency-name: golang.org/x/text dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>
ValentaTomas
pushed a commit
that referenced
this pull request
Sep 7, 2023
* Require API key * Improve missing api key link * Add smol developer * Increase version
Contributor
Author
|
Dependabot tried to update this pull request, but something went wrong. We're looking into it, but in the meantime you can retry the update by commenting |
6 similar comments
Contributor
Author
|
Dependabot tried to update this pull request, but something went wrong. We're looking into it, but in the meantime you can retry the update by commenting |
Contributor
Author
|
Dependabot tried to update this pull request, but something went wrong. We're looking into it, but in the meantime you can retry the update by commenting |
Contributor
Author
|
Dependabot tried to update this pull request, but something went wrong. We're looking into it, but in the meantime you can retry the update by commenting |
Contributor
Author
|
Dependabot tried to update this pull request, but something went wrong. We're looking into it, but in the meantime you can retry the update by commenting |
Contributor
Author
|
Dependabot tried to update this pull request, but something went wrong. We're looking into it, but in the meantime you can retry the update by commenting |
Contributor
Author
|
Dependabot tried to update this pull request, but something went wrong. We're looking into it, but in the meantime you can retry the update by commenting |
Contributor
Author
|
OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting If you change your mind, just re-open this PR and I'll resolve any conflicts on it. |
dependabot
Bot
deleted the
dependabot/go_modules/packages/firecracker-task-driver/golang.org/x/text-0.3.8
branch
ValentaTomas
pushed a commit
that referenced
this pull request
Sep 27, 2023
* Require API key * Improve missing api key link * Add smol developer * Increase version
This was referenced Apr 29, 2026
ValentaTomas
added a commit
that referenced
this pull request
May 2, 2026
…trix-mode tests
Production:
- pageState gains `removed`; pageTracker gains `get(addr)`.
- Userfaultfd.Serve() splits readEvents into removes + pagefaults,
drains the REMOVE batch under settleRequests.Lock(), then
dispatches the pagefault batch.
- Worker dispatch switches on pageTracker.get(addr): faulted ->
short-circuit, removed -> zero-fill (source = nil), missing ->
copy from u.src. NOTE: the state read and `source` capture
happen in the parent loop BEFORE the worker takes
settleRequests.RLock(). This is the buggy shape that PR #4
fixes; PR #3 adds the deterministic race tests that catch it.
- faultPage gains zero-fill paths for source == nil (4K read =
DONTWAKE zero + WP + wake; 4K write = zero + wake; hugepage =
copy(EmptyHugePage)) and returns (handled bool, err error) so
the worker can defer EAGAIN-on-COPY-during-REMOVE faults.
- wakeupPipe + deferredFaults wake the poll loop when a worker
defers a fault.
- Prefault path checks pageTracker for faulted || removed and
short-circuits.
Tests:
- testConfig gains `removeEnabled bool`; configureApi optionally
enables UFFD_FEATURE_EVENT_REMOVE based on it; the parent
cleanup unregisters the UFFD region when REMOVE is on so munmap
doesn't block on un-acked events.
- PageStates RPC + handlerPageStates now expose `removed`.
- operationModeRemove + executeRemove (madvise MADV_DONTNEED).
- runMatrix(t, tt, body) wraps every existing generic test in two
parallel subtests: remove-off (regression for the no-REMOVE
path that production templates still use) and remove-on
(covers the new code path).
- remove_test.go: REMOVE-specific TestRemove, TestRemoveThenFault,
TestRemoveThenWriteGated, TestWriteThenRemoveGated. Gated tests
are nolint'd as serialised - a paused gated handler keeps a
faulting goroutine suspended in the kernel pagefault path; a
STW GC pause from a parallel test would wait forever for that
goroutine to reach a safe point.
Out of scope (lives in stacked PRs):
- Race tests demonstrating the stale-source bug -> PR #3.
- The fix moving state read into the worker -> PR #4 (#2512).
ValentaTomas
added a commit
that referenced
this pull request
May 2, 2026
…ed-short-circuit race tests
Three race tests built on the unix-socket RPC harness and the test-only
fault-barrier hooks. None use sleeps, retries, or soak loops - each
test installs explicit barriers on the child's worker goroutine, drives
the racing kernel operation from the parent, and asserts on a concrete
post-state.
- TestStaleSourceRaceMissingAndRemove: regression test for the
stale-source bug. Plants a non-zero sentinel into the source page,
parks the worker via barrierBeforeRLock, fires madvise, waits for
the REMOVE batch to commit, releases the worker, then asserts the
page is zero-filled. INTENTIONALLY FAILS on this PR with
`page 1 first byte: want 0 ... got 0xc3` - the worker captured
`source = u.src` in the parent loop before the REMOVE landed and
UFFDIO_COPY'd the planted sentinel into the page after the kernel
had MADV_DONTNEED'd it. PR #4 (#2512) makes this pass by re-reading
state inside the worker under settleRequests.RLock.
- TestNoMadviseDeadlockWithInflightCopy: liveness regression test.
Parks the worker via barrierBeforeFaultPage (holding RLock), fires
madvise, asserts madvise returns within 2s. Passes today; protects
against any future change that accidentally couples readEvents to
settleRequests.
- TestFaultedShortCircuitOrdering: smoke test on the REMOVE-then-
pagefault batch ordering using the gated harness. Pins the
invariant that REMOVE batches drain before pagefault dispatch in
a single Serve iteration.
Test infrastructure additions:
- testHandler.installFaultBarrier / waitFaultHeld / releaseFault
convenience wrappers around the Service.* RPCs from PR #1.
- testConfig.sourcePatcher hook so race tests can plant a
deterministic sentinel into the random source data BEFORE the
content file is written, without depending on the happenstance
value of any randomly-generated byte.
ALL OTHER TESTS in the package still pass on this PR; only the three
sub-tests of TestStaleSourceRaceMissingAndRemove fail (the bug
demonstration).
ValentaTomas
added a commit
that referenced
this pull request
May 2, 2026
Audit finding #4. The uffd fd we receive from Firecracker via ParseUnixRights does not have FD_CLOEXEC by default — we don't pass MSG_CMSG_CLOEXEC at the recvmsg site and ParseUnixRights doesn't set the flag itself. If the orchestrator forks any subprocess after the uffd is wired in, the child inherits the uffd fd and can either fault on guest memory or keep the kernel's reference count above zero past sandbox teardown. Defense-in-depth, no known live exploit today. Set FD_CLOEXEC explicitly right after the parse via a small setCloexec helper. Test exercises the helper on a syscall.Pipe() fd (which starts without CLOEXEC) and asserts F_GETFD reports the flag set afterwards; this is the smallest test that pins the behavior without standing up the full firecracker recvmsg dance. The cross-process test harness already does the equivalent via F_DUPFD_CLOEXEC at the dup site (harness_parent_test.go:91); production now matches.
ValentaTomas
added a commit
that referenced
this pull request
May 2, 2026
…ed-short-circuit race tests
Three race tests built on the unix-socket RPC harness and the test-only
fault-barrier hooks. None use sleeps, retries, or soak loops - each
test installs explicit barriers on the child's worker goroutine, drives
the racing kernel operation from the parent, and asserts on a concrete
post-state.
- TestStaleSourceRaceMissingAndRemove: regression test for the
stale-source bug. Plants a non-zero sentinel into the source page,
parks the worker via barrierBeforeRLock, fires madvise, waits for
the REMOVE batch to commit, releases the worker, then asserts the
page is zero-filled. INTENTIONALLY FAILS on this PR with
`page 1 first byte: want 0 ... got 0xc3` - the worker captured
`source = u.src` in the parent loop before the REMOVE landed and
UFFDIO_COPY'd the planted sentinel into the page after the kernel
had MADV_DONTNEED'd it. PR #4 (#2512) makes this pass by re-reading
state inside the worker under settleRequests.RLock.
- TestNoMadviseDeadlockWithInflightCopy: liveness regression test.
Parks the worker via barrierBeforeFaultPage (holding RLock), fires
madvise, asserts madvise returns within 2s. Passes today; protects
against any future change that accidentally couples readEvents to
settleRequests.
- TestFaultedShortCircuitOrdering: smoke test on the REMOVE-then-
pagefault batch ordering using the gated harness. Pins the
invariant that REMOVE batches drain before pagefault dispatch in
a single Serve iteration.
Test infrastructure additions:
- testHandler.installFaultBarrier / waitFaultHeld / releaseFault
convenience wrappers around the Service.* RPCs from PR #1.
- testConfig.sourcePatcher hook so race tests can plant a
deterministic sentinel into the random source data BEFORE the
content file is written, without depending on the happenstance
value of any randomly-generated byte.
ALL OTHER TESTS in the package still pass on this PR; only the three
sub-tests of TestStaleSourceRaceMissingAndRemove fail (the bug
demonstration).
ValentaTomas
added a commit
that referenced
this pull request
May 2, 2026
…ed-short-circuit race tests
Three race tests built on the unix-socket RPC harness and the test-only
fault-barrier hooks. None use sleeps, retries, or soak loops - each
test installs explicit barriers on the child's worker goroutine, drives
the racing kernel operation from the parent, and asserts on a concrete
post-state.
- TestStaleSourceRaceMissingAndRemove: regression test for the
stale-source bug. Plants a non-zero sentinel into the source page,
parks the worker via barrierBeforeRLock, fires madvise, waits for
the REMOVE batch to commit, releases the worker, then asserts the
page is zero-filled. INTENTIONALLY FAILS on this PR with
`page 1 first byte: want 0 ... got 0xc3` - the worker captured
`source = u.src` in the parent loop before the REMOVE landed and
UFFDIO_COPY'd the planted sentinel into the page after the kernel
had MADV_DONTNEED'd it. PR #4 (#2512) makes this pass by re-reading
state inside the worker under settleRequests.RLock.
- TestNoMadviseDeadlockWithInflightCopy: liveness regression test.
Parks the worker via barrierBeforeFaultPage (holding RLock), fires
madvise, asserts madvise returns within 2s. Passes today; protects
against any future change that accidentally couples readEvents to
settleRequests.
- TestFaultedShortCircuitOrdering: smoke test on the REMOVE-then-
pagefault batch ordering using the gated harness. Pins the
invariant that REMOVE batches drain before pagefault dispatch in
a single Serve iteration.
Test infrastructure additions:
- testHandler.installFaultBarrier / waitFaultHeld / releaseFault
convenience wrappers around the Service.* RPCs from PR #1.
- testConfig.sourcePatcher hook so race tests can plant a
deterministic sentinel into the random source data BEFORE the
content file is written, without depending on the happenstance
value of any randomly-generated byte.
ALL OTHER TESTS in the package still pass on this PR; only the three
sub-tests of TestStaleSourceRaceMissingAndRemove fail (the bug
demonstration).
ValentaTomas
added a commit
that referenced
this pull request
May 3, 2026
…ed-short-circuit race tests
Three race tests built on the unix-socket RPC harness and the test-only
fault-barrier hooks. None use sleeps, retries, or soak loops - each
test installs explicit barriers on the child's worker goroutine, drives
the racing kernel operation from the parent, and asserts on a concrete
post-state.
- TestStaleSourceRaceMissingAndRemove: regression test for the
stale-source bug. Plants a non-zero sentinel into the source page,
parks the worker via barrierBeforeRLock, fires madvise, waits for
the REMOVE batch to commit, releases the worker, then asserts the
page is zero-filled. INTENTIONALLY FAILS on this PR with
`page 1 first byte: want 0 ... got 0xc3` - the worker captured
`source = u.src` in the parent loop before the REMOVE landed and
UFFDIO_COPY'd the planted sentinel into the page after the kernel
had MADV_DONTNEED'd it. PR #4 (#2512) makes this pass by re-reading
state inside the worker under settleRequests.RLock.
- TestNoMadviseDeadlockWithInflightCopy: liveness regression test.
Parks the worker via barrierBeforeFaultPage (holding RLock), fires
madvise, asserts madvise returns within 2s. Passes today; protects
against any future change that accidentally couples readEvents to
settleRequests.
- TestFaultedShortCircuitOrdering: smoke test on the REMOVE-then-
pagefault batch ordering using the gated harness. Pins the
invariant that REMOVE batches drain before pagefault dispatch in
a single Serve iteration.
Test infrastructure additions:
- testHandler.installFaultBarrier / waitFaultHeld / releaseFault
convenience wrappers around the Service.* RPCs from PR #1.
- testConfig.sourcePatcher hook so race tests can plant a
deterministic sentinel into the random source data BEFORE the
content file is written, without depending on the happenstance
value of any randomly-generated byte.
ALL OTHER TESTS in the package still pass on this PR; only the three
sub-tests of TestStaleSourceRaceMissingAndRemove fail (the bug
demonstration).
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Bumps golang.org/x/text from 0.3.7 to 0.3.8.
Commits
434eadclanguage: reject excessively large Accept-Language strings23407e7go.mod: ignore cyclic dependency for taggingb18d3ddsecure/precis: replace bytes.Compare with bytes.Equal795e854all: replace io/ioutil with io and os packageb0ca10finternal/language: bump script types to uint16 and update registryba9b0e1go.mod: update x/tools to HEADd03b418A+C: delete AUTHORS and CONTRIBUTORSb4bca84language/display: fix Tag method commentea49e3ego.mod: update x/tools to HEAD78819d0go.mod: update to golang.org/x/text v0.1.10Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)You can disable automated security fix PRs for this repo from the Security Alerts page.