diff options
| author | Michael Pratt <mpratt@google.com> | 2018-12-11 15:01:49 -0800 |
|---|---|---|
| committer | Dmitry Vyukov <dvyukov@google.com> | 2018-12-12 10:12:35 +0100 |
| commit | c3b10a5d6a7b19ff2d35305aa175519fe6d62e8f (patch) | |
| tree | 4d9593f6afd839d94f805a0ae3e7b764d28752c5 | |
| parent | 7795ae03c0d2358a40130693e40e0fcab5232ed2 (diff) | |
vm/gvisor: replace signal panic with log
Diagnose currently sends the panic signal to generate a traceback for
additional context.
However, Diagnose is also called in otherwise successful scenarios
(vm.Instance.MonitorExecution -> vm.monitor.extractError). Triggering a
panic will make this successful scenario look like a failure.
We could simply suppress this panic, but 1) that means we never shutdown
cleanly (not important, but ugly), and 2) we're less likely to detect
delayed crashes since we kill the sandbox immediately (that's what
MonitorExecution is checking for).
Instead, switch from -panic-signal to -trace-signal, which simply logs a
traceback without exiting. This option was added to runsc in
https://github.com/google/gvisor/commit/24c1158b9c21f7f8b7126e810d623a518422052e.
The other uses of Diagnose will always generate a report regardless of
an additional panic, so we're not losing any reports.
| -rw-r--r-- | vm/gvisor/gvisor.go | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/vm/gvisor/gvisor.go b/vm/gvisor/gvisor.go index f55c75ba6..5cfe1bb6b 100644 --- a/vm/gvisor/gvisor.go +++ b/vm/gvisor/gvisor.go @@ -190,7 +190,7 @@ func (inst *instance) runscCmd(add ...string) *exec.Cmd { args := []string{ "-root", inst.rootDir, "-watchdog-action=panic", - "-panic-signal=12", + "-trace-signal=12", "-network=none", "-debug", } |