Commit 136c41e
committed
sandbox: timeout runsc commands
The current mechanism for forcing a process to die ater a timeout is not
sufficient. This change fixes issues that were causing processes to run
forever on the sandbox.
- Gracefully terminate processes before we kill them inside of our
gVisor process. This helps capture valuable debug output for the user.
- Return a friendlier error when our run context times out on the
playground.
- Add a test that timeouts are handled gracefully.
- Reduce concurrent goroutines in our sandbox run handler by replacing
goroutine copy functions with a custom writer (limitedWriter) that
returns an error if too much output is returned, halting the program.
- Custom writers (limitedWriter, switchWriter) also fix timing errors
when calling Wait() too soon on a Command, before we have read all of
the data. It also fixes a different error from trying to read data after
a program has terminated.
- Remove goroutine from startContainer, and use a ticker + context
timeout for synchronization.
Updates golang/go#25224
Updates golang/go#38343
Change-Id: Ie9d65220e5c4f39272ea70b45c4b472bcd7069bb
Reviewed-on: https://go-review.googlesource.com/c/playground/+/227652
Run-TryBot: Alexander Rakoczy <[email protected]>
TryBot-Result: Gobot Gobot <[email protected]>
Reviewed-by: Bryan C. Mills <[email protected]>1 parent 0a10c62 commit 136c41e
File tree
5 files changed
+388
-118
lines changed- sandbox
5 files changed
+388
-118
lines changed| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
16 | 16 | | |
17 | 17 | | |
18 | 18 | | |
19 | | - | |
| 19 | + | |
20 | 20 | | |
21 | 21 | | |
22 | 22 | | |
| |||
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
526 | 526 | | |
527 | 527 | | |
528 | 528 | | |
| 529 | + | |
| 530 | + | |
| 531 | + | |
| 532 | + | |
529 | 533 | | |
530 | 534 | | |
531 | 535 | | |
| |||
0 commit comments