summaryrefslogtreecommitdiffhomepage
path: root/test
AgeCommit message (Collapse)Author
2021-04-09iptables: support postrouting hook and SNAT targetToshi Kikuchi
The current SNAT implementation has several limitations: - SNAT source port has to be specified. It is not optional. - SNAT source port range is not supported. - SNAT for UDP is a one-way translation. No response packets are handled (because conntrack doesn't support UDP currently). - SNAT and REDIRECT can't work on the same connection. Fixes #5489 PiperOrigin-RevId: 367750325
2021-04-09Merge pull request #5767 from avagin:mxcsrgVisor bot
PiperOrigin-RevId: 367730917
2021-04-09Move maxListenBacklog check to sentryMithun Iyer
Move maxListenBacklog check to the caller of endpoint Listen so that it is applicable to Unix domain sockets as well. This was changed in cl/366935921. Reported-by: syzbot+a35ae7cdfdde0c41cf7a@syzkaller.appspotmail.com PiperOrigin-RevId: 367728052
2021-04-07perf/getpid: add a case when syscalls are executed via mov $XXX, %eax; syscallAndrei Vagin
This is the most often pattern of calling system calls in real applications. PiperOrigin-RevId: 367320048
2021-04-05Fix listen backlog handling to be in parity with LinuxMithun Iyer
- Change the accept queue full condition for a listening endpoint to only honor completed (and delivered) connections. - Use syncookies if the number of incomplete connections is beyond listen backlog. This also cleans up the SynThreshold option code as that is no longer used with this change. - Added a new stack option to unconditionally generate syncookies. Similar to sysctl -w net.ipv4.tcp_syncookies=2 on Linux. - Enable keeping of incomplete connections beyond listen backlog. - Drop incoming SYNs only if the accept queue is filled up. - Drop incoming ACKs that complete handshakes when accept queue is full - Enable the stack to accept one more connection than programmed by listen backlog. - Handle backlog argument being zero, negative for listen, as Linux. - Add syscall and packetimpact tests to reflect the changes above. - Remove TCPConnectBacklog test which is polling for completed connections on the client side which is not reflective of whether the accept queue is filled up by the test. The modified syscall test in this CL addresses testing of connecting sockets. Fixes #3153 PiperOrigin-RevId: 366935921
2021-04-05Report task CPU usage through the cpuacct cgroup controller.Rahat Mahmood
PiperOrigin-RevId: 366923274
2021-04-05Add initial verity ioctl syscall testsChong Cai
PiperOrigin-RevId: 366907152
2021-04-05Enable Checkpoint/Restore test with VFS2Fabricio Voznika
Closes #3373 PiperOrigin-RevId: 366903991
2021-04-05Add fsstress on tmpfs to presubmitFabricio Voznika
Updates #5273 PiperOrigin-RevId: 366902314
2021-04-05Actually don't run unlink_benchmark with TSAN.Ayush Ranjan
This benchmark currently takes > 15 minutes to run in that case. PiperOrigin-RevId: 366891726
2021-04-05deflake semaphore testKevin Krakauer
There's no reason to actually increment the semaphore, it just introduces the chance of a race. PiperOrigin-RevId: 366851795
2021-04-05Allow user mount for verity fsChong Cai
Allow user mounting a verity fs on an existing mount by specifying mount flags root_hash and lower_path. PiperOrigin-RevId: 366843846
2021-04-05Fail tests when container returns non-zero statusFabricio Voznika
PiperOrigin-RevId: 366839955
2021-04-05Don't run unlink_benchmark with TSAN.Adin Scannell
This benchmark currently takes > 15 minutes to run in that case. PiperOrigin-RevId: 366817185
2021-04-03Remove eternal and enormous tests.Adin Scannell
PiperOrigin-RevId: 366573366
2021-04-02Implement cgroupfs.Rahat Mahmood
A skeleton implementation of cgroupfs. It supports trivial cpu and memory controllers with no support for hierarchies. PiperOrigin-RevId: 366561126
2021-04-01Remove invalid dependency.Adin Scannell
PiperOrigin-RevId: 366344222
2021-04-01Internal change.gVisor bot
PiperOrigin-RevId: 366292533
2021-03-30Fix panic when overriding /dev files with VFS2Fabricio Voznika
VFS1 skips over mounts that overrides files in /dev because the list of files is hardcoded. This is not needed for VFS2 and a recent change lifted this restriction. However, parts of the code were still skipping /dev mounts even in VFS2, causing the loader to panic when it ran short of FDs to connect to the gofer. PiperOrigin-RevId: 365858436
2021-03-29[syserror] Split usermem packageZach Koopmans
Split usermem package to help remove syserror dependency in go_marshal. New hostarch package contains code not dependent on syserror. PiperOrigin-RevId: 365651233
2021-03-25setgid: skip tests when we can't find usable GIDsKevin Krakauer
PiperOrigin-RevId: 365092320
2021-03-24Add POLLRDNORM/POLLWRNORM support.Bhasker Hariharan
On Linux these are meant to be equivalent to POLLIN/POLLOUT. Rather than hack these on in sys_poll etc it felt cleaner to just cleanup the call sites to notify for both events. This is what linux does as well. Fixes #5544 PiperOrigin-RevId: 364859977
2021-03-23setgid directory support in goferfsKevin Krakauer
Also adds support for clearing the setuid bit when appropriate (writing, truncating, changing size, changing UID, or changing GID). VFS2 only. PiperOrigin-RevId: 364661835
2021-03-22Fix logs for packetimpact tests cleanupZeling Feng
- Don't cleanup containers in Network.Cleanup, otherwise containers will be killed and removed several times. - Don't set AutoRemove for containers. This will prevent the confusing 'removal already in progress' messages. Fixes #3795 PiperOrigin-RevId: 364404414
2021-03-22Fix and merge tcp_{outside_the_window,tcp_unacc_seq_ack}_closingZeling Feng
The tests were not using the correct windowSize so the testing segments were actually within the window for seqNumOffset=0 tests. The issue is already fixed by #5674. PiperOrigin-RevId: 364252630
2021-03-18Translate syserror when validating partial IO errorsFabricio Voznika
syserror allows packages to register translators for errors. These translators should be called prior to checking if the error is valid, otherwise it may not account for possible errors that can be returned from different packages, e.g. safecopy.BusError => syserror.EFAULT. Second attempt, it passes tests now :-) PiperOrigin-RevId: 363714508
2021-03-18Address post submit comments for fs benchmarks.Zach Koopmans
Also, drop fio total reads/writes to 1GB as 10GB is prohibitively slow. PiperOrigin-RevId: 363714060
2021-03-16Fix tcp_fin_retransmission_netstack_testZeling Feng
Netstack does not check ACK number for FIN-ACK packets and goes into TIMEWAIT unconditionally. Fixing the state machine will give us back the retransmission of FIN. PiperOrigin-RevId: 363301883
2021-03-16Fix a race with synRcvdCount and acceptMithun Iyer
There is a race in handling new incoming connections on a listening endpoint that causes the endpoint to reply to more incoming SYNs than what is permitted by the listen backlog. The race occurs when there is a successful passive connection handshake and the synRcvdCount counter is decremented, followed by the endpoint delivered to the accept queue. In the window of time between synRcvdCount decrementing and the endpoint being enqueued for accept, new incoming SYNs can be handled without honoring the listen backlog value, as the backlog could be perceived not full. Fixes #5637 PiperOrigin-RevId: 363279372
2021-03-16setgid directory support in overlayfsKevin Krakauer
PiperOrigin-RevId: 363276495
2021-03-15Deflake proc_test_nativeFabricio Voznika
Terminating tasks from other tests can mess up with the task list of the current test. Tests were changed to look for added/removed tasks, ignoring other tasks that may exist while the test is running. PiperOrigin-RevId: 363084261
2021-03-15Packetimpact test for ACK to OTW Seq segments behavior in CLOSINGZeling Feng
TCP, in CLOSING state, MUST send an ACK with next expected SEQ number after receiving any segment with OTW SEQ number and remain in the same state. While I am here, I also changed shutdown to behave the same as other calls in posix_server. PiperOrigin-RevId: 362976955
2021-03-14Fix race in tcp_retransmits_testMithun Iyer
The test queries for RTO via TCP_INFO and applies that to the rest of the test. The RTO is estimated by processing incoming ACK. There is a race in the test where we may query for RTO before the incoming ACK was processed. Fix the race in the test by letting the DUT complete a payload receive, thus estimating RTO before proceeding to query the RTO. Bump up the time correction to reduce flakes. PiperOrigin-RevId: 362865904
2021-03-11Support ICMP echo sockets on Linux DUTZeling Feng
By default net.ipv4.ping_group_range is set to "1 0" and no one (even the root) can create an ICMP socket. Setting it to "0 0" allows root, which we are inside the container, to create ICMP sockets for packetimpact tests. PiperOrigin-RevId: 362454201
2021-03-11Remove special casing of socket stress testKevin Krakauer
With /proc/sys/net/ipv4/ip_local_port_range implemented, the socket stress test runs in a more normal time and doesn't need to sacrifice coverage to prevent timeouts. PiperOrigin-RevId: 362443366
2021-03-11fusefs: Implement default_permissions and allow_other mount options.Rahat Mahmood
By default, fusefs defers node permission checks to the server. The default_permissions mount option enables the usual unix permission checks based on the node owner and mode bits. Previously fusefs was incorrectly checking permissions unconditionally. Additionally, fusefs should restrict filesystem access to processes started by the mount owner to prevent the fuse daemon from gaining priviledge over other processes. The allow_other mount option overrides this behaviour. Previously fusefs was incorrectly skipping this check. Updates #3229 PiperOrigin-RevId: 362419092
2021-03-10Add a rootfs filesystem to fs benchmarks. Also, fix fio benchmark.Zach Koopmans
The previous "bind" filesystem, already included in go/runsc-benchmarks is a remote re-validate mount. However, the non-re-validate mount was not present, and it has been added in the form of rootfs. Also, fix the fio runs to reads/writes of 10GB as running with --test.benchtime=Xs may scale beyond the memory available to tmpfs mounts on buildkite VMs. Currently, our buildkite pipelines are run on e2-standard-8 machines with 32GB of memory, allowing tmpfs mounts to safely be at least 10GB. PiperOrigin-RevId: 362143620
2021-03-09Fix invalid interface conversion in runnerFabricio Voznika
panic: interface conversion: interface {} is syscall.WaitStatus, not unix.WaitStatus goroutine 1 [running]: main.runTestCaseNative(0xc0001fc000, 0xe3, 0xc000119b60, 0x1, 0x1, 0x0, 0x0) test/runner/runner.go:185 +0xa94 main.main() test/runner/runner.go:118 +0x745 PiperOrigin-RevId: 361957796
2021-03-09Give TCP flags a dedicated typeZeling Feng
- Implement Stringer for it so that we can improve error messages. - Use TCPFlags through the code base. There used to be a mixed usage of byte, uint8 and int as TCP flags. PiperOrigin-RevId: 361940150
2021-03-09Allow reading from PTY into bad buffer to return EAGAIN.Nicolas Lacasse
Kernels after 3b830a9c return EAGAIN in this case. PiperOrigin-RevId: 361936327
2021-03-08Implement /proc/sys/net/ipv4/ip_local_port_rangeKevin Krakauer
Speeds up the socket stress tests by a couple orders of magnitude. PiperOrigin-RevId: 361721050
2021-03-08Fix proc test flakinessFabricio Voznika
Thread from earlier test can show up in `/proc/self/tasks` while the thread tears down. Account for that when searching for procs for the first time in the test. PiperOrigin-RevId: 361689673
2021-03-08Run shards in a single sandboxFabricio Voznika
Run all tests (or a given test partition) in a single sandbox. Previously, each individual unit test executed in a new sandbox, which takes much longer to execute. Before After Syscall tests: 37m22.768s 14m5.272s PiperOrigin-RevId: 361661726
2021-03-08Avoid a race with test peer advert and DUT sendMithun Iyer
Fix a race where the DUT could send out test data before it received the peer window advertisement. Such a race results in the DUT taking longer time to retransmit zero window probe, thus causing the test to fail receiving the last expected probe. To ensure this ordering, piggyback a non-zero payload with the zero window advertisement and let the DUT receive that, before continuing with the test. PiperOrigin-RevId: 361640241
2021-03-08Fix SocketInetLoopbackTest flakinessFabricio Voznika
Remove part of test that was making it flaky. It runs for native only, so not really important since it's not testing gVisor. Before: http://sponge2/37557c41-298e-408d-9b54-50ba3d41e22f After: http://sponge2/7bca72be-cb9b-42f8-8c54-af4956c39455 PiperOrigin-RevId: 361611512
2021-03-06[op] Replace syscall package usage with golang.org/x/sys/unix in test/.Ayush Ranjan
The syscall package has been deprecated in favor of golang.org/x/sys. Note that syscall is still used in some places because the following don't seem to have an equivalent in unix package: - syscall.SysProcIDMap - syscall.Credential Updates #214 PiperOrigin-RevId: 361332034
2021-03-05Gather uname information from DUTZeling Feng
Some OSs behave slightly differently, but still within the RFC. It can be useful to have access to uname information from the testbench. PiperOrigin-RevId: 361193766
2021-03-03Make dedicated methods for data operations in PacketBufferTing-Yu Wang
One of the preparation to decouple underlying buffer implementation. There are still some methods that tie to VectorisedView, and they will be changed gradually in later CLs. This CL also introduce a new ICMPv6ChecksumParams to replace long list of parameters when calling ICMPv6Checksum, aiming to be more descriptive. PiperOrigin-RevId: 360778149
2021-03-03Use struct embedding to avoid casts and reuse methodsZeling Feng
- Removed (*testbench.Connection)(&conn) like casts - Removed redundant definition of Drain, Close and ExpectFrame PiperOrigin-RevId: 360727788
2021-03-02[rack] Support running tcp_benchmarks with RACK.Ayush Ranjan
PiperOrigin-RevId: 360491700