summaryrefslogtreecommitdiffhomepage
path: root/test
AgeCommit message (Collapse)Author
2021-04-01Internal change.gVisor bot
PiperOrigin-RevId: 366292533
2021-03-30Fix panic when overriding /dev files with VFS2Fabricio Voznika
VFS1 skips over mounts that overrides files in /dev because the list of files is hardcoded. This is not needed for VFS2 and a recent change lifted this restriction. However, parts of the code were still skipping /dev mounts even in VFS2, causing the loader to panic when it ran short of FDs to connect to the gofer. PiperOrigin-RevId: 365858436
2021-03-29[syserror] Split usermem packageZach Koopmans
Split usermem package to help remove syserror dependency in go_marshal. New hostarch package contains code not dependent on syserror. PiperOrigin-RevId: 365651233
2021-03-25setgid: skip tests when we can't find usable GIDsKevin Krakauer
PiperOrigin-RevId: 365092320
2021-03-24Add POLLRDNORM/POLLWRNORM support.Bhasker Hariharan
On Linux these are meant to be equivalent to POLLIN/POLLOUT. Rather than hack these on in sys_poll etc it felt cleaner to just cleanup the call sites to notify for both events. This is what linux does as well. Fixes #5544 PiperOrigin-RevId: 364859977
2021-03-23setgid directory support in goferfsKevin Krakauer
Also adds support for clearing the setuid bit when appropriate (writing, truncating, changing size, changing UID, or changing GID). VFS2 only. PiperOrigin-RevId: 364661835
2021-03-22Fix logs for packetimpact tests cleanupZeling Feng
- Don't cleanup containers in Network.Cleanup, otherwise containers will be killed and removed several times. - Don't set AutoRemove for containers. This will prevent the confusing 'removal already in progress' messages. Fixes #3795 PiperOrigin-RevId: 364404414
2021-03-22Fix and merge tcp_{outside_the_window,tcp_unacc_seq_ack}_closingZeling Feng
The tests were not using the correct windowSize so the testing segments were actually within the window for seqNumOffset=0 tests. The issue is already fixed by #5674. PiperOrigin-RevId: 364252630
2021-03-18Translate syserror when validating partial IO errorsFabricio Voznika
syserror allows packages to register translators for errors. These translators should be called prior to checking if the error is valid, otherwise it may not account for possible errors that can be returned from different packages, e.g. safecopy.BusError => syserror.EFAULT. Second attempt, it passes tests now :-) PiperOrigin-RevId: 363714508
2021-03-18Address post submit comments for fs benchmarks.Zach Koopmans
Also, drop fio total reads/writes to 1GB as 10GB is prohibitively slow. PiperOrigin-RevId: 363714060
2021-03-16Fix tcp_fin_retransmission_netstack_testZeling Feng
Netstack does not check ACK number for FIN-ACK packets and goes into TIMEWAIT unconditionally. Fixing the state machine will give us back the retransmission of FIN. PiperOrigin-RevId: 363301883
2021-03-16Fix a race with synRcvdCount and acceptMithun Iyer
There is a race in handling new incoming connections on a listening endpoint that causes the endpoint to reply to more incoming SYNs than what is permitted by the listen backlog. The race occurs when there is a successful passive connection handshake and the synRcvdCount counter is decremented, followed by the endpoint delivered to the accept queue. In the window of time between synRcvdCount decrementing and the endpoint being enqueued for accept, new incoming SYNs can be handled without honoring the listen backlog value, as the backlog could be perceived not full. Fixes #5637 PiperOrigin-RevId: 363279372
2021-03-16setgid directory support in overlayfsKevin Krakauer
PiperOrigin-RevId: 363276495
2021-03-15Deflake proc_test_nativeFabricio Voznika
Terminating tasks from other tests can mess up with the task list of the current test. Tests were changed to look for added/removed tasks, ignoring other tasks that may exist while the test is running. PiperOrigin-RevId: 363084261
2021-03-15Packetimpact test for ACK to OTW Seq segments behavior in CLOSINGZeling Feng
TCP, in CLOSING state, MUST send an ACK with next expected SEQ number after receiving any segment with OTW SEQ number and remain in the same state. While I am here, I also changed shutdown to behave the same as other calls in posix_server. PiperOrigin-RevId: 362976955
2021-03-14Fix race in tcp_retransmits_testMithun Iyer
The test queries for RTO via TCP_INFO and applies that to the rest of the test. The RTO is estimated by processing incoming ACK. There is a race in the test where we may query for RTO before the incoming ACK was processed. Fix the race in the test by letting the DUT complete a payload receive, thus estimating RTO before proceeding to query the RTO. Bump up the time correction to reduce flakes. PiperOrigin-RevId: 362865904
2021-03-11Support ICMP echo sockets on Linux DUTZeling Feng
By default net.ipv4.ping_group_range is set to "1 0" and no one (even the root) can create an ICMP socket. Setting it to "0 0" allows root, which we are inside the container, to create ICMP sockets for packetimpact tests. PiperOrigin-RevId: 362454201
2021-03-11Remove special casing of socket stress testKevin Krakauer
With /proc/sys/net/ipv4/ip_local_port_range implemented, the socket stress test runs in a more normal time and doesn't need to sacrifice coverage to prevent timeouts. PiperOrigin-RevId: 362443366
2021-03-11fusefs: Implement default_permissions and allow_other mount options.Rahat Mahmood
By default, fusefs defers node permission checks to the server. The default_permissions mount option enables the usual unix permission checks based on the node owner and mode bits. Previously fusefs was incorrectly checking permissions unconditionally. Additionally, fusefs should restrict filesystem access to processes started by the mount owner to prevent the fuse daemon from gaining priviledge over other processes. The allow_other mount option overrides this behaviour. Previously fusefs was incorrectly skipping this check. Updates #3229 PiperOrigin-RevId: 362419092
2021-03-10Add a rootfs filesystem to fs benchmarks. Also, fix fio benchmark.Zach Koopmans
The previous "bind" filesystem, already included in go/runsc-benchmarks is a remote re-validate mount. However, the non-re-validate mount was not present, and it has been added in the form of rootfs. Also, fix the fio runs to reads/writes of 10GB as running with --test.benchtime=Xs may scale beyond the memory available to tmpfs mounts on buildkite VMs. Currently, our buildkite pipelines are run on e2-standard-8 machines with 32GB of memory, allowing tmpfs mounts to safely be at least 10GB. PiperOrigin-RevId: 362143620
2021-03-09Fix invalid interface conversion in runnerFabricio Voznika
panic: interface conversion: interface {} is syscall.WaitStatus, not unix.WaitStatus goroutine 1 [running]: main.runTestCaseNative(0xc0001fc000, 0xe3, 0xc000119b60, 0x1, 0x1, 0x0, 0x0) test/runner/runner.go:185 +0xa94 main.main() test/runner/runner.go:118 +0x745 PiperOrigin-RevId: 361957796
2021-03-09Give TCP flags a dedicated typeZeling Feng
- Implement Stringer for it so that we can improve error messages. - Use TCPFlags through the code base. There used to be a mixed usage of byte, uint8 and int as TCP flags. PiperOrigin-RevId: 361940150
2021-03-09Allow reading from PTY into bad buffer to return EAGAIN.Nicolas Lacasse
Kernels after 3b830a9c return EAGAIN in this case. PiperOrigin-RevId: 361936327
2021-03-08Implement /proc/sys/net/ipv4/ip_local_port_rangeKevin Krakauer
Speeds up the socket stress tests by a couple orders of magnitude. PiperOrigin-RevId: 361721050
2021-03-08Fix proc test flakinessFabricio Voznika
Thread from earlier test can show up in `/proc/self/tasks` while the thread tears down. Account for that when searching for procs for the first time in the test. PiperOrigin-RevId: 361689673
2021-03-08Run shards in a single sandboxFabricio Voznika
Run all tests (or a given test partition) in a single sandbox. Previously, each individual unit test executed in a new sandbox, which takes much longer to execute. Before After Syscall tests: 37m22.768s 14m5.272s PiperOrigin-RevId: 361661726
2021-03-08Avoid a race with test peer advert and DUT sendMithun Iyer
Fix a race where the DUT could send out test data before it received the peer window advertisement. Such a race results in the DUT taking longer time to retransmit zero window probe, thus causing the test to fail receiving the last expected probe. To ensure this ordering, piggyback a non-zero payload with the zero window advertisement and let the DUT receive that, before continuing with the test. PiperOrigin-RevId: 361640241
2021-03-08Fix SocketInetLoopbackTest flakinessFabricio Voznika
Remove part of test that was making it flaky. It runs for native only, so not really important since it's not testing gVisor. Before: http://sponge2/37557c41-298e-408d-9b54-50ba3d41e22f After: http://sponge2/7bca72be-cb9b-42f8-8c54-af4956c39455 PiperOrigin-RevId: 361611512
2021-03-06[op] Replace syscall package usage with golang.org/x/sys/unix in test/.Ayush Ranjan
The syscall package has been deprecated in favor of golang.org/x/sys. Note that syscall is still used in some places because the following don't seem to have an equivalent in unix package: - syscall.SysProcIDMap - syscall.Credential Updates #214 PiperOrigin-RevId: 361332034
2021-03-05Gather uname information from DUTZeling Feng
Some OSs behave slightly differently, but still within the RFC. It can be useful to have access to uname information from the testbench. PiperOrigin-RevId: 361193766
2021-03-03Make dedicated methods for data operations in PacketBufferTing-Yu Wang
One of the preparation to decouple underlying buffer implementation. There are still some methods that tie to VectorisedView, and they will be changed gradually in later CLs. This CL also introduce a new ICMPv6ChecksumParams to replace long list of parameters when calling ICMPv6Checksum, aiming to be more descriptive. PiperOrigin-RevId: 360778149
2021-03-03Use struct embedding to avoid casts and reuse methodsZeling Feng
- Removed (*testbench.Connection)(&conn) like casts - Removed redundant definition of Drain, Close and ExpectFrame PiperOrigin-RevId: 360727788
2021-03-02[rack] Support running tcp_benchmarks with RACK.Ayush Ranjan
PiperOrigin-RevId: 360491700
2021-03-01tcp: endpoint.Write has to send all data that has been read from payloadAndrei Vagin
io.Reader.ReadFull returns the number of bytes copied and an error if fewer bytes were read. PiperOrigin-RevId: 360247614
2021-02-26Emit the errorTamir Duberstein
Without this change, the error produced is quite useless: --- FAIL: TestZeroWindowProbeRetransmit (11.44s) tcp_zero_window_probe_retransmit_test.go:81: expected a probe with sequence number 824638527212: loop 5 FAIL PiperOrigin-RevId: 359796370
2021-02-25Move SetNonblocking into posix_serverZeling Feng
- open flags can be different on different OSs, by putting SetNonblocking into the posix_server rather than the testbench, we can always get the right value for O_NONBLOCK - merged the tcp_queue_{send,receive}_in_syn_sent into a single file PiperOrigin-RevId: 359620630
2021-02-25Implement SEM_STAT_ANY cmd of semctl.Jing Chen
PiperOrigin-RevId: 359591577
2021-02-24Kernfs should not try to rename a file to itself.Nicolas Lacasse
One precondition of VFS.PrepareRenameAt is that the `from` and `to` dentries are not the same. Kernfs was not checking this, which could lead to a deadlock. PiperOrigin-RevId: 359385974
2021-02-24Add YAMA security module restrictions on ptrace(2).Dean Deng
Restrict ptrace(2) according to the default configurations of the YAMA security module (mode 1), which is a common default among various Linux distributions. The new access checks only permit the tracer to proceed if one of the following conditions is met: a) The tracer is already attached to the tracee. b) The target is a descendant of the tracer. c) The target has explicitly given permission to the tracer through the PR_SET_PTRACER prctl. d) The tracer has CAP_SYS_PTRACE. See security/yama/yama_lsm.c for more details. Note that these checks are added to CanTrace, which is checked for PTRACE_ATTACH as well as some other operations, e.g., checking a process' memory layout through /proc/[pid]/mem. Since this patch adds restrictions to ptrace, it may break compatibility for applications run by non-root users that, for instance, rely on being able to trace processes that are not descended from the tracer (e.g., `gdb -p`). YAMA restrictions can be turned off by setting /proc/sys/kernel/yama/ptrace_scope to 0, or exceptions can be made on a per-process basis with the PR_SET_PTRACER prctl. Reported-by: syzbot+622822d8bca08c99e8c8@syzkaller.appspotmail.com PiperOrigin-RevId: 359237723
2021-02-22unix: sendmmsg and recvmsg have to cap a number of message to UIO_MAXIOVAndrei Vagin
Reported-by: syzbot+f2489ba0b999a45d1ad1@syzkaller.appspotmail.com PiperOrigin-RevId: 358866218
2021-02-19Correctly set and respect b.N in fio benchmark.Zach Koopmans
fio should scale by written/read bytes and not iterate runs of the fio container. PiperOrigin-RevId: 358511771
2021-02-18Make socketops reflect correct sndbuf value for host UDS.Bhasker Hariharan
Also skips a test if the setsockopt to increase send buffer did not result in an increase. This is possible when the underlying socket is a host backed unix domain socket as in such cases gVisor does not permit increasing SO_SNDBUF. PiperOrigin-RevId: 358285158
2021-02-18Make b.N increase by KB not bytes on iperf.Zach Koopmans
Currently, iperf runs a client that scales by bytes sent. In practice, this causes b.N to scale slowly and have several short lived containers. Instead, scale by KB to more quickly reach required time. PiperOrigin-RevId: 358244926
2021-02-18Use standard want/got syntax in test errorsTamir Duberstein
Remove unused argument while I'm here and avoid returning syscall.Errno(0) which should rather be a nil error. PiperOrigin-RevId: 358227396
2021-02-18Remove side effect from pty testsFabricio Voznika
Individual test cases must not rely on being executed in a clean environment. PiperOrigin-RevId: 358207468
2021-02-17Deflake tcp_network_unreachable testZeling Feng
Previously, we make two connect attempts. If the first attempt is still on going when the second attempt is made, the test will fail. This change deflakes the situation by not making the second attempt, instead, we poll for the first attempt's completion and read the errno from SO_ERROR. PiperOrigin-RevId: 358104769
2021-02-17[infra] Update JDK11 version for java runtime tests.Ayush Ranjan
PiperOrigin-RevId: 358085809
2021-02-17Use TCP_INFO to get RTO in tcp_retransmits_testNayana Bidari
- TCP_INFO is used to get the RTO instead of calculating it manually. PiperOrigin-RevId: 358032487
2021-02-17Clean up test styleTamir Duberstein
- Wrap comments at 80 columns - Avoid duplicating the number of retries (5) - Reduce indentation - Use (*testing.T).Fatal rather than (*testing.T).Fatalf PiperOrigin-RevId: 358017412
2021-02-17Deflake //test/iptables:iptables_testKevin Krakauer
We were opening dual-stack sockets, but tests only set iptables rules for a single network protocol. Thus, packets (probably sent by previous tests) could sneak in and break tests. Tested with: bazel test ///test/iptables:iptables_test --test_arg=--runtime=runsc --nocache_test_results --test_output=errors --runs_per_test=1000 --test_filter=TestFilterInputDropUDP PiperOrigin-RevId: 357972385