selftests: nft_concat_range: Add test for reported add/flush/add issue

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

Add a specific test for the crash reported by Phil Sutter and addressed
in the previous patch. The test cases that, in my intention, should
have covered these cases, that is, the ones from the 'concurrency'
section, don't run these sequences tightly enough and spectacularly
failed to catch this.

While at it, define a convenient way to add these kind of tests, by
adding a "reported issues" test section.

It's more convenient, for this particular test, to execute the set
setup in its own function. However, future test cases like this one
might need to call setup functions, and will typically need no tools
other than nft, so allow for this in check_tools().

The original form of the reproducer used here was provided by Phil.

Reported-by: Phil Sutter <phil@nwl.cc>
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

authored by

Stefano Brivio and committed by

Pablo Neira Ayuso 6 years ago 0954df70 212d58c1

+39 -4

1 changed file

expand all

tools

testing

selftests

netfilter

nft_concat_range.sh

+39 -4

tools/testing/selftests/netfilter/nft_concat_range.sh

··· 13 13 KSELFTEST_SKIP=4 14 14 15 15 # Available test groups: 16 + # - reported_issues: check for issues that were reported in the past 16 17 # - correctness: check that packets match given entries, and only those 17 18 # - concurrency: attempt races between insertion, deletion and lookup 18 19 # - timeout: check that packets match entries until they expire 19 20 # - performance: estimate matching rate, compare with rbtree and hash baselines 20 - TESTS="correctness concurrency timeout" 21 + TESTS="reported_issues correctness concurrency timeout" 21 22 [ "${quicktest}" != "1" ] && TESTS="${TESTS} performance" 22 23 23 24 # Set types, defined by TYPE_ variables below 24 25 TYPES="net_port port_net net6_port port_proto net6_port_mac net6_port_mac_proto 25 26 net_port_net net_mac net_mac_icmp net6_mac_icmp net6_port_net6_port 26 27 net_port_mac_proto_net" 28 + 29 + # Reported bugs, also described by TYPE_ variables below 30 + BUGS="flush_remove_add" 27 31 28 32 # List of possible paths to pktgen script from kernel tree for performance tests 29 33 PKTGEN_SCRIPT_PATHS=" ··· 331 327 perf_duration 0 332 328 " 333 329 330 + # Definition of tests for bugs reported in the past: 331 + # display display text for test report 332 + TYPE_flush_remove_add=" 333 + display Add two elements, flush, re-add 334 + " 335 + 334 336 # Set template for all tests, types and rules are filled in depending on test 335 337 set_template=' 336 338 flush ruleset ··· 450 440 451 441 # Check that at least one of the needed tools is available 452 442 check_tools() { 443 + [ -z "${tools}" ] && return 0 444 + 453 445 __tools= 454 446 for tool in ${tools}; do 455 447 if [ "${tool}" = "nc" ] && [ "${proto}" = "udp6" ] && \ ··· 1442 1430 kill "${perf_pid}" 1443 1431 } 1444 1432 1433 + test_bug_flush_remove_add() { 1434 + set_cmd='{ set s { type ipv4_addr . inet_service; flags interval; }; }' 1435 + elem1='{ 10.0.0.1 . 22-25, 10.0.0.1 . 10-20 }' 1436 + elem2='{ 10.0.0.1 . 10-20, 10.0.0.1 . 22-25 }' 1437 + for i in `seq 1 100`; do 1438 + nft add table t ${set_cmd} || return ${KSELFTEST_SKIP} 1439 + nft add element t s ${elem1} 2>/dev/null || return 1 1440 + nft flush set t s 2>/dev/null || return 1 1441 + nft add element t s ${elem2} 2>/dev/null || return 1 1442 + done 1443 + nft flush ruleset 1444 + } 1445 + 1446 + test_reported_issues() { 1447 + eval test_bug_"${subtest}" 1448 + } 1449 + 1445 1450 # Run everything in a separate network namespace 1446 1451 [ "${1}" != "run" ] && { unshare -n "${0}" run; exit $?; } 1447 1452 tmp="$(mktemp)" ··· 1467 1438 # Entry point for test runs 1468 1439 passed=0 1469 1440 for name in ${TESTS}; do 1470 - printf "TEST: %s\n" "${name}" 1471 - for type in ${TYPES}; do 1472 - eval desc=\$TYPE_"${type}" 1441 + printf "TEST: %s\n" "$(echo ${name} | tr '_' ' ')" 1442 + if [ "${name}" = "reported_issues" ]; then 1443 + SUBTESTS="${BUGS}" 1444 + else 1445 + SUBTESTS="${TYPES}" 1446 + fi 1447 + 1448 + for subtest in ${SUBTESTS}; do 1449 + eval desc=\$TYPE_"${subtest}" 1473 1450 IFS=' 1474 1451 ' 1475 1452 for __line in ${desc}; do