[netfilter-cvslog] r3491 - in trunk: nfsim/core nfsim-testsuite/01iptables nfsim-testsuite/02conntrack nfsim-testsuite/03NAT

rusty at netfilter.org rusty at netfilter.org
Wed Dec 22 05:57:50 CET 2004 

Author: rusty at netfilter.org
Date: 2004-12-22 05:57:50 +0100 (Wed, 22 Dec 2004)
New Revision: 3491

Modified:
   trunk/nfsim-testsuite/01iptables/01reject.sim
   trunk/nfsim-testsuite/02conntrack/04icmp_reply.sim
   trunk/nfsim-testsuite/03NAT/06ip_snat_reply.sim
   trunk/nfsim-testsuite/03NAT/17masq.sim
   trunk/nfsim/core/failtest.c
   trunk/nfsim/core/tui.c
   trunk/nfsim/core/tui.h
Log:
Export linenumber, and use it in failure reporting.
Warn when a test seems to be ignoring failures: makes test take a **LONG** time  as every failure combination is tried! (ie. 2^n attempts).
Enhance many tests to expect particular failures, rather than "any failure", or ignoring failures altogether.


Modified: trunk/nfsim/core/failtest.c
===================================================================
--- trunk/nfsim/core/failtest.c	2004-12-22 04:56:18 UTC (rev 3490)
+++ trunk/nfsim/core/failtest.c	2004-12-22 04:57:50 UTC (rev 3491)
@@ -28,7 +28,7 @@
 
 static bool failtest = false;
 bool suppress_failtest;
-static unsigned int generations = 0;
+static unsigned int fails = 0;
 unsigned int failpoints = 0;
 
 /* Failures pattern so far. */
@@ -98,6 +98,20 @@
 		failpattern += strlen(func) + 1;
 	}
 
+	if (*failpattern == ':') {
+		unsigned long line;
+		char *after;
+		failpattern++;
+		line = strtoul(failpattern, &after, 10);
+		if (*after != ':')
+			barf("Bad failure pattern line number %s\n",
+			     failpattern);
+		if (line != tui_linenum)
+			barf("Unexpected line number %lu vs %u\n",
+			     line, tui_linenum);
+		failpattern = after+1;
+	}
+
 	switch ((failpattern++)[0]) {
 	case 'F':
 	case 'f':
@@ -114,6 +128,24 @@
 	}
 }
 
+static void warn_failure(void)
+{
+	char *warning = NULL, *p;
+
+	/* Only report failures, with linenumber*/
+	for (p = strstr(faillist, ":F"); p; p = strstr(p + 1, ":F")) {
+		char *start, *line;
+
+		for (start = p; *start != '['; start--);
+		for (line = p-1; *line != ':'; line--);
+		warning = talloc_asprintf_append(warning, "%.*s line %.*s, ",
+						 line - start - 2, start+1,
+						 p - line - 1, line+1);
+	}
+
+	nfsim_log(LOG_ALWAYS, "WARNING: test ignores failures: %s", warning);
+}
+
 /* Should I fail at this point?  Once only: it would be too expensive
  * to fail at every possible call. */
 bool should_i_fail_once(const char *location)
@@ -156,6 +188,14 @@
 	if (!failtest)
 		return false;
 
+	/* If a testcase ignores a spuriously-inserted failure, it's
+	 * not specific enough, and we risk doing 2^n tests!  Limit it to 3. */
+	if (fails > 3) {
+		static bool warned = false;
+		if (!warned++)
+			warn_failure();
+	}
+
 	fflush(stdout);
 	child = fork();
 	if (child == -1)
@@ -165,15 +205,15 @@
 	 * point, but should not crash. */
 	if (child == 0) {
 		/* If we're talking to iptables, it has to fork too. */
-		faillist = talloc_asprintf_append(faillist, "[%s]F", func);
+		faillist = talloc_asprintf_append(faillist, "[%s]:%i:F", func,
+						  tui_linenum);
+		fails++;
 		fork_other_program();
-		if (++generations > 128)
-			barf("Too deep recursion on failure path:\n%s",
-			     faillist);
 		return true;
 	}
 
-	faillist = talloc_asprintf_append(faillist, "[%s]S", func);
+	faillist = talloc_asprintf_append(faillist, "[%s]:%i:S", func,
+					  tui_linenum);
 	if (waitpid(child, &status, 0) != child)
 		barf_perror("failtest waitpid failed for child %i",(int)child);
 

Modified: trunk/nfsim/core/tui.c
===================================================================
--- trunk/nfsim/core/tui.c	2004-12-22 04:56:18 UTC (rev 3490)
+++ trunk/nfsim/core/tui.c	2004-12-22 04:57:50 UTC (rev 3491)
@@ -34,7 +34,7 @@
 int tui_echo_commands;
 int tui_abort_on_fail;
 int tui_quiet;
-static int linenum = 1;
+int tui_linenum = 1;
 static bool stop;
 
 struct command {
@@ -175,7 +175,7 @@
 	char *str;
 	va_list arglist;
 
-	nfsim_log(LOG_UI, "Script failed at line %i: ", linenum);
+	nfsim_log(LOG_UI, "Script failed at line %i: ", tui_linenum);
 
 	va_start(arglist, fmt);
 	str = talloc_vasprintf(NULL, fmt, arglist);
@@ -201,7 +201,7 @@
 	argc = 0;
 
 	if (tui_echo_commands)
-		printf("%u:%s\n", linenum, line);
+		printf("%u:%s\n", tui_linenum, line);
 
 	/* FIXME: only handles quotes at the beginning and end of args */
 	while (*line) {
@@ -236,7 +236,7 @@
 			script_fail("%s not found", argv[0]);
 	}
 skip:
-	linenum++;
+	tui_linenum++;
 	return;
 }
 

Modified: trunk/nfsim/core/tui.h
===================================================================
--- trunk/nfsim/core/tui.h	2004-12-22 04:56:18 UTC (rev 3490)
+++ trunk/nfsim/core/tui.h	2004-12-22 04:57:50 UTC (rev 3491)
@@ -45,5 +45,6 @@
 extern int tui_echo_commands;
 extern int tui_abort_on_fail;
 extern int tui_quiet;
+extern int tui_linenum;
 
 #endif /* __HAVE_TUI_H */

Modified: trunk/nfsim-testsuite/01iptables/01reject.sim
===================================================================
--- trunk/nfsim-testsuite/01iptables/01reject.sim	2004-12-22 04:56:18 UTC (rev 3490)
+++ trunk/nfsim-testsuite/01iptables/01reject.sim	2004-12-22 04:57:50 UTC (rev 3491)
@@ -56,12 +56,17 @@
 gen_ip IF=eth0 192.168.0.2 192.168.0.1 10 17 1 2
 iptables -D INPUT -j REJECT --reject-with icmp-admin-prohibited
 
-# tcp-reset needs to be attached to -p tcp (and not inverted!).
+# tcp-reset needs to be attached to -p tcp (and not inverted!): checkentry 
+# should fail it.
+strace
+expect iptables setsockopt -> -EINVAL
 expect iptables iptables: command failed
 iptables -A INPUT -j REJECT --reject-with tcp-reset
 
+expect iptables setsockopt -> -EINVAL
 expect iptables iptables: command failed
 iptables -A INPUT -p ! tcp -j REJECT --reject-with tcp-reset
+strace off
 
 # Find it even if other matches come first.
 iptables -A INPUT -m limit --limit 1/s -m tos --tos 0 -p tcp -j REJECT --reject-with tcp-reset

Modified: trunk/nfsim-testsuite/02conntrack/04icmp_reply.sim
===================================================================
--- trunk/nfsim-testsuite/02conntrack/04icmp_reply.sim	2004-12-22 04:56:18 UTC (rev 3490)
+++ trunk/nfsim-testsuite/02conntrack/04icmp_reply.sim	2004-12-22 04:57:50 UTC (rev 3491)
@@ -1,8 +1,12 @@
 # Test that icmp error packets are recognized as part of same connection.
 
+expect gen_ip send:eth1 {IPv4 192.168.0.2 192.168.1.2 0 1 8 0 55 57}
 gen_ip IF=eth0 192.168.0.2 192.168.1.2 0 1 8 0 55 57
+expect gen_ip send:eth1 {IPv4 192.168.0.2 192.168.1.2 0 6 1024 1025 SYN}
 gen_ip IF=eth0 192.168.0.2 192.168.1.2 0 6 1024 1025 SYN
+expect gen_ip send:eth1 {IPv4 192.168.0.2 192.168.1.2 0 17 1024 1025}
 gen_ip IF=eth0 192.168.0.2 192.168.1.2 0 17 1024 1025
+expect gen_ip send:eth1 {IPv4 192.168.0.2 192.168.1.2 0 2}
 gen_ip IF=eth0 192.168.0.2 192.168.1.2 0 2
 
 # Must be related to get through now.

Modified: trunk/nfsim-testsuite/03NAT/06ip_snat_reply.sim
===================================================================
--- trunk/nfsim-testsuite/03NAT/06ip_snat_reply.sim	2004-12-22 04:56:18 UTC (rev 3490)
+++ trunk/nfsim-testsuite/03NAT/06ip_snat_reply.sim	2004-12-22 04:57:50 UTC (rev 3491)
@@ -2,9 +2,13 @@
 iptables -t nat -A POSTROUTING -s 192.168.0.0/24 -d 192.168.1.2 -j SNAT --to-source 192.168.0.3
 
 # ICMP, UDP, TCP and unknown
+expect gen_ip send:eth1 {IPv4 192.168.0.3 192.168.1.2 0 1 8 0 55 57}
 gen_ip IF=eth0 192.168.0.2 192.168.1.2 0 1 8 0 55 57
+expect gen_ip send:eth1 {IPv4 192.168.0.3 192.168.1.2 0 17 53 53}
 gen_ip IF=eth0 192.168.0.2 192.168.1.2 0 17 53 53
+expect gen_ip send:eth1 {IPv4 192.168.0.3 192.168.1.2 0 6 1024 8080 SYN SEQ=1000 WIN=512}
 gen_ip IF=eth0 192.168.0.2 192.168.1.2 0 6 1024 8080 SYN SEQ=1000 WIN=512
+expect gen_ip send:eth1 {IPv4 192.168.0.3 192.168.1.2 0 2}
 gen_ip IF=eth0 192.168.0.2 192.168.1.2 0 2
 
 iptables -t nat -D POSTROUTING -s 192.168.0.0/24 -d 192.168.1.2 -j SNAT --to-source 192.168.0.3

Modified: trunk/nfsim-testsuite/03NAT/17masq.sim
===================================================================
--- trunk/nfsim-testsuite/03NAT/17masq.sim	2004-12-22 04:56:18 UTC (rev 3490)
+++ trunk/nfsim-testsuite/03NAT/17masq.sim	2004-12-22 04:57:50 UTC (rev 3491)
@@ -1,19 +1,16 @@
 # Tests for masquerading.
-
 # XFAIL:linux:*
 
-# Check we can only insert it on correct position.
+# Check we can only insert it on correct position: checkentry should fail
+strace
+expect iptables setsockopt -> -EINVAL
 expect iptables iptables: command failed
 iptables -t nat -A PREROUTING -s 192.168.0.2 -d 192.168.1.0/24 -j MASQUERADE
 
+expect iptables setsockopt -> -EINVAL
 expect iptables iptables: command failed
-iptables -t nat -A INPUT -s 192.168.0.2 -d 192.168.1.0/24 -j MASQUERADE
-
-expect iptables iptables: command failed
-iptables -t nat -A FORWARD -s 192.168.0.2 -d 192.168.1.0/24 -j MASQUERADE
-
-expect iptables iptables: command failed
 iptables -t nat -A OUTPUT -s 192.168.0.2 -d 192.168.1.0/24 -j MASQUERADE
+strace off
 
 iptables -t nat -A POSTROUTING -s 192.168.0.2 -d 192.168.1.0/24 -j MASQUERADE

More information about the netfilter-cvslog mailing list