From patchwork Fri Sep 6 12:03:45 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Florian Weimer X-Patchwork-Id: 1981820 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; dkim=pass (1024-bit key; unprotected) header.d=redhat.com header.i=@redhat.com header.a=rsa-sha256 header.s=mimecast20190719 header.b=AfjMGtic; dkim-atps=neutral Authentication-Results: legolas.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=sourceware.org (client-ip=2620:52:3:1:0:246e:9693:128c; helo=server2.sourceware.org; envelope-from=libc-alpha-bounces~incoming=patchwork.ozlabs.org@sourceware.org; receiver=patchwork.ozlabs.org) Received: from server2.sourceware.org (server2.sourceware.org [IPv6:2620:52:3:1:0:246e:9693:128c]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4X0Zds6L97z1y1D for ; Fri, 6 Sep 2024 22:04:17 +1000 (AEST) Received: from server2.sourceware.org (localhost [IPv6:::1]) by sourceware.org (Postfix) with ESMTP id B79DC384A454 for ; Fri, 6 Sep 2024 12:04:15 +0000 (GMT) X-Original-To: libc-alpha@sourceware.org Delivered-To: libc-alpha@sourceware.org Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by sourceware.org (Postfix) with ESMTP id EF0EB384A461 for ; Fri, 6 Sep 2024 12:03:51 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org EF0EB384A461 Authentication-Results: sourceware.org; dmarc=pass (p=none dis=none) header.from=redhat.com Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=redhat.com ARC-Filter: OpenARC Filter v1.0.0 sourceware.org EF0EB384A461 Authentication-Results: server2.sourceware.org; arc=none smtp.remote-ip=170.10.129.124 ARC-Seal: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1725624235; cv=none; b=ZXw8snoKRN8ID+epyJ4xYgoCD8LtuN33v/2E5m0puIuqfsoEg0eN4E5EmHSQU8mhShM87H70s+0aW28pWP748BFp34Kw2NrJbAoVRWF3gJE95V7oZq7J/ZUmFOfUefWGdwrXho+xHpOYQj4Nga9YFgh0Y5ARExt7ygplP4fqdK4= ARC-Message-Signature: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1725624235; c=relaxed/simple; bh=9MFYKR+DRTID9+B2YSIi6ngNsx7gvlIvKPnb9SaOOXM=; h=DKIM-Signature:From:To:Subject:Date:Message-ID:MIME-Version; b=JyNmYy7yvMMTrxqnl4F+CkcvQhjql5O9YbHhxFVPDIg4HFwbbMYpUKaRzxVNcH87uUwEGzy0F1FsY9aT12hOI1BCapSmO0OywuQmYAaL60McPHe7v7P6lc/6RPjclwN4/jPOH+OClcA85v7ZYUM3k589DC+hSxGyGUB0KsEldMM= ARC-Authentication-Results: i=1; server2.sourceware.org DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1725624231; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type; bh=w5//iJHrDxK2umsd/+BV6fkgRGtux2jJP/jIz4TVIAo=; b=AfjMGticNbC0zKQm+bOiYinMDnUEhIoOascsJlFf/NxI3ArBi1glvD6Qsn3op9cYAb7+zH 58+pWo4xeiaZrq3eCSb5DeLmfSJdEMOWYcyjA4voJFeLb5WSBfexWdfMQmHh+DbcJn/dFJ DGJzJNNwwOWcwFEnr98T4e9/I2oJa3s= Received: from mx-prod-mc-04.mail-002.prod.us-west-2.aws.redhat.com (ec2-54-186-198-63.us-west-2.compute.amazonaws.com [54.186.198.63]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-627-6OkxWc7fNHSmf_EBvOYUbQ-1; Fri, 06 Sep 2024 08:03:50 -0400 X-MC-Unique: 6OkxWc7fNHSmf_EBvOYUbQ-1 Received: from mx-prod-int-04.mail-002.prod.us-west-2.aws.redhat.com (mx-prod-int-04.mail-002.prod.us-west-2.aws.redhat.com [10.30.177.40]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mx-prod-mc-04.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTPS id 805E819357B7 for ; Fri, 6 Sep 2024 12:03:49 +0000 (UTC) Received: from oldenburg.str.redhat.com (unknown [10.2.16.19]) by mx-prod-int-04.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTPS id 792E919560AA for ; Fri, 6 Sep 2024 12:03:48 +0000 (UTC) From: Florian Weimer To: libc-alpha@sourceware.org Subject: [PATCH v5] misc: FUSE-based tests for mkstemp Date: Fri, 06 Sep 2024 14:03:45 +0200 Message-ID: <87msklhtum.fsf@oldenburg.str.redhat.com> User-Agent: Gnus/5.13 (Gnus v5.13) MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.0 on 10.30.177.40 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com X-Spam-Status: No, score=-9.3 required=5.0 tests=BAYES_00, DKIMWL_WL_HIGH, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, GIT_PATCH_0, KAM_SHORT, RCVD_IN_DNSWL_NONE, RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, RCVD_IN_SBL_CSS, SPF_HELO_NONE, SPF_NONE, TXREP, T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org X-BeenThere: libc-alpha@sourceware.org X-Mailman-Version: 2.1.30 Precedence: list List-Id: Libc-alpha mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: libc-alpha-bounces~incoming=patchwork.ozlabs.org@sourceware.org I finally figured out why my simulation produced so many collisions: an integer overflow produced a much lower value than expected for 62**6. (This happened in two independent implementations.) Fixing that I got repeat counts that match more what the actual tests show. Added the observed number as a comment and adjusted the test bounds accordingly. Thanks, Florian ---8<------8<------8<------8<------8<------8<------8<------8<--- The tests check that O_EXCL is used properly, that 0600 is used as the mode, that the characters used are as expected, and that the distribution of names generated is reasonably random. The tests run very slowly on some kernel versions, so make them xtests. --- misc/Makefile | 6 ++ misc/tst-mkstemp-fuse-parallel.c | 210 +++++++++++++++++++++++++++++++++++++++ misc/tst-mkstemp-fuse.c | 195 ++++++++++++++++++++++++++++++++++++ 3 files changed, 411 insertions(+) base-commit: 1b171c942ea066c08a1e5aefb977e35da08ed291 diff --git a/misc/Makefile b/misc/Makefile index 7b7f8351bf..1422c95317 100644 --- a/misc/Makefile +++ b/misc/Makefile @@ -292,6 +292,12 @@ tests-static := tst-empty tests-internal += tst-fd_to_filename tests-static += tst-fd_to_filename +# Tests with long run times. +xtests += \ + tst-mkstemp-fuse \ + tst-mkstemp-fuse-parallel \ + # xtests + ifeq ($(run-built-tests),yes) ifeq (yes,$(build-shared)) ifneq ($(PERL),no) diff --git a/misc/tst-mkstemp-fuse-parallel.c b/misc/tst-mkstemp-fuse-parallel.c new file mode 100644 index 0000000000..af59245920 --- /dev/null +++ b/misc/tst-mkstemp-fuse-parallel.c @@ -0,0 +1,210 @@ +/* FUSE-based test for mkstemp. Parallel collision statistics. + Copyright (C) 2024 Free Software Foundation, Inc. + This file is part of the GNU C Library. + + The GNU C Library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + The GNU C Library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with the GNU C Library; if not, see + . */ + +#include + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +/* Enough space to record 4 times the expected number of replies (62**3). + See the processes array in do_test. */ +enum { results_allocated = 4 * 62 * 62 * 62 + 1000 }; + +/* The thread will store the results there. */ +static uint64_t *results; + +/* Currently used part of the results array. */ +static size_t results_used; + +/* Fail with EEXIST, but record observed names. */ +static void +fuse_thread (struct support_fuse *f, void *closure) +{ + struct fuse_in_header *inh; + while ((inh = support_fuse_next (f)) != NULL) + { + if (support_fuse_handle_mountpoint (f) + || (inh->nodeid == 1 && support_fuse_handle_directory (f))) + continue; + if (inh->opcode != FUSE_LOOKUP || results_used >= results_allocated) + { + support_fuse_reply_error (f, EIO); + continue; + } + + char *name = support_fuse_cast (LOOKUP, inh); + TEST_COMPARE_BLOB (name, 3, "new", 3); + TEST_COMPARE (strlen (name), 9); + /* Extract 8 bytes of the name: 'w', the X replacements, and the + null terminator. */ + memcpy (&results[results_used], name + 2, 8); + ++results_used; + struct fuse_entry_out *out = support_fuse_prepare_entry (f, 2); + out->attr.mode = S_IFREG | 0600; + support_fuse_reply_prepared (f); + } +} + +/* Used to sort the results array, to find duplicates. */ +static int +results_sort (const void *a1, const void *b1) +{ + const uint64_t *a = a1; + const uint64_t *b = b1; + if (*a < *b) + return -1; + if (*a == *b) + return 0; + return 1; +} + +/* Number of occurrences of certain streak lengths. */ +static size_t streak_lengths[6]; + +/* Called for every encountered streak. */ +static inline void +report_streak (uint64_t current, size_t length) +{ + if (length > 1) + { + printf ("info: name \"ne%.8s\" repeats: %zu\n", + (char *) ¤t, length); + TEST_VERIFY_EXIT (length < array_length (streak_lengths)); + } + ++streak_lengths[length]; +} + +static int +do_test (void) +{ + support_fuse_init (); + + results = xmalloc (results_allocated * sizeof (*results)); + + pid_t processes[4]; + + struct shared + { + /* Used to synchronize the start of all subprocesses, to make it + more likely to expose concurrency-related bugs. */ + pthread_barrier_t barrier1; + pthread_barrier_t barrier2; + + /* Filled in after fork. */ + char mountpoint[4096]; + }; + + /* Used to synchronize the start of all subprocesses, to make it + more likely to expose concurrency-related bugs. */ + struct shared *pshared = support_shared_allocate (sizeof (*pshared)); + { + pthread_barrierattr_t attr; + xpthread_barrierattr_init (&attr); + xpthread_barrierattr_setpshared (&attr, PTHREAD_PROCESS_SHARED); + xpthread_barrierattr_destroy (&attr); + xpthread_barrier_init (&pshared->barrier1, &attr, + array_length (processes) + 1); + xpthread_barrier_init (&pshared->barrier2, &attr, + array_length (processes) + 1); + xpthread_barrierattr_destroy (&attr); + } + + for (int i = 0; i < array_length (processes); ++i) + { + processes[i] = xfork (); + if (processes[i] == 0) + { + /* Wait for mountpoint initialization. */ + xpthread_barrier_wait (&pshared->barrier1); + char *path = xasprintf ("%s/newXXXXXX", pshared->mountpoint); + + /* Park this process until all processes have started. */ + xpthread_barrier_wait (&pshared->barrier2); + errno = 0; + TEST_COMPARE (mkstemp (path), -1); + TEST_COMPARE (errno, EEXIST); + free (path); + _exit (0); + } + } + + /* Do this after the forking, to minimize initialization inteference. */ + struct support_fuse *f = support_fuse_mount (fuse_thread, NULL); + TEST_VERIFY (strlcpy (pshared->mountpoint, support_fuse_mountpoint (f), + sizeof (pshared->mountpoint)) + < sizeof (pshared->mountpoint)); + xpthread_barrier_wait (&pshared->barrier1); + + puts ("info: performing mkstemp calls"); + xpthread_barrier_wait (&pshared->barrier2); + + for (int i = 0; i < array_length (processes); ++i) + { + int status; + xwaitpid (processes[i], &status, 0); + TEST_COMPARE (status, 0); + } + + support_fuse_unmount (f); + xpthread_barrier_destroy (&pshared->barrier2); + xpthread_barrier_destroy (&pshared->barrier1); + + printf ("info: checking results (count %zu)\n", results_used); + qsort (results, results_used, sizeof (*results), results_sort); + + size_t current = -1; + size_t streak = 0; + for (size_t i = 0; i < results_used; ++i) + if (results[i] == current) + ++streak; + else + { + report_streak (current, streak); + current = results[i]; + streak = 1; + } + report_streak (current, streak); + + puts ("info: repetition count distribution:"); + for (int i = 1; i < array_length (streak_lengths); ++i) + printf (" length %d: %zu\n", i, streak_lengths[i]); + /* Some arbitrary threshold, hopefully unlikely enough. In over + 260,000 runs of a simulation of this test, at most 26 pairs were + observed, and only one three-way collisions. */ + if (streak_lengths[2] > 30) + FAIL ("unexpected repetition count 2: %zu", streak_lengths[2]); + if (streak_lengths[3] > 2) + FAIL ("unexpected repetition count 3: %zu", streak_lengths[3]); + for (int i = 4; i < array_length (streak_lengths); ++i) + if (streak_lengths[i] > 0) + FAIL ("too many repeats of count %d: %zu", i, streak_lengths[i]); + + return 0; +} + +#include diff --git a/misc/tst-mkstemp-fuse.c b/misc/tst-mkstemp-fuse.c new file mode 100644 index 0000000000..5c4f791072 --- /dev/null +++ b/misc/tst-mkstemp-fuse.c @@ -0,0 +1,195 @@ +/* FUSE-based test for mkstemp. + Copyright (C) 2024 Free Software Foundation, Inc. + This file is part of the GNU C Library. + + The GNU C Library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + The GNU C Library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with the GNU C Library; if not, see + . */ + +#include + +#include +#include +#include +#include +#include +#include +#include +#include +#include + +/* Set to true in do_test to cause the first FUSE_CREATE attempt to fail. */ +static _Atomic bool simulate_creat_race; + +/* Basic tests with eventually successful creation. */ +static void +fuse_thread_basic (struct support_fuse *f, void *closure) +{ + char *previous_name = NULL; + int state = 0; + struct fuse_in_header *inh; + while ((inh = support_fuse_next (f)) != NULL) + { + if (support_fuse_handle_mountpoint (f) + || (inh->nodeid == 1 && support_fuse_handle_directory (f))) + continue; + + switch (inh->opcode) + { + case FUSE_LOOKUP: + /* File does not exist initially. */ + TEST_COMPARE (inh->nodeid, 1); + if (simulate_creat_race) + { + if (state < 3) + ++state; + else + FAIL ("invalid state: %d", state); + } + else + { + TEST_COMPARE (state, 0); + state = 3; + } + support_fuse_reply_error (f, ENOENT); + break; + case FUSE_CREATE: + { + TEST_COMPARE (inh->nodeid, 1); + char *name; + struct fuse_create_in *p + = support_fuse_cast_name (CREATE, inh, &name); + /* Name follows after struct fuse_create_in. */ + TEST_COMPARE (p->flags & O_ACCMODE, O_RDWR); + TEST_VERIFY (p->flags & O_EXCL); + TEST_VERIFY (p->flags & O_CREAT); + TEST_COMPARE (p->mode & 07777, 0600); + TEST_VERIFY (S_ISREG (p->mode)); + TEST_COMPARE_BLOB (name, 3, "new", 3); + + if (state != 3 && simulate_creat_race) + { + ++state; + support_fuse_reply_error (f, EEXIST); + } + else + { + if (previous_name != NULL) + /* This test has a very small probability of failure + due to a harmless collision (one in 62**6 tests). */ + TEST_VERIFY (strcmp (name, previous_name) != 0); + TEST_COMPARE (state, 3); + ++state; + struct fuse_entry_out *entry; + struct fuse_open_out *open; + support_fuse_prepare_create (f, 2, &entry, &open); + entry->attr.mode = S_IFREG | 0600; + support_fuse_reply_prepared (f); + } + free (previous_name); + previous_name = xstrdup (name); + } + break; + case FUSE_FLUSH: + case FUSE_RELEASE: + TEST_COMPARE (state, 4); + TEST_COMPARE (inh->nodeid, 2); + support_fuse_reply_empty (f); + break; + default: + support_fuse_reply_error (f, EIO); + } + } + free (previous_name); +} + +/* Reply that all files exist. */ +static void +fuse_thread_eexist (struct support_fuse *f, void *closure) +{ + uint64_t counter = 0; + struct fuse_in_header *inh; + while ((inh = support_fuse_next (f)) != NULL) + { + if (support_fuse_handle_mountpoint (f) + || (inh->nodeid == 1 && support_fuse_handle_directory (f))) + continue; + + switch (inh->opcode) + { + case FUSE_LOOKUP: + ++counter; + TEST_COMPARE (inh->nodeid, 1); + char *name = support_fuse_cast (LOOKUP, inh); + TEST_COMPARE_BLOB (name, 3, "new", 3); + TEST_COMPARE (strlen (name), 9); + for (int i = 3; i <= 8; ++i) + { + /* The glibc implementation uses letters and digits only. */ + char ch = name[i]; + TEST_VERIFY (('0' <= ch && ch <= '9') + || ('a' <= ch && ch <= 'z') + || ('A' <= ch && ch <= 'Z')); + } + struct fuse_entry_out out = + { + .nodeid = 2, + .attr = { + .mode = S_IFREG | 0600, + .ino = 2, + }, + }; + support_fuse_reply (f, &out, sizeof (out)); + break; + default: + support_fuse_reply_error (f, EIO); + } + } + TEST_VERIFY (counter >= 200000); +} + +static int +do_test (void) +{ + support_fuse_init (); + + for (int do_simulate_creat_race = 0; do_simulate_creat_race < 2; + ++do_simulate_creat_race) + { + simulate_creat_race = do_simulate_creat_race; + printf ("info: testing with simulate_creat_race == %d\n", + (int) simulate_creat_race); + struct support_fuse *f = support_fuse_mount (fuse_thread_basic, NULL); + char *path = xasprintf ("%s/newXXXXXX", support_fuse_mountpoint (f)); + int fd = mkstemp (path); + TEST_VERIFY (fd > 2); + xclose (fd); + free (path); + support_fuse_unmount (f); + } + + puts ("info: testing EEXIST failure case for mkstemp"); + { + struct support_fuse *f = support_fuse_mount (fuse_thread_eexist, NULL); + char *path = xasprintf ("%s/newXXXXXX", support_fuse_mountpoint (f)); + errno = 0; + TEST_COMPARE (mkstemp (path), -1); + TEST_COMPARE (errno, EEXIST); + free (path); + support_fuse_unmount (f); + } + + return 0; +} + +#include