| Summary: | testsuite should also use xtables-multi locking | ||
|---|---|---|---|
| Product: | Red Hat Enterprise Linux 7 | Reporter: | Tomas Dolezal <todoleza> |
| Component: | firewalld | Assignee: | Eric Garver <egarver> |
| Status: | CLOSED ERRATA | QA Contact: | Tomas Dolezal <todoleza> |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | 7.7 | CC: | egarver, jmaxwell, rkhan, sbrivio, todoleza |
| Target Milestone: | rc | ||
| Target Release: | --- | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | No Doc Update | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2020-03-31 20:00:54 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Bug Depends On: | |||
| Bug Blocks: | 1723958 | ||
Fixed upstream:
e527818500be ("fix: tests: always list rules using macros")
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2020:1109 |
Description of problem: Occasionally, there is a race when executing testsuite in parallel '-j4' causing tests failure. Version-Release number of selected component (if applicable): firewalld-0.6.3-2.el7.noarch How reproducible: race condition, s390x, but also any other Steps to Reproduce: TESTSUITEFLAGS='-j4 62' make installcheck Actual results: 62. icmp_block_in_forward_chain.at:1: testing ICMP block present FORWARD chain ... ./icmp_block_in_forward_chain.at:1: if ! cp /etc/firewalld/firewalld.conf ./firewalld.conf; then exit 77; fi ./icmp_block_in_forward_chain.at:1: sed -i 's/^CleanupOnExit.*/CleanupOnExit=no/' ./firewalld.conf ./icmp_block_in_forward_chain.at:1: ip netns add fwd-test-993 not running 2019-06-14 02:56:29 ICMP type 'beyond-scope' is not supported by the kernel for ipv6. 2019-06-14 02:56:29 beyond-scope: INVALID_ICMPTYPE: No supported ICMP type., ignoring for run-time. 2019-06-14 02:56:29 ICMP type 'failed-policy' is not supported by the kernel for ipv6. 2019-06-14 02:56:29 failed-policy: INVALID_ICMPTYPE: No supported ICMP type., ignoring for run-time. 2019-06-14 02:56:29 ICMP type 'reject-route' is not supported by the kernel for ipv6. 2019-06-14 02:56:29 reject-route: INVALID_ICMPTYPE: No supported ICMP type., ignoring for run-time. running ./icmp_block_in_forward_chain.at:3: env DBUS_SYSTEM_BUS_ADDRESS="unix:abstract=firewalld-testsuite-dbus-system-socket-15613" ip netns exec fwd-test-993 firewall-cmd -q --zone=public --add-icmp-block=host-prohibited ./icmp_block_in_forward_chain.at:4: env DBUS_SYSTEM_BUS_ADDRESS="unix:abstract=firewalld-testsuite-dbus-system-socket-15613" ip netns exec fwd-test-993 iptables -L IN_public_deny | grep "host-prohibited" --- /dev/null 2019-06-14 02:32:15.571227632 -0400 +++ /tmp/tmp.wNg2ZPBFMa/rpmbuild/BUILD/firewalld-0.6.3/src/tests/testsuite.dir/at-groups/62/stderr 2019-06-14 02:56:32.205214286 -0400 @@ -0,0 +1 @@ +Another app is currently holding the xtables lock. Perhaps you want to use the -w option? stdout: ./icmp_block_in_forward_chain.at:4: exit code was 1, expected 0 62. icmp_block_in_forward_chain.at:1: 62. ICMP block present FORWARD chain (icmp_block_in_forward_chain.at:1): FAILED (icmp_block_in_forward_chain.at:4) Expected results: all calls to xtables-multi (iptables-restore, etc..) should use locking feature. Firewalld does that, the testsuite does not in this and possibly other cases. Additional info: testscript regression/icmp_block_in_forward_chain.at: 4 m4_if(iptables, FIREWALL_BACKEND, [ 5 NS_CHECK([iptables -L IN_public_deny | grep "host-prohibited"], 0, ignore) 6 NS_CHECK([iptables -L FWDI_public_deny | grep "host-prohibited"], 0, ignore)