Received: from malur.postgresql.org ([217.196.149.56]) by arkaria.postgresql.org with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1of29x-0004Zh-P1 for pgsql-hackers@arkaria.postgresql.org; Sun, 02 Oct 2022 16:49:46 +0000 Received: from localhost ([127.0.0.1] helo=malur.postgresql.org) by malur.postgresql.org with esmtp (Exim 4.92) (envelope-from ) id 1of29v-0003R8-FB for pgsql-hackers@arkaria.postgresql.org; Sun, 02 Oct 2022 16:49:43 +0000 Received: from magus.postgresql.org ([2a02:c0:301:0:ffff::29]) by malur.postgresql.org with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1of29t-0003Nf-JH for pgsql-hackers@lists.postgresql.org; Sun, 02 Oct 2022 16:49:43 +0000 Received: from wout1-smtp.messagingengine.com ([64.147.123.24]) by magus.postgresql.org with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1of29o-0007TC-O9 for pgsql-hackers@postgresql.org; Sun, 02 Oct 2022 16:49:41 +0000 Received: from compute2.internal (compute2.nyi.internal [10.202.2.46]) by mailout.west.internal (Postfix) with ESMTP id 497A03200708; Sun, 2 Oct 2022 12:49:33 -0400 (EDT) Received: from mailfrontend2 ([10.202.2.163]) by compute2.internal (MEProxy); Sun, 02 Oct 2022 12:49:33 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=anarazel.de; h= cc:content-type:date:date:from:from:in-reply-to:message-id :mime-version:reply-to:sender:subject:subject:to:to; s=fm2; t= 1664729372; x=1664815772; bh=L4dDnoilBCh7WdSpVTb+D+arwog5pcha7fK ISs6F6nI=; b=LYz/GW2gY9eWyJyFR9rejfWhTC4yoSk4A5hrnFDgqDpiGRj7VaS PoG1kGXipzWJdEqF0TOIZFpZFLz6tcsS5yyDW1zjkbsPAd3wPOg8jvrComrTI1P8 ATNx+qTuTDVrl4Zx4r9eES2mW97KKu63fe+3hl/Z1CIOAz1Mfg4Q3vE7C1MUPVKu f72WxjUxFCuE9InH+46RVrI/WGkT5OwGlvl848HjZYgGzQPvHdbOlCOv4qubZy1B F3UdNy1jywq/lsyq33uu3ruMRKkQwYCne4X2YIbu04nFMHKcKU6/CfeXqYYWAhte 6jVHpcCpqOL7UtfO5Rci5a72Ofnqrru5srw== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-type:date:date:feedback-id :feedback-id:from:from:in-reply-to:message-id:mime-version :reply-to:sender:subject:subject:to:to:x-me-proxy:x-me-proxy :x-me-sender:x-me-sender:x-sasl-enc; s=fm2; t=1664729372; x= 1664815772; bh=L4dDnoilBCh7WdSpVTb+D+arwog5pcha7fKISs6F6nI=; b=c q7qdWebhbE878E3NFJnQ8wewQQhs8q8g3PqWBhLNYk2kkBFQVqyvaOvcgqhZQzSk egplmKgRRTMIddN2Kpd8K0gemoFWRMDkmEJIEPRyrgShkQq1iKK0t8JCdzIhDHPO lqopaWDTvVrSBOJN0uUJNBT1VGr+i5fEIlzO0DewQIVBk3O/NQLB9fnBa0JxBvWX DeXLtaVpyeiDMGPZbVWgxjYg6Fcmm7dS61CrRalLKXaC7TUpTbiRocqseV+qy2Lp o4exMEjmWdze1XqQRjVNz74X68ZczElMRQ+6YeHgEmv3ritJWxojqh2Hz/T4pkNa TuZ7TbSMisA0whET1YlnQ== X-ME-Sender: X-ME-Received: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvfedrfeehjedguddtiecutefuodetggdotefrod ftvfcurfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfgh necuuegrihhlohhuthemuceftddtnecusecvtfgvtghiphhivghnthhsucdlqddutddtmd enucfjughrpeffhffvuffkgggtugesthdtredttddtvdenucfhrhhomheptehnughrvghs ucfhrhgvuhhnugcuoegrnhgurhgvshesrghnrghrrgiivghlrdguvgeqnecuggftrfgrth htvghrnhepgfeigedvkedtieehgedvgefgfeeivefgteekledukeevieehtddvgfetheeg teffnecuffhomhgrihhnpegtihhrrhhushdqtghirdgtohhmnecuvehluhhsthgvrhfuih iivgeptdenucfrrghrrghmpehmrghilhhfrhhomheprghnughrvghssegrnhgrrhgriigv lhdruggv X-ME-Proxy: Feedback-ID: id4a34324:Fastmail Received: by mail.messagingengine.com (Postfix) with ESMTPA; Sun, 2 Oct 2022 12:49:32 -0400 (EDT) Date: Sun, 2 Oct 2022 09:49:31 -0700 From: Andres Freund To: pgsql-hackers@postgresql.org, Tom Lane , Andrew Dunstan Subject: ssl tests aren't concurrency safe due to get_free_port() Message-ID: <20221002164931.d57hlutrcz4d2zi7@awork3.anarazel.de> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline List-Id: List-Help: List-Subscribe: List-Post: List-Owner: List-Archive: Archived-At: Precedence: bulk Hi, See e.g. https://cirrus-ci.com/task/4682373060100096 2022-10-01 15:15:21.849 UTC [41962][postmaster] LOG: could not bind IPv4 address "127.0.0.1": Address already in use 2022-10-01 15:15:21.849 UTC [41962][postmaster] HINT: Is another postmaster already running on port 57003? If not, wait a few seconds and retry. 2022-10-01 15:15:21.849 UTC [41962][postmaster] WARNING: could not create listen socket for "127.0.0.1" I downloaded all test logs and grepping for 57003 shows the problem: build/testrun/ldap/001_auth/log/regress_log_001_auth 3:# Checking port 57003 4:# Found port 57003 22:# Running: /usr/sbin/slapd -f /tmp/cirrus-ci-build/build/testrun/ldap/001_auth/data/slapd.conf -h ldap://localhost:57002 ldaps://localhost:57003 build/testrun/ldap/001_auth/log/001_auth_node.log 253:2022-10-01 15:15:25.103 UTC [42574][client backend] [[unknown]][3/1:0] DETAIL: Connection matched pg_hba.conf line 1: "local all all ldap ldapurl="ldaps://localhost:57003/dc=example,dc=net??sub?(uid=$username)" ldaptls=1" build/testrun/ssl/001_ssltests/log/regress_log_001_ssltests 2:# Checking port 57003 3:# Found port 57003 8:Connection string: port=57003 host=/tmp/1k5yhaWLQ1 build/testrun/ssl/001_ssltests/log/001_ssltests_primary.log 2:2022-10-01 15:15:20.668 UTC [41740][postmaster] LOG: listening on Unix socket "/tmp/1k5yhaWLQ1/.s.PGSQL.57003" 58:2022-10-01 15:15:21.849 UTC [41962][postmaster] HINT: Is another postmaster already running on port 57003? If not, wait a few seconds and retry. I.e. we chose the same port for slapd as part of ldap's 001_auth.pl as for the postgres instance of ssl's 001_ssltests.pl. I don't think get_free_port() has any chance of being reliable as is. It's fundamentally racy just among concurrently running tests, without even considering things external to the tests (given it's using the range of ports auto-assigned for client tcp ports...). The current code is from 803466b6ffa, which said: This isn't 100% bulletproof, since conceivably something else on the machine could grab the port between the time we check and the time we actually start the server. But that's a pretty short window, so in practice this should be good enough. but I've seen this fail a couple times, so I suspect it's unfortunately not good enough. I can see a few potential ways of improving the situation: 1) Improve the port we start the search for a unique port from. We use the following bit right now: # Tracking of last port value assigned to accelerate free port lookup. $last_port_assigned = int(rand() * 16384) + 49152; It *might* be less likely that we hit conflicts if we start the search on a port based on the pid, rather than rand(). We e.g., could start at something like (($$ * 16) % 16384 + 49152), giving a decent likelihood that each test has 16 free ports. Perhaps also worth to increase the range of ports searched? 2) Use a lockfile containing a pid to protect the choice of a port within a build directory. Before accepting a port get_free_port() would check if the a lockfile exists for the port and if so, if the test using it is still alive. That will protect against racyness between multiple tests inside a build directory, but won't protect against races between multiple builds running concurrently on a machine (e.g. on a buildfarm host) 3) We could generate unique port ranges for each test and thus remove the chance of conflicts within a builddir and substantially reduce the likelihood of conflicts between build directories (as the conflict would be between two tests in different build directories, rather than all tests). This would be easy to do in the meson build, but nontrivial in autoconf afaics. 4) Add retries to the tests that need get_free_port(). That seems hard to get right, because every single restart of postgres (or some other service that we used get_free_port()) provides the potential for a new conflict. Greetings, Andres Freund