1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
|
// Copyright (c) 2012 The Chromium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
// The tests in this file attempt to verify the following through simulation:
// a) That a server experiencing overload will actually benefit from the
// anti-DDoS throttling logic, i.e. that its traffic spike will subside
// and be distributed over a longer period of time;
// b) That "well-behaved" clients of a server under DDoS attack actually
// benefit from the anti-DDoS throttling logic; and
// c) That the approximate increase in "perceived downtime" introduced by
// anti-DDoS throttling for various different actual downtimes is what
// we expect it to be.
#include <stddef.h>
#include <cmath>
#include <limits>
#include <vector>
#include "base/environment.h"
#include "base/macros.h"
#include "base/memory/scoped_ptr.h"
#include "base/message_loop/message_loop.h"
#include "base/rand_util.h"
#include "base/time/time.h"
#include "extensions/browser/extension_throttle_manager.h"
#include "extensions/browser/extension_throttle_test_support.h"
#include "net/base/request_priority.h"
#include "net/url_request/url_request.h"
#include "net/url_request/url_request_context.h"
#include "net/url_request/url_request_test_util.h"
#include "testing/gtest/include/gtest/gtest.h"
using base::TimeDelta;
using base::TimeTicks;
using net::BackoffEntry;
using net::TestURLRequestContext;
using net::URLRequest;
using net::URLRequestContext;
namespace extensions {
namespace {
// Set this variable in your environment if you want to see verbose results
// of the simulation tests.
const char kShowSimulationVariableName[] = "SHOW_SIMULATION_RESULTS";
// Prints output only if a given environment variable is set. We use this
// to not print any output for human evaluation when the test is run without
// supervision.
void VerboseOut(const char* format, ...) {
static bool have_checked_environment = false;
static bool should_print = false;
if (!have_checked_environment) {
have_checked_environment = true;
scoped_ptr<base::Environment> env(base::Environment::Create());
if (env->HasVar(kShowSimulationVariableName))
should_print = true;
}
if (should_print) {
va_list arglist;
va_start(arglist, format);
vprintf(format, arglist);
va_end(arglist);
}
}
// A simple two-phase discrete time simulation. Actors are added in the order
// they should take action at every tick of the clock. Ticks of the clock
// are two-phase:
// - Phase 1 advances every actor's time to a new absolute time.
// - Phase 2 asks each actor to perform their action.
class DiscreteTimeSimulation {
public:
class Actor {
public:
virtual ~Actor() {}
virtual void AdvanceTime(const TimeTicks& absolute_time) = 0;
virtual void PerformAction() = 0;
};
DiscreteTimeSimulation() {}
// Adds an |actor| to the simulation. The client of the simulation maintains
// ownership of |actor| and must ensure its lifetime exceeds that of the
// simulation. Actors should be added in the order you wish for them to
// act at each tick of the simulation.
void AddActor(Actor* actor) { actors_.push_back(actor); }
// Runs the simulation for, pretending |time_between_ticks| passes from one
// tick to the next. The start time will be the current real time. The
// simulation will stop when the simulated duration is equal to or greater
// than |maximum_simulated_duration|.
void RunSimulation(const TimeDelta& maximum_simulated_duration,
const TimeDelta& time_between_ticks) {
TimeTicks start_time = TimeTicks();
TimeTicks now = start_time;
while ((now - start_time) <= maximum_simulated_duration) {
for (std::vector<Actor*>::iterator it = actors_.begin();
it != actors_.end(); ++it) {
(*it)->AdvanceTime(now);
}
for (std::vector<Actor*>::iterator it = actors_.begin();
it != actors_.end(); ++it) {
(*it)->PerformAction();
}
now += time_between_ticks;
}
}
private:
std::vector<Actor*> actors_;
DISALLOW_COPY_AND_ASSIGN(DiscreteTimeSimulation);
};
// Represents a web server in a simulation of a server under attack by
// a lot of clients. Must be added to the simulation's list of actors
// after all |Requester| objects.
class Server : public DiscreteTimeSimulation::Actor {
public:
Server(int max_queries_per_tick, double request_drop_ratio)
: max_queries_per_tick_(max_queries_per_tick),
request_drop_ratio_(request_drop_ratio),
num_overloaded_ticks_remaining_(0),
num_current_tick_queries_(0),
num_overloaded_ticks_(0),
max_experienced_queries_per_tick_(0),
mock_request_(
context_.CreateRequest(GURL(), net::DEFAULT_PRIORITY, NULL)) {}
void SetDowntime(const TimeTicks& start_time, const TimeDelta& duration) {
start_downtime_ = start_time;
end_downtime_ = start_time + duration;
}
void AdvanceTime(const TimeTicks& absolute_time) override {
now_ = absolute_time;
}
void PerformAction() override {
// We are inserted at the end of the actor's list, so all Requester
// instances have already done their bit.
if (num_current_tick_queries_ > max_experienced_queries_per_tick_)
max_experienced_queries_per_tick_ = num_current_tick_queries_;
if (num_current_tick_queries_ > max_queries_per_tick_) {
// We pretend the server fails for the next several ticks after it
// gets overloaded.
num_overloaded_ticks_remaining_ = 5;
++num_overloaded_ticks_;
} else if (num_overloaded_ticks_remaining_ > 0) {
--num_overloaded_ticks_remaining_;
}
requests_per_tick_.push_back(num_current_tick_queries_);
num_current_tick_queries_ = 0;
}
// This is called by Requester. It returns the response code from
// the server.
int HandleRequest() {
++num_current_tick_queries_;
if (!start_downtime_.is_null() && start_downtime_ < now_ &&
now_ < end_downtime_) {
// For the simulation measuring the increase in perceived
// downtime, it might be interesting to count separately the
// queries seen by the server (assuming a front-end reverse proxy
// is what actually serves up the 503s in this case) so that we could
// visualize the traffic spike seen by the server when it comes up,
// which would in many situations be ameliorated by the anti-DDoS
// throttling.
return 503;
}
if ((num_overloaded_ticks_remaining_ > 0 ||
num_current_tick_queries_ > max_queries_per_tick_) &&
base::RandDouble() < request_drop_ratio_) {
return 503;
}
return 200;
}
int num_overloaded_ticks() const { return num_overloaded_ticks_; }
int max_experienced_queries_per_tick() const {
return max_experienced_queries_per_tick_;
}
const URLRequest& mock_request() const { return *mock_request_.get(); }
std::string VisualizeASCII(int terminal_width) {
// Account for | characters we place at left of graph.
terminal_width -= 1;
VerboseOut("Overloaded for %d of %d ticks.\n", num_overloaded_ticks_,
requests_per_tick_.size());
VerboseOut("Got maximum of %d requests in a tick.\n\n",
max_experienced_queries_per_tick_);
VerboseOut("Traffic graph:\n\n");
// Printing the graph like this is a bit overkill, but was very useful
// while developing the various simulations to see if they were testing
// the corner cases we want to simulate.
// Find the smallest number of whole ticks we need to group into a
// column that will let all ticks fit into the column width we have.
int num_ticks = requests_per_tick_.size();
double ticks_per_column_exact =
static_cast<double>(num_ticks) / static_cast<double>(terminal_width);
int ticks_per_column = std::ceil(ticks_per_column_exact);
DCHECK_GE(ticks_per_column * terminal_width, num_ticks);
// Sum up the column values.
int num_columns = num_ticks / ticks_per_column;
if (num_ticks % ticks_per_column)
++num_columns;
DCHECK_LE(num_columns, terminal_width);
scoped_ptr<int[]> columns(new int[num_columns]);
for (int tx = 0; tx < num_ticks; ++tx) {
int cx = tx / ticks_per_column;
if (tx % ticks_per_column == 0)
columns[cx] = 0;
columns[cx] += requests_per_tick_[tx];
}
// Find the lowest integer divisor that will let the column values
// be represented in a graph of maximum height 50.
int max_value = 0;
for (int cx = 0; cx < num_columns; ++cx)
max_value = std::max(max_value, columns[cx]);
const int kNumRows = 50;
double row_divisor_exact = max_value / static_cast<double>(kNumRows);
int row_divisor = std::ceil(row_divisor_exact);
DCHECK_GE(row_divisor * kNumRows, max_value);
// To show the overload line, we calculate the appropriate value.
int overload_value = max_queries_per_tick_ * ticks_per_column;
// When num_ticks is not a whole multiple of ticks_per_column, the last
// column includes fewer ticks than the others. In this case, don't
// print it so that we don't show an inconsistent value.
int num_printed_columns = num_columns;
if (num_ticks % ticks_per_column)
--num_printed_columns;
// This is a top-to-bottom traversal of rows, left-to-right per row.
std::string output;
for (int rx = 0; rx < kNumRows; ++rx) {
int range_min = (kNumRows - rx) * row_divisor;
int range_max = range_min + row_divisor;
if (range_min == 0)
range_min = -1; // Make 0 values fit in the bottom range.
output.append("|");
for (int cx = 0; cx < num_printed_columns; ++cx) {
char block = ' ';
// Show the overload line.
if (range_min < overload_value && overload_value <= range_max)
block = '-';
// Preferentially, show the graph line.
if (range_min < columns[cx] && columns[cx] <= range_max)
block = '#';
output.append(1, block);
}
output.append("\n");
}
output.append("|");
output.append(num_printed_columns, '=');
return output;
}
const URLRequestContext& context() const { return context_; }
private:
TimeTicks now_;
TimeTicks start_downtime_; // Can be 0 to say "no downtime".
TimeTicks end_downtime_;
const int max_queries_per_tick_;
const double request_drop_ratio_; // Ratio of requests to 503 when failing.
int num_overloaded_ticks_remaining_;
int num_current_tick_queries_;
int num_overloaded_ticks_;
int max_experienced_queries_per_tick_;
std::vector<int> requests_per_tick_;
TestURLRequestContext context_;
scoped_ptr<URLRequest> mock_request_;
DISALLOW_COPY_AND_ASSIGN(Server);
};
// Mock throttler entry used by Requester class.
class MockExtensionThrottleEntry : public ExtensionThrottleEntry {
public:
explicit MockExtensionThrottleEntry(ExtensionThrottleManager* manager)
: ExtensionThrottleEntry(manager, std::string()),
backoff_entry_(&backoff_policy_, &fake_clock_) {}
const BackoffEntry* GetBackoffEntry() const override {
return &backoff_entry_;
}
BackoffEntry* GetBackoffEntry() override { return &backoff_entry_; }
TimeTicks ImplGetTimeNow() const override { return fake_clock_.NowTicks(); }
void SetFakeNow(const TimeTicks& fake_time) {
fake_clock_.set_now(fake_time);
}
protected:
~MockExtensionThrottleEntry() override {}
private:
mutable TestTickClock fake_clock_;
BackoffEntry backoff_entry_;
};
// Registry of results for a class of |Requester| objects (e.g. attackers vs.
// regular clients).
class RequesterResults {
public:
RequesterResults()
: num_attempts_(0), num_successful_(0), num_failed_(0), num_blocked_(0) {}
void AddSuccess() {
++num_attempts_;
++num_successful_;
}
void AddFailure() {
++num_attempts_;
++num_failed_;
}
void AddBlocked() {
++num_attempts_;
++num_blocked_;
}
int num_attempts() const { return num_attempts_; }
int num_successful() const { return num_successful_; }
int num_failed() const { return num_failed_; }
int num_blocked() const { return num_blocked_; }
double GetBlockedRatio() {
DCHECK(num_attempts_);
return static_cast<double>(num_blocked_) /
static_cast<double>(num_attempts_);
}
double GetSuccessRatio() {
DCHECK(num_attempts_);
return static_cast<double>(num_successful_) /
static_cast<double>(num_attempts_);
}
void PrintResults(const char* class_description) {
if (num_attempts_ == 0) {
VerboseOut("No data for %s\n", class_description);
return;
}
VerboseOut("Requester results for %s\n", class_description);
VerboseOut(" %d attempts\n", num_attempts_);
VerboseOut(" %d successes\n", num_successful_);
VerboseOut(" %d 5xx responses\n", num_failed_);
VerboseOut(" %d requests blocked\n", num_blocked_);
VerboseOut(" %.2f success ratio\n", GetSuccessRatio());
VerboseOut(" %.2f blocked ratio\n", GetBlockedRatio());
VerboseOut("\n");
}
private:
int num_attempts_;
int num_successful_;
int num_failed_;
int num_blocked_;
};
// Represents an Requester in a simulated DDoS situation, that periodically
// requests a specific resource.
class Requester : public DiscreteTimeSimulation::Actor {
public:
Requester(MockExtensionThrottleEntry* throttler_entry,
const TimeDelta& time_between_requests,
Server* server,
RequesterResults* results)
: throttler_entry_(throttler_entry),
time_between_requests_(time_between_requests),
last_attempt_was_failure_(false),
server_(server),
results_(results) {
DCHECK(server_);
}
void AdvanceTime(const TimeTicks& absolute_time) override {
if (time_of_last_success_.is_null())
time_of_last_success_ = absolute_time;
throttler_entry_->SetFakeNow(absolute_time);
}
void PerformAction() override {
TimeDelta effective_delay = time_between_requests_;
TimeDelta current_jitter = TimeDelta::FromMilliseconds(
request_jitter_.InMilliseconds() * base::RandDouble());
if (base::RandInt(0, 1)) {
effective_delay -= current_jitter;
} else {
effective_delay += current_jitter;
}
if (throttler_entry_->ImplGetTimeNow() - time_of_last_attempt_ >
effective_delay) {
if (!throttler_entry_->ShouldRejectRequest(server_->mock_request())) {
int status_code = server_->HandleRequest();
throttler_entry_->UpdateWithResponse(status_code);
if (status_code == 200) {
if (results_)
results_->AddSuccess();
if (last_attempt_was_failure_) {
last_downtime_duration_ =
throttler_entry_->ImplGetTimeNow() - time_of_last_success_;
}
time_of_last_success_ = throttler_entry_->ImplGetTimeNow();
last_attempt_was_failure_ = false;
} else {
if (results_)
results_->AddFailure();
last_attempt_was_failure_ = true;
}
} else {
if (results_)
results_->AddBlocked();
last_attempt_was_failure_ = true;
}
time_of_last_attempt_ = throttler_entry_->ImplGetTimeNow();
}
}
// Adds a delay until the first request, equal to a uniformly distributed
// value between now and now + max_delay.
void SetStartupJitter(const TimeDelta& max_delay) {
int delay_ms = base::RandInt(0, max_delay.InMilliseconds());
time_of_last_attempt_ = TimeTicks() +
TimeDelta::FromMilliseconds(delay_ms) -
time_between_requests_;
}
void SetRequestJitter(const TimeDelta& request_jitter) {
request_jitter_ = request_jitter;
}
TimeDelta last_downtime_duration() const { return last_downtime_duration_; }
private:
scoped_refptr<MockExtensionThrottleEntry> throttler_entry_;
const TimeDelta time_between_requests_;
TimeDelta request_jitter_;
TimeTicks time_of_last_attempt_;
TimeTicks time_of_last_success_;
bool last_attempt_was_failure_;
TimeDelta last_downtime_duration_;
Server* const server_;
RequesterResults* const results_; // May be NULL.
DISALLOW_COPY_AND_ASSIGN(Requester);
};
void SimulateAttack(Server* server,
RequesterResults* attacker_results,
RequesterResults* client_results,
bool enable_throttling) {
const size_t kNumAttackers = 50;
const size_t kNumClients = 50;
DiscreteTimeSimulation simulation;
ExtensionThrottleManager manager;
std::vector<scoped_ptr<Requester>> requesters;
for (size_t i = 0; i < kNumAttackers; ++i) {
// Use a tiny time_between_requests so the attackers will ping the
// server at every tick of the simulation.
scoped_refptr<MockExtensionThrottleEntry> throttler_entry(
new MockExtensionThrottleEntry(&manager));
if (!enable_throttling)
throttler_entry->DisableBackoffThrottling();
Requester* attacker =
new Requester(throttler_entry.get(), TimeDelta::FromMilliseconds(1),
server, attacker_results);
attacker->SetStartupJitter(TimeDelta::FromSeconds(120));
requesters.push_back(make_scoped_ptr(attacker));
simulation.AddActor(attacker);
}
for (size_t i = 0; i < kNumClients; ++i) {
// Normal clients only make requests every 2 minutes, plus/minus 1 minute.
scoped_refptr<MockExtensionThrottleEntry> throttler_entry(
new MockExtensionThrottleEntry(&manager));
if (!enable_throttling)
throttler_entry->DisableBackoffThrottling();
Requester* client =
new Requester(throttler_entry.get(), TimeDelta::FromMinutes(2), server,
client_results);
client->SetStartupJitter(TimeDelta::FromSeconds(120));
client->SetRequestJitter(TimeDelta::FromMinutes(1));
requesters.push_back(make_scoped_ptr(client));
simulation.AddActor(client);
}
simulation.AddActor(server);
simulation.RunSimulation(TimeDelta::FromMinutes(6),
TimeDelta::FromSeconds(1));
}
TEST(URLRequestThrottlerSimulation, HelpsInAttack) {
base::MessageLoopForIO message_loop;
Server unprotected_server(30, 1.0);
RequesterResults unprotected_attacker_results;
RequesterResults unprotected_client_results;
Server protected_server(30, 1.0);
RequesterResults protected_attacker_results;
RequesterResults protected_client_results;
SimulateAttack(&unprotected_server, &unprotected_attacker_results,
&unprotected_client_results, false);
SimulateAttack(&protected_server, &protected_attacker_results,
&protected_client_results, true);
// These assert that the DDoS protection actually benefits the
// server. Manual inspection of the traffic graphs will show this
// even more clearly.
EXPECT_GT(unprotected_server.num_overloaded_ticks(),
protected_server.num_overloaded_ticks());
EXPECT_GT(unprotected_server.max_experienced_queries_per_tick(),
protected_server.max_experienced_queries_per_tick());
// These assert that the DDoS protection actually benefits non-malicious
// (and non-degenerate/accidentally DDoSing) users.
EXPECT_LT(protected_client_results.GetBlockedRatio(),
protected_attacker_results.GetBlockedRatio());
EXPECT_GT(protected_client_results.GetSuccessRatio(),
unprotected_client_results.GetSuccessRatio());
// The rest is just for optional manual evaluation of the results;
// in particular the traffic pattern is interesting.
VerboseOut("\nUnprotected server's results:\n\n");
VerboseOut(unprotected_server.VisualizeASCII(132).c_str());
VerboseOut("\n\n");
VerboseOut("Protected server's results:\n\n");
VerboseOut(protected_server.VisualizeASCII(132).c_str());
VerboseOut("\n\n");
unprotected_attacker_results.PrintResults(
"attackers attacking unprotected server.");
unprotected_client_results.PrintResults(
"normal clients making requests to unprotected server.");
protected_attacker_results.PrintResults(
"attackers attacking protected server.");
protected_client_results.PrintResults(
"normal clients making requests to protected server.");
}
// Returns the downtime perceived by the client, as a ratio of the
// actual downtime.
double SimulateDowntime(const TimeDelta& duration,
const TimeDelta& average_client_interval,
bool enable_throttling) {
TimeDelta time_between_ticks = duration / 200;
TimeTicks start_downtime = TimeTicks() + (duration / 2);
// A server that never rejects requests, but will go down for maintenance.
Server server(std::numeric_limits<int>::max(), 1.0);
server.SetDowntime(start_downtime, duration);
ExtensionThrottleManager manager;
scoped_refptr<MockExtensionThrottleEntry> throttler_entry(
new MockExtensionThrottleEntry(&manager));
if (!enable_throttling)
throttler_entry->DisableBackoffThrottling();
Requester requester(throttler_entry.get(), average_client_interval, &server,
NULL);
requester.SetStartupJitter(duration / 3);
requester.SetRequestJitter(average_client_interval);
DiscreteTimeSimulation simulation;
simulation.AddActor(&requester);
simulation.AddActor(&server);
simulation.RunSimulation(duration * 2, time_between_ticks);
return static_cast<double>(
requester.last_downtime_duration().InMilliseconds()) /
static_cast<double>(duration.InMilliseconds());
}
TEST(URLRequestThrottlerSimulation, PerceivedDowntimeRatio) {
base::MessageLoopForIO message_loop;
struct Stats {
// Expected interval that we expect the ratio of downtime when anti-DDoS
// is enabled and downtime when anti-DDoS is not enabled to fall within.
//
// The expected interval depends on two things: The exponential back-off
// policy encoded in ExtensionThrottleEntry, and the test or set of
// tests that the Stats object is tracking (e.g. a test where the client
// retries very rapidly on a very long downtime will tend to increase the
// number).
//
// To determine an appropriate new interval when parameters have changed,
// run the test a few times (you may have to Ctrl-C out of it after a few
// seconds) and choose an interval that the test converges quickly and
// reliably to. Then set the new interval, and run the test e.g. 20 times
// in succession to make sure it never takes an obscenely long time to
// converge to this interval.
double expected_min_increase;
double expected_max_increase;
size_t num_runs;
double total_ratio_unprotected;
double total_ratio_protected;
bool DidConverge(double* increase_ratio_out) {
double unprotected_ratio = total_ratio_unprotected / num_runs;
double protected_ratio = total_ratio_protected / num_runs;
double increase_ratio = protected_ratio / unprotected_ratio;
if (increase_ratio_out)
*increase_ratio_out = increase_ratio;
return expected_min_increase <= increase_ratio &&
increase_ratio <= expected_max_increase;
}
void ReportTrialResult(double increase_ratio) {
VerboseOut(
" Perceived downtime with throttling is %.4f times without.\n",
increase_ratio);
VerboseOut(" Test result after %d trials.\n", num_runs);
}
};
Stats global_stats = {1.08, 1.15};
struct Trial {
TimeDelta duration;
TimeDelta average_client_interval;
Stats stats;
void PrintTrialDescription() {
double duration_minutes =
static_cast<double>(duration.InSeconds()) / 60.0;
double interval_minutes =
static_cast<double>(average_client_interval.InSeconds()) / 60.0;
VerboseOut("Trial with %.2f min downtime, avg. interval %.2f min.\n",
duration_minutes, interval_minutes);
}
};
// We don't set or check expected ratio intervals on individual
// experiments as this might make the test too fragile, but we
// print them out at the end for manual evaluation (we want to be
// able to make claims about the expected ratios depending on the
// type of behavior of the client and the downtime, e.g. the difference
// in behavior between a client making requests every few minutes vs.
// one that makes a request every 15 seconds).
Trial trials[] = {
{TimeDelta::FromSeconds(10), TimeDelta::FromSeconds(3)},
{TimeDelta::FromSeconds(30), TimeDelta::FromSeconds(7)},
{TimeDelta::FromMinutes(5), TimeDelta::FromSeconds(30)},
{TimeDelta::FromMinutes(10), TimeDelta::FromSeconds(20)},
{TimeDelta::FromMinutes(20), TimeDelta::FromSeconds(15)},
{TimeDelta::FromMinutes(20), TimeDelta::FromSeconds(50)},
{TimeDelta::FromMinutes(30), TimeDelta::FromMinutes(2)},
{TimeDelta::FromMinutes(30), TimeDelta::FromMinutes(5)},
{TimeDelta::FromMinutes(40), TimeDelta::FromMinutes(7)},
{TimeDelta::FromMinutes(40), TimeDelta::FromMinutes(2)},
{TimeDelta::FromMinutes(40), TimeDelta::FromSeconds(15)},
{TimeDelta::FromMinutes(60), TimeDelta::FromMinutes(7)},
{TimeDelta::FromMinutes(60), TimeDelta::FromMinutes(2)},
{TimeDelta::FromMinutes(60), TimeDelta::FromSeconds(15)},
{TimeDelta::FromMinutes(80), TimeDelta::FromMinutes(20)},
{TimeDelta::FromMinutes(80), TimeDelta::FromMinutes(3)},
{TimeDelta::FromMinutes(80), TimeDelta::FromSeconds(15)},
// Most brutal?
{TimeDelta::FromMinutes(45), TimeDelta::FromMilliseconds(500)},
};
// If things don't converge by the time we've done 100K trials, then
// clearly one or more of the expected intervals are wrong.
while (global_stats.num_runs < 100000) {
for (size_t i = 0; i < arraysize(trials); ++i) {
++global_stats.num_runs;
++trials[i].stats.num_runs;
double ratio_unprotected = SimulateDowntime(
trials[i].duration, trials[i].average_client_interval, false);
double ratio_protected = SimulateDowntime(
trials[i].duration, trials[i].average_client_interval, true);
global_stats.total_ratio_unprotected += ratio_unprotected;
global_stats.total_ratio_protected += ratio_protected;
trials[i].stats.total_ratio_unprotected += ratio_unprotected;
trials[i].stats.total_ratio_protected += ratio_protected;
}
double increase_ratio;
if (global_stats.DidConverge(&increase_ratio))
break;
if (global_stats.num_runs > 200) {
VerboseOut("Test has not yet converged on expected interval.\n");
global_stats.ReportTrialResult(increase_ratio);
}
}
double average_increase_ratio;
EXPECT_TRUE(global_stats.DidConverge(&average_increase_ratio));
// Print individual trial results for optional manual evaluation.
double max_increase_ratio = 0.0;
for (size_t i = 0; i < arraysize(trials); ++i) {
double increase_ratio;
trials[i].stats.DidConverge(&increase_ratio);
max_increase_ratio = std::max(max_increase_ratio, increase_ratio);
trials[i].PrintTrialDescription();
trials[i].stats.ReportTrialResult(increase_ratio);
}
VerboseOut("Average increase ratio was %.4f\n", average_increase_ratio);
VerboseOut("Maximum increase ratio was %.4f\n", max_increase_ratio);
}
} // namespace
} // namespace extensions
|
