Move TCL test unit/tls to Go case

.github/workflows/kvrocks.yaml

@@ -213,36 +213,22 @@ jobs:
         run: |
           export ${{ matrix.runtime_env_vars }}
           export PATH=$PATH:$HOME/local/bin/
-          ./x.py test go build
-          SANITIZER_OUTPUT=$(grep "Sanitizer:" tests/gocase/workspace -r || true)
-          if [[ $SANITIZER_OUTPUT ]]; then
-            echo "$SANITIZER_OUTPUT"
-            echo "\ndetail reports:\n"
-            cat $(find tests/gocase/workspace -iname stderr)
-            echo "sanitizer error was reported, exiting..."
-            exit 1
-          fi
-
-      - name: Run Redis Tcl Test
-        run: |
-          export ${{ matrix.runtime_env_vars }}
+          GOCASE_RUN_ARGS=""
           if [[ -n "${{ matrix.with_openssl }}" ]] && [[ "${{ matrix.os }}" == ubuntu* ]]; then
             git clone https://github.com/jsha/minica
             cd minica && go build && cd ..
             ./minica/minica --domains localhost
-            mkdir -p tests/tcl/tests/tls
-            cp localhost/cert.pem tests/tcl/tests/tls/server.crt
-            cp localhost/key.pem tests/tcl/tests/tls/server.key
-            cp localhost/cert.pem tests/tcl/tests/tls/client.crt
-            cp localhost/key.pem tests/tcl/tests/tls/client.key
-            cp minica.pem tests/tcl/tests/tls/ca.crt
-            ./x.py test tcl build --tls --single unit/tls --dont-clean
+            cp localhost/cert.pem tests/gocase/tls/cert/server.crt
+            cp localhost/key.pem tests/gocase/tls/cert/server.key
+            cp minica.pem tests/gocase/tls/cert/ca.crt
+            GOCASE_RUN_ARGS="-tlsEnable"
           fi
-          SANITIZER_OUTPUT=$(grep "Sanitizer:" tests/tcl/tests/tmp -r || true)
+          ./x.py test go build $GOCASE_RUN_ARGS
+          SANITIZER_OUTPUT=$(grep "Sanitizer:" tests/gocase/workspace -r || true)
           if [[ $SANITIZER_OUTPUT ]]; then
             echo "$SANITIZER_OUTPUT"
             echo "\ndetail reports:\n"
-            cat $(find tests/tcl/tests/tmp -iname stderr)
+            cat $(find tests/gocase/workspace -iname stderr)
             echo "sanitizer error was reported, exiting..."
             exit 1
           fi

tests/gocase/go.mod

@@ -4,6 +4,7 @@ go 1.19
 
 require (
 	github.com/go-redis/redis/v9 v9.0.0-beta.2
+	github.com/shirou/gopsutil/v3 v3.22.9
 	github.com/stretchr/testify v1.8.0
 	golang.org/x/exp v0.0.0-20220929160808-de9c53c655b9
 	modernc.org/mathutil v1.5.0
@@ -13,7 +14,14 @@ require (
 	github.com/cespare/xxhash/v2 v2.1.2 // indirect
 	github.com/davecgh/go-spew v1.1.1 // indirect
 	github.com/dgryski/go-rendezvous v0.0.0-20200823014737-9f7001d12a5f // indirect
+	github.com/go-ole/go-ole v1.2.6 // indirect
+	github.com/lufia/plan9stats v0.0.0-20211012122336-39d0f177ccd0 // indirect
 	github.com/pmezard/go-difflib v1.0.0 // indirect
+	github.com/power-devops/perfstat v0.0.0-20210106213030-5aafc221ea8c // indirect
 	github.com/remyoudompheng/bigfft v0.0.0-20200410134404-eec4a21b6bb0 // indirect
+	github.com/tklauser/go-sysconf v0.3.10 // indirect
+	github.com/tklauser/numcpus v0.4.0 // indirect
+	github.com/yusufpapurcu/wmi v1.2.2 // indirect
+	golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f // indirect
 	gopkg.in/yaml.v3 v3.0.1 // indirect
 )

tests/gocase/go.sum

@@ -6,26 +6,48 @@ github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSs
 github.com/dgryski/go-rendezvous v0.0.0-20200823014737-9f7001d12a5f h1:lO4WD4F/rVNCu3HqELle0jiPLLBs70cWOduZpkS1E78=
 github.com/dgryski/go-rendezvous v0.0.0-20200823014737-9f7001d12a5f/go.mod h1:cuUVRXasLTGF7a8hSLbxyZXjz+1KgoB3wDUb6vlszIc=
 github.com/fsnotify/fsnotify v1.4.9 h1:hsms1Qyu0jgnwNXIxa+/V/PDsU6CfLf6CNO8H7IWoS4=
+github.com/go-ole/go-ole v1.2.6 h1:/Fpf6oFPoeFik9ty7siob0G6Ke8QvQEuVcuChpwXzpY=
+github.com/go-ole/go-ole v1.2.6/go.mod h1:pprOEPIfldk/42T2oK7lQ4v4JSDwmV0As9GaiUsvbm0=
 github.com/go-redis/redis/v9 v9.0.0-beta.2 h1:ZSr84TsnQyKMAg8gnV+oawuQezeJR11/09THcWCQzr4=
 github.com/go-redis/redis/v9 v9.0.0-beta.2/go.mod h1:Bldcd/M/bm9HbnNPi/LUtYBSD8ttcZYBMupwMXhdU0o=
-github.com/google/go-cmp v0.5.8 h1:e6P7q2lk1O+qJJb4BtCQXlK8vWEO8V1ZeuEdJNOqZyg=
+github.com/google/go-cmp v0.5.6/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
+github.com/google/go-cmp v0.5.9 h1:O2Tfq5qg4qc4AmwVlvv0oLiVAGB7enBSJ2x2DqQFi38=
+github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
+github.com/lufia/plan9stats v0.0.0-20211012122336-39d0f177ccd0 h1:6E+4a0GO5zZEnZ81pIr0yLvtUWk2if982qA3F3QD6H4=
+github.com/lufia/plan9stats v0.0.0-20211012122336-39d0f177ccd0/go.mod h1:zJYVVT2jmtg6P3p1VtQj7WsuWi/y4VnjVBn7F8KPB3I=
 github.com/nxadm/tail v1.4.8 h1:nPr65rt6Y5JFSKQO7qToXr7pePgD6Gwiw05lkbyAQTE=
 github.com/onsi/ginkgo v1.16.5 h1:8xi0RTUf59SOSfEtZMvwTvXYMzG4gV23XVHOZiXNtnE=
 github.com/onsi/gomega v1.20.0 h1:8W0cWlwFkflGPLltQvLRB7ZVD5HuP6ng320w2IS245Q=
 github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
 github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
+github.com/power-devops/perfstat v0.0.0-20210106213030-5aafc221ea8c h1:ncq/mPwQF4JjgDlrVEn3C11VoGHZN7m8qihwgMEtzYw=
+github.com/power-devops/perfstat v0.0.0-20210106213030-5aafc221ea8c/go.mod h1:OmDBASR4679mdNQnz2pUhc2G8CO2JrUAVFDRBDP/hJE=
 github.com/remyoudompheng/bigfft v0.0.0-20200410134404-eec4a21b6bb0 h1:OdAsTTz6OkFY5QxjkYwrChwuRruF69c169dPK26NUlk=
 github.com/remyoudompheng/bigfft v0.0.0-20200410134404-eec4a21b6bb0/go.mod h1:qqbHyh8v60DhA7CoWK5oRCqLrMHRGoxYCSS9EjAz6Eo=
+github.com/shirou/gopsutil/v3 v3.22.9 h1:yibtJhIVEMcdw+tCTbOPiF1VcsuDeTE4utJ8Dm4c5eA=
+github.com/shirou/gopsutil/v3 v3.22.9/go.mod h1:bBYl1kjgEJpWpxeHmLI+dVHWtyAwfcmSBLDsp2TNT8A=
 github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
 github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw=
 github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
 github.com/stretchr/testify v1.8.0 h1:pSgiaMZlXftHpm5L7V1+rVB+AZJydKsMxsQBIJw4PKk=
 github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU=
+github.com/tklauser/go-sysconf v0.3.10 h1:IJ1AZGZRWbY8T5Vfk04D9WOA5WSejdflXxP03OUqALw=
+github.com/tklauser/go-sysconf v0.3.10/go.mod h1:C8XykCvCb+Gn0oNCWPIlcb0RuglQTYaQ2hGm7jmxEFk=
+github.com/tklauser/numcpus v0.4.0 h1:E53Dm1HjH1/R2/aoCtXtPgzmElmn51aOkhCFSuZq//o=
+github.com/tklauser/numcpus v0.4.0/go.mod h1:1+UI3pD8NW14VMwdgJNJ1ESk2UnwhAnz5hMwiKKqXCQ=
+github.com/yusufpapurcu/wmi v1.2.2 h1:KBNDSne4vP5mbSWnJbO+51IMOXJB67QiYCSBrubbPRg=
+github.com/yusufpapurcu/wmi v1.2.2/go.mod h1:SBZ9tNy3G9/m5Oi98Zks0QjeHVDvuK0qfxQmPyzfmi0=
 golang.org/x/exp v0.0.0-20220929160808-de9c53c655b9 h1:lNtcVz/3bOstm7Vebox+5m3nLh/BYWnhmc3AhXOW6oI=
 golang.org/x/exp v0.0.0-20220929160808-de9c53c655b9/go.mod h1:cyybsKvd6eL0RnXn6p/Grxp8F5bW7iYuBgsNCOHpMYE=
 golang.org/x/net v0.0.0-20220425223048-2871e0cb64e4 h1:HVyaeDAYux4pnY+D/SiwmLOR36ewZ4iGQIIrtnuCjFA=
+golang.org/x/sys v0.0.0-20190916202348-b4ddaad3f8a3/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20201204225414-ed752295db88/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20220128215802-99c3d69c2c27/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f h1:v4INt8xihDGvnrfjMDVXGxw9wrfxYyCjk0KbXjhR55s=
+golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/text v0.3.7 h1:olpwvP2KacW1ZWvsR7uQhoyTYvKAupfQrRGBFM352Gk=
+golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 h1:uRGJdciOHaEIrze2W8Q3AKkepLTh2hOroT7a+7czfdQ=

tests/gocase/tls/cert/.gitignore

@@ -0,0 +1 @@
+*

tests/gocase/tls/tls_test.go

@@ -0,0 +1,157 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package tls
+
+import (
+	"context"
+	"crypto/tls"
+	"testing"
+
+	"github.com/apache/incubator-kvrocks/tests/gocase/util"
+	"github.com/go-redis/redis/v9"
+	"github.com/stretchr/testify/require"
+)
+
+func TestTLS(t *testing.T) {
+	if !util.TLSEnable() {
+		t.Skip("TLS tests run only if tls enabled.")
+	}
+
+	ctx := context.Background()
+
+	srv := util.StartTLSServer(t, map[string]string{})
+	defer srv.Close()
+
+	defaultTLSConfig, err := util.DefaultTLSConfig()
+	require.NoError(t, err)
+
+	rdb := srv.NewClientWithOption(&redis.Options{TLSConfig: defaultTLSConfig, Addr: srv.TLSAddr()})
+	defer func() { require.NoError(t, rdb.Close()) }()
+
+	t.Run("TLS: Not accepting non-TLS connections on a TLS port", func(t *testing.T) {
+		c := srv.NewClientWithOption(&redis.Options{TLSConfig: defaultTLSConfig})
+		defer func() { require.NoError(t, c.Close()) }()
+		require.Error(t, c.Ping(ctx).Err())
+	})
+
+	t.Run("TLS: Verify tls-auth-clients behaves as expected", func(t *testing.T) {
+		c := srv.NewClientWithOption(&redis.Options{TLSConfig: &tls.Config{InsecureSkipVerify: true}, Addr: srv.TLSAddr()})
+		defer func() { require.NoError(t, c.Close()) }()
+		require.Error(t, c.Ping(ctx).Err())
+
+		require.NoError(t, rdb.ConfigSet(ctx, "tls-auth-clients", "no").Err())
+		require.NoError(t, c.Close())
+		c = srv.NewClientWithOption(&redis.Options{TLSConfig: &tls.Config{InsecureSkipVerify: true}, Addr: srv.TLSAddr()})
+		require.Equal(t, "PONG", c.Ping(ctx).Val())
+
+		require.NoError(t, rdb.ConfigSet(ctx, "tls-auth-clients", "optional").Err())
+		require.NoError(t, c.Close())
+		c = srv.NewClientWithOption(&redis.Options{TLSConfig: &tls.Config{InsecureSkipVerify: true}, Addr: srv.TLSAddr()})
+		require.Equal(t, "PONG", c.Ping(ctx).Val())
+
+		require.NoError(t, rdb.ConfigSet(ctx, "tls-auth-clients", "yes").Err())
+		require.NoError(t, c.Close())
+		c = srv.NewClientWithOption(&redis.Options{TLSConfig: &tls.Config{InsecureSkipVerify: true}, Addr: srv.TLSAddr()})
+		require.Error(t, c.Ping(ctx).Err())
+	})
+
+	t.Run("TLS: Verify tls-protocols behaves as expected", func(t *testing.T) {
+		require.NoError(t, rdb.ConfigSet(ctx, "tls-protocols", "TLSv1.2").Err())
+
+		tlsConfig, err := util.DefaultTLSConfig()
+		require.NoError(t, err)
+
+		tlsConfig.MaxVersion = tls.VersionTLS11
+
+		c := srv.NewClientWithOption(&redis.Options{TLSConfig: tlsConfig, Addr: srv.TLSAddr()})
+		defer func() { require.NoError(t, c.Close()) }()
+		require.Error(t, c.Ping(ctx).Err())
+
+		tlsConfig.MaxVersion = tls.VersionTLS12
+
+		require.NoError(t, c.Close())
+		c = srv.NewClientWithOption(&redis.Options{TLSConfig: tlsConfig, Addr: srv.TLSAddr()})
+		require.Equal(t, "PONG", c.Ping(ctx).Val())
+	})
+
+	t.Run("TLS: Verify tls-ciphers behaves as expected", func(t *testing.T) {
+		require.NoError(t, rdb.ConfigSet(ctx, "tls-protocols", "TLSv1.2").Err())
+		require.NoError(t, rdb.ConfigSet(ctx, "tls-ciphers", "DEFAULT:-AES128-SHA256").Err())
+
+		tlsConfig, err := util.DefaultTLSConfig()
+		require.NoError(t, err)
+
+		tlsConfig.CipherSuites = []uint16{tls.TLS_RSA_WITH_AES_128_CBC_SHA256}
+
+		c := srv.NewClientWithOption(&redis.Options{TLSConfig: tlsConfig, Addr: srv.TLSAddr()})
+		defer func() { require.NoError(t, c.Close()) }()
+
+		require.Error(t, c.Ping(ctx).Err())
+
+		tlsConfig.CipherSuites = []uint16{tls.TLS_RSA_WITH_AES_256_GCM_SHA384}
+
+		require.NoError(t, c.Close())
+		c = srv.NewClientWithOption(&redis.Options{TLSConfig: tlsConfig, Addr: srv.TLSAddr()})
+
+		require.Equal(t, "PONG", c.Ping(ctx).Val())
+
+		require.NoError(t, rdb.ConfigSet(ctx, "tls-ciphers", "DEFAULT").Err())
+
+		tlsConfig.CipherSuites = []uint16{tls.TLS_RSA_WITH_AES_128_CBC_SHA256}
+
+		require.NoError(t, c.Close())
+		c = srv.NewClientWithOption(&redis.Options{TLSConfig: tlsConfig, Addr: srv.TLSAddr()})
+
+		require.NoError(t, c.Ping(ctx).Err())
+		require.Equal(t, "PONG", c.Ping(ctx).Val())
+
+		require.NoError(t, rdb.ConfigSet(ctx, "tls-protocols", "").Err())
+		require.NoError(t, rdb.ConfigSet(ctx, "tls-ciphers", "DEFAULT").Err())
+	})
+
+	t.Run("TLS: Verify tls-prefer-server-ciphers behaves as expected", func(t *testing.T) {
+		require.NoError(t, rdb.ConfigSet(ctx, "tls-protocols", "TLSv1.2").Err())
+		require.NoError(t, rdb.ConfigSet(ctx, "tls-ciphers", "AES128-SHA256:AES256-GCM-SHA384").Err())
+
+		tlsConfig, err := util.DefaultTLSConfig()
+		require.NoError(t, err)
+
+		tlsConfig.CipherSuites = []uint16{tls.TLS_RSA_WITH_AES_256_GCM_SHA384, tls.TLS_RSA_WITH_AES_128_CBC_SHA256}
+
+		c := srv.NewTCPTLSClient(tlsConfig)
+		defer func() { require.NoError(t, c.Close()) }()
+
+		require.NoError(t, c.WriteArgs("PING"))
+		c.MustMatch(t, "PONG")
+		require.Equal(t, c.TLSState().CipherSuite, tls.TLS_RSA_WITH_AES_256_GCM_SHA384)
+
+		require.NoError(t, rdb.ConfigSet(ctx, "tls-prefer-server-ciphers", "yes").Err())
+
+		require.NoError(t, c.Close())
+		c = srv.NewTCPTLSClient(tlsConfig)
+
+		require.NoError(t, c.WriteArgs("PING"))
+		c.MustMatch(t, "PONG")
+		require.Equal(t, c.TLSState().CipherSuite, tls.TLS_RSA_WITH_AES_128_CBC_SHA256)
+
+		require.NoError(t, rdb.ConfigSet(ctx, "tls-protocols", "").Err())
+		require.NoError(t, rdb.ConfigSet(ctx, "tls-ciphers", "DEFAULT").Err())
+	})
+}

tests/gocase/util/server.go

@@ -21,8 +21,10 @@ package util
 
 import (
 	"context"
+	"crypto/tls"
 	"flag"
 	"fmt"
+	"golang.org/x/exp/slices"
 	"net"
 	"os"
 	"os/exec"
@@ -33,6 +35,7 @@ import (
 	"time"
 
 	"github.com/go-redis/redis/v9"
+	"github.com/shirou/gopsutil/v3/process"
 	"github.com/stretchr/testify/require"
 )
 
@@ -41,9 +44,11 @@ var workspace = flag.String("workspace", "", "directory of cases workspace")
 var deleteOnExit = flag.Bool("deleteOnExit", false, "whether to delete workspace on exit")
 
 type KvrocksServer struct {
-	t    testing.TB
-	cmd  *exec.Cmd
-	addr *net.TCPAddr
+	t   testing.TB
+	cmd *exec.Cmd
+
+	addr    *net.TCPAddr
+	tlsAddr *net.TCPAddr
 
 	configs map[string]string
 
@@ -62,6 +67,10 @@ func (s *KvrocksServer) Port() uint16 {
 	return s.addr.AddrPort().Port()
 }
 
+func (s *KvrocksServer) TLSAddr() string {
+	return s.tlsAddr.String()
+}
+
 func (s *KvrocksServer) LogFileMatches(t testing.TB, pattern string) bool {
 	dir := s.configs["dir"]
 	content, err := os.ReadFile(dir + "/kvrocks.INFO")
@@ -71,7 +80,7 @@ func (s *KvrocksServer) LogFileMatches(t testing.TB, pattern string) bool {
 }
 
 func (s *KvrocksServer) NewClient() *redis.Client {
-	return s.NewClientWithOption(&redis.Options{Addr: s.addr.String()})
+	return s.NewClientWithOption(&redis.Options{})
 }
 
 func (s *KvrocksServer) NewClientWithOption(options *redis.Options) *redis.Client {
@@ -87,6 +96,12 @@ func (s *KvrocksServer) NewTCPClient() *TCPClient {
 	return newTCPClient(c)
 }
 
+func (s *KvrocksServer) NewTCPTLSClient(conf *tls.Config) *TCPClient {
+	c, err := tls.Dial(s.tlsAddr.Network(), s.tlsAddr.String(), conf)
+	require.NoError(s.t, err)
+	return newTCPClient(c)
+}
+
 func (s *KvrocksServer) Close() {
 	s.close(false)
 }
@@ -143,6 +158,25 @@ func (s *KvrocksServer) Restart() {
 	}
 }
 
+func StartTLSServer(t testing.TB, configs map[string]string) *KvrocksServer {
+	dir := *workspace
+	require.NotEmpty(t, dir, "please set the workspace by `-workspace`")
+	dir = filepath.Join(dir, "..", "tls", "cert")
+
+	configs["tls-cert-file"] = filepath.Join(dir, "server.crt")
+	configs["tls-key-file"] = filepath.Join(dir, "server.key")
+	configs["tls-ca-cert-file"] = filepath.Join(dir, "ca.crt")
+
+	addr, err := findFreePort()
+	require.NoError(t, err)
+	configs["tls-port"] = fmt.Sprintf("%d", addr.Port)
+
+	s := StartServer(t, configs)
+	s.tlsAddr = addr
+
+	return s
+}
+
 func StartServer(t testing.TB, configs map[string]string) *KvrocksServer {
 	b := *binPath
 	require.NotEmpty(t, b, "please set the binary path by `-binPath`")
@@ -181,10 +215,17 @@ func StartServer(t testing.TB, configs map[string]string) *KvrocksServer {
 
 	c := redis.NewClient(&redis.Options{Addr: addr.String()})
 	defer func() { require.NoError(t, c.Close()) }()
+
+	proc, err := process.NewProcess(int32(cmd.Process.Pid))
+	require.NoError(t, err)
+
+	var status []string
 	require.Eventually(t, func() bool {
 		err := c.Ping(context.Background()).Err()
-		return err == nil || err.Error() == "NOAUTH Authentication required."
+		status, _ = proc.Status()
+		return err == nil || err.Error() == "NOAUTH Authentication required." || slices.Contains(status, process.Zombie)
 	}, time.Minute, time.Second)
+	require.NotContains(t, status, process.Zombie, "Kvrocks has been unexpectedly exited while starting server")
 
 	return &KvrocksServer{
 		t:       t,