* [LTP] [PATCH v6] hugemmap37: Migrate truncate_sigbus_versus_oom from libhugetlbfs
@ 2026-04-07 5:06 “Samir
0 siblings, 0 replies; only message in thread
From: “Samir @ 2026-04-07 5:06 UTC (permalink / raw)
To: ltp; +Cc: “Samir
Some kernels have a bug in the positioning of the test against
i_size. This bug means that attempting to instantiate a page
beyond the end of a hugepage file can result in an OOM and SIGKILL
instead of the correct SIGBUS.
This test verifies that accessing memory beyond a truncated hugepage
file correctly triggers SIGBUS rather than causing an OOM condition.
Signed-off-by: Samir <samir@linux.ibm.com>
---
v6:
1. Fixed description: Removed dangling comma and improved clarity
2. Added 'static' keyword to setup() and cleanup() functions
3. Fixed signal handler initialization:
- Zero-initialized struct sigaction with = {}
- Added sigemptyset(&sa.sa_mask)
- Removed SA_SIGINFO flag (using sa_handler, not sa_sigaction)
4. Removed dead code: Deleted unused totpages assignment from setup()
5. Fixed resource leaks in run_test():
- Added SAFE_MUNMAP() for both mapped regions (p and q)
- Added SAFE_CLOSE() for both file descriptors (fd and fdx)
- Reset fd and fdx to -1 after closing
6. Fixed cleanup() checks: Changed 'if (fd > 0)' to 'if (fd != -1)'
7. Initialized file descriptors to -1 at declaration
---
runtest/hugetlb | 1 +
testcases/kernel/mem/.gitignore | 1 +
.../kernel/mem/hugetlb/hugemmap/hugemmap37.c | 106 ++++++++++++++++++
3 files changed, 108 insertions(+)
create mode 100644 testcases/kernel/mem/hugetlb/hugemmap/hugemmap37.c
diff --git a/runtest/hugetlb b/runtest/hugetlb
index 0896d3c94..8aaafeee3 100644
--- a/runtest/hugetlb
+++ b/runtest/hugetlb
@@ -36,6 +36,7 @@ hugemmap30 hugemmap30
hugemmap31 hugemmap31
hugemmap32 hugemmap32
hugemmap34 hugemmap34
+hugemmap37 hugemmap37
hugemmap05_1 hugemmap05 -m
hugemmap05_2 hugemmap05 -s
hugemmap05_3 hugemmap05 -s -m
diff --git a/testcases/kernel/mem/.gitignore b/testcases/kernel/mem/.gitignore
index b4455de51..38d428fe8 100644
--- a/testcases/kernel/mem/.gitignore
+++ b/testcases/kernel/mem/.gitignore
@@ -36,6 +36,7 @@
/hugetlb/hugemmap/hugemmap31
/hugetlb/hugemmap/hugemmap32
/hugetlb/hugemmap/hugemmap34
+/hugetlb/hugemmap/hugemmap37
/hugetlb/hugeshmat/hugeshmat01
/hugetlb/hugeshmat/hugeshmat02
/hugetlb/hugeshmat/hugeshmat03
diff --git a/testcases/kernel/mem/hugetlb/hugemmap/hugemmap37.c b/testcases/kernel/mem/hugetlb/hugemmap/hugemmap37.c
new file mode 100644
index 000000000..06813b976
--- /dev/null
+++ b/testcases/kernel/mem/hugetlb/hugemmap/hugemmap37.c
@@ -0,0 +1,106 @@
+// SPDX-License-Identifier: GPL-2.0-or-later
+/*
+ * Copyright (C) 2005-2006 David Gibson & Adam Litke, IBM Corporation.
+ */
+
+/*\
+ * Some kernels have a bug in the positioning of the test against
+ * i_size. This bug means that attempting to instantiate a page
+ * beyond the end of a hugepage file can result in an OOM and SIGKILL
+ * instead of the correct SIGBUS.
+ *
+ * The test:
+ * - Creates a hugepage file and maps it
+ * - Truncates the file to 0 size
+ * - Allocates all available hugepages to create memory pressure
+ * - Attempts to access the mapped memory
+ * - Verifies SIGBUS is received (correct behavior)
+ */
+
+#include "hugetlb.h"
+#include <setjmp.h>
+#include <signal.h>
+
+#define MNTPOINT "hugetlbfs/"
+static int fd = -1, fdx = -1;
+
+static unsigned long long hpage_size;
+static unsigned long totpages;
+
+static sigjmp_buf sig_escape;
+static volatile int test_pass;
+
+static void sigbus_handler(int signum LTP_ATTRIBUTE_UNUSED)
+{
+ test_pass = 1;
+ siglongjmp(sig_escape, 17);
+}
+
+static void run_test(void)
+{
+ void *p, *q;
+ unsigned long i;
+
+ test_pass = 0;
+
+ fd = tst_creat_unlinked(MNTPOINT, 0, 0600);
+ p = SAFE_MMAP(NULL, hpage_size, PROT_READ | PROT_WRITE, MAP_SHARED, fd, 0);
+ SAFE_FTRUNCATE(fd, 0);
+
+ fdx = tst_creat_unlinked(MNTPOINT, 0, 0600);
+ totpages = SAFE_READ_MEMINFO(MEMINFO_HPAGE_FREE);
+ q = SAFE_MMAP(NULL, totpages * hpage_size, PROT_READ | PROT_WRITE, MAP_SHARED,
+ fdx, 0);
+ /* Touch the pages to ensure they're removed from the pool */
+ for (i = 0; i < totpages; i++) {
+ volatile char *x = (volatile char *)q + i * hpage_size;
+ *x = 0;
+ }
+ /* SIGBUS is what *should* happen */
+ SAFE_FTRUNCATE(fdx, 0);
+ if (sigsetjmp(sig_escape, 1) == 0)
+ *((volatile unsigned int *)p);
+
+ if (test_pass)
+ tst_res(TPASS, "Expected SIGBUS triggered");
+ else
+ tst_res(TFAIL, "Didn't SIGBUS");
+
+ SAFE_MUNMAP(p, hpage_size);
+ SAFE_MUNMAP(q, totpages * hpage_size);
+ SAFE_CLOSE(fd);
+ SAFE_CLOSE(fdx);
+ fd = -1;
+ fdx = -1;
+}
+
+static void setup(void)
+{
+ struct sigaction sa = {};
+
+ sigemptyset(&sa.sa_mask);
+ sa.sa_flags = 0;
+ sa.sa_handler = sigbus_handler;
+ SAFE_SIGACTION(SIGBUS, &sa, NULL);
+ hpage_size = tst_get_hugepage_size();
+}
+
+static void cleanup(void)
+{
+ if (fd != -1)
+ SAFE_CLOSE(fd);
+ if (fdx != -1)
+ SAFE_CLOSE(fdx);
+}
+
+static struct tst_test test = {
+ .tags = (struct tst_tag[]){{"linux-git", "ebed4bfc8da8"}, {}},
+ .needs_root = 1,
+ .mntpoint = MNTPOINT,
+ .needs_hugetlbfs = 1,
+ .needs_tmpdir = 1,
+ .setup = setup,
+ .cleanup = cleanup,
+ .test_all = run_test,
+ .hugepages = {1, TST_NEEDS},
+};
--
2.52.0
--
Mailing list info: https://lists.linux.it/listinfo/ltp
^ permalink raw reply related [flat|nested] only message in thread
only message in thread, other threads:[~2026-04-06 11:43 UTC | newest]
Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2026-04-07 5:06 [LTP] [PATCH v6] hugemmap37: Migrate truncate_sigbus_versus_oom from libhugetlbfs “Samir
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox