* [LTP] [PATCH v2] madvise05: new testcase for Oops in madvise_willneed
@ 2014-08-06 8:31 Jan Stancek
2014-08-06 16:40 ` Caspar Zhang
2014-08-07 0:38 ` Wanlong Gao
0 siblings, 2 replies; 4+ messages in thread
From: Jan Stancek @ 2014-08-06 8:31 UTC (permalink / raw)
To: ltp-list
This is a regression test for madvise(2) system call. It tests
kernel for NULL ptr deref Oops fixed by:
commit ee53664bda169f519ce3c6a22d378f0b946c8178
Author: Kirill A. Shutemov <kirill.shutemov@linux.intel.com>
Date: Fri Dec 20 15:10:03 2013 +0200
mm: Fix NULL pointer dereference in madvise(MADV_WILLNEED) support
Signed-off-by: Jan Stancek <jstancek@redhat.com>
---
Changes in v2:
1. exclude this test from kernels < 3.9.
Older kernels do not support swap file prefetch,
which caused madvise to return EBADF. And if backing file is
added to mmap, reproducer no longer works.
runtest/syscalls | 1 +
testcases/kernel/syscalls/.gitignore | 1 +
testcases/kernel/syscalls/madvise/madvise05.c | 90 +++++++++++++++++++++++++
3 files changed, 92 insertions(+), 0 deletions(-)
create mode 100644 testcases/kernel/syscalls/madvise/madvise05.c
diff --git a/runtest/syscalls b/runtest/syscalls
index 5e6e0f4..142c350 100644
--- a/runtest/syscalls
+++ b/runtest/syscalls
@@ -715,6 +715,7 @@ madvise01 madvise01
madvise02 madvise02
madvise03 madvise03
madvise04 madvise04
+madvise05 madvise05
newuname01 newuname01
diff --git a/testcases/kernel/syscalls/.gitignore b/testcases/kernel/syscalls/.gitignore
index fb2425e..fd52217 100644
--- a/testcases/kernel/syscalls/.gitignore
+++ b/testcases/kernel/syscalls/.gitignore
@@ -479,6 +479,7 @@
/madvise/madvise02
/madvise/madvise03
/madvise/madvise04
+/madvise/madvise05
/mallopt/mallopt01
/mbind/mbind01
/memcmp/memcmp01
diff --git a/testcases/kernel/syscalls/madvise/madvise05.c b/testcases/kernel/syscalls/madvise/madvise05.c
new file mode 100644
index 0000000..384dea7
--- /dev/null
+++ b/testcases/kernel/syscalls/madvise/madvise05.c
@@ -0,0 +1,90 @@
+/*
+ * Copyright (c) Linux Test Project, 2014
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Library General Public License for more details.
+ */
+/*
+ * This is a regression test for madvise(2) system call. It tests kernel
+ * for NULL ptr deref Oops fixed by:
+ * commit ee53664bda169f519ce3c6a22d378f0b946c8178
+ * Author: Kirill A. Shutemov <kirill.shutemov@linux.intel.com>
+ * Date: Fri Dec 20 15:10:03 2013 +0200
+ * mm: Fix NULL pointer dereference in madvise(MADV_WILLNEED) support
+ *
+ * On buggy kernel with CONFIG_TRANSPARENT_HUGEPAGE=y CONFIG_DEBUG_LOCK_ALLOC=y
+ * this testcase should produce Oops and/or be killed. On fixed/good kernel
+ * this testcase runs to completion (retcode is 0)
+ */
+
+#include <sys/mman.h>
+#include <errno.h>
+
+#include "test.h"
+#include "usctest.h"
+#include "safe_macros.h"
+
+#define ALLOC_SIZE (32 * 1024 * 1024)
+
+static void setup(void);
+static void cleanup(void);
+
+char *TCID = "madvise05";
+int TST_TOTAL = 1;
+
+int main(int argc, char *argv[])
+{
+ int lc;
+ const char *msg = NULL;
+ void *p;
+
+ msg = parse_opts(argc, argv, NULL, NULL);
+ if (msg)
+ tst_brkm(TBROK, NULL, "OPTION PARSING ERROR - %s", msg);
+
+ setup();
+
+ for (lc = 0; TEST_LOOPING(lc); lc++) {
+ p = SAFE_MMAP(cleanup, NULL, ALLOC_SIZE, PROT_READ,
+ MAP_PRIVATE | MAP_ANONYMOUS | MAP_POPULATE, -1, 0);
+ TEST(mprotect(p, ALLOC_SIZE, PROT_NONE));
+ if (TEST_RETURN == -1)
+ tst_brkm(TBROK | TTERRNO, cleanup, "mprotect failed");
+ TEST(madvise(p, ALLOC_SIZE, MADV_WILLNEED));
+ SAFE_MUNMAP(cleanup, p, ALLOC_SIZE);
+
+ if (TEST_RETURN == 0)
+ continue;
+
+ if (TEST_ERRNO == EBADF)
+ tst_brkm(TCONF, cleanup, "CONFIG_SWAP=n");
+ else
+ tst_brkm(TBROK | TTERRNO, cleanup, "madvise failed");
+ }
+
+ tst_resm(TPASS, "issue has not been reproduced");
+
+ cleanup();
+ tst_exit();
+}
+
+static void setup(void)
+{
+ tst_sig(NOFORK, DEF_HANDLER, cleanup);
+ if (tst_kvercmp(3, 9, 0) < 0)
+ tst_brkm(TCONF, NULL, "madvise(MADV_WILLNEED) swap file "
+ "prefetch available only since 3.9");
+ TEST_PAUSE;
+}
+
+static void cleanup(void)
+{
+ TEST_CLEANUP;
+}
--
1.7.1
------------------------------------------------------------------------------
Infragistics Professional
Build stunning WinForms apps today!
Reboot your WinForms applications with our WinForms controls.
Build a bridge from your legacy apps to the future.
http://pubads.g.doubleclick.net/gampad/clk?id=153845071&iu=/4140/ostg.clktrk
_______________________________________________
Ltp-list mailing list
Ltp-list@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/ltp-list
^ permalink raw reply related [flat|nested] 4+ messages in thread
* Re: [LTP] [PATCH v2] madvise05: new testcase for Oops in madvise_willneed
2014-08-06 8:31 [LTP] [PATCH v2] madvise05: new testcase for Oops in madvise_willneed Jan Stancek
@ 2014-08-06 16:40 ` Caspar Zhang
2014-08-07 0:38 ` Wanlong Gao
1 sibling, 0 replies; 4+ messages in thread
From: Caspar Zhang @ 2014-08-06 16:40 UTC (permalink / raw)
To: Jan Stancek, ltp-list
On 08/06/2014 04:31 PM, Jan Stancek wrote:
> This is a regression test for madvise(2) system call. It tests
> kernel for NULL ptr deref Oops fixed by:
> commit ee53664bda169f519ce3c6a22d378f0b946c8178
> Author: Kirill A. Shutemov <kirill.shutemov@linux.intel.com>
> Date: Fri Dec 20 15:10:03 2013 +0200
> mm: Fix NULL pointer dereference in madvise(MADV_WILLNEED) support
>
> Signed-off-by: Jan Stancek <jstancek@redhat.com>
Acked-by: Caspar Zhang <caspar@casparzhang.com>
> ---
> Changes in v2:
> 1. exclude this test from kernels < 3.9.
> Older kernels do not support swap file prefetch,
> which caused madvise to return EBADF. And if backing file is
> added to mmap, reproducer no longer works.
>
> runtest/syscalls | 1 +
> testcases/kernel/syscalls/.gitignore | 1 +
> testcases/kernel/syscalls/madvise/madvise05.c | 90 +++++++++++++++++++++++++
> 3 files changed, 92 insertions(+), 0 deletions(-)
> create mode 100644 testcases/kernel/syscalls/madvise/madvise05.c
>
> diff --git a/runtest/syscalls b/runtest/syscalls
> index 5e6e0f4..142c350 100644
> --- a/runtest/syscalls
> +++ b/runtest/syscalls
> @@ -715,6 +715,7 @@ madvise01 madvise01
> madvise02 madvise02
> madvise03 madvise03
> madvise04 madvise04
> +madvise05 madvise05
>
> newuname01 newuname01
>
> diff --git a/testcases/kernel/syscalls/.gitignore b/testcases/kernel/syscalls/.gitignore
> index fb2425e..fd52217 100644
> --- a/testcases/kernel/syscalls/.gitignore
> +++ b/testcases/kernel/syscalls/.gitignore
> @@ -479,6 +479,7 @@
> /madvise/madvise02
> /madvise/madvise03
> /madvise/madvise04
> +/madvise/madvise05
> /mallopt/mallopt01
> /mbind/mbind01
> /memcmp/memcmp01
> diff --git a/testcases/kernel/syscalls/madvise/madvise05.c b/testcases/kernel/syscalls/madvise/madvise05.c
> new file mode 100644
> index 0000000..384dea7
> --- /dev/null
> +++ b/testcases/kernel/syscalls/madvise/madvise05.c
> @@ -0,0 +1,90 @@
> +/*
> + * Copyright (c) Linux Test Project, 2014
> + *
> + * This program is free software; you can redistribute it and/or modify
> + * it under the terms of the GNU General Public License as published by
> + * the Free Software Foundation; either version 2 of the License, or
> + * (at your option) any later version.
> + *
> + * This program is distributed in the hope that it will be useful,
> + * but WITHOUT ANY WARRANTY; without even the implied warranty of
> + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
> + * GNU Library General Public License for more details.
> + */
> +/*
> + * This is a regression test for madvise(2) system call. It tests kernel
> + * for NULL ptr deref Oops fixed by:
> + * commit ee53664bda169f519ce3c6a22d378f0b946c8178
> + * Author: Kirill A. Shutemov <kirill.shutemov@linux.intel.com>
> + * Date: Fri Dec 20 15:10:03 2013 +0200
> + * mm: Fix NULL pointer dereference in madvise(MADV_WILLNEED) support
> + *
> + * On buggy kernel with CONFIG_TRANSPARENT_HUGEPAGE=y CONFIG_DEBUG_LOCK_ALLOC=y
> + * this testcase should produce Oops and/or be killed. On fixed/good kernel
> + * this testcase runs to completion (retcode is 0)
> + */
> +
> +#include <sys/mman.h>
> +#include <errno.h>
> +
> +#include "test.h"
> +#include "usctest.h"
> +#include "safe_macros.h"
> +
> +#define ALLOC_SIZE (32 * 1024 * 1024)
> +
> +static void setup(void);
> +static void cleanup(void);
> +
> +char *TCID = "madvise05";
> +int TST_TOTAL = 1;
> +
> +int main(int argc, char *argv[])
> +{
> + int lc;
> + const char *msg = NULL;
> + void *p;
> +
> + msg = parse_opts(argc, argv, NULL, NULL);
> + if (msg)
> + tst_brkm(TBROK, NULL, "OPTION PARSING ERROR - %s", msg);
> +
> + setup();
> +
> + for (lc = 0; TEST_LOOPING(lc); lc++) {
> + p = SAFE_MMAP(cleanup, NULL, ALLOC_SIZE, PROT_READ,
> + MAP_PRIVATE | MAP_ANONYMOUS | MAP_POPULATE, -1, 0);
> + TEST(mprotect(p, ALLOC_SIZE, PROT_NONE));
> + if (TEST_RETURN == -1)
> + tst_brkm(TBROK | TTERRNO, cleanup, "mprotect failed");
> + TEST(madvise(p, ALLOC_SIZE, MADV_WILLNEED));
> + SAFE_MUNMAP(cleanup, p, ALLOC_SIZE);
> +
> + if (TEST_RETURN == 0)
> + continue;
> +
> + if (TEST_ERRNO == EBADF)
> + tst_brkm(TCONF, cleanup, "CONFIG_SWAP=n");
> + else
> + tst_brkm(TBROK | TTERRNO, cleanup, "madvise failed");
> + }
> +
> + tst_resm(TPASS, "issue has not been reproduced");
> +
> + cleanup();
> + tst_exit();
> +}
> +
> +static void setup(void)
> +{
> + tst_sig(NOFORK, DEF_HANDLER, cleanup);
> + if (tst_kvercmp(3, 9, 0) < 0)
> + tst_brkm(TCONF, NULL, "madvise(MADV_WILLNEED) swap file "
> + "prefetch available only since 3.9");
> + TEST_PAUSE;
> +}
> +
> +static void cleanup(void)
> +{
> + TEST_CLEANUP;
> +}
>
------------------------------------------------------------------------------
Infragistics Professional
Build stunning WinForms apps today!
Reboot your WinForms applications with our WinForms controls.
Build a bridge from your legacy apps to the future.
http://pubads.g.doubleclick.net/gampad/clk?id=153845071&iu=/4140/ostg.clktrk
_______________________________________________
Ltp-list mailing list
Ltp-list@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/ltp-list
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [LTP] [PATCH v2] madvise05: new testcase for Oops in madvise_willneed
2014-08-06 8:31 [LTP] [PATCH v2] madvise05: new testcase for Oops in madvise_willneed Jan Stancek
2014-08-06 16:40 ` Caspar Zhang
@ 2014-08-07 0:38 ` Wanlong Gao
2014-08-07 7:21 ` Jan Stancek
1 sibling, 1 reply; 4+ messages in thread
From: Wanlong Gao @ 2014-08-07 0:38 UTC (permalink / raw)
To: Jan Stancek; +Cc: ltp-list
On 08/06/2014 04:31 PM, Jan Stancek wrote:
> This is a regression test for madvise(2) system call. It tests
> kernel for NULL ptr deref Oops fixed by:
> commit ee53664bda169f519ce3c6a22d378f0b946c8178
> Author: Kirill A. Shutemov <kirill.shutemov@linux.intel.com>
> Date: Fri Dec 20 15:10:03 2013 +0200
> mm: Fix NULL pointer dereference in madvise(MADV_WILLNEED) support
>
> Signed-off-by: Jan Stancek <jstancek@redhat.com>
Acked-by: Wanlong Gao <gaowanlong@cn.fujitsu.com>
> ---
> Changes in v2:
> 1. exclude this test from kernels < 3.9.
> Older kernels do not support swap file prefetch,
> which caused madvise to return EBADF. And if backing file is
> added to mmap, reproducer no longer works.
>
> runtest/syscalls | 1 +
> testcases/kernel/syscalls/.gitignore | 1 +
> testcases/kernel/syscalls/madvise/madvise05.c | 90 +++++++++++++++++++++++++
> 3 files changed, 92 insertions(+), 0 deletions(-)
> create mode 100644 testcases/kernel/syscalls/madvise/madvise05.c
>
> diff --git a/runtest/syscalls b/runtest/syscalls
> index 5e6e0f4..142c350 100644
> --- a/runtest/syscalls
> +++ b/runtest/syscalls
> @@ -715,6 +715,7 @@ madvise01 madvise01
> madvise02 madvise02
> madvise03 madvise03
> madvise04 madvise04
> +madvise05 madvise05
>
> newuname01 newuname01
>
> diff --git a/testcases/kernel/syscalls/.gitignore b/testcases/kernel/syscalls/.gitignore
> index fb2425e..fd52217 100644
> --- a/testcases/kernel/syscalls/.gitignore
> +++ b/testcases/kernel/syscalls/.gitignore
> @@ -479,6 +479,7 @@
> /madvise/madvise02
> /madvise/madvise03
> /madvise/madvise04
> +/madvise/madvise05
> /mallopt/mallopt01
> /mbind/mbind01
> /memcmp/memcmp01
> diff --git a/testcases/kernel/syscalls/madvise/madvise05.c b/testcases/kernel/syscalls/madvise/madvise05.c
> new file mode 100644
> index 0000000..384dea7
> --- /dev/null
> +++ b/testcases/kernel/syscalls/madvise/madvise05.c
> @@ -0,0 +1,90 @@
> +/*
> + * Copyright (c) Linux Test Project, 2014
> + *
> + * This program is free software; you can redistribute it and/or modify
> + * it under the terms of the GNU General Public License as published by
> + * the Free Software Foundation; either version 2 of the License, or
> + * (at your option) any later version.
> + *
> + * This program is distributed in the hope that it will be useful,
> + * but WITHOUT ANY WARRANTY; without even the implied warranty of
> + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
> + * GNU Library General Public License for more details.
> + */
> +/*
> + * This is a regression test for madvise(2) system call. It tests kernel
> + * for NULL ptr deref Oops fixed by:
> + * commit ee53664bda169f519ce3c6a22d378f0b946c8178
> + * Author: Kirill A. Shutemov <kirill.shutemov@linux.intel.com>
> + * Date: Fri Dec 20 15:10:03 2013 +0200
> + * mm: Fix NULL pointer dereference in madvise(MADV_WILLNEED) support
> + *
> + * On buggy kernel with CONFIG_TRANSPARENT_HUGEPAGE=y CONFIG_DEBUG_LOCK_ALLOC=y
> + * this testcase should produce Oops and/or be killed. On fixed/good kernel
> + * this testcase runs to completion (retcode is 0)
> + */
> +
> +#include <sys/mman.h>
> +#include <errno.h>
> +
> +#include "test.h"
> +#include "usctest.h"
> +#include "safe_macros.h"
> +
> +#define ALLOC_SIZE (32 * 1024 * 1024)
> +
> +static void setup(void);
> +static void cleanup(void);
> +
> +char *TCID = "madvise05";
> +int TST_TOTAL = 1;
> +
> +int main(int argc, char *argv[])
> +{
> + int lc;
> + const char *msg = NULL;
> + void *p;
> +
> + msg = parse_opts(argc, argv, NULL, NULL);
> + if (msg)
> + tst_brkm(TBROK, NULL, "OPTION PARSING ERROR - %s", msg);
> +
> + setup();
> +
> + for (lc = 0; TEST_LOOPING(lc); lc++) {
> + p = SAFE_MMAP(cleanup, NULL, ALLOC_SIZE, PROT_READ,
> + MAP_PRIVATE | MAP_ANONYMOUS | MAP_POPULATE, -1, 0);
> + TEST(mprotect(p, ALLOC_SIZE, PROT_NONE));
> + if (TEST_RETURN == -1)
> + tst_brkm(TBROK | TTERRNO, cleanup, "mprotect failed");
> + TEST(madvise(p, ALLOC_SIZE, MADV_WILLNEED));
> + SAFE_MUNMAP(cleanup, p, ALLOC_SIZE);
> +
> + if (TEST_RETURN == 0)
> + continue;
> +
> + if (TEST_ERRNO == EBADF)
> + tst_brkm(TCONF, cleanup, "CONFIG_SWAP=n");
> + else
> + tst_brkm(TBROK | TTERRNO, cleanup, "madvise failed");
> + }
> +
> + tst_resm(TPASS, "issue has not been reproduced");
> +
> + cleanup();
> + tst_exit();
> +}
> +
> +static void setup(void)
> +{
> + tst_sig(NOFORK, DEF_HANDLER, cleanup);
> + if (tst_kvercmp(3, 9, 0) < 0)
> + tst_brkm(TCONF, NULL, "madvise(MADV_WILLNEED) swap file "
> + "prefetch available only since 3.9");
> + TEST_PAUSE;
> +}
> +
> +static void cleanup(void)
> +{
> + TEST_CLEANUP;
> +}
>
------------------------------------------------------------------------------
Infragistics Professional
Build stunning WinForms apps today!
Reboot your WinForms applications with our WinForms controls.
Build a bridge from your legacy apps to the future.
http://pubads.g.doubleclick.net/gampad/clk?id=153845071&iu=/4140/ostg.clktrk
_______________________________________________
Ltp-list mailing list
Ltp-list@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/ltp-list
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [LTP] [PATCH v2] madvise05: new testcase for Oops in madvise_willneed
2014-08-07 0:38 ` Wanlong Gao
@ 2014-08-07 7:21 ` Jan Stancek
0 siblings, 0 replies; 4+ messages in thread
From: Jan Stancek @ 2014-08-07 7:21 UTC (permalink / raw)
To: ltp-list
----- Original Message -----
> From: "Wanlong Gao" <gaowanlong@cn.fujitsu.com>
> To: "Jan Stancek" <jstancek@redhat.com>
> Cc: ltp-list@lists.sourceforge.net
> Sent: Thursday, 7 August, 2014 2:38:37 AM
> Subject: Re: [LTP] [PATCH v2] madvise05: new testcase for Oops in madvise_willneed
>
> On 08/06/2014 04:31 PM, Jan Stancek wrote:
> > This is a regression test for madvise(2) system call. It tests
> > kernel for NULL ptr deref Oops fixed by:
> > commit ee53664bda169f519ce3c6a22d378f0b946c8178
> > Author: Kirill A. Shutemov <kirill.shutemov@linux.intel.com>
> > Date: Fri Dec 20 15:10:03 2013 +0200
> > mm: Fix NULL pointer dereference in madvise(MADV_WILLNEED) support
> >
> > Signed-off-by: Jan Stancek <jstancek@redhat.com>
>
> Acked-by: Wanlong Gao <gaowanlong@cn.fujitsu.com>
Pushed.
Regards,
Jan
------------------------------------------------------------------------------
Infragistics Professional
Build stunning WinForms apps today!
Reboot your WinForms applications with our WinForms controls.
Build a bridge from your legacy apps to the future.
http://pubads.g.doubleclick.net/gampad/clk?id=153845071&iu=/4140/ostg.clktrk
_______________________________________________
Ltp-list mailing list
Ltp-list@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/ltp-list
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2014-08-07 7:21 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2014-08-06 8:31 [LTP] [PATCH v2] madvise05: new testcase for Oops in madvise_willneed Jan Stancek
2014-08-06 16:40 ` Caspar Zhang
2014-08-07 0:38 ` Wanlong Gao
2014-08-07 7:21 ` Jan Stancek
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox