From: Tarun Sahu <tsahu@linux.ibm.com>
To: ltp@lists.linux.it
Cc: geetika@linux.ibm.com, sbhat@linux.ibm.com,
aneesh.kumar@linux.ibm.com, vaibhav@linux.ibm.com,
rpalethorpe@suse.com
Subject: [LTP] [PATCH v2 6/8] Hugetlb: Migrating libhugetlbfs map_high_truncate_2
Date: Tue, 20 Dec 2022 12:01:07 +0530 [thread overview]
Message-ID: <20221220063109.279007-7-tsahu@linux.ibm.com> (raw)
In-Reply-To: <20221220063109.279007-1-tsahu@linux.ibm.com>
Migrating the libhugetlbfs/testcases/map_high_truncate_2.c test
Test Description: At one stage, a misconversion of hugetlb_vmtruncate_list
to a prio_tree meant that on 32-bit machines, certain combinations of
mapping and truncations could truncate incorrect pages, or
overwrite pmds from other VMAs, triggering BUG_ON()s or other
wierdness.
Test adapted from an example by Kenneth Chen <kenneth.w.chen@intel.com>
WARNING: The offsets and addresses used within are specifically
calculated to trigger the bug as it existed. Don't mess with them
unless you *really* know what you're doing.
The kernel bug in question was fixed with
'commit 856fc2950555 ("[PATCH] hugetlb: fix prio_tree unit")'.
Signed-off-by: Tarun Sahu <tsahu@linux.ibm.com>
Reviewed-by: Richard Palethorpe <rpalethorpe@suse.com>
---
runtest/hugetlb | 1 +
testcases/kernel/mem/.gitignore | 1 +
.../kernel/mem/hugetlb/hugemmap/hugemmap17.c | 103 ++++++++++++++++++
3 files changed, 105 insertions(+)
create mode 100644 testcases/kernel/mem/hugetlb/hugemmap/hugemmap17.c
diff --git a/runtest/hugetlb b/runtest/hugetlb
index 1691ce37d..5fac3481c 100644
--- a/runtest/hugetlb
+++ b/runtest/hugetlb
@@ -18,6 +18,7 @@ hugemmap13 hugemmap13
hugemmap14 hugemmap14
hugemmap15 hugemmap15
hugemmap16 hugemmap16
+hugemmap17 hugemmap17
hugemmap05_1 hugemmap05 -m
hugemmap05_2 hugemmap05 -s
hugemmap05_3 hugemmap05 -s -m
diff --git a/testcases/kernel/mem/.gitignore b/testcases/kernel/mem/.gitignore
index eb8e87c40..6aa54f902 100644
--- a/testcases/kernel/mem/.gitignore
+++ b/testcases/kernel/mem/.gitignore
@@ -17,6 +17,7 @@
/hugetlb/hugemmap/hugemmap14
/hugetlb/hugemmap/hugemmap15
/hugetlb/hugemmap/hugemmap16
+/hugetlb/hugemmap/hugemmap17
/hugetlb/hugeshmat/hugeshmat01
/hugetlb/hugeshmat/hugeshmat02
/hugetlb/hugeshmat/hugeshmat03
diff --git a/testcases/kernel/mem/hugetlb/hugemmap/hugemmap17.c b/testcases/kernel/mem/hugetlb/hugemmap/hugemmap17.c
new file mode 100644
index 000000000..b8105bbf3
--- /dev/null
+++ b/testcases/kernel/mem/hugetlb/hugemmap/hugemmap17.c
@@ -0,0 +1,103 @@
+// SPDX-License-Identifier: LGPL-2.1-or-later
+/*
+ * Copyright (C) 2005-2006 David Gibson & Adam Litke, IBM Corporation.
+ * Author: David Gibson & Adam Litke
+ */
+
+/*\
+ * [Descriptiom]
+ *
+ * At one stage, a misconversion of hugetlb_vmtruncate_list to a prio_tree
+ * meant that on 32-bit machines, certain combinations of mapping and
+ * truncations could truncate incorrect pages, or overwrite pmds from
+ * other VMAs, triggering BUG_ON()s or other wierdness.
+ *
+ * Test adapted from an example by Kenneth Chen <kenneth.w.chen@intel.com>
+ *
+ * WARNING: The offsets and addresses used within are specifically
+ * calculated to trigger the bug as it existed. Don't mess with them
+ * unless you *really* know what you're doing.
+ *
+ * The kernel bug in question was fixed with commit
+ * 856fc2950555.
+ */
+
+#define _GNU_SOURCE
+#include <stdio.h>
+#include <sys/mount.h>
+#include <limits.h>
+#include <sys/param.h>
+#include <sys/types.h>
+
+#include "hugetlb.h"
+
+#define MNTPOINT "hugetlbfs/"
+#define MAP_LENGTH (4UL * hpage_size)
+#if defined(__s390__) && __WORDSIZE == 32
+#define TRUNCATE_POINT 0x20000000UL
+#else
+#define TRUNCATE_POINT 0x60000000UL
+#endif
+#define HIGH_ADDR 0xa0000000UL
+#define FOURGIG ((off64_t)0x100000000ULL)
+
+static unsigned long hpage_size;
+static int fd = -1;
+
+static void run_test(void)
+{
+ char *p, *q;
+ unsigned long i;
+
+ p = SAFE_MMAP(0, MAP_LENGTH + TRUNCATE_POINT, PROT_READ | PROT_WRITE,
+ MAP_PRIVATE | MAP_NORESERVE, fd, 0);
+
+ SAFE_MUNMAP(p, MAP_LENGTH + TRUNCATE_POINT);
+
+ q = SAFE_MMAP((void *)HIGH_ADDR, MAP_LENGTH, PROT_READ | PROT_WRITE,
+ MAP_PRIVATE, fd, 0);
+ tst_res(TINFO, "High map at %p", q);
+
+ for (i = 0; i < MAP_LENGTH; i += hpage_size)
+ q[i] = 1;
+
+ SAFE_FTRUNCATE(fd, TRUNCATE_POINT);
+
+ if (q[0] != 1)
+ tst_res(TFAIL, "data mismatch");
+ else
+ tst_res(TPASS, "Successful");
+
+ SAFE_MUNMAP(q, MAP_LENGTH);
+}
+
+static void setup(void)
+{
+ hpage_size = SAFE_READ_MEMINFO("Hugepagesize:")*1024;
+
+ if (hpage_size > TRUNCATE_POINT)
+ tst_brk(TCONF, "Huge page size is too large");
+ if (TRUNCATE_POINT % hpage_size)
+ tst_brk(TCONF, "Truncation point is not aligned to huge page size");
+ fd = tst_creat_unlinked(MNTPOINT, 0);
+}
+
+static void cleanup(void)
+{
+ if (fd >= 0)
+ SAFE_CLOSE(fd);
+}
+
+static struct tst_test test = {
+ .tags = (struct tst_tag[]) {
+ {"linux-git", "856fc2950555"},
+ {}
+ },
+ .needs_root = 1,
+ .mntpoint = MNTPOINT,
+ .needs_hugetlbfs = 1,
+ .setup = setup,
+ .cleanup = cleanup,
+ .test_all = run_test,
+ .hugepages = {4, TST_NEEDS},
+};
--
2.31.1
--
Mailing list info: https://lists.linux.it/listinfo/ltp
next prev parent reply other threads:[~2022-12-20 6:32 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-12-20 6:31 [LTP] [PATCH v2 0/8][PART 3] Hugetlb:Migrating the libhugetlbfs tests Tarun Sahu
2022-12-20 6:31 ` [LTP] [PATCH v2 1/8] Hugetlb: Migrating libhugetlbfs fork-cow Tarun Sahu
2022-12-20 6:31 ` [LTP] [PATCH v2 2/8] Hugetlb: Migrating libhugetlbfs huge_at_4GB_normal_below Tarun Sahu
2022-12-20 6:31 ` [LTP] [PATCH v2 3/8] Hugetlb: Migrating libhugetlbfs huge_below_4GB_normal_above Tarun Sahu
2022-12-20 6:31 ` [LTP] [PATCH v2 4/8] Hugetlb: Migrating libhugetlbfs icache-hygiene Tarun Sahu
2023-01-25 1:11 ` Petr Vorel
2022-12-20 6:31 ` [LTP] [PATCH v2 5/8] Hugetlb: Migrating libhugetlbfs madvise_reserve Tarun Sahu
2022-12-20 6:31 ` Tarun Sahu [this message]
2022-12-20 6:31 ` [LTP] [PATCH v2 7/8] Hugetlb: Migrating libhugetlbfs misalign Tarun Sahu
2022-12-20 6:31 ` [LTP] [PATCH v2 8/8] Hugetlb: Migrating libhugetlbfs misaligned_offset Tarun Sahu
2022-12-20 12:48 ` [LTP] [PATCH v2 0/8][PART 3] Hugetlb:Migrating the libhugetlbfs tests Richard Palethorpe
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20221220063109.279007-7-tsahu@linux.ibm.com \
--to=tsahu@linux.ibm.com \
--cc=aneesh.kumar@linux.ibm.com \
--cc=geetika@linux.ibm.com \
--cc=ltp@lists.linux.it \
--cc=rpalethorpe@suse.com \
--cc=sbhat@linux.ibm.com \
--cc=vaibhav@linux.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.