testcases/kernel/syscalls/fork/fork14.c - platform/external/ltp - Gitiles

 /*********************************************************************
  * Copyright (C) 2014  Red Hat, Inc.
  *
  * This program is free software; you can redistribute it and/or
  * modify it under the terms of version 2 of the GNU General Public
  * License as published by the Free Software Foundation.
  *
  * This program is distributed in the hope that it would be useful,
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
  *
  * Further, this software is distributed without any warranty that it
  * is free of the rightful claim of any third person regarding
  * infringement or the like.  Any license provided herein, whether
  * implied or otherwise, applies only to this software file.  Patent
  * licenses, if any, provided herein do not apply to combinations of
  * this program with other software, or any other product whatsoever.
  *
  * You should have received a copy of the GNU General Public License
  * along with this program; if not, write the Free Software
  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
  * 02110-1301, USA.
  *
  * This test is a reporducer for this patch:
  *              https://lkml.org/lkml/2012/4/24/328
  * Since vma length in dup_mmap is calculated and stored in a unsigned
  * int, it will overflow when length of mmaped memory > 16 TB. When
  * overflow occur, fork will  incorrectly succeed. The patch above
  * fixed it.
  ********************************************************************/

 #include <sys/mman.h>
 #include <sys/wait.h>
 #include <stdio.h>
 #include <unistd.h>
 #include "test.h"
 #include "safe_macros.h"

 char *TCID = "fork14";
 int TST_TOTAL = 1;

 #define GB		(1024 * 1024 * 1024L)

 /* set mmap threshold to 16TB */
 #define LARGE		(16 * 1024)
 #define EXTENT		(16 * 1024 + 10)

 static char **pointer_vec;

 static void setup(void);
 static void cleanup(void);
 static int  fork_test(void);

 int main(int ac, char **av)
 {
 	int lc, reproduced;
 	const char *msg;

 	msg = parse_opts(ac, av, NULL, NULL);
 	if (msg != NULL)
 		tst_brkm(TBROK, NULL, "OPTION PARSING ERROR - %s", msg);
 /*
  * Tested on ppc64/x86_64/i386/s390x. And only 64bit has this issue.
  * Since a 32bit program can't mmap so many memory.
  */
 #if __WORDSIZE == 32
 	tst_brkm(TCONF, NULL, "This test is only for 64bit.");
 #endif
 	setup();
 	for (lc = 0; TEST_LOOPING(lc); lc++) {
 		tst_count = 0;

 		reproduced = fork_test();
 		if (reproduced == 0)
 			tst_resm(TPASS, "fork failed as expected.");
 	}
 	cleanup();
 	tst_exit();
 }

 static void setup(void)
 {
 	tst_sig(FORK, DEF_HANDLER, cleanup);
 	TEST_PAUSE;

 	pointer_vec = SAFE_MALLOC(cleanup, EXTENT * sizeof(char *));
 }

 static void cleanup(void)
 {
 	free(pointer_vec);
 }

 static int fork_test(void)
 {
 	int i, j, prev_failed = 0, fails = 0;
 	int reproduced = 0;
 	void *addr;

 	for (i = 0; i < EXTENT; i++) {
 		addr = mmap(NULL, 1 * GB, PROT_READ | PROT_WRITE,
 			    MAP_PRIVATE | MAP_ANONYMOUS, 0, 0);
 		if (addr == MAP_FAILED) {
 			pointer_vec[i] = NULL;
 			fails++;
 			/*
 			 * EXTENT is "16*1024+10", if fails count exceeds 10,
 			 * we are almost impossible to get an vm_area_struct
 			 * sized 16TB
 			 */
 			if (fails == 11) {
 				tst_brkm(TCONF, cleanup, "mmap() fails too many"
 					 "times, so we are almost impossible to"
 					 " get an vm_area_struct sized 16TB.");
 			}
 		} else {
 			pointer_vec[i] = addr;
 		}

 		switch (tst_fork()) {
 		case -1:
 			prev_failed = 1;
 		break;
 		case 0:
 			exit(0);
 		default:
 			if (waitpid(-1, NULL, 0) == -1)
 				tst_brkm(TBROK | TERRNO, cleanup, "waitpid");

 			if (prev_failed > 0 && i >= LARGE) {
 				tst_resm(TFAIL, "Fork succeeds incorrectly");
 				reproduced = 1;
 				goto clear_memory_map;
 			}
 		}
 	}

 clear_memory_map:
 	for (j = 0; j <= i; j++) {
 		if (pointer_vec[j])
 			SAFE_MUNMAP(cleanup, pointer_vec[j], 1 * GB);
 	}

 	return reproduced;
 }
	/*********************************************************************
	* Copyright (C) 2014 Red Hat, Inc.
	*
	* This program is free software; you can redistribute it and/or
	* modify it under the terms of version 2 of the GNU General Public
	* License as published by the Free Software Foundation.
	*
	* This program is distributed in the hope that it would be useful,
	* but WITHOUT ANY WARRANTY; without even the implied warranty of
	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
	*
	* Further, this software is distributed without any warranty that it
	* is free of the rightful claim of any third person regarding
	* infringement or the like. Any license provided herein, whether
	* implied or otherwise, applies only to this software file. Patent
	* licenses, if any, provided herein do not apply to combinations of
	* this program with other software, or any other product whatsoever.
	*
	* You should have received a copy of the GNU General Public License
	* along with this program; if not, write the Free Software
	* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
	* 02110-1301, USA.
	*
	* This test is a reporducer for this patch:
	* https://lkml.org/lkml/2012/4/24/328
	* Since vma length in dup_mmap is calculated and stored in a unsigned
	* int, it will overflow when length of mmaped memory > 16 TB. When
	* overflow occur, fork will incorrectly succeed. The patch above
	* fixed it.
	********************************************************************/

	#include <sys/mman.h>
	#include <sys/wait.h>
	#include <stdio.h>
	#include <unistd.h>
	#include "test.h"
	#include "safe_macros.h"

	char *TCID = "fork14";
	int TST_TOTAL = 1;

	#define GB (1024 * 1024 * 1024L)

	/* set mmap threshold to 16TB */
	#define LARGE (16 * 1024)
	#define EXTENT (16 * 1024 + 10)

	static char **pointer_vec;

	static void setup(void);
	static void cleanup(void);
	static int fork_test(void);

	int main(int ac, char **av)
	{
	int lc, reproduced;
	const char *msg;

	msg = parse_opts(ac, av, NULL, NULL);
	if (msg != NULL)
	tst_brkm(TBROK, NULL, "OPTION PARSING ERROR - %s", msg);
	/*
	* Tested on ppc64/x86_64/i386/s390x. And only 64bit has this issue.
	* Since a 32bit program can't mmap so many memory.
	*/
	#if __WORDSIZE == 32
	tst_brkm(TCONF, NULL, "This test is only for 64bit.");
	#endif
	setup();
	for (lc = 0; TEST_LOOPING(lc); lc++) {
	tst_count = 0;

	reproduced = fork_test();
	if (reproduced == 0)
	tst_resm(TPASS, "fork failed as expected.");
	}
	cleanup();
	tst_exit();
	}

	static void setup(void)
	{
	tst_sig(FORK, DEF_HANDLER, cleanup);
	TEST_PAUSE;

	pointer_vec = SAFE_MALLOC(cleanup, EXTENT * sizeof(char *));
	}

	static void cleanup(void)
	{
	free(pointer_vec);
	}

	static int fork_test(void)
	{
	int i, j, prev_failed = 0, fails = 0;
	int reproduced = 0;
	void *addr;

	for (i = 0; i < EXTENT; i++) {
	addr = mmap(NULL, 1 * GB, PROT_READ \| PROT_WRITE,
	MAP_PRIVATE \| MAP_ANONYMOUS, 0, 0);
	if (addr == MAP_FAILED) {
	pointer_vec[i] = NULL;
	fails++;
	/*
	* EXTENT is "16*1024+10", if fails count exceeds 10,
	* we are almost impossible to get an vm_area_struct
	* sized 16TB
	*/
	if (fails == 11) {
	tst_brkm(TCONF, cleanup, "mmap() fails too many"
	"times, so we are almost impossible to"
	" get an vm_area_struct sized 16TB.");
	}
	} else {
	pointer_vec[i] = addr;
	}

	switch (tst_fork()) {
	case -1:
	prev_failed = 1;
	break;
	case 0:
	exit(0);
	default:
	if (waitpid(-1, NULL, 0) == -1)
	tst_brkm(TBROK \| TERRNO, cleanup, "waitpid");

	if (prev_failed > 0 && i >= LARGE) {
	tst_resm(TFAIL, "Fork succeeds incorrectly");
	reproduced = 1;
	goto clear_memory_map;
	}
	}
	}

	clear_memory_map:
	for (j = 0; j <= i; j++) {
	if (pointer_vec[j])
	SAFE_MUNMAP(cleanup, pointer_vec[j], 1 * GB);
	}

	return reproduced;
	}