Currently, VA exhaustion is being checked by passing a hint to mmap() and expecting it to fail. This patch makes a stricter test by successful write() calls from /proc/self/maps to a dump file, confirming that a free chunk is indeed not available.
Signed-off-by: Dev Jain dev.jain@arm.com --- Merge dependency: https://lore.kernel.org/all/20240314122250.68534-1-dev.jain@arm.com/
.../selftests/mm/virtual_address_range.c | 69 +++++++++++++++++++ 1 file changed, 69 insertions(+)
diff --git a/tools/testing/selftests/mm/virtual_address_range.c b/tools/testing/selftests/mm/virtual_address_range.c index 7bcf8d48256a..31063613dfd9 100644 --- a/tools/testing/selftests/mm/virtual_address_range.c +++ b/tools/testing/selftests/mm/virtual_address_range.c @@ -12,6 +12,8 @@ #include <errno.h> #include <sys/mman.h> #include <sys/time.h> +#include <fcntl.h> + #include "../kselftest.h"
/* @@ -93,6 +95,69 @@ static int validate_lower_address_hint(void) return 1; }
+static int validate_complete_va_space(void) +{ + unsigned long start_addr, end_addr, prev_end_addr; + char line[400]; + char prot[6]; + FILE *file; + int fd; + + fd = open("va_dump", O_CREAT | O_WRONLY, 0600); + unlink("va_dump"); + if (fd < 0) { + ksft_test_result_skip("cannot create or open dump file\n"); + ksft_finished(); + } + + file = fopen("/proc/self/maps", "r"); + if (file == NULL) + ksft_exit_fail_msg("cannot open /proc/self/maps\n"); + + prev_end_addr = 0; + while (fgets(line, sizeof(line), file)) { + unsigned long hop; + int ret; + + ret = sscanf(line, "%lx-%lx %s[rwxp-]", + &start_addr, &end_addr, prot); + if (ret != 3) + ksft_exit_fail_msg("sscanf failed, cannot parse\n"); + + /* end of userspace mappings; ignore vsyscall mapping */ + if (start_addr & (1UL << 63)) + return 0; + + /* /proc/self/maps must have gaps less than 1GB only */ + if (start_addr - prev_end_addr >= SZ_1GB) + return 1; + + prev_end_addr = end_addr; + + if (prot[0] != 'r') + continue; + + /* + * Confirm whether MAP_CHUNK_SIZE chunk can be found or not. + * If write succeeds, no need to check MAP_CHUNK_SIZE - 1 + * addresses after that. If the address was not held by this + * process, write would fail with errno set to EFAULT. + * Anyways, if write returns anything apart from 1, exit the + * program since that would mean a bug in /proc/self/maps. + */ + hop = 0; + while (start_addr + hop < end_addr) { + if (write(fd, (void *)(start_addr + hop), 1) != 1) + return 1; + else + lseek(fd, 0, SEEK_SET); + + hop += MAP_CHUNK_SIZE; + } + } + return 0; +} + int main(int argc, char *argv[]) { char *ptr[NR_CHUNKS_LOW]; @@ -135,6 +200,10 @@ int main(int argc, char *argv[]) validate_addr(hptr[i], 1); } hchunks = i; + if (validate_complete_va_space()) { + ksft_test_result_fail("BUG in mmap() or /proc/self/maps\n"); + ksft_finished(); + }
for (i = 0; i < lchunks; i++) munmap(ptr[i], MAP_CHUNK_SIZE);
On Thu, 21 Mar 2024 16:05:22 +0530 Dev Jain dev.jain@arm.com wrote:
Currently, VA exhaustion is being checked by passing a hint to mmap() and expecting it to fail. This patch makes a stricter test by successful write() calls from /proc/self/maps to a dump file, confirming that a free chunk is indeed not available.
What's wrong with the current approach?
On 3/22/24 03:21, Andrew Morton wrote:
On Thu, 21 Mar 2024 16:05:22 +0530 Dev Jain dev.jain@arm.com wrote:
Currently, VA exhaustion is being checked by passing a hint to mmap() and expecting it to fail. This patch makes a stricter test by successful write() calls from /proc/self/maps to a dump file, confirming that a free chunk is indeed not available.
What's wrong with the current approach?
While populating the lower VA space, mmap() fails because we have exhausted the space.
Then, in validate_lower_address_hint(), because mmap() fails, we confirm that we have
indeed exhausted the space. There is a circular logic involved here.
Assume that there is a bug in mmap(), also assume that it exists independent of whether
you pass a hint address or not; that for some reason it is not able to find a 1GB chunk.
My idea is to assert the exhaustion against some other method.
Also, in the following line in validate_complete_va_space():
if (start_addr - prev_end_addr >= SZ_1GB)
I made a small error, I forgot to use MAP_CHUNK_SIZE instead of SZ_1GB.
On Fri, 22 Mar 2024 10:42:47 +0530 Dev Jain dev.jain@arm.com wrote:
On 3/22/24 03:21, Andrew Morton wrote:
On Thu, 21 Mar 2024 16:05:22 +0530 Dev Jain dev.jain@arm.com wrote:
Currently, VA exhaustion is being checked by passing a hint to mmap() and expecting it to fail. This patch makes a stricter test by successful write() calls from /proc/self/maps to a dump file, confirming that a free chunk is indeed not available.
What's wrong with the current approach?
While populating the lower VA space, mmap() fails because we have exhausted the space.
Then, in validate_lower_address_hint(), because mmap() fails, we confirm that we have
indeed exhausted the space. There is a circular logic involved here.
Assume that there is a bug in mmap(), also assume that it exists independent of whether
you pass a hint address or not; that for some reason it is not able to find a 1GB chunk.
My idea is to assert the exhaustion against some other method.
Thanks. I added the above to the changelog.
Also, in the following line in validate_complete_va_space():
if (start_addr - prev_end_addr >= SZ_1GB)
I made a small error, I forgot to use MAP_CHUNK_SIZE instead of SZ_1GB.
And the preceding comment might need an edit. Please send an updated patch?
linux-kselftest-mirror@lists.linaro.org
-
Andrew Morton -
Dev Jain