1f08c3bdfSopenharmony_ci// SPDX-License-Identifier: GPL-2.0-or-later 2f08c3bdfSopenharmony_ci/* 3f08c3bdfSopenharmony_ci * Copyright (c) Linux Test Project, 2014 4f08c3bdfSopenharmony_ci */ 5f08c3bdfSopenharmony_ci/* 6f08c3bdfSopenharmony_ci * This is a regression test for madvise(2) system call. It tests kernel 7f08c3bdfSopenharmony_ci * for NULL ptr deref Oops fixed by: 8f08c3bdfSopenharmony_ci * commit ee53664bda169f519ce3c6a22d378f0b946c8178 9f08c3bdfSopenharmony_ci * Author: Kirill A. Shutemov <kirill.shutemov@linux.intel.com> 10f08c3bdfSopenharmony_ci * Date: Fri Dec 20 15:10:03 2013 +0200 11f08c3bdfSopenharmony_ci * mm: Fix NULL pointer dereference in madvise(MADV_WILLNEED) support 12f08c3bdfSopenharmony_ci * 13f08c3bdfSopenharmony_ci * On buggy kernel with CONFIG_TRANSPARENT_HUGEPAGE=y CONFIG_DEBUG_LOCK_ALLOC=y 14f08c3bdfSopenharmony_ci * this testcase should produce Oops and/or be killed. On fixed/good kernel 15f08c3bdfSopenharmony_ci * this testcase runs to completion (retcode is 0) 16f08c3bdfSopenharmony_ci */ 17f08c3bdfSopenharmony_ci 18f08c3bdfSopenharmony_ci#include <sys/mman.h> 19f08c3bdfSopenharmony_ci#include <errno.h> 20f08c3bdfSopenharmony_ci#include "tst_test.h" 21f08c3bdfSopenharmony_ci 22f08c3bdfSopenharmony_ci#define ALLOC_SIZE (32 * 1024 * 1024) 23f08c3bdfSopenharmony_ci 24f08c3bdfSopenharmony_cistatic void verify_madvise(void) 25f08c3bdfSopenharmony_ci{ 26f08c3bdfSopenharmony_ci void *p; 27f08c3bdfSopenharmony_ci 28f08c3bdfSopenharmony_ci p = SAFE_MMAP(NULL, ALLOC_SIZE, PROT_READ, 29f08c3bdfSopenharmony_ci MAP_PRIVATE | MAP_ANONYMOUS | MAP_POPULATE, -1, 0); 30f08c3bdfSopenharmony_ci 31f08c3bdfSopenharmony_ci TEST(mprotect(p, ALLOC_SIZE, PROT_NONE)); 32f08c3bdfSopenharmony_ci if (TST_RET == -1) 33f08c3bdfSopenharmony_ci tst_brk(TBROK | TTERRNO, "mprotect failed"); 34f08c3bdfSopenharmony_ci TEST(madvise(p, ALLOC_SIZE, MADV_WILLNEED)); 35f08c3bdfSopenharmony_ci SAFE_MUNMAP(p, ALLOC_SIZE); 36f08c3bdfSopenharmony_ci 37f08c3bdfSopenharmony_ci if (TST_RET == 0) { 38f08c3bdfSopenharmony_ci tst_res(TPASS, "issue has not been reproduced"); 39f08c3bdfSopenharmony_ci return; 40f08c3bdfSopenharmony_ci } 41f08c3bdfSopenharmony_ci 42f08c3bdfSopenharmony_ci if (TST_ERR == EBADF) 43f08c3bdfSopenharmony_ci tst_brk(TCONF, "CONFIG_SWAP=n"); 44f08c3bdfSopenharmony_ci else 45f08c3bdfSopenharmony_ci tst_brk(TBROK | TTERRNO, "madvise failed"); 46f08c3bdfSopenharmony_ci} 47f08c3bdfSopenharmony_ci 48f08c3bdfSopenharmony_cistatic struct tst_test test = { 49f08c3bdfSopenharmony_ci .test_all = verify_madvise, 50f08c3bdfSopenharmony_ci .tags = (const struct tst_tag[]) { 51f08c3bdfSopenharmony_ci {"linux-git", "ee53664bda16"}, 52f08c3bdfSopenharmony_ci {} 53f08c3bdfSopenharmony_ci } 54f08c3bdfSopenharmony_ci}; 55