Message ID | a9e6d98c722a92d1981fcc2b7ddeba547195c40e.1597839878.git.viresh.kumar@linaro.org |
---|---|
State | Superseded |
Headers | show |
Series | [V9,1/2] syscalls/semtimedop: Add support for semtimedop and its time64 version | expand |
Hi Viresh, On Wed, Aug 19, 2020 at 8:28 PM Viresh Kumar <viresh.kumar@linaro.org> wrote: > > + {1, &valid_sem_id, NULL, &sem_op_1, 0, 0, 0, BIGOPS, 1, &valid_to, > E2BIG}, > + {1, &noperm_sem_id, NULL, &sem_op_1, 0, 0, 0, NSOPS, 1, &valid_to, > EACCES}, > + {1, &valid_sem_id, &faulty_buf, &sem_op_1, 0, 0, 0, NSOPS, 1, > &valid_to, EFAULT}, > + {1, &valid_sem_id, NULL, &sem_op_1, 0, 0, 0, 0, 1, &valid_to, > EINVAL}, > + {1, &bad_sem_id, NULL, &sem_op_1, 0, 0, 0, NSOPS, 1, &valid_to, > EINVAL}, > + {1, &valid_sem_id, NULL, &sem_op_max, 0, 0, 0, 1, 1, &valid_to, > ERANGE}, > + {1, &valid_sem_id, NULL, &sem_op_1, 0, -1, SEM_UNDO, 1, 1, > &valid_to, EFBIG}, > + {1, &valid_sem_id, NULL, &sem_op_1, 0, PSEMS + 1, SEM_UNDO, 1, 1, > &valid_to, EFBIG}, > + {1, &valid_sem_id, NULL, &sem_op_zero, 2, 2, IPC_NOWAIT, 1, 1, > &valid_to, EAGAIN}, > + {1, &valid_sem_id, NULL, &sem_op_negative, 2, 2, IPC_NOWAIT, 1, 0, > &valid_to, EAGAIN}, > + {0, &valid_sem_id, NULL, &sem_op_zero, 0, 0, SEM_UNDO, 1, 1, > &valid_to, EAGAIN}, > + {0, &valid_sem_id, NULL, &sem_op_negative, 0, 0, SEM_UNDO, 1, 0, > &valid_to, EAGAIN}, > > + {0, &valid_sem_id, NULL, &sem_op_zero, 0, 0, SEM_UNDO, 1, 1, > &invalid_to, EFAULT}, > This '&invalid_to' can't be passed to the semtimedop(.., timeout) correctly, because in that wrapper function call_semop(), you invoke tst_ts_get(timeout) to resolve an invalid address which will be caused a segmental fault eventually. Apart from this, the rest code looks good to me.
On Wed, Aug 19, 2020 at 8:28 PM Viresh Kumar <viresh.kumar@linaro.org> wrote: - {1, &valid_sem_id, NULL, &sem_op_1, 0, 0, 0, BIGOPS, 1, E2BIG}, > - {1, &noperm_sem_id, NULL, &sem_op_1, 0, 0, 0, NSOPS, 1, EACCES}, > - {1, &valid_sem_id, &faulty_buf, &sem_op_1, 0, 0, 0, NSOPS, 1, > EFAULT}, > - {1, &valid_sem_id, NULL, &sem_op_1, 0, 0, 0, 0, 1, EINVAL}, > - {1, &bad_sem_id, NULL, &sem_op_1, 0, 0, 0, NSOPS, 1, EINVAL}, > - {1, &valid_sem_id, NULL, &sem_op_max, 0, 0, 0, 1, 1, ERANGE}, > - {1, &valid_sem_id, NULL, &sem_op_1, 0, -1, SEM_UNDO, 1, 1, EFBIG}, > - {1, &valid_sem_id, NULL, &sem_op_1, 0, PSEMS + 1, SEM_UNDO, 1, 1, > EFBIG}, > - {1, &valid_sem_id, NULL, &sem_op_zero, 2, 2, IPC_NOWAIT, 1, 1, > EAGAIN}, > - {1, &valid_sem_id, NULL, &sem_op_negative, 2, 2, IPC_NOWAIT, 1, 0, > EAGAIN}, > - {0, &valid_sem_id, NULL, &sem_op_zero, 0, 0, SEM_UNDO, 1, 1, > EAGAIN}, > - {0, &valid_sem_id, NULL, &sem_op_negative, 0, 0, SEM_UNDO, 1, 0, > EAGAIN}, > + {1, &valid_sem_id, NULL, &sem_op_1, 0, 0, 0, BIGOPS, 1, &valid_to, > E2BIG}, > + {1, &noperm_sem_id, NULL, &sem_op_1, 0, 0, 0, NSOPS, 1, &valid_to, > EACCES}, > + {1, &valid_sem_id, &faulty_buf, &sem_op_1, 0, 0, 0, NSOPS, 1, > &valid_to, EFAULT}, > + {1, &valid_sem_id, NULL, &sem_op_1, 0, 0, 0, 0, 1, &valid_to, > EINVAL}, > + {1, &bad_sem_id, NULL, &sem_op_1, 0, 0, 0, NSOPS, 1, &valid_to, > EINVAL}, > + {1, &valid_sem_id, NULL, &sem_op_max, 0, 0, 0, 1, 1, &valid_to, > ERANGE}, > + {1, &valid_sem_id, NULL, &sem_op_1, 0, -1, SEM_UNDO, 1, 1, > &valid_to, EFBIG}, > + {1, &valid_sem_id, NULL, &sem_op_1, 0, PSEMS + 1, SEM_UNDO, 1, 1, > &valid_to, EFBIG}, > + {1, &valid_sem_id, NULL, &sem_op_zero, 2, 2, IPC_NOWAIT, 1, 1, > &valid_to, EAGAIN}, > + {1, &valid_sem_id, NULL, &sem_op_negative, 2, 2, IPC_NOWAIT, 1, 0, > &valid_to, EAGAIN}, > + {0, &valid_sem_id, NULL, &sem_op_zero, 0, 0, SEM_UNDO, 1, 1, > &valid_to, EAGAIN}, > + {0, &valid_sem_id, NULL, &sem_op_negative, 0, 0, SEM_UNDO, 1, 0, > &valid_to, EAGAIN}, > + {0, &valid_sem_id, NULL, &sem_op_zero, 0, 0, SEM_UNDO, 1, 1, > &invalid_to, EFAULT}, > }; > And btw, these new changes should also be updated in the code comments above the head.
On 02-09-20, 17:09, Li Wang wrote: > This '&invalid_to' can't be passed to the semtimedop(.., timeout) correctly, > because in that wrapper function call_semop(), you invoke > tst_ts_get(timeout) > to resolve an invalid address which will be caused a segmental fault > eventually. Thanks a lot for figuring out the crash that I wasn't able to solve then :)
diff --git a/testcases/kernel/syscalls/ipc/semop/semop02.c b/testcases/kernel/syscalls/ipc/semop/semop02.c index d0fed5321502..bf362d1edcc9 100644 --- a/testcases/kernel/syscalls/ipc/semop/semop02.c +++ b/testcases/kernel/syscalls/ipc/semop/semop02.c @@ -31,6 +31,7 @@ static int bad_sem_id = -1; static short sem_op_max, sem_op_1 = 1, sem_op_negative = -1, sem_op_zero = 0; static struct sembuf *faulty_buf; static struct tst_ts timeout; +static struct tst_ts *valid_to = &timeout, *invalid_to; #define NSOPS 1 #define BIGOPS 1024 @@ -45,20 +46,22 @@ static struct test_case_t { short sem_flg; unsigned t_ops; int arr_val; + struct tst_ts **to; int error; } tc[] = { - {1, &valid_sem_id, NULL, &sem_op_1, 0, 0, 0, BIGOPS, 1, E2BIG}, - {1, &noperm_sem_id, NULL, &sem_op_1, 0, 0, 0, NSOPS, 1, EACCES}, - {1, &valid_sem_id, &faulty_buf, &sem_op_1, 0, 0, 0, NSOPS, 1, EFAULT}, - {1, &valid_sem_id, NULL, &sem_op_1, 0, 0, 0, 0, 1, EINVAL}, - {1, &bad_sem_id, NULL, &sem_op_1, 0, 0, 0, NSOPS, 1, EINVAL}, - {1, &valid_sem_id, NULL, &sem_op_max, 0, 0, 0, 1, 1, ERANGE}, - {1, &valid_sem_id, NULL, &sem_op_1, 0, -1, SEM_UNDO, 1, 1, EFBIG}, - {1, &valid_sem_id, NULL, &sem_op_1, 0, PSEMS + 1, SEM_UNDO, 1, 1, EFBIG}, - {1, &valid_sem_id, NULL, &sem_op_zero, 2, 2, IPC_NOWAIT, 1, 1, EAGAIN}, - {1, &valid_sem_id, NULL, &sem_op_negative, 2, 2, IPC_NOWAIT, 1, 0, EAGAIN}, - {0, &valid_sem_id, NULL, &sem_op_zero, 0, 0, SEM_UNDO, 1, 1, EAGAIN}, - {0, &valid_sem_id, NULL, &sem_op_negative, 0, 0, SEM_UNDO, 1, 0, EAGAIN}, + {1, &valid_sem_id, NULL, &sem_op_1, 0, 0, 0, BIGOPS, 1, &valid_to, E2BIG}, + {1, &noperm_sem_id, NULL, &sem_op_1, 0, 0, 0, NSOPS, 1, &valid_to, EACCES}, + {1, &valid_sem_id, &faulty_buf, &sem_op_1, 0, 0, 0, NSOPS, 1, &valid_to, EFAULT}, + {1, &valid_sem_id, NULL, &sem_op_1, 0, 0, 0, 0, 1, &valid_to, EINVAL}, + {1, &bad_sem_id, NULL, &sem_op_1, 0, 0, 0, NSOPS, 1, &valid_to, EINVAL}, + {1, &valid_sem_id, NULL, &sem_op_max, 0, 0, 0, 1, 1, &valid_to, ERANGE}, + {1, &valid_sem_id, NULL, &sem_op_1, 0, -1, SEM_UNDO, 1, 1, &valid_to, EFBIG}, + {1, &valid_sem_id, NULL, &sem_op_1, 0, PSEMS + 1, SEM_UNDO, 1, 1, &valid_to, EFBIG}, + {1, &valid_sem_id, NULL, &sem_op_zero, 2, 2, IPC_NOWAIT, 1, 1, &valid_to, EAGAIN}, + {1, &valid_sem_id, NULL, &sem_op_negative, 2, 2, IPC_NOWAIT, 1, 0, &valid_to, EAGAIN}, + {0, &valid_sem_id, NULL, &sem_op_zero, 0, 0, SEM_UNDO, 1, 1, &valid_to, EAGAIN}, + {0, &valid_sem_id, NULL, &sem_op_negative, 0, 0, SEM_UNDO, 1, 0, &valid_to, EAGAIN}, + {0, &valid_sem_id, NULL, &sem_op_zero, 0, 0, SEM_UNDO, 1, 1, &invalid_to, EFAULT}, }; static void setup(void) @@ -68,6 +71,7 @@ static void setup(void) key_t semkey; union semun arr; struct seminfo ipc_buf; + void *faulty_address; tst_res(TINFO, "Testing variant: %s", tv->desc); semop_supported_by_kernel(tv); @@ -96,7 +100,9 @@ static void setup(void) tst_brk(TBROK | TERRNO, "semctl() IPC_INFO failed"); sem_op_max = ipc_buf.semvmx; - faulty_buf = tst_get_bad_addr(NULL); + faulty_address = tst_get_bad_addr(NULL); + invalid_to = faulty_address; + faulty_buf = faulty_address; } static void run(unsigned int i) @@ -123,7 +129,7 @@ static void run(unsigned int i) if (tc[i].buf) ptr = *tc[i].buf; - TEST(call_semop(tv, *(tc[i].semid), ptr, tc[i].t_ops, &timeout)); + TEST(call_semop(tv, *(tc[i].semid), ptr, tc[i].t_ops, *tc[i].to)); if (TST_RET != -1) { tst_res(TFAIL | TTERRNO, "call succeeded unexpectedly");
This adds test for invalid timeout pointer. Signed-off-by: Viresh Kumar <viresh.kumar@linaro.org> --- Cyril: This doesn't work as expected and results in the crash of the executable. I am not sure what's going on here though. --- testcases/kernel/syscalls/ipc/semop/semop02.c | 34 +++++++++++-------- 1 file changed, 20 insertions(+), 14 deletions(-)