1From 1234063488134ad1f541f56dd30caa7896905f06 Mon Sep 17 00:00:00 2001
2From: Ilya Leoshkevich <iii@linux.ibm.com>
3Date: Wed, 28 Feb 2024 10:25:18 -1000
4Subject: [PATCH 5/5] tests/tcg: Check that shmat() does not break
5 /proc/self/maps
6
7Add a regression test for a recently fixed issue, where shmat()
8desynced the guest and the host view of the address space and caused
9open("/proc/self/maps") to SEGV.
10
11Upstream-Status: Submitted [https://www.mail-archive.com/qemu-devel@nongnu.org/msg1026793.html]
12
13Signed-off-by: Ilya Leoshkevich <iii@linux.ibm.com>
14Message-Id: <jwyuvao4apydvykmsnvacwshdgy3ixv7qvkh4dbxm3jkwgnttw@k4wpaayou7oq>
15Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
16Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
17---
18 tests/tcg/multiarch/linux/linux-shmat-maps.c | 55 ++++++++++++++++++++
19 1 file changed, 55 insertions(+)
20 create mode 100644 tests/tcg/multiarch/linux/linux-shmat-maps.c
21
22diff --git a/tests/tcg/multiarch/linux/linux-shmat-maps.c b/tests/tcg/multiarch/linux/linux-shmat-maps.c
23new file mode 100644
24index 000000000..0ccf7a973
25--- /dev/null
26+++ b/tests/tcg/multiarch/linux/linux-shmat-maps.c
27@@ -0,0 +1,55 @@
28+/*
29+ * Test that shmat() does not break /proc/self/maps.
30+ *
31+ * SPDX-License-Identifier: GPL-2.0-or-later
32+ */
33+#include <assert.h>
34+#include <fcntl.h>
35+#include <stdlib.h>
36+#include <sys/ipc.h>
37+#include <sys/shm.h>
38+#include <unistd.h>
39+
40+int main(void)
41+{
42+    char buf[128];
43+    int err, fd;
44+    int shmid;
45+    ssize_t n;
46+    void *p;
47+
48+    shmid = shmget(IPC_PRIVATE, 1, IPC_CREAT | 0600);
49+    assert(shmid != -1);
50+
51+    /*
52+     * The original bug required a non-NULL address, which skipped the
53+     * mmap_find_vma step, which could result in a host mapping smaller
54+     * than the target mapping.  Choose an address at random.
55+     */
56+    p = shmat(shmid, (void *)0x800000, SHM_RND);
57+    if (p == (void *)-1) {
58+        /*
59+         * Because we are now running the testcase for all guests for which
60+         * we have a cross-compiler, the above random address might conflict
61+         * with the guest executable in some way.  Rather than stopping,
62+         * continue with a system supplied address, which should never fail.
63+         */
64+        p = shmat(shmid, NULL, 0);
65+        assert(p != (void *)-1);
66+    }
67+
68+    fd = open("/proc/self/maps", O_RDONLY);
69+    assert(fd != -1);
70+    do {
71+        n = read(fd, buf, sizeof(buf));
72+        assert(n >= 0);
73+    } while (n != 0);
74+    close(fd);
75+
76+    err = shmdt(p);
77+    assert(err == 0);
78+    err = shmctl(shmid, IPC_RMID, NULL);
79+    assert(err == 0);
80+
81+    return EXIT_SUCCESS;
82+}
83--
842.34.1
85
86