Bug 510292

Summary:	LTP testcase munmap01 fails under valgrind
Product:	[Developer tools] valgrind	Reporter:	mcermak
Component:	general	Assignee:	mcermak
Status:	ASSIGNED ---
Severity:	normal	CC:	mark
Priority:	NOR
Version First Reported In:	3.25 GIT
Target Milestone:	---
Platform:	Other
OS:	Linux
Latest Commit:		Version Fixed In:
Sentry Crash Report:
Attachments:	proposed patch updated patch

Description mcermak 2025-10-06 08:51:50 UTC

After upgrading LTP testsuite version to 20250930 (tracked in bug 510169) munmap01 syscall test started failing.  It however turns out that this testcase was substantially rewritten and the failure is expected:

> $ make -j"$(nproc)" ltpchecks TESTS=munmap01
> [ ... stuff deleted ... ]
> VALGRIND=/home/mcermak/WORK/valgrind/valgrind/vg-in-place \
>   /home/mcermak/WORK/valgrind/valgrind/auxprogs/ltp-tester.sh
> Running individual syscall tests specified in the TESTS env var ...
> [1/1] Testing munmap01 ...
> munmap01: unempty log2.filtered:
> ==1900711==
> ==1900711== Process terminating with default action of signal 11 (SIGSEGV): dumping core
> ==1900711==  Access not within mapped region at address 0x483F000
> ==1900711==    at 0x401F9A: run (munmap01.c:46)
> ==1900711==    by 0x40D42F: fork_testrun.isra.0 (tst_test.c:1669)
> ==1900711==    by 0x40F894: tst_run_tcases (tst_test.c:2041)
> ==1900711==    by 0x401DCD: main (tst_test.h:738)
> ==1900711==  If you believe this happened as a result of a stack
> ==1900711==  overflow in your program's main thread (unlikely but
> ==1900711==  possible), you can try to increase the size of the
> ==1900711==  main thread stack using the --main-stacksize= flag.
> ==1900711==  The main thread stack size used in this run was 8388608.
> ==1900724==
> ==1900724== Process terminating with default action of signal 11 (SIGSEGV): dumping core
> ==1900724==  Access not within mapped region at address 0x4840000
> ==1900724==    at 0x401F9A: run (munmap01.c:46)
> ==1900724==    by 0x40D42F: fork_testrun.isra.0 (tst_test.c:1669)
> ==1900724==    by 0x40F894: tst_run_tcases (tst_test.c:2041)
> ==1900724==    by 0x401DCD: main (tst_test.h:738)
> ==1900724==  If you believe this happened as a result of a stack
> ==1900724==  overflow in your program's main thread (unlikely but
> ==1900724==  possible), you can try to increase the size of the
> ==1900724==  main thread stack using the --main-stacksize= flag.
> ==1900724==  The main thread stack size used in this run was 8388608.
>
> Brief LTP test results summary
> -----------------------------------------
> FAIL: 1
> -----------------------------------------

Looking closer at the new version of the test it turns out that this test now intentionally tries to write to an unmaped region, and considers the resulting segfault an expected outcome.

> static void run(void)
> {
>       int status;
>
>       SAFE_MUNMAP(map_addr, map_len);
>       map_base = NULL;
>
>       /*
>        * Check whether further reference is possible to the unmapped memory
>        * region by writing to the first byte of region with some arbitrary
>        * number.
>        */
>       if (!SAFE_FORK()) {
>               *map_addr = 50; 
>               _exit(0);
>       }
>
>       SAFE_WAIT(&status);
>       if (WIFSIGNALED(status) && WTERMSIG(status) == SIGSEGV) {
>               tst_res(TPASS, "Child was unable to access unmapped memory");
>               return;
>       }
>       tst_res(TFAIL, "Child succeeds to refer unmapped memory region");
> }

This false positive needs to be silenced via auxprogs/filters/munmap01.

Comment 1 mcermak 2025-10-06 08:55:21 UTC

Created attachment 185548 [details]
proposed patch

Comment 2 Mark Wielaard 2025-10-09 16:36:04 UTC

The filters/munmap01 file needs to be added to auxprogs/Makefile.am (LTP_FILTERS) so it gets included in a make dist.
OK with that change.

I wonder if we need a --really-quiet-even-for-fatal-crashes option?
Normally you would like to see these SEGVs messages. Just not in these contrived testcases.
And it seems all our filters are variants on these SEGV messages.

Comment 3 mcermak 2025-10-13 08:06:49 UTC

Created attachment 185728 [details]
updated patch

Hi Mark,

(In reply to Mark Wielaard from comment #2)
> The filters/munmap01 file needs to be added to auxprogs/Makefile.am
> (LTP_FILTERS) so it gets included in a make dist.
> OK with that change.

Attached updated, rebased patch.

> I wonder if we need a --really-quiet-even-for-fatal-crashes option?
> Normally you would like to see these SEGVs messages. Just not in these
> contrived testcases.
> And it seems all our filters are variants on these SEGV messages.

These filters are rare:  Currently we have 4 filters for whole the LTP testsuite.
Introducing --really-quiet-even-for-fatal-crashes could paper over real issues.
As long as filters are conveniently maintainable, I think adding a filter is fine.

Thoughts?