1 | // SPDX-License-Identifier: GPL-2.0 OR MIT |
2 | /* |
3 | * Test cases for arithmetic overflow checks. See: |
4 | * "Running tests with kunit_tool" at Documentation/dev-tools/kunit/start.rst |
5 | * ./tools/testing/kunit/kunit.py run overflow [--raw_output] |
6 | */ |
7 | #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt |
8 | |
9 | #include <kunit/test.h> |
10 | #include <linux/device.h> |
11 | #include <linux/kernel.h> |
12 | #include <linux/mm.h> |
13 | #include <linux/module.h> |
14 | #include <linux/overflow.h> |
15 | #include <linux/slab.h> |
16 | #include <linux/types.h> |
17 | #include <linux/vmalloc.h> |
18 | |
19 | #define SKIP(cond, reason) do { \ |
20 | if (cond) { \ |
21 | kunit_skip(test, reason); \ |
22 | return; \ |
23 | } \ |
24 | } while (0) |
25 | |
26 | /* |
27 | * Clang 11 and earlier generate unwanted libcalls for signed output |
28 | * on unsigned input. |
29 | */ |
30 | #if defined(CONFIG_CC_IS_CLANG) && __clang_major__ <= 11 |
31 | # define SKIP_SIGN_MISMATCH(t) SKIP(t, "Clang 11 unwanted libcalls") |
32 | #else |
33 | # define SKIP_SIGN_MISMATCH(t) do { } while (0) |
34 | #endif |
35 | |
36 | /* |
37 | * Clang 13 and earlier generate unwanted libcalls for 64-bit tests on |
38 | * 32-bit hosts. |
39 | */ |
40 | #if defined(CONFIG_CC_IS_CLANG) && __clang_major__ <= 13 && \ |
41 | BITS_PER_LONG != 64 |
42 | # define SKIP_64_ON_32(t) SKIP(t, "Clang 13 unwanted libcalls") |
43 | #else |
44 | # define SKIP_64_ON_32(t) do { } while (0) |
45 | #endif |
46 | |
47 | #define DEFINE_TEST_ARRAY_TYPED(t1, t2, t) \ |
48 | static const struct test_ ## t1 ## _ ## t2 ## __ ## t { \ |
49 | t1 a; \ |
50 | t2 b; \ |
51 | t sum, diff, prod; \ |
52 | bool s_of, d_of, p_of; \ |
53 | } t1 ## _ ## t2 ## __ ## t ## _tests[] |
54 | |
55 | #define DEFINE_TEST_ARRAY(t) DEFINE_TEST_ARRAY_TYPED(t, t, t) |
56 | |
57 | DEFINE_TEST_ARRAY(u8) = { |
58 | {0, 0, 0, 0, 0, false, false, false}, |
59 | {1, 1, 2, 0, 1, false, false, false}, |
60 | {0, 1, 1, U8_MAX, 0, false, true, false}, |
61 | {1, 0, 1, 1, 0, false, false, false}, |
62 | {0, U8_MAX, U8_MAX, 1, 0, false, true, false}, |
63 | {U8_MAX, 0, U8_MAX, U8_MAX, 0, false, false, false}, |
64 | {1, U8_MAX, 0, 2, U8_MAX, true, true, false}, |
65 | {U8_MAX, 1, 0, U8_MAX-1, U8_MAX, true, false, false}, |
66 | {U8_MAX, U8_MAX, U8_MAX-1, 0, 1, true, false, true}, |
67 | |
68 | {U8_MAX, U8_MAX-1, U8_MAX-2, 1, 2, true, false, true}, |
69 | {U8_MAX-1, U8_MAX, U8_MAX-2, U8_MAX, 2, true, true, true}, |
70 | |
71 | {1U << 3, 1U << 3, 1U << 4, 0, 1U << 6, false, false, false}, |
72 | {1U << 4, 1U << 4, 1U << 5, 0, 0, false, false, true}, |
73 | {1U << 4, 1U << 3, 3*(1U << 3), 1U << 3, 1U << 7, false, false, false}, |
74 | {1U << 7, 1U << 7, 0, 0, 0, true, false, true}, |
75 | |
76 | {48, 32, 80, 16, 0, false, false, true}, |
77 | {128, 128, 0, 0, 0, true, false, true}, |
78 | {123, 234, 101, 145, 110, true, true, true}, |
79 | }; |
80 | DEFINE_TEST_ARRAY(u16) = { |
81 | {0, 0, 0, 0, 0, false, false, false}, |
82 | {1, 1, 2, 0, 1, false, false, false}, |
83 | {0, 1, 1, U16_MAX, 0, false, true, false}, |
84 | {1, 0, 1, 1, 0, false, false, false}, |
85 | {0, U16_MAX, U16_MAX, 1, 0, false, true, false}, |
86 | {U16_MAX, 0, U16_MAX, U16_MAX, 0, false, false, false}, |
87 | {1, U16_MAX, 0, 2, U16_MAX, true, true, false}, |
88 | {U16_MAX, 1, 0, U16_MAX-1, U16_MAX, true, false, false}, |
89 | {U16_MAX, U16_MAX, U16_MAX-1, 0, 1, true, false, true}, |
90 | |
91 | {U16_MAX, U16_MAX-1, U16_MAX-2, 1, 2, true, false, true}, |
92 | {U16_MAX-1, U16_MAX, U16_MAX-2, U16_MAX, 2, true, true, true}, |
93 | |
94 | {1U << 7, 1U << 7, 1U << 8, 0, 1U << 14, false, false, false}, |
95 | {1U << 8, 1U << 8, 1U << 9, 0, 0, false, false, true}, |
96 | {1U << 8, 1U << 7, 3*(1U << 7), 1U << 7, 1U << 15, false, false, false}, |
97 | {1U << 15, 1U << 15, 0, 0, 0, true, false, true}, |
98 | |
99 | {123, 234, 357, 65425, 28782, false, true, false}, |
100 | {1234, 2345, 3579, 64425, 10146, false, true, true}, |
101 | }; |
102 | DEFINE_TEST_ARRAY(u32) = { |
103 | {0, 0, 0, 0, 0, false, false, false}, |
104 | {1, 1, 2, 0, 1, false, false, false}, |
105 | {0, 1, 1, U32_MAX, 0, false, true, false}, |
106 | {1, 0, 1, 1, 0, false, false, false}, |
107 | {0, U32_MAX, U32_MAX, 1, 0, false, true, false}, |
108 | {U32_MAX, 0, U32_MAX, U32_MAX, 0, false, false, false}, |
109 | {1, U32_MAX, 0, 2, U32_MAX, true, true, false}, |
110 | {U32_MAX, 1, 0, U32_MAX-1, U32_MAX, true, false, false}, |
111 | {U32_MAX, U32_MAX, U32_MAX-1, 0, 1, true, false, true}, |
112 | |
113 | {U32_MAX, U32_MAX-1, U32_MAX-2, 1, 2, true, false, true}, |
114 | {U32_MAX-1, U32_MAX, U32_MAX-2, U32_MAX, 2, true, true, true}, |
115 | |
116 | {1U << 15, 1U << 15, 1U << 16, 0, 1U << 30, false, false, false}, |
117 | {1U << 16, 1U << 16, 1U << 17, 0, 0, false, false, true}, |
118 | {1U << 16, 1U << 15, 3*(1U << 15), 1U << 15, 1U << 31, false, false, false}, |
119 | {1U << 31, 1U << 31, 0, 0, 0, true, false, true}, |
120 | |
121 | {-2U, 1U, -1U, -3U, -2U, false, false, false}, |
122 | {-4U, 5U, 1U, -9U, -20U, true, false, true}, |
123 | }; |
124 | |
125 | DEFINE_TEST_ARRAY(u64) = { |
126 | {0, 0, 0, 0, 0, false, false, false}, |
127 | {1, 1, 2, 0, 1, false, false, false}, |
128 | {0, 1, 1, U64_MAX, 0, false, true, false}, |
129 | {1, 0, 1, 1, 0, false, false, false}, |
130 | {0, U64_MAX, U64_MAX, 1, 0, false, true, false}, |
131 | {U64_MAX, 0, U64_MAX, U64_MAX, 0, false, false, false}, |
132 | {1, U64_MAX, 0, 2, U64_MAX, true, true, false}, |
133 | {U64_MAX, 1, 0, U64_MAX-1, U64_MAX, true, false, false}, |
134 | {U64_MAX, U64_MAX, U64_MAX-1, 0, 1, true, false, true}, |
135 | |
136 | {U64_MAX, U64_MAX-1, U64_MAX-2, 1, 2, true, false, true}, |
137 | {U64_MAX-1, U64_MAX, U64_MAX-2, U64_MAX, 2, true, true, true}, |
138 | |
139 | {1ULL << 31, 1ULL << 31, 1ULL << 32, 0, 1ULL << 62, false, false, false}, |
140 | {1ULL << 32, 1ULL << 32, 1ULL << 33, 0, 0, false, false, true}, |
141 | {1ULL << 32, 1ULL << 31, 3*(1ULL << 31), 1ULL << 31, 1ULL << 63, false, false, false}, |
142 | {1ULL << 63, 1ULL << 63, 0, 0, 0, true, false, true}, |
143 | {1000000000ULL /* 10^9 */, 10000000000ULL /* 10^10 */, |
144 | 11000000000ULL, 18446744064709551616ULL, 10000000000000000000ULL, |
145 | false, true, false}, |
146 | {-15ULL, 10ULL, -5ULL, -25ULL, -150ULL, false, false, true}, |
147 | }; |
148 | |
149 | DEFINE_TEST_ARRAY(s8) = { |
150 | {0, 0, 0, 0, 0, false, false, false}, |
151 | |
152 | {0, S8_MAX, S8_MAX, -S8_MAX, 0, false, false, false}, |
153 | {S8_MAX, 0, S8_MAX, S8_MAX, 0, false, false, false}, |
154 | {0, S8_MIN, S8_MIN, S8_MIN, 0, false, true, false}, |
155 | {S8_MIN, 0, S8_MIN, S8_MIN, 0, false, false, false}, |
156 | |
157 | {-1, S8_MIN, S8_MAX, S8_MAX, S8_MIN, true, false, true}, |
158 | {S8_MIN, -1, S8_MAX, -S8_MAX, S8_MIN, true, false, true}, |
159 | {-1, S8_MAX, S8_MAX-1, S8_MIN, -S8_MAX, false, false, false}, |
160 | {S8_MAX, -1, S8_MAX-1, S8_MIN, -S8_MAX, false, true, false}, |
161 | {-1, -S8_MAX, S8_MIN, S8_MAX-1, S8_MAX, false, false, false}, |
162 | {-S8_MAX, -1, S8_MIN, S8_MIN+2, S8_MAX, false, false, false}, |
163 | |
164 | {1, S8_MIN, -S8_MAX, -S8_MAX, S8_MIN, false, true, false}, |
165 | {S8_MIN, 1, -S8_MAX, S8_MAX, S8_MIN, false, true, false}, |
166 | {1, S8_MAX, S8_MIN, S8_MIN+2, S8_MAX, true, false, false}, |
167 | {S8_MAX, 1, S8_MIN, S8_MAX-1, S8_MAX, true, false, false}, |
168 | |
169 | {S8_MIN, S8_MIN, 0, 0, 0, true, false, true}, |
170 | {S8_MAX, S8_MAX, -2, 0, 1, true, false, true}, |
171 | |
172 | {-4, -32, -36, 28, -128, false, false, true}, |
173 | {-4, 32, 28, -36, -128, false, false, false}, |
174 | }; |
175 | |
176 | DEFINE_TEST_ARRAY(s16) = { |
177 | {0, 0, 0, 0, 0, false, false, false}, |
178 | |
179 | {0, S16_MAX, S16_MAX, -S16_MAX, 0, false, false, false}, |
180 | {S16_MAX, 0, S16_MAX, S16_MAX, 0, false, false, false}, |
181 | {0, S16_MIN, S16_MIN, S16_MIN, 0, false, true, false}, |
182 | {S16_MIN, 0, S16_MIN, S16_MIN, 0, false, false, false}, |
183 | |
184 | {-1, S16_MIN, S16_MAX, S16_MAX, S16_MIN, true, false, true}, |
185 | {S16_MIN, -1, S16_MAX, -S16_MAX, S16_MIN, true, false, true}, |
186 | {-1, S16_MAX, S16_MAX-1, S16_MIN, -S16_MAX, false, false, false}, |
187 | {S16_MAX, -1, S16_MAX-1, S16_MIN, -S16_MAX, false, true, false}, |
188 | {-1, -S16_MAX, S16_MIN, S16_MAX-1, S16_MAX, false, false, false}, |
189 | {-S16_MAX, -1, S16_MIN, S16_MIN+2, S16_MAX, false, false, false}, |
190 | |
191 | {1, S16_MIN, -S16_MAX, -S16_MAX, S16_MIN, false, true, false}, |
192 | {S16_MIN, 1, -S16_MAX, S16_MAX, S16_MIN, false, true, false}, |
193 | {1, S16_MAX, S16_MIN, S16_MIN+2, S16_MAX, true, false, false}, |
194 | {S16_MAX, 1, S16_MIN, S16_MAX-1, S16_MAX, true, false, false}, |
195 | |
196 | {S16_MIN, S16_MIN, 0, 0, 0, true, false, true}, |
197 | {S16_MAX, S16_MAX, -2, 0, 1, true, false, true}, |
198 | }; |
199 | DEFINE_TEST_ARRAY(s32) = { |
200 | {0, 0, 0, 0, 0, false, false, false}, |
201 | |
202 | {0, S32_MAX, S32_MAX, -S32_MAX, 0, false, false, false}, |
203 | {S32_MAX, 0, S32_MAX, S32_MAX, 0, false, false, false}, |
204 | {0, S32_MIN, S32_MIN, S32_MIN, 0, false, true, false}, |
205 | {S32_MIN, 0, S32_MIN, S32_MIN, 0, false, false, false}, |
206 | |
207 | {-1, S32_MIN, S32_MAX, S32_MAX, S32_MIN, true, false, true}, |
208 | {S32_MIN, -1, S32_MAX, -S32_MAX, S32_MIN, true, false, true}, |
209 | {-1, S32_MAX, S32_MAX-1, S32_MIN, -S32_MAX, false, false, false}, |
210 | {S32_MAX, -1, S32_MAX-1, S32_MIN, -S32_MAX, false, true, false}, |
211 | {-1, -S32_MAX, S32_MIN, S32_MAX-1, S32_MAX, false, false, false}, |
212 | {-S32_MAX, -1, S32_MIN, S32_MIN+2, S32_MAX, false, false, false}, |
213 | |
214 | {1, S32_MIN, -S32_MAX, -S32_MAX, S32_MIN, false, true, false}, |
215 | {S32_MIN, 1, -S32_MAX, S32_MAX, S32_MIN, false, true, false}, |
216 | {1, S32_MAX, S32_MIN, S32_MIN+2, S32_MAX, true, false, false}, |
217 | {S32_MAX, 1, S32_MIN, S32_MAX-1, S32_MAX, true, false, false}, |
218 | |
219 | {S32_MIN, S32_MIN, 0, 0, 0, true, false, true}, |
220 | {S32_MAX, S32_MAX, -2, 0, 1, true, false, true}, |
221 | }; |
222 | |
223 | DEFINE_TEST_ARRAY(s64) = { |
224 | {0, 0, 0, 0, 0, false, false, false}, |
225 | |
226 | {0, S64_MAX, S64_MAX, -S64_MAX, 0, false, false, false}, |
227 | {S64_MAX, 0, S64_MAX, S64_MAX, 0, false, false, false}, |
228 | {0, S64_MIN, S64_MIN, S64_MIN, 0, false, true, false}, |
229 | {S64_MIN, 0, S64_MIN, S64_MIN, 0, false, false, false}, |
230 | |
231 | {-1, S64_MIN, S64_MAX, S64_MAX, S64_MIN, true, false, true}, |
232 | {S64_MIN, -1, S64_MAX, -S64_MAX, S64_MIN, true, false, true}, |
233 | {-1, S64_MAX, S64_MAX-1, S64_MIN, -S64_MAX, false, false, false}, |
234 | {S64_MAX, -1, S64_MAX-1, S64_MIN, -S64_MAX, false, true, false}, |
235 | {-1, -S64_MAX, S64_MIN, S64_MAX-1, S64_MAX, false, false, false}, |
236 | {-S64_MAX, -1, S64_MIN, S64_MIN+2, S64_MAX, false, false, false}, |
237 | |
238 | {1, S64_MIN, -S64_MAX, -S64_MAX, S64_MIN, false, true, false}, |
239 | {S64_MIN, 1, -S64_MAX, S64_MAX, S64_MIN, false, true, false}, |
240 | {1, S64_MAX, S64_MIN, S64_MIN+2, S64_MAX, true, false, false}, |
241 | {S64_MAX, 1, S64_MIN, S64_MAX-1, S64_MAX, true, false, false}, |
242 | |
243 | {S64_MIN, S64_MIN, 0, 0, 0, true, false, true}, |
244 | {S64_MAX, S64_MAX, -2, 0, 1, true, false, true}, |
245 | |
246 | {-1, -1, -2, 0, 1, false, false, false}, |
247 | {-1, -128, -129, 127, 128, false, false, false}, |
248 | {-128, -1, -129, -127, 128, false, false, false}, |
249 | {0, -S64_MAX, -S64_MAX, S64_MAX, 0, false, false, false}, |
250 | }; |
251 | |
252 | #define check_one_op(t, fmt, op, sym, a, b, r, of) do { \ |
253 | int _a_orig = a, _a_bump = a + 1; \ |
254 | int _b_orig = b, _b_bump = b + 1; \ |
255 | bool _of; \ |
256 | t _r; \ |
257 | \ |
258 | _of = check_ ## op ## _overflow(a, b, &_r); \ |
259 | KUNIT_EXPECT_EQ_MSG(test, _of, of, \ |
260 | "expected "fmt" "sym" "fmt" to%s overflow (type %s)\n", \ |
261 | a, b, of ? "" : " not", #t); \ |
262 | KUNIT_EXPECT_EQ_MSG(test, _r, r, \ |
263 | "expected "fmt" "sym" "fmt" == "fmt", got "fmt" (type %s)\n", \ |
264 | a, b, r, _r, #t); \ |
265 | /* Check for internal macro side-effects. */ \ |
266 | _of = check_ ## op ## _overflow(_a_orig++, _b_orig++, &_r); \ |
267 | KUNIT_EXPECT_EQ_MSG(test, _a_orig, _a_bump, "Unexpected " #op " macro side-effect!\n"); \ |
268 | KUNIT_EXPECT_EQ_MSG(test, _b_orig, _b_bump, "Unexpected " #op " macro side-effect!\n"); \ |
269 | } while (0) |
270 | |
271 | #define DEFINE_TEST_FUNC_TYPED(n, t, fmt) \ |
272 | static void do_test_ ## n(struct kunit *test, const struct test_ ## n *p) \ |
273 | { \ |
274 | check_one_op(t, fmt, add, "+", p->a, p->b, p->sum, p->s_of); \ |
275 | check_one_op(t, fmt, add, "+", p->b, p->a, p->sum, p->s_of); \ |
276 | check_one_op(t, fmt, sub, "-", p->a, p->b, p->diff, p->d_of); \ |
277 | check_one_op(t, fmt, mul, "*", p->a, p->b, p->prod, p->p_of); \ |
278 | check_one_op(t, fmt, mul, "*", p->b, p->a, p->prod, p->p_of); \ |
279 | } \ |
280 | \ |
281 | static void n ## _overflow_test(struct kunit *test) { \ |
282 | unsigned i; \ |
283 | \ |
284 | SKIP_64_ON_32(__same_type(t, u64)); \ |
285 | SKIP_64_ON_32(__same_type(t, s64)); \ |
286 | SKIP_SIGN_MISMATCH(__same_type(n ## _tests[0].a, u32) && \ |
287 | __same_type(n ## _tests[0].b, u32) && \ |
288 | __same_type(n ## _tests[0].sum, int)); \ |
289 | \ |
290 | for (i = 0; i < ARRAY_SIZE(n ## _tests); ++i) \ |
291 | do_test_ ## n(test, &n ## _tests[i]); \ |
292 | kunit_info(test, "%zu %s arithmetic tests finished\n", \ |
293 | ARRAY_SIZE(n ## _tests), #n); \ |
294 | } |
295 | |
296 | #define DEFINE_TEST_FUNC(t, fmt) \ |
297 | DEFINE_TEST_FUNC_TYPED(t ## _ ## t ## __ ## t, t, fmt) |
298 | |
299 | DEFINE_TEST_FUNC(u8, "%d" ); |
300 | DEFINE_TEST_FUNC(s8, "%d" ); |
301 | DEFINE_TEST_FUNC(u16, "%d" ); |
302 | DEFINE_TEST_FUNC(s16, "%d" ); |
303 | DEFINE_TEST_FUNC(u32, "%u" ); |
304 | DEFINE_TEST_FUNC(s32, "%d" ); |
305 | DEFINE_TEST_FUNC(u64, "%llu" ); |
306 | DEFINE_TEST_FUNC(s64, "%lld" ); |
307 | |
308 | DEFINE_TEST_ARRAY_TYPED(u32, u32, u8) = { |
309 | {0, 0, 0, 0, 0, false, false, false}, |
310 | {U8_MAX, 2, 1, U8_MAX - 2, U8_MAX - 1, true, false, true}, |
311 | {U8_MAX + 1, 0, 0, 0, 0, true, true, false}, |
312 | }; |
313 | DEFINE_TEST_FUNC_TYPED(u32_u32__u8, u8, "%d" ); |
314 | |
315 | DEFINE_TEST_ARRAY_TYPED(u32, u32, int) = { |
316 | {0, 0, 0, 0, 0, false, false, false}, |
317 | {U32_MAX, 0, -1, -1, 0, true, true, false}, |
318 | }; |
319 | DEFINE_TEST_FUNC_TYPED(u32_u32__int, int, "%d" ); |
320 | |
321 | DEFINE_TEST_ARRAY_TYPED(u8, u8, int) = { |
322 | {0, 0, 0, 0, 0, false, false, false}, |
323 | {U8_MAX, U8_MAX, 2 * U8_MAX, 0, U8_MAX * U8_MAX, false, false, false}, |
324 | {1, 2, 3, -1, 2, false, false, false}, |
325 | }; |
326 | DEFINE_TEST_FUNC_TYPED(u8_u8__int, int, "%d" ); |
327 | |
328 | DEFINE_TEST_ARRAY_TYPED(int, int, u8) = { |
329 | {0, 0, 0, 0, 0, false, false, false}, |
330 | {1, 2, 3, U8_MAX, 2, false, true, false}, |
331 | {-1, 0, U8_MAX, U8_MAX, 0, true, true, false}, |
332 | }; |
333 | DEFINE_TEST_FUNC_TYPED(int_int__u8, u8, "%d" ); |
334 | |
335 | /* Args are: value, shift, type, expected result, overflow expected */ |
336 | #define TEST_ONE_SHIFT(a, s, t, expect, of) do { \ |
337 | typeof(a) __a = (a); \ |
338 | typeof(s) __s = (s); \ |
339 | t __e = (expect); \ |
340 | t __d; \ |
341 | bool __of = check_shl_overflow(__a, __s, &__d); \ |
342 | if (__of != of) { \ |
343 | KUNIT_EXPECT_EQ_MSG(test, __of, of, \ |
344 | "expected (%s)(%s << %s) to%s overflow\n", \ |
345 | #t, #a, #s, of ? "" : " not"); \ |
346 | } else if (!__of && __d != __e) { \ |
347 | KUNIT_EXPECT_EQ_MSG(test, __d, __e, \ |
348 | "expected (%s)(%s << %s) == %s\n", \ |
349 | #t, #a, #s, #expect); \ |
350 | if ((t)-1 < 0) \ |
351 | kunit_info(test, "got %lld\n", (s64)__d); \ |
352 | else \ |
353 | kunit_info(test, "got %llu\n", (u64)__d); \ |
354 | } \ |
355 | count++; \ |
356 | } while (0) |
357 | |
358 | static void shift_sane_test(struct kunit *test) |
359 | { |
360 | int count = 0; |
361 | |
362 | /* Sane shifts. */ |
363 | TEST_ONE_SHIFT(1, 0, u8, 1 << 0, false); |
364 | TEST_ONE_SHIFT(1, 4, u8, 1 << 4, false); |
365 | TEST_ONE_SHIFT(1, 7, u8, 1 << 7, false); |
366 | TEST_ONE_SHIFT(0xF, 4, u8, 0xF << 4, false); |
367 | TEST_ONE_SHIFT(1, 0, u16, 1 << 0, false); |
368 | TEST_ONE_SHIFT(1, 10, u16, 1 << 10, false); |
369 | TEST_ONE_SHIFT(1, 15, u16, 1 << 15, false); |
370 | TEST_ONE_SHIFT(0xFF, 8, u16, 0xFF << 8, false); |
371 | TEST_ONE_SHIFT(1, 0, int, 1 << 0, false); |
372 | TEST_ONE_SHIFT(1, 16, int, 1 << 16, false); |
373 | TEST_ONE_SHIFT(1, 30, int, 1 << 30, false); |
374 | TEST_ONE_SHIFT(1, 0, s32, 1 << 0, false); |
375 | TEST_ONE_SHIFT(1, 16, s32, 1 << 16, false); |
376 | TEST_ONE_SHIFT(1, 30, s32, 1 << 30, false); |
377 | TEST_ONE_SHIFT(1, 0, unsigned int, 1U << 0, false); |
378 | TEST_ONE_SHIFT(1, 20, unsigned int, 1U << 20, false); |
379 | TEST_ONE_SHIFT(1, 31, unsigned int, 1U << 31, false); |
380 | TEST_ONE_SHIFT(0xFFFFU, 16, unsigned int, 0xFFFFU << 16, false); |
381 | TEST_ONE_SHIFT(1, 0, u32, 1U << 0, false); |
382 | TEST_ONE_SHIFT(1, 20, u32, 1U << 20, false); |
383 | TEST_ONE_SHIFT(1, 31, u32, 1U << 31, false); |
384 | TEST_ONE_SHIFT(0xFFFFU, 16, u32, 0xFFFFU << 16, false); |
385 | TEST_ONE_SHIFT(1, 0, u64, 1ULL << 0, false); |
386 | TEST_ONE_SHIFT(1, 40, u64, 1ULL << 40, false); |
387 | TEST_ONE_SHIFT(1, 63, u64, 1ULL << 63, false); |
388 | TEST_ONE_SHIFT(0xFFFFFFFFULL, 32, u64, 0xFFFFFFFFULL << 32, false); |
389 | |
390 | /* Sane shift: start and end with 0, without a too-wide shift. */ |
391 | TEST_ONE_SHIFT(0, 7, u8, 0, false); |
392 | TEST_ONE_SHIFT(0, 15, u16, 0, false); |
393 | TEST_ONE_SHIFT(0, 31, unsigned int, 0, false); |
394 | TEST_ONE_SHIFT(0, 31, u32, 0, false); |
395 | TEST_ONE_SHIFT(0, 63, u64, 0, false); |
396 | |
397 | /* Sane shift: start and end with 0, without reaching signed bit. */ |
398 | TEST_ONE_SHIFT(0, 6, s8, 0, false); |
399 | TEST_ONE_SHIFT(0, 14, s16, 0, false); |
400 | TEST_ONE_SHIFT(0, 30, int, 0, false); |
401 | TEST_ONE_SHIFT(0, 30, s32, 0, false); |
402 | TEST_ONE_SHIFT(0, 62, s64, 0, false); |
403 | |
404 | kunit_info(test, "%d sane shift tests finished\n" , count); |
405 | } |
406 | |
407 | static void shift_overflow_test(struct kunit *test) |
408 | { |
409 | int count = 0; |
410 | |
411 | /* Overflow: shifted the bit off the end. */ |
412 | TEST_ONE_SHIFT(1, 8, u8, 0, true); |
413 | TEST_ONE_SHIFT(1, 16, u16, 0, true); |
414 | TEST_ONE_SHIFT(1, 32, unsigned int, 0, true); |
415 | TEST_ONE_SHIFT(1, 32, u32, 0, true); |
416 | TEST_ONE_SHIFT(1, 64, u64, 0, true); |
417 | |
418 | /* Overflow: shifted into the signed bit. */ |
419 | TEST_ONE_SHIFT(1, 7, s8, 0, true); |
420 | TEST_ONE_SHIFT(1, 15, s16, 0, true); |
421 | TEST_ONE_SHIFT(1, 31, int, 0, true); |
422 | TEST_ONE_SHIFT(1, 31, s32, 0, true); |
423 | TEST_ONE_SHIFT(1, 63, s64, 0, true); |
424 | |
425 | /* Overflow: high bit falls off unsigned types. */ |
426 | /* 10010110 */ |
427 | TEST_ONE_SHIFT(150, 1, u8, 0, true); |
428 | /* 1000100010010110 */ |
429 | TEST_ONE_SHIFT(34966, 1, u16, 0, true); |
430 | /* 10000100000010001000100010010110 */ |
431 | TEST_ONE_SHIFT(2215151766U, 1, u32, 0, true); |
432 | TEST_ONE_SHIFT(2215151766U, 1, unsigned int, 0, true); |
433 | /* 1000001000010000010000000100000010000100000010001000100010010110 */ |
434 | TEST_ONE_SHIFT(9372061470395238550ULL, 1, u64, 0, true); |
435 | |
436 | /* Overflow: bit shifted into signed bit on signed types. */ |
437 | /* 01001011 */ |
438 | TEST_ONE_SHIFT(75, 1, s8, 0, true); |
439 | /* 0100010001001011 */ |
440 | TEST_ONE_SHIFT(17483, 1, s16, 0, true); |
441 | /* 01000010000001000100010001001011 */ |
442 | TEST_ONE_SHIFT(1107575883, 1, s32, 0, true); |
443 | TEST_ONE_SHIFT(1107575883, 1, int, 0, true); |
444 | /* 0100000100001000001000000010000001000010000001000100010001001011 */ |
445 | TEST_ONE_SHIFT(4686030735197619275LL, 1, s64, 0, true); |
446 | |
447 | /* Overflow: bit shifted past signed bit on signed types. */ |
448 | /* 01001011 */ |
449 | TEST_ONE_SHIFT(75, 2, s8, 0, true); |
450 | /* 0100010001001011 */ |
451 | TEST_ONE_SHIFT(17483, 2, s16, 0, true); |
452 | /* 01000010000001000100010001001011 */ |
453 | TEST_ONE_SHIFT(1107575883, 2, s32, 0, true); |
454 | TEST_ONE_SHIFT(1107575883, 2, int, 0, true); |
455 | /* 0100000100001000001000000010000001000010000001000100010001001011 */ |
456 | TEST_ONE_SHIFT(4686030735197619275LL, 2, s64, 0, true); |
457 | |
458 | kunit_info(test, "%d overflow shift tests finished\n" , count); |
459 | } |
460 | |
461 | static void shift_truncate_test(struct kunit *test) |
462 | { |
463 | int count = 0; |
464 | |
465 | /* Overflow: values larger than destination type. */ |
466 | TEST_ONE_SHIFT(0x100, 0, u8, 0, true); |
467 | TEST_ONE_SHIFT(0xFF, 0, s8, 0, true); |
468 | TEST_ONE_SHIFT(0x10000U, 0, u16, 0, true); |
469 | TEST_ONE_SHIFT(0xFFFFU, 0, s16, 0, true); |
470 | TEST_ONE_SHIFT(0x100000000ULL, 0, u32, 0, true); |
471 | TEST_ONE_SHIFT(0x100000000ULL, 0, unsigned int, 0, true); |
472 | TEST_ONE_SHIFT(0xFFFFFFFFUL, 0, s32, 0, true); |
473 | TEST_ONE_SHIFT(0xFFFFFFFFUL, 0, int, 0, true); |
474 | TEST_ONE_SHIFT(0xFFFFFFFFFFFFFFFFULL, 0, s64, 0, true); |
475 | |
476 | /* Overflow: shifted at or beyond entire type's bit width. */ |
477 | TEST_ONE_SHIFT(0, 8, u8, 0, true); |
478 | TEST_ONE_SHIFT(0, 9, u8, 0, true); |
479 | TEST_ONE_SHIFT(0, 8, s8, 0, true); |
480 | TEST_ONE_SHIFT(0, 9, s8, 0, true); |
481 | TEST_ONE_SHIFT(0, 16, u16, 0, true); |
482 | TEST_ONE_SHIFT(0, 17, u16, 0, true); |
483 | TEST_ONE_SHIFT(0, 16, s16, 0, true); |
484 | TEST_ONE_SHIFT(0, 17, s16, 0, true); |
485 | TEST_ONE_SHIFT(0, 32, u32, 0, true); |
486 | TEST_ONE_SHIFT(0, 33, u32, 0, true); |
487 | TEST_ONE_SHIFT(0, 32, int, 0, true); |
488 | TEST_ONE_SHIFT(0, 33, int, 0, true); |
489 | TEST_ONE_SHIFT(0, 32, s32, 0, true); |
490 | TEST_ONE_SHIFT(0, 33, s32, 0, true); |
491 | TEST_ONE_SHIFT(0, 64, u64, 0, true); |
492 | TEST_ONE_SHIFT(0, 65, u64, 0, true); |
493 | TEST_ONE_SHIFT(0, 64, s64, 0, true); |
494 | TEST_ONE_SHIFT(0, 65, s64, 0, true); |
495 | |
496 | kunit_info(test, "%d truncate shift tests finished\n" , count); |
497 | } |
498 | |
499 | static void shift_nonsense_test(struct kunit *test) |
500 | { |
501 | int count = 0; |
502 | |
503 | /* Nonsense: negative initial value. */ |
504 | TEST_ONE_SHIFT(-1, 0, s8, 0, true); |
505 | TEST_ONE_SHIFT(-1, 0, u8, 0, true); |
506 | TEST_ONE_SHIFT(-5, 0, s16, 0, true); |
507 | TEST_ONE_SHIFT(-5, 0, u16, 0, true); |
508 | TEST_ONE_SHIFT(-10, 0, int, 0, true); |
509 | TEST_ONE_SHIFT(-10, 0, unsigned int, 0, true); |
510 | TEST_ONE_SHIFT(-100, 0, s32, 0, true); |
511 | TEST_ONE_SHIFT(-100, 0, u32, 0, true); |
512 | TEST_ONE_SHIFT(-10000, 0, s64, 0, true); |
513 | TEST_ONE_SHIFT(-10000, 0, u64, 0, true); |
514 | |
515 | /* Nonsense: negative shift values. */ |
516 | TEST_ONE_SHIFT(0, -5, s8, 0, true); |
517 | TEST_ONE_SHIFT(0, -5, u8, 0, true); |
518 | TEST_ONE_SHIFT(0, -10, s16, 0, true); |
519 | TEST_ONE_SHIFT(0, -10, u16, 0, true); |
520 | TEST_ONE_SHIFT(0, -15, int, 0, true); |
521 | TEST_ONE_SHIFT(0, -15, unsigned int, 0, true); |
522 | TEST_ONE_SHIFT(0, -20, s32, 0, true); |
523 | TEST_ONE_SHIFT(0, -20, u32, 0, true); |
524 | TEST_ONE_SHIFT(0, -30, s64, 0, true); |
525 | TEST_ONE_SHIFT(0, -30, u64, 0, true); |
526 | |
527 | /* |
528 | * Corner case: for unsigned types, we fail when we've shifted |
529 | * through the entire width of bits. For signed types, we might |
530 | * want to match this behavior, but that would mean noticing if |
531 | * we shift through all but the signed bit, and this is not |
532 | * currently detected (but we'll notice an overflow into the |
533 | * signed bit). So, for now, we will test this condition but |
534 | * mark it as not expected to overflow. |
535 | */ |
536 | TEST_ONE_SHIFT(0, 7, s8, 0, false); |
537 | TEST_ONE_SHIFT(0, 15, s16, 0, false); |
538 | TEST_ONE_SHIFT(0, 31, int, 0, false); |
539 | TEST_ONE_SHIFT(0, 31, s32, 0, false); |
540 | TEST_ONE_SHIFT(0, 63, s64, 0, false); |
541 | |
542 | kunit_info(test, "%d nonsense shift tests finished\n" , count); |
543 | } |
544 | #undef TEST_ONE_SHIFT |
545 | |
546 | /* |
547 | * Deal with the various forms of allocator arguments. See comments above |
548 | * the DEFINE_TEST_ALLOC() instances for mapping of the "bits". |
549 | */ |
550 | #define alloc_GFP (GFP_KERNEL | __GFP_NOWARN) |
551 | #define alloc010(alloc, arg, sz) alloc(sz, alloc_GFP) |
552 | #define alloc011(alloc, arg, sz) alloc(sz, alloc_GFP, NUMA_NO_NODE) |
553 | #define alloc000(alloc, arg, sz) alloc(sz) |
554 | #define alloc001(alloc, arg, sz) alloc(sz, NUMA_NO_NODE) |
555 | #define alloc110(alloc, arg, sz) alloc(arg, sz, alloc_GFP) |
556 | #define free0(free, arg, ptr) free(ptr) |
557 | #define free1(free, arg, ptr) free(arg, ptr) |
558 | |
559 | /* Wrap around to 16K */ |
560 | #define TEST_SIZE (5 * 4096) |
561 | |
562 | #define DEFINE_TEST_ALLOC(func, free_func, want_arg, want_gfp, want_node)\ |
563 | static void test_ ## func (struct kunit *test, void *arg) \ |
564 | { \ |
565 | volatile size_t a = TEST_SIZE; \ |
566 | volatile size_t b = (SIZE_MAX / TEST_SIZE) + 1; \ |
567 | void *ptr; \ |
568 | \ |
569 | /* Tiny allocation test. */ \ |
570 | ptr = alloc ## want_arg ## want_gfp ## want_node (func, arg, 1);\ |
571 | KUNIT_ASSERT_NOT_ERR_OR_NULL_MSG(test, ptr, \ |
572 | #func " failed regular allocation?!\n"); \ |
573 | free ## want_arg (free_func, arg, ptr); \ |
574 | \ |
575 | /* Wrapped allocation test. */ \ |
576 | ptr = alloc ## want_arg ## want_gfp ## want_node (func, arg, \ |
577 | a * b); \ |
578 | KUNIT_ASSERT_NOT_ERR_OR_NULL_MSG(test, ptr, \ |
579 | #func " unexpectedly failed bad wrapping?!\n"); \ |
580 | free ## want_arg (free_func, arg, ptr); \ |
581 | \ |
582 | /* Saturated allocation test. */ \ |
583 | ptr = alloc ## want_arg ## want_gfp ## want_node (func, arg, \ |
584 | array_size(a, b)); \ |
585 | if (ptr) { \ |
586 | KUNIT_FAIL(test, #func " missed saturation!\n"); \ |
587 | free ## want_arg (free_func, arg, ptr); \ |
588 | } \ |
589 | } |
590 | |
591 | /* |
592 | * Allocator uses a trailing node argument --------+ (e.g. kmalloc_node()) |
593 | * Allocator uses the gfp_t argument -----------+ | (e.g. kmalloc()) |
594 | * Allocator uses a special leading argument + | | (e.g. devm_kmalloc()) |
595 | * | | | |
596 | */ |
597 | DEFINE_TEST_ALLOC(kmalloc, kfree, 0, 1, 0); |
598 | DEFINE_TEST_ALLOC(kmalloc_node, kfree, 0, 1, 1); |
599 | DEFINE_TEST_ALLOC(kzalloc, kfree, 0, 1, 0); |
600 | DEFINE_TEST_ALLOC(kzalloc_node, kfree, 0, 1, 1); |
601 | DEFINE_TEST_ALLOC(__vmalloc, vfree, 0, 1, 0); |
602 | DEFINE_TEST_ALLOC(kvmalloc, kvfree, 0, 1, 0); |
603 | DEFINE_TEST_ALLOC(kvmalloc_node, kvfree, 0, 1, 1); |
604 | DEFINE_TEST_ALLOC(kvzalloc, kvfree, 0, 1, 0); |
605 | DEFINE_TEST_ALLOC(kvzalloc_node, kvfree, 0, 1, 1); |
606 | DEFINE_TEST_ALLOC(devm_kmalloc, devm_kfree, 1, 1, 0); |
607 | DEFINE_TEST_ALLOC(devm_kzalloc, devm_kfree, 1, 1, 0); |
608 | |
609 | static void overflow_allocation_test(struct kunit *test) |
610 | { |
611 | const char device_name[] = "overflow-test" ; |
612 | struct device *dev; |
613 | int count = 0; |
614 | |
615 | #define check_allocation_overflow(alloc) do { \ |
616 | count++; \ |
617 | test_ ## alloc(test, dev); \ |
618 | } while (0) |
619 | |
620 | /* Create dummy device for devm_kmalloc()-family tests. */ |
621 | dev = root_device_register(device_name); |
622 | KUNIT_ASSERT_FALSE_MSG(test, IS_ERR(dev), |
623 | "Cannot register test device\n" ); |
624 | |
625 | check_allocation_overflow(kmalloc); |
626 | check_allocation_overflow(kmalloc_node); |
627 | check_allocation_overflow(kzalloc); |
628 | check_allocation_overflow(kzalloc_node); |
629 | check_allocation_overflow(__vmalloc); |
630 | check_allocation_overflow(kvmalloc); |
631 | check_allocation_overflow(kvmalloc_node); |
632 | check_allocation_overflow(kvzalloc); |
633 | check_allocation_overflow(kvzalloc_node); |
634 | check_allocation_overflow(devm_kmalloc); |
635 | check_allocation_overflow(devm_kzalloc); |
636 | |
637 | device_unregister(dev); |
638 | |
639 | kunit_info(test, "%d allocation overflow tests finished\n" , count); |
640 | #undef check_allocation_overflow |
641 | } |
642 | |
643 | struct __test_flex_array { |
644 | unsigned long flags; |
645 | size_t count; |
646 | unsigned long data[]; |
647 | }; |
648 | |
649 | static void overflow_size_helpers_test(struct kunit *test) |
650 | { |
651 | /* Make sure struct_size() can be used in a constant expression. */ |
652 | u8 ce_array[struct_size_t(struct __test_flex_array, data, 55)]; |
653 | struct __test_flex_array *obj; |
654 | int count = 0; |
655 | int var; |
656 | volatile int unconst = 0; |
657 | |
658 | /* Verify constant expression against runtime version. */ |
659 | var = 55; |
660 | OPTIMIZER_HIDE_VAR(var); |
661 | KUNIT_EXPECT_EQ(test, sizeof(ce_array), struct_size(obj, data, var)); |
662 | |
663 | #define check_one_size_helper(expected, func, args...) do { \ |
664 | size_t _r = func(args); \ |
665 | KUNIT_EXPECT_EQ_MSG(test, _r, expected, \ |
666 | "expected " #func "(" #args ") to return %zu but got %zu instead\n", \ |
667 | (size_t)(expected), _r); \ |
668 | count++; \ |
669 | } while (0) |
670 | |
671 | var = 4; |
672 | check_one_size_helper(20, size_mul, var++, 5); |
673 | check_one_size_helper(20, size_mul, 4, var++); |
674 | check_one_size_helper(0, size_mul, 0, 3); |
675 | check_one_size_helper(0, size_mul, 3, 0); |
676 | check_one_size_helper(6, size_mul, 2, 3); |
677 | check_one_size_helper(SIZE_MAX, size_mul, SIZE_MAX, 1); |
678 | check_one_size_helper(SIZE_MAX, size_mul, SIZE_MAX, 3); |
679 | check_one_size_helper(SIZE_MAX, size_mul, SIZE_MAX, -3); |
680 | |
681 | var = 4; |
682 | check_one_size_helper(9, size_add, var++, 5); |
683 | check_one_size_helper(9, size_add, 4, var++); |
684 | check_one_size_helper(9, size_add, 9, 0); |
685 | check_one_size_helper(9, size_add, 0, 9); |
686 | check_one_size_helper(5, size_add, 2, 3); |
687 | check_one_size_helper(SIZE_MAX, size_add, SIZE_MAX, 1); |
688 | check_one_size_helper(SIZE_MAX, size_add, SIZE_MAX, 3); |
689 | check_one_size_helper(SIZE_MAX, size_add, SIZE_MAX, -3); |
690 | |
691 | var = 4; |
692 | check_one_size_helper(1, size_sub, var--, 3); |
693 | check_one_size_helper(1, size_sub, 4, var--); |
694 | check_one_size_helper(1, size_sub, 3, 2); |
695 | check_one_size_helper(9, size_sub, 9, 0); |
696 | check_one_size_helper(SIZE_MAX, size_sub, 9, -3); |
697 | check_one_size_helper(SIZE_MAX, size_sub, 0, 9); |
698 | check_one_size_helper(SIZE_MAX, size_sub, 2, 3); |
699 | check_one_size_helper(SIZE_MAX, size_sub, SIZE_MAX, 0); |
700 | check_one_size_helper(SIZE_MAX, size_sub, SIZE_MAX, 10); |
701 | check_one_size_helper(SIZE_MAX, size_sub, 0, SIZE_MAX); |
702 | check_one_size_helper(SIZE_MAX, size_sub, 14, SIZE_MAX); |
703 | check_one_size_helper(SIZE_MAX - 2, size_sub, SIZE_MAX - 1, 1); |
704 | check_one_size_helper(SIZE_MAX - 4, size_sub, SIZE_MAX - 1, 3); |
705 | check_one_size_helper(1, size_sub, SIZE_MAX - 1, -3); |
706 | |
707 | var = 4; |
708 | check_one_size_helper(4 * sizeof(*obj->data), |
709 | flex_array_size, obj, data, var++); |
710 | check_one_size_helper(5 * sizeof(*obj->data), |
711 | flex_array_size, obj, data, var++); |
712 | check_one_size_helper(0, flex_array_size, obj, data, 0 + unconst); |
713 | check_one_size_helper(sizeof(*obj->data), |
714 | flex_array_size, obj, data, 1 + unconst); |
715 | check_one_size_helper(7 * sizeof(*obj->data), |
716 | flex_array_size, obj, data, 7 + unconst); |
717 | check_one_size_helper(SIZE_MAX, |
718 | flex_array_size, obj, data, -1 + unconst); |
719 | check_one_size_helper(SIZE_MAX, |
720 | flex_array_size, obj, data, SIZE_MAX - 4 + unconst); |
721 | |
722 | var = 4; |
723 | check_one_size_helper(sizeof(*obj) + (4 * sizeof(*obj->data)), |
724 | struct_size, obj, data, var++); |
725 | check_one_size_helper(sizeof(*obj) + (5 * sizeof(*obj->data)), |
726 | struct_size, obj, data, var++); |
727 | check_one_size_helper(sizeof(*obj), struct_size, obj, data, 0 + unconst); |
728 | check_one_size_helper(sizeof(*obj) + sizeof(*obj->data), |
729 | struct_size, obj, data, 1 + unconst); |
730 | check_one_size_helper(SIZE_MAX, |
731 | struct_size, obj, data, -3 + unconst); |
732 | check_one_size_helper(SIZE_MAX, |
733 | struct_size, obj, data, SIZE_MAX - 3 + unconst); |
734 | |
735 | kunit_info(test, "%d overflow size helper tests finished\n" , count); |
736 | #undef check_one_size_helper |
737 | } |
738 | |
739 | static void overflows_type_test(struct kunit *test) |
740 | { |
741 | int count = 0; |
742 | unsigned int var; |
743 | |
744 | #define __TEST_OVERFLOWS_TYPE(func, arg1, arg2, of) do { \ |
745 | bool |
---|