Re: [PATCH] kunit: run test suites only after module initialization completes

Jinjie Ruan <ruanjinjie@xxxxxxxxxx> · Tue, 17 Oct 2023 09:28:00 +0800

On 2023/10/17 4:35, Marco Pagani wrote:
> Commit 2810c1e99867 ("kunit: Fix wild-memory-access bug in
> kunit_free_suite_set()") is causing all test suites to run (when
> built as modules) while still in MODULE_STATE_COMING. In that state,
> test modules are not fully initialized and lack sysfs kobjects.
> This behavior can cause a crash if the test module tries to register
> fake devices.
> 
> This patch restores the normal execution flow, waiting for the module
> initialization to complete before running the test suites.
> The issue reported in the commit mentioned above is addressed using
> virt_addr_valid() to detect if the module loading has failed
> and mod->kunit_suites has not been allocated using kmalloc_array().
> 
> Fixes: 2810c1e99867 ("kunit: Fix wild-memory-access bug in kunit_free_suite_set()")
> Signed-off-by: Marco Pagani <marpagan@xxxxxxxxxx>
> ---
>  lib/kunit/test.c | 8 +++++---
>  1 file changed, 5 insertions(+), 3 deletions(-)
> 
> diff --git a/lib/kunit/test.c b/lib/kunit/test.c
> index 421f13981412..1a49569186fc 100644
> --- a/lib/kunit/test.c
> +++ b/lib/kunit/test.c
> @@ -769,12 +769,14 @@ static void kunit_module_exit(struct module *mod)
>  	};
>  	const char *action = kunit_action();
>  
> +	if (!suite_set.start || !virt_addr_valid(suite_set.start))
> +		return;
> +
>  	if (!action)
>  		__kunit_test_suites_exit(mod->kunit_suites,
>  					 mod->num_kunit_suites);

If the module state is from MODULE_STATE_LIVE to MODULE_STATE_GOING, in
kunit_module_init() the kunit_exec_run_tests() is executed when action
is NULL whether kunit_filter_suites() succeeds or not. But in
kunit_module_exit() __kunit_test_suites_exit() will not be executed when
action is NULL if kunit_filter_suites() fails.

>  
> -	if (suite_set.start)
> -		kunit_free_suite_set(suite_set);
> +	kunit_free_suite_set(suite_set);
>  }
>  
>  static int kunit_module_notify(struct notifier_block *nb, unsigned long val,
> @@ -784,12 +786,12 @@ static int kunit_module_notify(struct notifier_block *nb, unsigned long val,
>  
>  	switch (val) {
>  	case MODULE_STATE_LIVE:
> +		kunit_module_init(mod);
>  		break;
>  	case MODULE_STATE_GOING:
>  		kunit_module_exit(mod);
>  		break;
>  	case MODULE_STATE_COMING:
> -		kunit_module_init(mod);
>  		break;
>  	case MODULE_STATE_UNFORMED:
>  		break;