Received: by 2002:a05:7412:8d10:b0:f3:1519:9f41 with SMTP id bj16csp960968rdb;
        Wed, 6 Dec 2023 05:09:51 -0800 (PST)
X-Google-Smtp-Source: AGHT+IEuw12Xel37fchR7h/6NfEjDT/6yMd4AKdwUYX8SE+AGQA1bKFq4aej++YWM4Yvh9Z4X9JF
X-Received: by 2002:a17:90b:1b44:b0:286:8d23:2884 with SMTP id nv4-20020a17090b1b4400b002868d232884mr689963pjb.45.1701868190710;
        Wed, 06 Dec 2023 05:09:50 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1701868190; cv=none;
        d=google.com; s=arc-20160816;
        b=bHL2l8y/yp7xS23KZclHD9Oh9sp9XGG6VNPPwPll5lMQBvopXqhQMVluThDKDG6z36
         sUS76GsCHQmLCfLIXLMe5Ryk6nhnB5kGDSAfgcdraOXdJjt9M4SCt94BHLd3dJkjTpW7
         sTb6HyRm6L2GvlXDqHvGunTnUGxNvohPDIpMAXnCgyaftE7h6CwRAcubDsQTER/nSkw9
         HHgXq/Uujo8PLE9vcGRhnpDz8FgSYFjiCpayiXDjDt1LdjeAgnaqZ2ZAaVebLVGLmsjj
         xxbTTg2XHA6A6IlRUuNTpU5VaTxijbrlJ0/uTMwxtSOB5L1VBoGo2uA+ZwidiurvkQxF
         I5uA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:content-transfer-encoding:in-reply-to:from
         :content-language:references:cc:to:subject:user-agent:mime-version
         :date:message-id:dkim-signature;
        bh=vVXlRsiAy9OWWtQEMj4TkVdZXjoKPFJXcF0mguDSNPE=;
        fh=U+WvFfR6TxWMTta3fiYsIrjJYTqwrnBhi1+UM4LLxYM=;
        b=zWzz+AIK+2HcJGfAL4xPUuM/9Sp1cHTeb+sYdSSV1JTtKeVcij7ax7bP7Hoj682k04
         HbyvHnwyb4xZ62iaGiyGWmTYNgqQGo0LZH4t3zizWWkDHKZgqR8CWOFlLNIIgZomJlXI
         Kc/tvcF01Bv02mdnHEED6DkdrlBlIxvz62AMLJMuRN1HY7KsNfz0WPPRqCZ1JZ3RFGoR
         C2OVkGsa7WIk9nbHBFTLP63elt+EE8u8WOQF1WoN29Fjv2JLZGPA5ifGJgDOixqSjgKa
         DzCJEp46LVQjyEyOdugRlqy/cj9WFl460+BUb37SMEHRvr7HjFJr27NgYtHt6ZKGpmeK
         LpIw==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@cirrus.com header.s=PODMain02222019 header.b=Yb1qhaqw;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:4 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=cirrus.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from howler.vger.email (howler.vger.email. [2620:137:e000::3:4])
        by mx.google.com with ESMTPS id mm21-20020a17090b359500b00286eeac293fsi2297074pjb.155.2023.12.06.05.09.50
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Wed, 06 Dec 2023 05:09:50 -0800 (PST)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:4 as permitted sender) client-ip=2620:137:e000::3:4;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@cirrus.com header.s=PODMain02222019 header.b=Yb1qhaqw;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:4 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=cirrus.com
Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0])
	by howler.vger.email (Postfix) with ESMTP id 6374A8325D36;
	Wed,  6 Dec 2023 05:09:47 -0800 (PST)
X-Virus-Status: Clean
X-Virus-Scanned: clamav-milter 0.103.11 at howler.vger.email
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1378405AbjLFNJ3 (ORCPT <rfc822;a.bouin@gmail.com> + 99 others);
        Wed, 6 Dec 2023 08:09:29 -0500
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:43848 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1378112AbjLFNJ2 (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Wed, 6 Dec 2023 08:09:28 -0500
Received: from mx0b-001ae601.pphosted.com (mx0a-001ae601.pphosted.com [67.231.149.25])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 20589C7;
        Wed,  6 Dec 2023 05:09:35 -0800 (PST)
Received: from pps.filterd (m0077473.ppops.net [127.0.0.1])
        by mx0a-001ae601.pphosted.com (8.17.1.24/8.17.1.24) with ESMTP id 3B65uLUs028385;
        Wed, 6 Dec 2023 07:09:12 -0600
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cirrus.com; h=
        message-id:date:mime-version:subject:to:cc:references:from
        :in-reply-to:content-type:content-transfer-encoding; s=
        PODMain02222019; bh=vVXlRsiAy9OWWtQEMj4TkVdZXjoKPFJXcF0mguDSNPE=; b=
        Yb1qhaqwbcbNhueoO/dXJUufL4XWZiGxoWePc9h8BFt/xOiRDBaaNpor84WtKSfI
        wO3S0n6QSeZmAIBzSzWU2oiRlt4glnp+YrfANnGiAeNlwXrUOLBDme6MVfvZODJt
        vDvQJKYvzu50IEOPjhotO8mxXFX7sTUtp7/1r4T70dSLN+n9YOCPW0Pyr7SxXLs+
        CFbpaJlJg0cXWXpptd/hO6NQ1uf6UKuy4R5I8GAlxQT5DCN4UmhjluG63snJ/XbD
        yYCoeq4oalRUyO+cG5BTUBjdd9L9wbeWfOCFJ2FuXJciLJH3xtwxWg+EnLYCRkLW
        d/TYlQd1TPfCuJOSYGi17w==
Received: from ediex02.ad.cirrus.com ([84.19.233.68])
        by mx0a-001ae601.pphosted.com (PPS) with ESMTPS id 3utd47rphm-1
        (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT);
        Wed, 06 Dec 2023 07:09:12 -0600 (CST)
Received: from ediex01.ad.cirrus.com (198.61.84.80) by ediex02.ad.cirrus.com
 (198.61.84.81) with Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1118.40; Wed, 6 Dec
 2023 13:09:10 +0000
Received: from ediswmail.ad.cirrus.com (198.61.86.93) by ediex01.ad.cirrus.com
 (198.61.84.80) with Microsoft SMTP Server id 15.2.1118.40 via Frontend
 Transport; Wed, 6 Dec 2023 13:09:10 +0000
Received: from [198.90.251.82] (edi-sw-dsktp-006.ad.cirrus.com [198.90.251.82])
        by ediswmail.ad.cirrus.com (Postfix) with ESMTP id DA03711AB;
        Wed,  6 Dec 2023 13:09:09 +0000 (UTC)
Message-ID: <23e3e9b6-c6e2-4b89-b30e-0319f8789590@opensource.cirrus.com>
Date:   Wed, 6 Dec 2023 13:09:08 +0000
MIME-Version: 1.0
User-Agent: Mozilla Thunderbird
Subject: Re: [PATCH v2] kunit: run test suites only after module
 initialization completes
To:     Marco Pagani <marpagan@redhat.com>,
        Brendan Higgins <brendan.higgins@linux.dev>,
        David Gow <davidgow@google.com>, Rae Moar <rmoar@google.com>,
        Jinjie Ruan <ruanjinjie@huawei.com>,
        Shuah Khan <skhan@linuxfoundation.org>
CC:     Javier Martinez Canillas <javierm@redhat.com>,
        <linux-kselftest@vger.kernel.org>, <kunit-dev@googlegroups.com>,
        <linux-kernel@vger.kernel.org>
References: <20231128101627.65399-1-marpagan@redhat.com>
Content-Language: en-US
From:   Richard Fitzgerald <rf@opensource.cirrus.com>
In-Reply-To: <20231128101627.65399-1-marpagan@redhat.com>
Content-Type: text/plain; charset="UTF-8"; format=flowed
Content-Transfer-Encoding: 7bit
X-Proofpoint-GUID: y2rFDQWL8jBYyQGM-XoXdC0outj7skhz
X-Proofpoint-ORIG-GUID: y2rFDQWL8jBYyQGM-XoXdC0outj7skhz
X-Proofpoint-Spam-Reason: safe
X-Spam-Status: No, score=-0.8 required=5.0 tests=DKIM_SIGNED,DKIM_VALID,
	HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,SPF_HELO_NONE,
	SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=unavailable autolearn_force=no
	version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on howler.vger.email
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (howler.vger.email [0.0.0.0]); Wed, 06 Dec 2023 05:09:47 -0800 (PST)

On 28/11/2023 10:16, Marco Pagani wrote:
> Commit 2810c1e99867 ("kunit: Fix wild-memory-access bug in
> kunit_free_suite_set()") fixed a wild-memory-access bug that could have
> happened during the loading phase of test suites built and executed as
> loadable modules. However, it also introduced a problematic side effect
> that causes test suites modules to crash when they attempt to register
> fake devices.
> 
> When a module is loaded, it traverses the MODULE_STATE_UNFORMED and
> MODULE_STATE_COMING states before reaching the normal operating state
> MODULE_STATE_LIVE. Finally, when the module is removed, it moves to
> MODULE_STATE_GOING before being released. However, if the loading
> function load_module() fails between complete_formation() and
> do_init_module(), the module goes directly from MODULE_STATE_COMING to
> MODULE_STATE_GOING without passing through MODULE_STATE_LIVE.
> 
> This behavior was causing kunit_module_exit() to be called without
> having first executed kunit_module_init(). Since kunit_module_exit() is
> responsible for freeing the memory allocated by kunit_module_init()
> through kunit_filter_suites(), this behavior was resulting in a
> wild-memory-access bug.
> 
> Commit 2810c1e99867 ("kunit: Fix wild-memory-access bug in
> kunit_free_suite_set()") fixed this issue by running the tests when the
> module is still in MODULE_STATE_COMING. However, modules in that state
> are not fully initialized, lacking sysfs kobjects. Therefore, if a test
> module attempts to register a fake device, it will inevitably crash.
> 
> This patch proposes a different approach to fix the original
> wild-memory-access bug while restoring the normal module execution flow
> by making kunit_module_exit() able to detect if kunit_module_init() has
> previously initialized the tests suite set. In this way, test modules
> can once again register fake devices without crashing.
> 
> This behavior is achieved by checking whether mod->kunit_suites is a
> virtual or direct mapping address. If it is a virtual address, then
> kunit_module_init() has allocated the suite_set in kunit_filter_suites()
> using kmalloc_array(). On the contrary, if mod->kunit_suites is still
> pointing to the original address that was set when looking up the
> .kunit_test_suites section of the module, then the loading phase has
> failed and there's no memory to be freed.
> 
> v2:
> - add include <linux/mm.h>
> 
> Fixes: 2810c1e99867 ("kunit: Fix wild-memory-access bug in kunit_free_suite_set()")
> Signed-off-by: Marco Pagani <marpagan@redhat.com>

Tested-by: Richard Fitzgerald <rf@opensource.cirrus.com>

Fixed this crash:
https://lore.kernel.org/all/e239b94b-462a-41e5-9a4c-cd1ffd530d75@opensource.cirrus.com/

Also tested with sound/pci/hda/cirrus_scodec_test.c