damon_test_filter_out() is assuming all dynamic memory allocation in it will succeed. Those are indeed likely in the real use cases since those allocations are too small to fail, but theoretically those could fail. In the case, inappropriate memory access can happen. Fix it by appropriately cleanup pre-allocated memory and skip the execution of the remaining tests in the failure cases.
Link: https://lkml.kernel.org/r/20251101182021.74868-16-sj@kernel.org Fixes: 26713c890875 ("mm/damon/core-test: add a unit test for __damos_filter_out()") Signed-off-by: SeongJae Park sj@kernel.org Cc: Brendan Higgins brendan.higgins@linux.dev Cc: David Gow davidgow@google.com Cc: Kefeng Wang wangkefeng.wang@huawei.com Cc: stable@vger.kernel.org [6.6+] Signed-off-by: Andrew Morton akpm@linux-foundation.org (cherry picked from commit d14d5671e7c9cc788c5a1edfa94e6f9064275905) Signed-off-by: SeongJae Park sj@kernel.org --- mm/damon/core-test.h | 11 +++++++++++ 1 file changed, 11 insertions(+)
diff --git a/mm/damon/core-test.h b/mm/damon/core-test.h index 6cc8b245586d..7ed28bf9704a 100644 --- a/mm/damon/core-test.h +++ b/mm/damon/core-test.h @@ -360,11 +360,22 @@ static void damos_test_filter_out(struct kunit *test) struct damos_filter *f;
f = damos_new_filter(DAMOS_FILTER_TYPE_ADDR, true); + if (!f) + kunit_skip(test, "filter alloc fail"); f->addr_range = (struct damon_addr_range){ .start = DAMON_MIN_REGION * 2, .end = DAMON_MIN_REGION * 6};
t = damon_new_target(); + if (!t) { + damos_destroy_filter(f); + kunit_skip(test, "target alloc fail"); + } r = damon_new_region(DAMON_MIN_REGION * 3, DAMON_MIN_REGION * 5); + if (!r) { + damos_destroy_filter(f); + damon_free_target(t); + kunit_skip(test, "region alloc fail"); + } damon_add_region(r, t);
/* region in the range */