qiurui
/
Centos-kernel-stream-9
mirror of https://gitlab.com/redhat/centos-stream/src/kernel/centos-stream-9.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
1,167,572 Commits 5 Branches 2,211 Tags 2.6 GiB
Commit Graph

5 Commits

Author SHA1 Message Date
Nico Pache 1fbb3000fe net/handshake: Fix handshake_req_destroy_test1 
commit 4e1d71cabb19ec2586827adfc60d68689c68c194
Author: Chuck Lever <chuck.lever@oracle.com>
Date:   Tue Feb 6 14:16:31 2024 -0500

    net/handshake: Fix handshake_req_destroy_test1

    Recently, handshake_req_destroy_test1 started failing:

    Expected handshake_req_destroy_test == req, but
        handshake_req_destroy_test == 0000000000000000
        req == 0000000060f99b40
    not ok 11 req_destroy works

    This is because "sock_release(sock)" was replaced with "fput(filp)"
    to address a memory leak. Note that sock_release() is synchronous
    but fput() usually delays the final close and clean-up.

    The delay is not consequential in the other cases that were changed
    but handshake_req_destroy_test1 is testing that handshake_req_cancel()
    followed by closing the file actually does call the ->hp_destroy
    method. Thus the PTR_EQ test at the end has to be sure that the
    final close is complete before it checks the pointer.

    We cannot use a completion here because if ->hp_destroy is never
    called (ie, there is an API bug) then the test will hang.

    Reported by: Guenter Roeck <linux@roeck-us.net>
    Closes: https://lore.kernel.org/netdev/ZcKDd1to4MPANCrn@tissot.1015granger.net/T/#mac5c6299f86799f1c71776f3a07f9c566c7c3c40
    Fixes: 4a0f07d71b04 ("net/handshake: Fix memory leak in __sock_create() and sock_alloc_file()")
    Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
    Reviewed-by: Hannes Reinecke <hare@suse.de>
    Link: https://lore.kernel.org/r/170724699027.91401.7839730697326806733.stgit@oracle-102.nfsv4bat.org
    Signed-off-by: Jakub Kicinski <kuba@kernel.org>

JIRA: https://issues.redhat.com/browse/RHEL-39303
Signed-off-by: Nico Pache <npache@redhat.com>
 2024-07-31 20:32:30 -06:00
Jeffrey Layton c896895e98 net/handshake: Fix memory leak in __sock_create() and sock_alloc_file() 
JIRA: https://issues.redhat.com/browse/RHEL-7936

commit 4a0f07d71b0483cc08c03cefa7c85749e187c214
Author: Jinjie Ruan <ruanjinjie@huawei.com>
Date:   Tue Sep 19 18:44:06 2023 +0800

    net/handshake: Fix memory leak in __sock_create() and sock_alloc_file()

    When making CONFIG_DEBUG_KMEMLEAK=y and CONFIG_DEBUG_KMEMLEAK_AUTO_SCAN=y,
    modprobe handshake-test and then rmmmod handshake-test, the below memory
    leak is detected.

    The struct socket_alloc which is allocated by alloc_inode_sb() in
    __sock_create() is not freed. And the struct dentry which is allocated
    by __d_alloc() in sock_alloc_file() is not freed.

    Since fput() will call file->f_op->release() which is sock_close() here and
    it will call __sock_release(). and fput() will call dput(dentry) to free
    the struct dentry. So replace sock_release() with fput() to fix the
    below memory leak. After applying this patch, the following memory leak is
    never detected.

    unreferenced object 0xffff888109165840 (size 768):
      comm "kunit_try_catch", pid 1852, jiffies 4294685807 (age 976.262s)
      hex dump (first 32 bytes):
        01 00 00 00 01 00 5a 5a 20 00 00 00 00 00 00 00  ......ZZ .......
        00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
      backtrace:
        [<ffffffff8397993f>] sock_alloc_inode+0x1f/0x1b0
        [<ffffffff81a2cb5b>] alloc_inode+0x5b/0x1a0
        [<ffffffff81a32bed>] new_inode_pseudo+0xd/0x70
        [<ffffffff8397889c>] sock_alloc+0x3c/0x260
        [<ffffffff83979b46>] __sock_create+0x66/0x3d0
        [<ffffffffa0209ba2>] 0xffffffffa0209ba2
        [<ffffffff829cf03a>] kunit_generic_run_threadfn_adapter+0x4a/0x90
        [<ffffffff81236fc6>] kthread+0x2b6/0x380
        [<ffffffff81096afd>] ret_from_fork+0x2d/0x70
        [<ffffffff81003511>] ret_from_fork_asm+0x11/0x20
    unreferenced object 0xffff88810f472008 (size 192):
      comm "kunit_try_catch", pid 1852, jiffies 4294685808 (age 976.261s)
      hex dump (first 32 bytes):
        00 00 50 40 02 00 00 00 00 00 00 00 00 00 00 00  ..P@............
        00 00 00 00 00 00 00 00 08 20 47 0f 81 88 ff ff  ......... G.....
      backtrace:
        [<ffffffff81a1ff11>] __d_alloc+0x31/0x8a0
        [<ffffffff81a2910e>] d_alloc_pseudo+0xe/0x50
        [<ffffffff819d549e>] alloc_file_pseudo+0xce/0x210
        [<ffffffff83978582>] sock_alloc_file+0x42/0x1b0
        [<ffffffffa0209bbb>] 0xffffffffa0209bbb
        [<ffffffff829cf03a>] kunit_generic_run_threadfn_adapter+0x4a/0x90
        [<ffffffff81236fc6>] kthread+0x2b6/0x380
        [<ffffffff81096afd>] ret_from_fork+0x2d/0x70
        [<ffffffff81003511>] ret_from_fork_asm+0x11/0x20
    unreferenced object 0xffff88810958e580 (size 224):
      comm "kunit_try_catch", pid 1852, jiffies 4294685808 (age 976.261s)
      hex dump (first 32 bytes):
        00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
        00 00 00 00 03 00 2e 08 01 00 00 00 00 00 00 00  ................
      backtrace:
        [<ffffffff819d4b90>] alloc_empty_file+0x50/0x160
        [<ffffffff819d4cf9>] alloc_file+0x59/0x730
        [<ffffffff819d5524>] alloc_file_pseudo+0x154/0x210
        [<ffffffff83978582>] sock_alloc_file+0x42/0x1b0
        [<ffffffffa0209bbb>] 0xffffffffa0209bbb
        [<ffffffff829cf03a>] kunit_generic_run_threadfn_adapter+0x4a/0x90
        [<ffffffff81236fc6>] kthread+0x2b6/0x380
        [<ffffffff81096afd>] ret_from_fork+0x2d/0x70
        [<ffffffff81003511>] ret_from_fork_asm+0x11/0x20
    unreferenced object 0xffff88810926dc88 (size 192):
      comm "kunit_try_catch", pid 1854, jiffies 4294685809 (age 976.271s)
      hex dump (first 32 bytes):
        00 00 50 40 02 00 00 00 00 00 00 00 00 00 00 00  ..P@............
        00 00 00 00 00 00 00 00 88 dc 26 09 81 88 ff ff  ..........&.....
      backtrace:
        [<ffffffff81a1ff11>] __d_alloc+0x31/0x8a0
        [<ffffffff81a2910e>] d_alloc_pseudo+0xe/0x50
        [<ffffffff819d549e>] alloc_file_pseudo+0xce/0x210
        [<ffffffff83978582>] sock_alloc_file+0x42/0x1b0
        [<ffffffffa0208fdc>] 0xffffffffa0208fdc
        [<ffffffff829cf03a>] kunit_generic_run_threadfn_adapter+0x4a/0x90
        [<ffffffff81236fc6>] kthread+0x2b6/0x380
        [<ffffffff81096afd>] ret_from_fork+0x2d/0x70
        [<ffffffff81003511>] ret_from_fork_asm+0x11/0x20
    unreferenced object 0xffff88810a241380 (size 224):
      comm "kunit_try_catch", pid 1854, jiffies 4294685809 (age 976.271s)
      hex dump (first 32 bytes):
        00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
        00 00 00 00 03 00 2e 08 01 00 00 00 00 00 00 00  ................
      backtrace:
        [<ffffffff819d4b90>] alloc_empty_file+0x50/0x160
        [<ffffffff819d4cf9>] alloc_file+0x59/0x730
        [<ffffffff819d5524>] alloc_file_pseudo+0x154/0x210
        [<ffffffff83978582>] sock_alloc_file+0x42/0x1b0
        [<ffffffffa0208fdc>] 0xffffffffa0208fdc
        [<ffffffff829cf03a>] kunit_generic_run_threadfn_adapter+0x4a/0x90
        [<ffffffff81236fc6>] kthread+0x2b6/0x380
        [<ffffffff81096afd>] ret_from_fork+0x2d/0x70
        [<ffffffff81003511>] ret_from_fork_asm+0x11/0x20
    unreferenced object 0xffff888109165040 (size 768):
      comm "kunit_try_catch", pid 1856, jiffies 4294685811 (age 976.269s)
      hex dump (first 32 bytes):
        01 00 00 00 01 00 5a 5a 20 00 00 00 00 00 00 00  ......ZZ .......
        00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
      backtrace:
        [<ffffffff8397993f>] sock_alloc_inode+0x1f/0x1b0
        [<ffffffff81a2cb5b>] alloc_inode+0x5b/0x1a0
        [<ffffffff81a32bed>] new_inode_pseudo+0xd/0x70
        [<ffffffff8397889c>] sock_alloc+0x3c/0x260
        [<ffffffff83979b46>] __sock_create+0x66/0x3d0
        [<ffffffffa0208860>] 0xffffffffa0208860
        [<ffffffff829cf03a>] kunit_generic_run_threadfn_adapter+0x4a/0x90
        [<ffffffff81236fc6>] kthread+0x2b6/0x380
        [<ffffffff81096afd>] ret_from_fork+0x2d/0x70
        [<ffffffff81003511>] ret_from_fork_asm+0x11/0x20
    unreferenced object 0xffff88810926d568 (size 192):
      comm "kunit_try_catch", pid 1856, jiffies 4294685811 (age 976.269s)
      hex dump (first 32 bytes):
        00 00 50 40 02 00 00 00 00 00 00 00 00 00 00 00  ..P@............
        00 00 00 00 00 00 00 00 68 d5 26 09 81 88 ff ff  ........h.&.....
      backtrace:
        [<ffffffff81a1ff11>] __d_alloc+0x31/0x8a0
        [<ffffffff81a2910e>] d_alloc_pseudo+0xe/0x50
        [<ffffffff819d549e>] alloc_file_pseudo+0xce/0x210
        [<ffffffff83978582>] sock_alloc_file+0x42/0x1b0
        [<ffffffffa0208879>] 0xffffffffa0208879
        [<ffffffff829cf03a>] kunit_generic_run_threadfn_adapter+0x4a/0x90
        [<ffffffff81236fc6>] kthread+0x2b6/0x380
        [<ffffffff81096afd>] ret_from_fork+0x2d/0x70
        [<ffffffff81003511>] ret_from_fork_asm+0x11/0x20
    unreferenced object 0xffff88810a240580 (size 224):
      comm "kunit_try_catch", pid 1856, jiffies 4294685811 (age 976.347s)
      hex dump (first 32 bytes):
        00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
        00 00 00 00 03 00 2e 08 01 00 00 00 00 00 00 00  ................
      backtrace:
        [<ffffffff819d4b90>] alloc_empty_file+0x50/0x160
        [<ffffffff819d4cf9>] alloc_file+0x59/0x730
        [<ffffffff819d5524>] alloc_file_pseudo+0x154/0x210
        [<ffffffff83978582>] sock_alloc_file+0x42/0x1b0
        [<ffffffffa0208879>] 0xffffffffa0208879
        [<ffffffff829cf03a>] kunit_generic_run_threadfn_adapter+0x4a/0x90
        [<ffffffff81236fc6>] kthread+0x2b6/0x380
        [<ffffffff81096afd>] ret_from_fork+0x2d/0x70
        [<ffffffff81003511>] ret_from_fork_asm+0x11/0x20
    unreferenced object 0xffff888109164c40 (size 768):
      comm "kunit_try_catch", pid 1858, jiffies 4294685816 (age 976.342s)
      hex dump (first 32 bytes):
        01 00 00 00 01 00 5a 5a 20 00 00 00 00 00 00 00  ......ZZ .......
        00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
      backtrace:
        [<ffffffff8397993f>] sock_alloc_inode+0x1f/0x1b0
        [<ffffffff81a2cb5b>] alloc_inode+0x5b/0x1a0
        [<ffffffff81a32bed>] new_inode_pseudo+0xd/0x70
        [<ffffffff8397889c>] sock_alloc+0x3c/0x260
        [<ffffffff83979b46>] __sock_create+0x66/0x3d0
        [<ffffffffa0208541>] 0xffffffffa0208541
        [<ffffffff829cf03a>] kunit_generic_run_threadfn_adapter+0x4a/0x90
        [<ffffffff81236fc6>] kthread+0x2b6/0x380
        [<ffffffff81096afd>] ret_from_fork+0x2d/0x70
        [<ffffffff81003511>] ret_from_fork_asm+0x11/0x20
    unreferenced object 0xffff88810926cd18 (size 192):
      comm "kunit_try_catch", pid 1858, jiffies 4294685816 (age 976.342s)
      hex dump (first 32 bytes):
        00 00 50 40 02 00 00 00 00 00 00 00 00 00 00 00  ..P@............
        00 00 00 00 00 00 00 00 18 cd 26 09 81 88 ff ff  ..........&.....
      backtrace:
        [<ffffffff81a1ff11>] __d_alloc+0x31/0x8a0
        [<ffffffff81a2910e>] d_alloc_pseudo+0xe/0x50
        [<ffffffff819d549e>] alloc_file_pseudo+0xce/0x210
        [<ffffffff83978582>] sock_alloc_file+0x42/0x1b0
        [<ffffffffa020855a>] 0xffffffffa020855a
        [<ffffffff829cf03a>] kunit_generic_run_threadfn_adapter+0x4a/0x90
        [<ffffffff81236fc6>] kthread+0x2b6/0x380
        [<ffffffff81096afd>] ret_from_fork+0x2d/0x70
        [<ffffffff81003511>] ret_from_fork_asm+0x11/0x20
    unreferenced object 0xffff88810a240200 (size 224):
      comm "kunit_try_catch", pid 1858, jiffies 4294685816 (age 976.342s)
      hex dump (first 32 bytes):
        00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
        00 00 00 00 03 00 2e 08 01 00 00 00 00 00 00 00  ................
      backtrace:
        [<ffffffff819d4b90>] alloc_empty_file+0x50/0x160
        [<ffffffff819d4cf9>] alloc_file+0x59/0x730
        [<ffffffff819d5524>] alloc_file_pseudo+0x154/0x210
        [<ffffffff83978582>] sock_alloc_file+0x42/0x1b0
        [<ffffffffa020855a>] 0xffffffffa020855a
        [<ffffffff829cf03a>] kunit_generic_run_threadfn_adapter+0x4a/0x90
        [<ffffffff81236fc6>] kthread+0x2b6/0x380
        [<ffffffff81096afd>] ret_from_fork+0x2d/0x70
        [<ffffffff81003511>] ret_from_fork_asm+0x11/0x20
    unreferenced object 0xffff888109164840 (size 768):
      comm "kunit_try_catch", pid 1860, jiffies 4294685817 (age 976.416s)
      hex dump (first 32 bytes):
        01 00 00 00 01 00 5a 5a 20 00 00 00 00 00 00 00  ......ZZ .......
        00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
      backtrace:
        [<ffffffff8397993f>] sock_alloc_inode+0x1f/0x1b0
        [<ffffffff81a2cb5b>] alloc_inode+0x5b/0x1a0
        [<ffffffff81a32bed>] new_inode_pseudo+0xd/0x70
        [<ffffffff8397889c>] sock_alloc+0x3c/0x260
        [<ffffffff83979b46>] __sock_create+0x66/0x3d0
        [<ffffffffa02093e2>] 0xffffffffa02093e2
        [<ffffffff829cf03a>] kunit_generic_run_threadfn_adapter+0x4a/0x90
        [<ffffffff81236fc6>] kthread+0x2b6/0x380
        [<ffffffff81096afd>] ret_from_fork+0x2d/0x70
        [<ffffffff81003511>] ret_from_fork_asm+0x11/0x20
    unreferenced object 0xffff88810926cab8 (size 192):
      comm "kunit_try_catch", pid 1860, jiffies 4294685817 (age 976.416s)
      hex dump (first 32 bytes):
        00 00 50 40 02 00 00 00 00 00 00 00 00 00 00 00  ..P@............
        00 00 00 00 00 00 00 00 b8 ca 26 09 81 88 ff ff  ..........&.....
      backtrace:
        [<ffffffff81a1ff11>] __d_alloc+0x31/0x8a0
        [<ffffffff81a2910e>] d_alloc_pseudo+0xe/0x50
        [<ffffffff819d549e>] alloc_file_pseudo+0xce/0x210
        [<ffffffff83978582>] sock_alloc_file+0x42/0x1b0
        [<ffffffffa02093fb>] 0xffffffffa02093fb
        [<ffffffff829cf03a>] kunit_generic_run_threadfn_adapter+0x4a/0x90
        [<ffffffff81236fc6>] kthread+0x2b6/0x380
        [<ffffffff81096afd>] ret_from_fork+0x2d/0x70
        [<ffffffff81003511>] ret_from_fork_asm+0x11/0x20
    unreferenced object 0xffff88810a240040 (size 224):
      comm "kunit_try_catch", pid 1860, jiffies 4294685817 (age 976.416s)
      hex dump (first 32 bytes):
        00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
        00 00 00 00 03 00 2e 08 01 00 00 00 00 00 00 00  ................
      backtrace:
        [<ffffffff819d4b90>] alloc_empty_file+0x50/0x160
        [<ffffffff819d4cf9>] alloc_file+0x59/0x730
        [<ffffffff819d5524>] alloc_file_pseudo+0x154/0x210
        [<ffffffff83978582>] sock_alloc_file+0x42/0x1b0
        [<ffffffffa02093fb>] 0xffffffffa02093fb
        [<ffffffff829cf03a>] kunit_generic_run_threadfn_adapter+0x4a/0x90
        [<ffffffff81236fc6>] kthread+0x2b6/0x380
        [<ffffffff81096afd>] ret_from_fork+0x2d/0x70
        [<ffffffff81003511>] ret_from_fork_asm+0x11/0x20
    unreferenced object 0xffff888109166440 (size 768):
      comm "kunit_try_catch", pid 1862, jiffies 4294685819 (age 976.489s)
      hex dump (first 32 bytes):
        01 00 00 00 01 00 5a 5a 20 00 00 00 00 00 00 00  ......ZZ .......
        00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
      backtrace:
        [<ffffffff8397993f>] sock_alloc_inode+0x1f/0x1b0
        [<ffffffff81a2cb5b>] alloc_inode+0x5b/0x1a0
        [<ffffffff81a32bed>] new_inode_pseudo+0xd/0x70
        [<ffffffff8397889c>] sock_alloc+0x3c/0x260
        [<ffffffff83979b46>] __sock_create+0x66/0x3d0
        [<ffffffffa02097c1>] 0xffffffffa02097c1
        [<ffffffff829cf03a>] kunit_generic_run_threadfn_adapter+0x4a/0x90
        [<ffffffff81236fc6>] kthread+0x2b6/0x380
        [<ffffffff81096afd>] ret_from_fork+0x2d/0x70
        [<ffffffff81003511>] ret_from_fork_asm+0x11/0x20
    unreferenced object 0xffff88810926c398 (size 192):
      comm "kunit_try_catch", pid 1862, jiffies 4294685819 (age 976.489s)
      hex dump (first 32 bytes):
        00 00 50 40 02 00 00 00 00 00 00 00 00 00 00 00  ..P@............
        00 00 00 00 00 00 00 00 98 c3 26 09 81 88 ff ff  ..........&.....
      backtrace:
        [<ffffffff81a1ff11>] __d_alloc+0x31/0x8a0
        [<ffffffff81a2910e>] d_alloc_pseudo+0xe/0x50
        [<ffffffff819d549e>] alloc_file_pseudo+0xce/0x210
        [<ffffffff83978582>] sock_alloc_file+0x42/0x1b0
        [<ffffffffa02097da>] 0xffffffffa02097da
        [<ffffffff829cf03a>] kunit_generic_run_threadfn_adapter+0x4a/0x90
        [<ffffffff81236fc6>] kthread+0x2b6/0x380
        [<ffffffff81096afd>] ret_from_fork+0x2d/0x70
        [<ffffffff81003511>] ret_from_fork_asm+0x11/0x20
    unreferenced object 0xffff888107e0b8c0 (size 224):
      comm "kunit_try_catch", pid 1862, jiffies 4294685819 (age 976.489s)
      hex dump (first 32 bytes):
        00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
        00 00 00 00 03 00 2e 08 01 00 00 00 00 00 00 00  ................
      backtrace:
        [<ffffffff819d4b90>] alloc_empty_file+0x50/0x160
        [<ffffffff819d4cf9>] alloc_file+0x59/0x730
        [<ffffffff819d5524>] alloc_file_pseudo+0x154/0x210
        [<ffffffff83978582>] sock_alloc_file+0x42/0x1b0
        [<ffffffffa02097da>] 0xffffffffa02097da
        [<ffffffff829cf03a>] kunit_generic_run_threadfn_adapter+0x4a/0x90
        [<ffffffff81236fc6>] kthread+0x2b6/0x380
        [<ffffffff81096afd>] ret_from_fork+0x2d/0x70
        [<ffffffff81003511>] ret_from_fork_asm+0x11/0x20
    unreferenced object 0xffff888109164440 (size 768):
      comm "kunit_try_catch", pid 1864, jiffies 4294685821 (age 976.487s)
      hex dump (first 32 bytes):
        01 00 00 00 01 00 5a 5a 20 00 00 00 00 00 00 00  ......ZZ .......
        00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
      backtrace:
        [<ffffffff8397993f>] sock_alloc_inode+0x1f/0x1b0
        [<ffffffff81a2cb5b>] alloc_inode+0x5b/0x1a0
        [<ffffffff81a32bed>] new_inode_pseudo+0xd/0x70
        [<ffffffff8397889c>] sock_alloc+0x3c/0x260
        [<ffffffff83979b46>] __sock_create+0x66/0x3d0
        [<ffffffffa020824e>] 0xffffffffa020824e
        [<ffffffff829cf03a>] kunit_generic_run_threadfn_adapter+0x4a/0x90
        [<ffffffff81236fc6>] kthread+0x2b6/0x380
        [<ffffffff81096afd>] ret_from_fork+0x2d/0x70
        [<ffffffff81003511>] ret_from_fork_asm+0x11/0x20
    unreferenced object 0xffff88810f4cf698 (size 192):
      comm "kunit_try_catch", pid 1864, jiffies 4294685821 (age 976.501s)
      hex dump (first 32 bytes):
        00 00 50 40 02 00 00 00 00 00 00 00 00 00 00 00  ..P@............
        00 00 00 00 00 00 00 00 98 f6 4c 0f 81 88 ff ff  ..........L.....
      backtrace:
        [<ffffffff81a1ff11>] __d_alloc+0x31/0x8a0
        [<ffffffff81a2910e>] d_alloc_pseudo+0xe/0x50
        [<ffffffff819d549e>] alloc_file_pseudo+0xce/0x210
        [<ffffffff83978582>] sock_alloc_file+0x42/0x1b0
        [<ffffffffa0208267>] 0xffffffffa0208267
        [<ffffffff829cf03a>] kunit_generic_run_threadfn_adapter+0x4a/0x90
        [<ffffffff81236fc6>] kthread+0x2b6/0x380
        [<ffffffff81096afd>] ret_from_fork+0x2d/0x70
        [<ffffffff81003511>] ret_from_fork_asm+0x11/0x20
    unreferenced object 0xffff888107e0b000 (size 224):
      comm "kunit_try_catch", pid 1864, jiffies 4294685821 (age 976.501s)
      hex dump (first 32 bytes):
        00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
        00 00 00 00 03 00 2e 08 01 00 00 00 00 00 00 00  ................
      backtrace:
        [<ffffffff819d4b90>] alloc_empty_file+0x50/0x160
        [<ffffffff819d4cf9>] alloc_file+0x59/0x730
        [<ffffffff819d5524>] alloc_file_pseudo+0x154/0x210
        [<ffffffff83978582>] sock_alloc_file+0x42/0x1b0
        [<ffffffffa0208267>] 0xffffffffa0208267
        [<ffffffff829cf03a>] kunit_generic_run_threadfn_adapter+0x4a/0x90
        [<ffffffff81236fc6>] kthread+0x2b6/0x380
        [<ffffffff81096afd>] ret_from_fork+0x2d/0x70
        [<ffffffff81003511>] ret_from_fork_asm+0x11/0x20

    Fixes: 88232ec1ec5e ("net/handshake: Add Kunit tests for the handshake consumer API")
    Signed-off-by: Jinjie Ruan <ruanjinjie@huawei.com>
    Signed-off-by: David S. Miller <davem@davemloft.net>

Signed-off-by: Jeffrey Layton <jlayton@redhat.com>
 2023-12-02 05:12:43 -05:00
Jeffrey Layton 024ef4aeb2 net/handshake: Fix sock->file allocation 
JIRA: https://issues.redhat.com/browse/RHEL-7936

commit 18c40a1cc1d990c51381ef48cd93fdb31d5cd903
Author: Chuck Lever <chuck.lever@oracle.com>
Date:   Fri May 19 13:08:24 2023 -0400

    net/handshake: Fix sock->file allocation

            sock->file = sock_alloc_file(sock, O_NONBLOCK, NULL);
            ^^^^                         ^^^^

    sock_alloc_file() calls release_sock() on error but the left hand
    side of the assignment dereferences "sock".  This isn't the bug and
    I didn't report this earlier because there is an assert that it
    doesn't fail.

    net/handshake/handshake-test.c:221 handshake_req_submit_test4() error: dereferencing freed memory 'sock'
    net/handshake/handshake-test.c:233 handshake_req_submit_test4() warn: 'req' was already freed.
    net/handshake/handshake-test.c:254 handshake_req_submit_test5() error: dereferencing freed memory 'sock'
    net/handshake/handshake-test.c:290 handshake_req_submit_test6() error: dereferencing freed memory 'sock'
    net/handshake/handshake-test.c:321 handshake_req_cancel_test1() error: dereferencing freed memory 'sock'
    net/handshake/handshake-test.c:355 handshake_req_cancel_test2() error: dereferencing freed memory 'sock'
    net/handshake/handshake-test.c:367 handshake_req_cancel_test2() warn: 'req' was already freed.
    net/handshake/handshake-test.c:395 handshake_req_cancel_test3() error: dereferencing freed memory 'sock'
    net/handshake/handshake-test.c:407 handshake_req_cancel_test3() warn: 'req' was already freed.
    net/handshake/handshake-test.c:451 handshake_req_destroy_test1() error: dereferencing freed memory 'sock'
    net/handshake/handshake-test.c:463 handshake_req_destroy_test1() warn: 'req' was already freed.

    Reported-by: Dan Carpenter <dan.carpenter@linaro.org>
    Fixes: 88232ec1ec5e ("net/handshake: Add Kunit tests for the handshake consumer API")
    Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
    Link: https://lore.kernel.org/r/168451609436.45209.15407022385441542980.stgit@oracle-102.nfsv4bat.org
    Signed-off-by: Jakub Kicinski <kuba@kernel.org>

Signed-off-by: Jeffrey Layton <jlayton@redhat.com>
 2023-12-02 05:12:24 -05:00
Jeffrey Layton 5267ac35cb net/handshake: Squelch allocation warning during Kunit test 
JIRA: https://issues.redhat.com/browse/RHEL-7936

commit b21c7ba6d9a5532add3827a3b49f49cbc0cb9779
Author: Chuck Lever <chuck.lever@oracle.com>
Date:   Fri May 19 13:12:50 2023 -0400

    net/handshake: Squelch allocation warning during Kunit test

    The "handshake_req_alloc excessive privsize" kunit test is intended
    to check what happens when the maximum privsize is exceeded. The
    WARN_ON_ONCE_GFP at mm/page_alloc.c:4744 can be disabled safely for
    this test.

    Reported-by: Linux Kernel Functional Testing <lkft@linaro.org>
    Fixes: 88232ec1ec5e ("net/handshake: Add Kunit tests for the handshake consumer API")
    Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
    Link: https://lore.kernel.org/r/168451636052.47152.9600443326570457947.stgit@oracle-102.nfsv4bat.org
    Signed-off-by: Jakub Kicinski <kuba@kernel.org>

Signed-off-by: Jeffrey Layton <jlayton@redhat.com>
 2023-12-02 05:12:24 -05:00
Jeffrey Layton 7b9596b455 net/handshake: Add Kunit tests for the handshake consumer API 
JIRA: https://issues.redhat.com/browse/RHEL-7936

commit 88232ec1ec5ecf4aa5de439cff3d5e2b7adcac93
Author: Chuck Lever <chuck.lever@oracle.com>
Date:   Mon Apr 17 10:32:39 2023 -0400

    net/handshake: Add Kunit tests for the handshake consumer API

    These verify the API contracts and help exercise lifetime rules for
    consumer sockets and handshake_req structures.

    One way to run these tests:

    ./tools/testing/kunit/kunit.py run --kunitconfig ./net/handshake/.kunitconfig

    Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
    Signed-off-by: Jakub Kicinski <kuba@kernel.org>

Signed-off-by: Jeffrey Layton <jlayton@redhat.com>
 2023-12-02 05:11:51 -05:00