* [PATCH 0/2] kasan: a couple of test fixes
@ 2018-03-01 17:15 Andrey Konovalov
2018-03-01 17:15 ` [PATCH 1/2] kasan: fix invalid-free test crashing the kernel Andrey Konovalov
2018-03-01 17:15 ` [PATCH 2/2] kasan: disallow compiler to optimize away memset in tests Andrey Konovalov
0 siblings, 2 replies; 6+ messages in thread
From: Andrey Konovalov @ 2018-03-01 17:15 UTC (permalink / raw)
To: Andrey Ryabinin, Alexander Potapenko, Dmitry Vyukov,
Andrew Morton, Geert Uytterhoeven, Nick Terrell, Chris Mason,
Yury Norov, Al Viro, Luis R . Rodriguez, Palmer Dabbelt,
Paul E . McKenney, Jeff Layton, Jason A . Donenfeld,
linux-kernel, kasan-dev, linux-mm
Cc: Kostya Serebryany, Andrey Konovalov
The first one fixes the invalid-free test crashing the kernel, and the
second one fixes the memset tests working incorrectly due to compiler
optimizations.
Andrey Konovalov (2):
kasan: fix invalid-free test crashing the kernel
kasan: disallow compiler to optimize away memset in tests
lib/Makefile | 1 +
lib/test_kasan.c | 8 ++++++++
2 files changed, 9 insertions(+)
--
2.16.2.395.g2e18187dfd-goog
^ permalink raw reply [flat|nested] 6+ messages in thread
* [PATCH 1/2] kasan: fix invalid-free test crashing the kernel
2018-03-01 17:15 [PATCH 0/2] kasan: a couple of test fixes Andrey Konovalov
@ 2018-03-01 17:15 ` Andrey Konovalov
2018-03-01 17:28 ` Andrey Konovalov
2018-03-02 12:11 ` Andrey Ryabinin
2018-03-01 17:15 ` [PATCH 2/2] kasan: disallow compiler to optimize away memset in tests Andrey Konovalov
1 sibling, 2 replies; 6+ messages in thread
From: Andrey Konovalov @ 2018-03-01 17:15 UTC (permalink / raw)
To: Andrey Ryabinin, Alexander Potapenko, Dmitry Vyukov,
Andrew Morton, Geert Uytterhoeven, Nick Terrell, Chris Mason,
Yury Norov, Al Viro, Luis R . Rodriguez, Palmer Dabbelt,
Paul E . McKenney, Jeff Layton, Jason A . Donenfeld,
linux-kernel, kasan-dev, linux-mm
Cc: Kostya Serebryany, Andrey Konovalov
When an invalid-free is triggered by one of the KASAN tests, the object
doesn't actually get freed. This later leads to a BUG failure in
kmem_cache_destroy that checks that there are no allocated objects in the
cache that is being destroyed. Fix this by calling kmem_cache_free with
the proper object address after the call that triggers invalid-free.
Signed-off-by: Andrey Konovalov <andreyknvl@google.com>
---
lib/test_kasan.c | 8 ++++++++
1 file changed, 8 insertions(+)
diff --git a/lib/test_kasan.c b/lib/test_kasan.c
index 98854a64b014..ec657105edbf 100644
--- a/lib/test_kasan.c
+++ b/lib/test_kasan.c
@@ -567,7 +567,15 @@ static noinline void __init kmem_cache_invalid_free(void)
return;
}
+ /* Trigger invalid free, the object doesn't get freed */
kmem_cache_free(cache, p + 1);
+
+ /*
+ * Properly free the object to prevent the "Objects remaining in
+ * test_cache on __kmem_cache_shutdown" BUG failure.
+ */
+ kmem_cache_free(cache, p);
+
kmem_cache_destroy(cache);
}
--
2.16.2.395.g2e18187dfd-goog
^ permalink raw reply related [flat|nested] 6+ messages in thread
* [PATCH 2/2] kasan: disallow compiler to optimize away memset in tests
2018-03-01 17:15 [PATCH 0/2] kasan: a couple of test fixes Andrey Konovalov
2018-03-01 17:15 ` [PATCH 1/2] kasan: fix invalid-free test crashing the kernel Andrey Konovalov
@ 2018-03-01 17:15 ` Andrey Konovalov
2018-03-02 12:11 ` Andrey Ryabinin
1 sibling, 1 reply; 6+ messages in thread
From: Andrey Konovalov @ 2018-03-01 17:15 UTC (permalink / raw)
To: Andrey Ryabinin, Alexander Potapenko, Dmitry Vyukov,
Andrew Morton, Geert Uytterhoeven, Nick Terrell, Chris Mason,
Yury Norov, Al Viro, Luis R . Rodriguez, Palmer Dabbelt,
Paul E . McKenney, Jeff Layton, Jason A . Donenfeld,
linux-kernel, kasan-dev, linux-mm
Cc: Kostya Serebryany, Andrey Konovalov
A compiler can optimize away memset calls by replacing them with mov
instructions. There are KASAN tests, that specifically test that KASAN
correctly handles memset calls, we don't want this optimization to
happen.
The solution is to add -fno-builtin flag to test_kasan.ko
Signed-off-by: Andrey Konovalov <andreyknvl@google.com>
---
lib/Makefile | 1 +
1 file changed, 1 insertion(+)
diff --git a/lib/Makefile b/lib/Makefile
index a90d4fcd748f..9c940c4c0593 100644
--- a/lib/Makefile
+++ b/lib/Makefile
@@ -52,6 +52,7 @@ obj-$(CONFIG_TEST_FIRMWARE) += test_firmware.o
obj-$(CONFIG_TEST_SYSCTL) += test_sysctl.o
obj-$(CONFIG_TEST_HASH) += test_hash.o test_siphash.o
obj-$(CONFIG_TEST_KASAN) += test_kasan.o
+CFLAGS_test_kasan.o += -fno-builtin
obj-$(CONFIG_TEST_KSTRTOX) += test-kstrtox.o
obj-$(CONFIG_TEST_LIST_SORT) += test_list_sort.o
obj-$(CONFIG_TEST_LKM) += test_module.o
--
2.16.2.395.g2e18187dfd-goog
^ permalink raw reply related [flat|nested] 6+ messages in thread
* Re: [PATCH 1/2] kasan: fix invalid-free test crashing the kernel
2018-03-01 17:15 ` [PATCH 1/2] kasan: fix invalid-free test crashing the kernel Andrey Konovalov
@ 2018-03-01 17:28 ` Andrey Konovalov
2018-03-02 12:11 ` Andrey Ryabinin
1 sibling, 0 replies; 6+ messages in thread
From: Andrey Konovalov @ 2018-03-01 17:28 UTC (permalink / raw)
To: Andrey Ryabinin, Alexander Potapenko, Dmitry Vyukov,
Andrew Morton, Geert Uytterhoeven, Nick Terrell, Chris Mason,
Yury Norov, Al Viro, Luis R . Rodriguez, Palmer Dabbelt,
Paul E . McKenney, Jeff Layton, Jason A . Donenfeld, LKML,
kasan-dev, Linux Memory Management List
Cc: Kostya Serebryany, Andrey Konovalov
On Thu, Mar 1, 2018 at 6:15 PM, Andrey Konovalov <andreyknvl@google.com> wrote:
> When an invalid-free is triggered by one of the KASAN tests, the object
> doesn't actually get freed. This later leads to a BUG failure in
> kmem_cache_destroy that checks that there are no allocated objects in the
> cache that is being destroyed. Fix this by calling kmem_cache_free with
> the proper object address after the call that triggers invalid-free.
Note, that for this patch to fix the issue, it is supposed to go on
top of the "kasan, slub: fix handling of kasan_slab_free hook" patch I
sent recently.
https://patchwork.kernel.org/patch/10238179/
>
> Signed-off-by: Andrey Konovalov <andreyknvl@google.com>
> ---
> lib/test_kasan.c | 8 ++++++++
> 1 file changed, 8 insertions(+)
>
> diff --git a/lib/test_kasan.c b/lib/test_kasan.c
> index 98854a64b014..ec657105edbf 100644
> --- a/lib/test_kasan.c
> +++ b/lib/test_kasan.c
> @@ -567,7 +567,15 @@ static noinline void __init kmem_cache_invalid_free(void)
> return;
> }
>
> + /* Trigger invalid free, the object doesn't get freed */
> kmem_cache_free(cache, p + 1);
> +
> + /*
> + * Properly free the object to prevent the "Objects remaining in
> + * test_cache on __kmem_cache_shutdown" BUG failure.
> + */
> + kmem_cache_free(cache, p);
> +
> kmem_cache_destroy(cache);
> }
>
> --
> 2.16.2.395.g2e18187dfd-goog
>
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH 1/2] kasan: fix invalid-free test crashing the kernel
2018-03-01 17:15 ` [PATCH 1/2] kasan: fix invalid-free test crashing the kernel Andrey Konovalov
2018-03-01 17:28 ` Andrey Konovalov
@ 2018-03-02 12:11 ` Andrey Ryabinin
1 sibling, 0 replies; 6+ messages in thread
From: Andrey Ryabinin @ 2018-03-02 12:11 UTC (permalink / raw)
To: Andrey Konovalov, Alexander Potapenko, Dmitry Vyukov,
Andrew Morton, Geert Uytterhoeven, Nick Terrell, Chris Mason,
Yury Norov, Al Viro, Luis R . Rodriguez, Palmer Dabbelt,
Paul E . McKenney, Jeff Layton, Jason A . Donenfeld,
linux-kernel, kasan-dev, linux-mm
Cc: Kostya Serebryany
On 03/01/2018 08:15 PM, Andrey Konovalov wrote:
> When an invalid-free is triggered by one of the KASAN tests, the object
> doesn't actually get freed. This later leads to a BUG failure in
> kmem_cache_destroy that checks that there are no allocated objects in the
> cache that is being destroyed. Fix this by calling kmem_cache_free with
> the proper object address after the call that triggers invalid-free.
>
> Signed-off-by: Andrey Konovalov <andreyknvl@google.com>
Acked-by: Andrey Ryabinin <aryabinin@virtuozzo.com>
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH 2/2] kasan: disallow compiler to optimize away memset in tests
2018-03-01 17:15 ` [PATCH 2/2] kasan: disallow compiler to optimize away memset in tests Andrey Konovalov
@ 2018-03-02 12:11 ` Andrey Ryabinin
0 siblings, 0 replies; 6+ messages in thread
From: Andrey Ryabinin @ 2018-03-02 12:11 UTC (permalink / raw)
To: Andrey Konovalov, Alexander Potapenko, Dmitry Vyukov,
Andrew Morton, Geert Uytterhoeven, Nick Terrell, Chris Mason,
Yury Norov, Al Viro, Luis R . Rodriguez, Palmer Dabbelt,
Paul E . McKenney, Jeff Layton, Jason A . Donenfeld,
linux-kernel, kasan-dev, linux-mm
Cc: Kostya Serebryany
On 03/01/2018 08:15 PM, Andrey Konovalov wrote:
> A compiler can optimize away memset calls by replacing them with mov
> instructions. There are KASAN tests, that specifically test that KASAN
> correctly handles memset calls, we don't want this optimization to
> happen.
>
> The solution is to add -fno-builtin flag to test_kasan.ko
>
> Signed-off-by: Andrey Konovalov <andreyknvl@google.com>
Acked-by: Andrey Ryabinin <aryabinin@virtuozzo.com>
^ permalink raw reply [flat|nested] 6+ messages in thread
end of thread, other threads:[~2018-03-02 12:11 UTC | newest]
Thread overview: 6+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2018-03-01 17:15 [PATCH 0/2] kasan: a couple of test fixes Andrey Konovalov
2018-03-01 17:15 ` [PATCH 1/2] kasan: fix invalid-free test crashing the kernel Andrey Konovalov
2018-03-01 17:28 ` Andrey Konovalov
2018-03-02 12:11 ` Andrey Ryabinin
2018-03-01 17:15 ` [PATCH 2/2] kasan: disallow compiler to optimize away memset in tests Andrey Konovalov
2018-03-02 12:11 ` Andrey Ryabinin
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).