Re: [RFC PATCH 04/14] mm/damon/tests/vaddr-kunit: replace damon_add_region() with damon_set_regions()

[SeongJae Park <sj@kernel.org>]

On Wed, 20 May 2026 06:38:41 +0000 sashiko-bot@kernel.org wrote:

> Thank you for your contribution! Sashiko AI review found 2 potential issue(s) to consider:
> - [Medium] The dynamically allocated `ranges` array is never freed, resulting in a memory leak.
> - [Medium] The return value of `damon_set_regions()` is ignored, which can lead to a NULL pointer dereference if memory allocation fails.
> --
> 
> commit 178b94e956635731d61e076b1aa09699c5f9b686
> Author: SeongJae Park <sj@kernel.org>
> 
> mm/damon/tests/vaddr-kunit: replace damon_add_region() with damon_set_regions()
> 
> This commit updates the DAMON vaddr unit tests to use damon_set_regions()
> for setting up target region boundaries. This replaces the manual setup
> loop that previously used damon_add_region().
> 
> > diff --git a/mm/damon/tests/vaddr-kunit.h b/mm/damon/tests/vaddr-kunit.h
> > index 98e734d77d517..23be9c3be75fa 100644
> > --- a/mm/damon/tests/vaddr-kunit.h
> > +++ b/mm/damon/tests/vaddr-kunit.h
> [ ... ]
> > @@ -132,20 +132,24 @@ static void damon_do_test_apply_three_regions(struct kunit *test,
> >  				unsigned long *expected, int nr_expected)
> >  {
> >  	struct damon_target *t;
> > +	struct damon_addr_range *ranges;
> >  	struct damon_region *r;
> >  	int i;
> >  
> >  	t = damon_new_target();
> >  	if (!t)
> >  		kunit_skip(test, "target alloc fail");
> > +
> > +	ranges = kmalloc_array(nr_regions / 2, sizeof(*ranges), GFP_KERNEL);
> > +	if (!ranges) {
> > +		damon_destroy_target(t, NULL);
> > +		kunit_skip(test, "ranges alloc fail");
> > +	}
> >  	for (i = 0; i < nr_regions / 2; i++) {
> > -		r = damon_new_region(regions[i * 2], regions[i * 2 + 1]);
> > -		if (!r) {
> > -			damon_destroy_target(t, NULL);
> > -			kunit_skip(test, "region alloc fail");
> > -		}
> > -		damon_add_region(r, t);
> > +		ranges[i].start = regions[i * 2];
> > +		ranges[i].end = regions[i * 2 + 1];
> >  	}
> > +	damon_set_regions(t, ranges, nr_regions / 2, DAMON_MIN_REGION_SZ);
> 
> [Severity: Medium]
> Is it safe to ignore the return value of damon_set_regions() here?
> 
> If damon_set_regions() encounters an allocation failure, it returns -ENOMEM,
> leaving the target with fewer regions than intended. Could this lead to a
> NULL pointer dereference in the subsequent test code if it attempts to access
> regions that failed to allocate?

Nice catch.  I will check the results and skip in the case of failure.

> 
> [Severity: Medium]
> Does this code leak the ranges array?
> 
> It appears ranges is dynamically allocated via kmalloc_array() but is never
> freed before the function returns, and damon_set_regions() does not take
> ownership of this memory.

Good finding.  I will free it.

> 
> >  
> >  	damon_set_regions(t, three_regions, 3, DAMON_MIN_REGION_SZ);
> >
> 
> -- 
> Sashiko AI review · https://sashiko.dev/#/patchset/20260520062858.167011-1-sj@kernel.org?part=4


Thanks,
SJ