-Wunneeded-internal-declaration and MODULE_DEVICE_TABLE #232

bulwahn · 2018-10-20T09:19:54Z

There are a number of clang warnings of -Wunneeded-internal-declaration that are then passed on to MODULE_DEVICE_TABLE as argument.

So far, I am aware of two different situations:

ids passed to MODULE_DEVICE_TABLE. One example is:

  CC [M]  drivers/block/floppy.o
drivers/block/floppy.c:4970:35: warning: variable 'floppy_pnpids' is not needed and will not be emitted [-Wunneeded-internal-declaration]
static const struct pnp_device_id floppy_pnpids[] = {
                                  ^
1 warning generated.

Another example is #228 (that already has a patch to give a good example for the fix and explanation in the commit message)

or 2. the value is passed to MODULE_DEVICE_TABLE conditioned on the CONFIG_OF.

Here some random examples:

 CC [M]  sound/soc/codecs/alc5623.o
sound/soc/codecs/alc5623.c:1075:34: warning: variable 'alc5623_of_match' is not needed and will not be emitted [-Wunneeded-internal-declaration]
static const struct of_device_id alc5623_of_match[] = {
                                 ^
1 warning generated.

sound/soc/codecs/da7219.c:1583:34: warning: variable 'da7219_of_match' is not needed and will not be emitted [-Wunneeded-internal-declaration]
static const struct of_device_id da7219_of_match[] = {
                                 ^
1 warning generated.

Issue with MODULE_DEVICE_TABLE; special case with CONFIG_OF

sound/soc/codecs/max98090.c:2664:34: warning: variable 'max98090_of_match' is not needed and will not be emitted [-Wunneeded-internal-declaration]
static const struct of_device_id max98090_of_match[] = {
                                 ^
1 warning generated.

Issue with MODULE_DEVICE_TABLE; special case with CONFIG_OF

sound/soc/codecs/pcm179x-i2c.c:42:34: warning: variable 'pcm179x_of_match' is not needed and will not be emitted [-Wunneeded-internal-declaration]
static const struct of_device_id pcm179x_of_match[] = {
                                 ^
1 warning generated.

sound/soc/codecs/pcm179x-spi.c:41:34: warning: variable 'pcm179x_of_match' is not needed and will not be emitted [-Wunneeded-internal-declaration]
static const struct of_device_id pcm179x_of_match[] = {
                                 ^
1 warning generated.

  CC [M]  sound/soc/codecs/ts3a227e.o
sound/soc/codecs/ts3a227e.c:372:34: warning: variable 'ts3a227e_of_match' is not needed and will not be emitted [-Wunneeded-internal-declaration]
static const struct of_device_id ts3a227e_of_match[] = {
                                 ^
1 warning generated.

I believe in the first case, they should annotated with __used, in the second case with __maybe_used.
It would be nice if we could have a coccinelle script that checks (and refactors) that all incidents of variables passed to MODULE_DEVICE_TABLE are either of case 1 and annotated with __used or of case 2 and annotated with __maybe_used.

The issues #207, #205, #203, #178, #169 are candidates of the two cases above; I did not yet check for the individual issues whether they are case 1 or 2.

The text was updated successfully, but these errors were encountered:

bulwahn · 2018-10-20T09:23:46Z

@tapasweni-pathak has some experience with coccinelle and she offered her assistance in writing coccinelle scripts for some of the refactorings we are identifying with the clang warnings.

bulwahn · 2018-10-20T09:24:53Z

@tapasweni-pathak if you need more information let us know.

nathanchance · 2018-10-20T16:01:55Z

Personally, I think we should try to come up with a better solution than __used/__maybe_used because nobody outside of us is going to remember to do that when they are creating new drivers, meaning that we may get all of these warnings fixed at one point but when new drivers get added, we'll need to fix up those as well. It's not a sustainable solution.

Stephen Boyd had an interesting proposal here. I don't know how that would look in practice but I think he's right in thinking that we need to target the MODULE_DEVICE_TABLE macro, rather than all of the declarations.

bulwahn · 2018-10-20T18:15:00Z

To the point of maintenance: if we create a coccinelle rule and get it upstream, coccinelle (through the 0day builds) would warn about wrong declarations.

But I do agree that Stephen's approach might be better if we can find out how such a macro should look like. For now, I would still propose to start to write a coccinelle script that can detect the syntactic pattern. Then in a next step, when we have that coccinelle rule, we can look into how to write the coccinelle rule such that it refactors it either in the new macro or adding annotations (depending on which path we then want to follow). At first, we do need a detecting cocci script, though.

nickdesaulniers · 2018-10-20T20:34:45Z

Or maybe I can make Clang not warn when referenced from an alias attribute?

nathanchance · 2018-10-20T20:36:44Z

Huh I never thought of that. That'd work out nicely if possible.

nickdesaulniers · 2018-11-04T00:48:09Z

The owner of Clang is cool with us fixing this in clang. I have a WIP patch fixing this. Will mark the other bugs as dups of this one later when I feel more confident that this is feasible.

nickdesaulniers · 2018-11-07T00:17:38Z

https://reviews.llvm.org/D54188

dileks · 2018-11-19T19:06:47Z

The patch from D54188 eliminates here 41 -Wunneeded-internal-declaration warnings in Linux v4.20-rc3.

In tun.c skb->len was accessed while doing stats accounting after a call to netif_receive_skb. We can not access skb after this call because buffers may be dropped. The fix for this bug would be to store skb->len in local variable and then use it after netif_receive_skb(). IMO using xdp data size for accounting bytes will be better because input for tun_xdp_one() is xdp_buff. Hence this patch: - fixes a bug by removing skb access after netif_receive_skb() - uses xdp data size for accounting bytes [613.019057] BUG: KASAN: use-after-free in tun_sendmsg+0x77c/0xc50 [tun] [613.021062] Read of size 4 at addr ffff8881da9ab7c0 by task vhost-1115/1155 [613.023073] [613.024003] CPU: 0 PID: 1155 Comm: vhost-1115 Not tainted 4.20.0-rc3-vm+ #232 [613.026029] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.10.2-1ubuntu1 04/01/2014 [613.029116] Call Trace: [613.031145] dump_stack+0x5b/0x90 [613.032219] print_address_description+0x6c/0x23c [613.034156] ? tun_sendmsg+0x77c/0xc50 [tun] [613.036141] kasan_report.cold.5+0x241/0x308 [613.038125] tun_sendmsg+0x77c/0xc50 [tun] [613.040109] ? tun_get_user+0x1960/0x1960 [tun] [613.042094] ? __isolate_free_page+0x270/0x270 [613.045173] vhost_tx_batch.isra.14+0xeb/0x1f0 [vhost_net] [613.047127] ? peek_head_len.part.13+0x90/0x90 [vhost_net] [613.049096] ? get_tx_bufs+0x5a/0x2c0 [vhost_net] [613.051106] ? vhost_enable_notify+0x2d8/0x420 [vhost] [613.053139] handle_tx_copy+0x2d0/0x8f0 [vhost_net] [613.053139] ? vhost_net_buf_peek+0x340/0x340 [vhost_net] [613.053139] ? __mutex_lock+0x8d9/0xb30 [613.053139] ? finish_task_switch+0x8f/0x3f0 [613.053139] ? handle_tx+0x32/0x120 [vhost_net] [613.053139] ? mutex_trylock+0x110/0x110 [613.053139] ? finish_task_switch+0xcf/0x3f0 [613.053139] ? finish_task_switch+0x240/0x3f0 [613.053139] ? __switch_to_asm+0x34/0x70 [613.053139] ? __switch_to_asm+0x40/0x70 [613.053139] ? __schedule+0x506/0xf10 [613.053139] handle_tx+0xc7/0x120 [vhost_net] [613.053139] vhost_worker+0x166/0x200 [vhost] [613.053139] ? vhost_dev_init+0x580/0x580 [vhost] [613.053139] ? __kthread_parkme+0x77/0x90 [613.053139] ? vhost_dev_init+0x580/0x580 [vhost] [613.053139] kthread+0x1b1/0x1d0 [613.053139] ? kthread_park+0xb0/0xb0 [613.053139] ret_from_fork+0x35/0x40 [613.088705] [613.088705] Allocated by task 1155: [613.088705] kasan_kmalloc+0xbf/0xe0 [613.088705] kmem_cache_alloc+0xdc/0x220 [613.088705] __build_skb+0x2a/0x160 [613.088705] build_skb+0x14/0xc0 [613.088705] tun_sendmsg+0x4f0/0xc50 [tun] [613.088705] vhost_tx_batch.isra.14+0xeb/0x1f0 [vhost_net] [613.088705] handle_tx_copy+0x2d0/0x8f0 [vhost_net] [613.088705] handle_tx+0xc7/0x120 [vhost_net] [613.088705] vhost_worker+0x166/0x200 [vhost] [613.088705] kthread+0x1b1/0x1d0 [613.088705] ret_from_fork+0x35/0x40 [613.088705] [613.088705] Freed by task 1155: [613.088705] __kasan_slab_free+0x12e/0x180 [613.088705] kmem_cache_free+0xa0/0x230 [613.088705] ip6_mc_input+0x40f/0x5a0 [613.088705] ipv6_rcv+0xc9/0x1e0 [613.088705] __netif_receive_skb_one_core+0xc1/0x100 [613.088705] netif_receive_skb_internal+0xc4/0x270 [613.088705] br_pass_frame_up+0x2b9/0x2e0 [613.088705] br_handle_frame_finish+0x2fb/0x7a0 [613.088705] br_handle_frame+0x30f/0x6c0 [613.088705] __netif_receive_skb_core+0x61a/0x15b0 [613.088705] __netif_receive_skb_one_core+0x8e/0x100 [613.088705] netif_receive_skb_internal+0xc4/0x270 [613.088705] tun_sendmsg+0x738/0xc50 [tun] [613.088705] vhost_tx_batch.isra.14+0xeb/0x1f0 [vhost_net] [613.088705] handle_tx_copy+0x2d0/0x8f0 [vhost_net] [613.088705] handle_tx+0xc7/0x120 [vhost_net] [613.088705] vhost_worker+0x166/0x200 [vhost] [613.088705] kthread+0x1b1/0x1d0 [613.088705] ret_from_fork+0x35/0x40 [613.088705] [613.088705] The buggy address belongs to the object at ffff8881da9ab740 [613.088705] which belongs to the cache skbuff_head_cache of size 232 Fixes: 043d222 ("tuntap: accept an array of XDP buffs through sendmsg()") Reviewed-by: Toshiaki Makita <makita.toshiaki@lab.ntt.co.jp> Signed-off-by: Prashant Bhole <bhole_prashant_q7@lab.ntt.co.jp> Acked-by: Jason Wang <jasowang@redhat.com> Acked-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: David S. Miller <davem@davemloft.net>

Summary: Prevents -Wunneeded-internal-delcaration warnings when the target has no other references. This occurs frequently in device drivers in the Linux kernel. Sema would need to invoke the demangler on the target, since in C++ the target name is mangled: int f() { return 42; } int g() __attribute__((alias("_Z1fv"))); Sema does not have the ability to demangle names at this time. https://bugs.llvm.org/show_bug.cgi?id=39088 ClangBuiltLinux/linux#232 Reviewers: rsmith, rjmccall Reviewed By: rsmith Subscribers: erik.pilkington, cfe-commits, pirama, srhines Differential Revision: https://reviews.llvm.org/D54188 llvm-svn: 350776

nickdesaulniers · 2019-01-10T00:00:05Z

Fixed: https://reviews.llvm.org/rL350776

Summary: Prevents -Wunneeded-internal-delcaration warnings when the target has no other references. This occurs frequently in device drivers in the Linux kernel. Sema would need to invoke the demangler on the target, since in C++ the target name is mangled: int f() { return 42; } int g() __attribute__((alias("_Z1fv"))); Sema does not have the ability to demangle names at this time. https://bugs.llvm.org/show_bug.cgi?id=39088 ClangBuiltLinux/linux#232 Reviewers: rsmith, rjmccall Reviewed By: rsmith Subscribers: erik.pilkington, cfe-commits, pirama, srhines Differential Revision: https://reviews.llvm.org/D54188 git-svn-id: http://llvm.org/svn/llvm-project/cfe/trunk@350776 91177308-0d34-0410-b5e6-96231b3b80d8

Summary: Prevents -Wunneeded-internal-delcaration warnings when the target has no other references. This occurs frequently in device drivers in the Linux kernel. Sema would need to invoke the demangler on the target, since in C++ the target name is mangled: int f() { return 42; } int g() __attribute__((alias("_Z1fv"))); Sema does not have the ability to demangle names at this time. https://bugs.llvm.org/show_bug.cgi?id=39088 ClangBuiltLinux/linux#232 Reviewers: rsmith, rjmccall Reviewed By: rsmith Subscribers: erik.pilkington, cfe-commits, pirama, srhines Differential Revision: https://reviews.llvm.org/D54188 git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@350776 91177308-0d34-0410-b5e6-96231b3b80d8

On some systems the firmware may not describe all the ports connected to a component (e.g, for security reasons). This could be especially problematic for "funnels" where we could end up in modifying memory beyond the allocated space for refcounts. e.g, for a funnel with input ports listed 0, 3, 5, nr_inport = 3. However the we could access refcnts[5] while checking for references, like : [ 526.110401] ================================================================== [ 526.117988] BUG: KASAN: slab-out-of-bounds in funnel_enable+0x54/0x1b0 [ 526.124706] Read of size 4 at addr ffffff8135f9549c by task bash/1114 [ 526.131324] [ 526.132886] CPU: 3 PID: 1114 Comm: bash Tainted: G S 5.4.25 #232 [ 526.140397] Hardware name: Qualcomm Technologies, Inc. SC7180 IDP (DT) [ 526.147113] Call trace: [ 526.149653] dump_backtrace+0x0/0x188 [ 526.153431] show_stack+0x20/0x2c [ 526.156852] dump_stack+0xdc/0x144 [ 526.160370] print_address_description+0x3c/0x494 [ 526.165211] __kasan_report+0x144/0x168 [ 526.169170] kasan_report+0x10/0x18 [ 526.172769] check_memory_region+0x1a4/0x1b4 [ 526.177164] __kasan_check_read+0x18/0x24 [ 526.181292] funnel_enable+0x54/0x1b0 [ 526.185072] coresight_enable_path+0x104/0x198 [ 526.189649] coresight_enable+0x118/0x26c ... [ 526.237782] Allocated by task 280: [ 526.241298] __kasan_kmalloc+0xf0/0x1ac [ 526.245249] kasan_kmalloc+0xc/0x14 [ 526.248849] __kmalloc+0x28c/0x3b4 [ 526.252361] coresight_register+0x88/0x250 [ 526.256587] funnel_probe+0x15c/0x228 [ 526.260365] dynamic_funnel_probe+0x20/0x2c [ 526.264679] amba_probe+0xbc/0x158 [ 526.268193] really_probe+0x144/0x408 [ 526.271970] driver_probe_device+0x70/0x140 ... [ 526.316810] [ 526.318364] Freed by task 0: [ 526.321344] (stack is not available) [ 526.325024] [ 526.326580] The buggy address belongs to the object at ffffff8135f95480 [ 526.326580] which belongs to the cache kmalloc-128 of size 128 [ 526.339439] The buggy address is located 28 bytes inside of [ 526.339439] 128-byte region [ffffff8135f95480, ffffff8135f95500) [ 526.351399] The buggy address belongs to the page: [ 526.356342] page:ffffffff04b7e500 refcount:1 mapcount:0 mapping:ffffff814b00c380 index:0x0 compound_mapcount: 0 [ 526.366711] flags: 0x4000000000010200(slab|head) [ 526.371475] raw: 4000000000010200 ffffffff05034008 ffffffff0501eb08 ffffff814b00c380 [ 526.379435] raw: 0000000000000000 0000000000190019 00000001ffffffff 0000000000000000 [ 526.387393] page dumped because: kasan: bad access detected [ 526.393128] [ 526.394681] Memory state around the buggy address: [ 526.399619] ffffff8135f95380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 526.407046] ffffff8135f95400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 526.414473] >ffffff8135f95480: 04 fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 526.421900] ^ [ 526.426029] ffffff8135f95500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 526.433456] ffffff8135f95580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 526.440883] ================================================================== To keep the code simple, we now track the maximum number of possible input/output connections to/from this component @ nr_inport and nr_outport in platform_data, respectively. Thus the output connections could be sparse and code is adjusted to skip the unspecified connections. Cc: Mathieu Poirier <mathieu.poirier@linaro.org> Cc: Mike Leach <mike.leach@linaro.org> Reported-by: Sai Prakash Ranjan <saiprakash.ranjan@codeaurora.org> Tested-by: Sai Prakash Ranjan <saiprakash.ranjan@codeaurora.org> Tested-by: Stephen Boyd <swboyd@chromium.org> Signed-off-by: Suzuki K Poulose <suzuki.poulose@arm.com> Signed-off-by: Mathieu Poirier <mathieu.poirier@linaro.org> Link: https://lore.kernel.org/r/20200518180242.7916-13-mathieu.poirier@linaro.org Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

tpimh added [BUG] linux A bug that should be fixed in the mainline kernel. low priority This bug is not critical and not a priority -Wunneeded-internal-declaration labels Oct 20, 2018

nickdesaulniers removed the low priority This bug is not critical and not a priority label Nov 4, 2018

nickdesaulniers self-assigned this Nov 4, 2018

nickdesaulniers added the [PATCH] Submitted A patch has been submitted for review label Nov 7, 2018

nickdesaulniers added [BUG] llvm A bug that should be fixed in upstream LLVM and removed [BUG] linux A bug that should be fixed in the mainline kernel. labels Nov 7, 2018

nickdesaulniers added [FIXED][LLVM] 8 This bug was fixed in LLVM 8.0 and removed [PATCH] Submitted A patch has been submitted for review labels Jan 9, 2019

nickdesaulniers closed this as completed Jan 10, 2019

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

-Wunneeded-internal-declaration and MODULE_DEVICE_TABLE #232

-Wunneeded-internal-declaration and MODULE_DEVICE_TABLE #232

bulwahn commented Oct 20, 2018 •

edited

bulwahn commented Oct 20, 2018 •

edited

bulwahn commented Oct 20, 2018

nathanchance commented Oct 20, 2018

bulwahn commented Oct 20, 2018

nickdesaulniers commented Oct 20, 2018

nathanchance commented Oct 20, 2018

nickdesaulniers commented Nov 4, 2018

nickdesaulniers commented Nov 7, 2018

dileks commented Nov 19, 2018 •

edited

nickdesaulniers commented Jan 10, 2019

-Wunneeded-internal-declaration and MODULE_DEVICE_TABLE #232

-Wunneeded-internal-declaration and MODULE_DEVICE_TABLE #232

Comments

bulwahn commented Oct 20, 2018 • edited

bulwahn commented Oct 20, 2018 • edited

bulwahn commented Oct 20, 2018

nathanchance commented Oct 20, 2018

bulwahn commented Oct 20, 2018

nickdesaulniers commented Oct 20, 2018

nathanchance commented Oct 20, 2018

nickdesaulniers commented Nov 4, 2018

nickdesaulniers commented Nov 7, 2018

dileks commented Nov 19, 2018 • edited

nickdesaulniers commented Jan 10, 2019

bulwahn commented Oct 20, 2018 •

edited

bulwahn commented Oct 20, 2018 •

edited

dileks commented Nov 19, 2018 •

edited