On Wed, 3 Apr 2024 at 21:19, Guenter Roeck linux@roeck-us.net wrote:
Some unit tests intentionally trigger warning backtraces by passing bad parameters to API functions. Such unit tests typically check the return value from those calls, not the existence of the warning backtrace.
Such intentionally generated warning backtraces are neither desirable nor useful for a number of reasons.
- They can result in overlooked real problems.
- A warning that suddenly starts to show up in unit tests needs to be investigated and has to be marked to be ignored, for example by adjusting filter scripts. Such filters are ad-hoc because there is no real standard format for warnings. On top of that, such filter scripts would require constant maintenance.
One option to address problem would be to add messages such as "expected warning backtraces start / end here" to the kernel log. However, that would again require filter scripts, it might result in missing real problematic warning backtraces triggered while the test is running, and the irrelevant backtrace(s) would still clog the kernel log.
Solve the problem by providing a means to identify and suppress specific warning backtraces while executing test code. Since the new functionality results in an image size increase of about 1% if CONFIG_KUNIT is enabled, provide configuration option KUNIT_SUPPRESS_BACKTRACE to be able to disable the new functionality. This option is by default enabled since almost all systems with CONFIG_KUNIT enabled will want to benefit from it.
Cc: Dan Carpenter dan.carpenter@linaro.org Cc: Daniel Diaz daniel.diaz@linaro.org Cc: Naresh Kamboju naresh.kamboju@linaro.org Cc: Kees Cook keescook@chromium.org Tested-by: Linux Kernel Functional Testing lkft@linaro.org Acked-by: Dan Carpenter dan.carpenter@linaro.org Reviewed-by: Kees Cook keescook@chromium.org Signed-off-by: Guenter Roeck linux@roeck-us.net
Sorry it took so long to get to this.
I love the idea, we've needed this for a while.
There are some downsides to this being entirely based on the name of the function which contains WARN(). Partly because there could be several WARN()s within a function, and there'd be overlap, and partly because the function name is never actually printed during a warning (it may come from the stack trace, but that can be misleading with inlined functions). I don't think either of these are showstoppers, though, but it'd be nice to extend this in the future with (a) other ways of identifying warnings, such as the format string, and (b) print the function name in the report, if it's present. The function name is probably a good middle ground, complexity-wise, though, so I'm happy to have it thus far.
I also think we're missing some opportunities to integrate this better with existing KUnit infrastructure, like the action/resource/cleanup system. In particular, it'd be nice to have a way of ensuring that suppressions won't get leaked if the test aborts between START_SUPPRESSED_WARNING() and END_SUPPRESSED_WARNING(). It's not difficult to use this as-is, but it'd be nice to have some helpers, rather than having to, for instance: KUNIT_DEFINE_ACTION_WRAPPER(kunit_stop_suppressing_warning, __end_suppress_warning, struct __suppressed_warning *); DEFINE_SUPPRESSED_WARNING(vfree); START_SUPPRESSED_WARNING(vfree); kunit_add_action(test, kunit_stop_suppressing_warning, (void *)&__kunit_suppress_vfree);
(With the note that the DEFINE_SUPPRESSED_WARNING() will have to be global, or put on the heap, lest it become a dangling pointer by the time the suppression has stopped.)
Equally, do we want to make the __{start,end,is}_suppress[ed]_warning() functions KUnit 'hooks'? This would allow them to be used in modules which don't depend directly on KUnit. I suspect it's not important in this case: but worth keeping in mind in case we find a situation where we'd need to suppress a warning elsewhere.
These are all things which could be added/changed in follow-up patches, though, so I don't think they're blockers. Otherwise, this looks good: perhaps the naming could be a bit more consistent with other KUnit things, but that depends on how much we want this to be 'a part of KUnit' versus an independent bit of functionality.
v2:
- Rebased to v6.9-rc1
- Added Tested-by:, Acked-by:, and Reviewed-by: tags
- Added CONFIG_KUNIT_SUPPRESS_BACKTRACE configuration option, enabled by default
v3:
- Rebased to v6.9-rc2
include/asm-generic/bug.h | 16 +++++++++--- include/kunit/bug.h | 51 +++++++++++++++++++++++++++++++++++++++ include/kunit/test.h | 1 + include/linux/bug.h | 13 ++++++++++ lib/bug.c | 51 ++++++++++++++++++++++++++++++++++++--- lib/kunit/Kconfig | 9 +++++++ lib/kunit/Makefile | 6 +++-- lib/kunit/bug.c | 40 ++++++++++++++++++++++++++++++ 8 files changed, 178 insertions(+), 9 deletions(-) create mode 100644 include/kunit/bug.h create mode 100644 lib/kunit/bug.c
diff --git a/include/asm-generic/bug.h b/include/asm-generic/bug.h index 6e794420bd39..c170b6477689 100644 --- a/include/asm-generic/bug.h +++ b/include/asm-generic/bug.h @@ -18,6 +18,7 @@ #endif
#ifndef __ASSEMBLY__ +#include <kunit/bug.h> #include <linux/panic.h> #include <linux/printk.h>
@@ -39,8 +40,14 @@ struct bug_entry { #ifdef CONFIG_DEBUG_BUGVERBOSE #ifndef CONFIG_GENERIC_BUG_RELATIVE_POINTERS const char *file; +#ifdef HAVE_BUG_FUNCTION
const char *function;+#endif #else signed int file_disp; +#ifdef HAVE_BUG_FUNCTION
signed int function_disp;+#endif #endif unsigned short line; #endif @@ -96,15 +103,18 @@ extern __printf(1, 2) void __warn_printk(const char *fmt, ...); #define __WARN() __WARN_printf(TAINT_WARN, NULL) #define __WARN_printf(taint, arg...) do { \ instrumentation_begin(); \
warn_slowpath_fmt(__FILE__, __LINE__, taint, arg); \
if (!IS_SUPPRESSED_WARNING(__func__)) \warn_slowpath_fmt(__FILE__, __LINE__, taint, arg);\ instrumentation_end(); \ } while (0)#else #define __WARN() __WARN_FLAGS(BUGFLAG_TAINT(TAINT_WARN)) #define __WARN_printf(taint, arg...) do { \ instrumentation_begin(); \
__warn_printk(arg); \__WARN_FLAGS(BUGFLAG_NO_CUT_HERE | BUGFLAG_TAINT(taint));\
if (!IS_SUPPRESSED_WARNING(__func__)) { \__warn_printk(arg); \__WARN_FLAGS(BUGFLAG_NO_CUT_HERE | BUGFLAG_TAINT(taint));\} \ instrumentation_end(); \ } while (0)#define WARN_ON_ONCE(condition) ({ \ diff --git a/include/kunit/bug.h b/include/kunit/bug.h new file mode 100644 index 000000000000..bd0fe047572b --- /dev/null +++ b/include/kunit/bug.h @@ -0,0 +1,51 @@ +/* SPDX-License-Identifier: GPL-2.0 */ +/*
- KUnit helpers for backtrace suppression
- Copyright (c) 2024 Guenter Roeck linux@roeck-us.net
- */
+#ifndef _KUNIT_BUG_H +#define _KUNIT_BUG_H
+#ifndef __ASSEMBLY__
+#include <linux/kconfig.h>
+#ifdef CONFIG_KUNIT_SUPPRESS_BACKTRACE
+#include <linux/stringify.h> +#include <linux/types.h>
+struct __suppressed_warning {
struct list_head node;const char *function;+};
+void __start_suppress_warning(struct __suppressed_warning *warning); +void __end_suppress_warning(struct __suppressed_warning *warning); +bool __is_suppressed_warning(const char *function);
Do we want to call these '__kunit_start_suppress_warning', etc., to match other similar functions exported by KUnit to be used in macros, et al.
+#define DEFINE_SUPPRESSED_WARNING(func) \
struct __suppressed_warning __kunit_suppress_##func = \
We use the __kunit_ prefix here...
{ .function = __stringify(func) }+#define START_SUPPRESSED_WARNING(func) \
__start_suppress_warning(&__kunit_suppress_##func)+#define END_SUPPRESSED_WARNING(func) \
__end_suppress_warning(&__kunit_suppress_##func)+#define IS_SUPPRESSED_WARNING(func) \
__is_suppressed_warning(func)
Similarly, do we want to give these KUNIT_ prefixes to match other KUnit macros.
One possibility would be to have both KUNIT_- and non-KUNIT_- variants, the latter of which accepts a struct kunit*, and registers the suppression with the test for automated cleanup.
+#else /* CONFIG_KUNIT_SUPPRESS_BACKTRACE */
+#define DEFINE_SUPPRESSED_WARNING(func) +#define START_SUPPRESSED_WARNING(func) +#define END_SUPPRESSED_WARNING(func) +#define IS_SUPPRESSED_WARNING(func) (false)
+#endif /* CONFIG_KUNIT_SUPPRESS_BACKTRACE */ +#endif /* __ASSEMBLY__ */ +#endif /* _KUNIT_BUG_H */ diff --git a/include/kunit/test.h b/include/kunit/test.h index 61637ef32302..d0c44594d34c 100644 --- a/include/kunit/test.h +++ b/include/kunit/test.h @@ -10,6 +10,7 @@ #define _KUNIT_TEST_H
#include <kunit/assert.h> +#include <kunit/bug.h> #include <kunit/try-catch.h>
#include <linux/args.h> diff --git a/include/linux/bug.h b/include/linux/bug.h index 348acf2558f3..c668762dc76a 100644 --- a/include/linux/bug.h +++ b/include/linux/bug.h @@ -36,6 +36,9 @@ static inline int is_warning_bug(const struct bug_entry *bug) return bug->flags & BUGFLAG_WARNING; }
+void bug_get_file_function_line(struct bug_entry *bug, const char **file,
const char **function, unsigned int *line);void bug_get_file_line(struct bug_entry *bug, const char **file, unsigned int *line);
@@ -62,6 +65,16 @@ static inline enum bug_trap_type report_bug(unsigned long bug_addr, }
struct bug_entry; +static inline void bug_get_file_function_line(struct bug_entry *bug,
const char **file,const char **function,unsigned int *line)+{
*file = NULL;*function = NULL;*line = 0;+}
static inline void bug_get_file_line(struct bug_entry *bug, const char **file, unsigned int *line) { diff --git a/lib/bug.c b/lib/bug.c index e0ff21989990..aa8bb12b9809 100644 --- a/lib/bug.c +++ b/lib/bug.c @@ -26,6 +26,14 @@ when CONFIG_DEBUG_BUGVERBOSE is not enabled, so you must generate the values accordingly.
- 2a.Optionally implement support for the "function" entry in struct
bug_entry. This entry must point to the name of the function triggeringthe warning or bug trap (normally __func__). This is only needed ifboth CONFIG_DEBUG_BUGVERBOSE and CONFIG_KUNIT_SUPPRESS_BACKTRACE areenabled and if the architecture wants to implement support for suppressingwarning backtraces. The architecture must define HAVE_BUG_FUNCTION if itadds pointers to function names to struct bug_entry.
- Implement the trap
- In the illegal instruction trap handler (typically), verify that the fault was in kernel mode, and call report_bug()
@@ -127,14 +135,21 @@ static inline struct bug_entry *module_find_bug(unsigned long bugaddr) } #endif
-void bug_get_file_line(struct bug_entry *bug, const char **file,
unsigned int *line)+void bug_get_file_function_line(struct bug_entry *bug, const char **file,
const char **function, unsigned int *line){
*function = NULL;#ifdef CONFIG_DEBUG_BUGVERBOSE #ifdef CONFIG_GENERIC_BUG_RELATIVE_POINTERS *file = (const char *)&bug->file_disp + bug->file_disp; +#ifdef HAVE_BUG_FUNCTION
*function = (const char *)&bug->function_disp + bug->function_disp;+#endif #else *file = bug->file; +#ifdef HAVE_BUG_FUNCTION
*function = bug->function;+#endif #endif *line = bug->line; #else @@ -143,6 +158,13 @@ void bug_get_file_line(struct bug_entry *bug, const char **file, #endif }
+void bug_get_file_line(struct bug_entry *bug, const char **file, unsigned int *line) +{
const char *function;bug_get_file_function_line(bug, file, &function, line);+}
struct bug_entry *find_bug(unsigned long bugaddr) { struct bug_entry *bug; @@ -157,8 +179,9 @@ struct bug_entry *find_bug(unsigned long bugaddr) static enum bug_trap_type __report_bug(unsigned long bugaddr, struct pt_regs *regs) { struct bug_entry *bug;
const char *file;
const char *file, *function;
As mentioned, I'd love to see the function plumbed through and reported some day, both to make it easier to know what to suppress, and also because it's possibly more reliable even outside the suppression use-case. Could be a follow-up patch later, though.
unsigned line, warning, once, done;
char __maybe_unused sym[KSYM_SYMBOL_LEN]; if (!is_valid_bugaddr(bugaddr)) return BUG_TRAP_TYPE_NONE;@@ -169,12 +192,32 @@ static enum bug_trap_type __report_bug(unsigned long bugaddr, struct pt_regs *re
disable_trace_on_warning();
bug_get_file_line(bug, &file, &line);
bug_get_file_function_line(bug, &file, &function, &line);+#if defined(CONFIG_KUNIT_SUPPRESS_BACKTRACE) && defined(CONFIG_KALLSYMS)
if (!function) {/** This will be seen if report_bug is called on an architecture* with no architecture-specific support for suppressing warning* backtraces, if CONFIG_DEBUG_BUGVERBOSE is not enabled, or if* the calling code is from assembler which does not record a* function name. Extracting the function name from the bug* address is less than perfect since compiler optimization may* result in 'bugaddr' pointing to a function which does not* actually trigger the warning, but it is better than no* suppression at all.*/sprint_symbol_no_offset(sym, bugaddr);function = sym;}+#endif /* defined(CONFIG_KUNIT_SUPPRESS_BACKTRACE) && defined(CONFIG_KALLSYMS) */
warning = (bug->flags & BUGFLAG_WARNING) != 0; once = (bug->flags & BUGFLAG_ONCE) != 0; done = (bug->flags & BUGFLAG_DONE) != 0;
if (warning && IS_SUPPRESSED_WARNING(function))return BUG_TRAP_TYPE_WARN;if (warning && once) { if (done) return BUG_TRAP_TYPE_WARN;diff --git a/lib/kunit/Kconfig b/lib/kunit/Kconfig index 68a6daec0aef..b1b899265acc 100644 --- a/lib/kunit/Kconfig +++ b/lib/kunit/Kconfig @@ -15,6 +15,15 @@ menuconfig KUNIT
if KUNIT
+config KUNIT_SUPPRESS_BACKTRACE
bool "KUnit - Enable backtrace suppression"default yhelpEnable backtrace suppression for KUnit. If enabled, backtracesgenerated intentionally by KUnit tests are suppressed. Disableto reduce kernel image size if image size is more important thansuppression of backtraces generated by KUnit tests.config KUNIT_DEBUGFS bool "KUnit - Enable /sys/kernel/debug/kunit debugfs representation" if !KUNIT_ALL_TESTS default KUNIT_ALL_TESTS diff --git a/lib/kunit/Makefile b/lib/kunit/Makefile index 309659a32a78..545b57c3be48 100644 --- a/lib/kunit/Makefile +++ b/lib/kunit/Makefile @@ -14,8 +14,10 @@ ifeq ($(CONFIG_KUNIT_DEBUGFS),y) kunit-objs += debugfs.o endif
-# KUnit 'hooks' are built-in even when KUnit is built as a module. -obj-y += hooks.o +# KUnit 'hooks' and bug handling are built-in even when KUnit is built +# as a module. +obj-y += hooks.o \
bug.oobj-$(CONFIG_KUNIT_TEST) += kunit-test.o
diff --git a/lib/kunit/bug.c b/lib/kunit/bug.c new file mode 100644 index 000000000000..f93544d7a9d1 --- /dev/null +++ b/lib/kunit/bug.c @@ -0,0 +1,40 @@ +// SPDX-License-Identifier: GPL-2.0 +/*
- KUnit helpers for backtrace suppression
- Copyright (c) 2024 Guenter Roeck linux@roeck-us.net
- */
+#include <kunit/bug.h> +#include <linux/export.h> +#include <linux/list.h> +#include <linux/string.h>
+static LIST_HEAD(suppressed_warnings);
+void __start_suppress_warning(struct __suppressed_warning *warning) +{
list_add(&warning->node, &suppressed_warnings);+} +EXPORT_SYMBOL_GPL(__start_suppress_warning);
+void __end_suppress_warning(struct __suppressed_warning *warning) +{
list_del(&warning->node);+} +EXPORT_SYMBOL_GPL(__end_suppress_warning);
+bool __is_suppressed_warning(const char *function) +{
struct __suppressed_warning *warning;if (!function)return false;list_for_each_entry(warning, &suppressed_warnings, node) {if (!strcmp(function, warning->function))return true;}return false;+}
+EXPORT_SYMBOL_GPL(__is_suppressed_warning);
2.39.2
Thanks, -- David