LinuxLists.cc - [PATCH] staging: greybus: fix stack size warning with UBSAN

2021-01-03 23:18:46

Subject: [PATCH] staging: greybus: fix stack size warning with UBSAN

From: Arnd Bergmann <[email protected]>

clang warns about excessive stack usage in this driver when
UBSAN is enabled:

drivers/staging/greybus/audio_topology.c:977:12: error: stack frame size of 1836 bytes in function 'gbaudio_tplg_create_widget' [-Werror,-Wframe-larger-than=]

Rework this code to no longer use compound literals for
initializing the structure in each case, but instead keep
the common bits in a preallocated constant array and copy
them as needed.

Signed-off-by: Arnd Bergmann <[email protected]>
---
drivers/staging/greybus/audio_topology.c | 106 ++++++++++-------------
1 file changed, 47 insertions(+), 59 deletions(-)

diff --git a/drivers/staging/greybus/audio_topology.c b/drivers/staging/greybus/audio_topology.c
index 96b8b29fe899..c03873915c20 100644
--- a/drivers/staging/greybus/audio_topology.c
+++ b/drivers/staging/greybus/audio_topology.c
@@ -974,6 +974,44 @@ static int gbaudio_widget_event(struct snd_soc_dapm_widget *w,
return ret;
}

+static const struct snd_soc_dapm_widget gbaudio_widgets[] = {
+ [snd_soc_dapm_spk] = SND_SOC_DAPM_SPK("spk", gbcodec_event_spk),
+ [snd_soc_dapm_hp] = SND_SOC_DAPM_HP("hp", gbcodec_event_hp),
+ [snd_soc_dapm_mic] = SND_SOC_DAPM_MIC("mic", gbcodec_event_int_mic),
+ [snd_soc_dapm_output] = SND_SOC_DAPM_OUTPUT("output"),
+ [snd_soc_dapm_input] = SND_SOC_DAPM_INPUT("input"),
+ [snd_soc_dapm_switch] = SND_SOC_DAPM_SWITCH_E("switch", SND_SOC_NOPM,
+ 0, 0, NULL,
+ gbaudio_widget_event,
+ SND_SOC_DAPM_PRE_PMU |
+ SND_SOC_DAPM_POST_PMD),
+ [snd_soc_dapm_pga] = SND_SOC_DAPM_PGA_E("pga", SND_SOC_NOPM,
+ 0, 0, NULL, 0,
+ gbaudio_widget_event,
+ SND_SOC_DAPM_PRE_PMU |
+ SND_SOC_DAPM_POST_PMD),
+ [snd_soc_dapm_mixer] = SND_SOC_DAPM_MIXER_E("mixer", SND_SOC_NOPM,
+ 0, 0, NULL, 0,
+ gbaudio_widget_event,
+ SND_SOC_DAPM_PRE_PMU |
+ SND_SOC_DAPM_POST_PMD),
+ [snd_soc_dapm_mux] = SND_SOC_DAPM_MUX_E("mux", SND_SOC_NOPM,
+ 0, 0, NULL,
+ gbaudio_widget_event,
+ SND_SOC_DAPM_PRE_PMU |
+ SND_SOC_DAPM_POST_PMD),
+ [snd_soc_dapm_aif_in] = SND_SOC_DAPM_AIF_IN_E("aif_in", NULL, 0,
+ SND_SOC_NOPM, 0, 0,
+ gbaudio_widget_event,
+ SND_SOC_DAPM_PRE_PMU |
+ SND_SOC_DAPM_POST_PMD),
+ [snd_soc_dapm_aif_out] = SND_SOC_DAPM_AIF_OUT_E("aif_out", NULL, 0,
+ SND_SOC_NOPM, 0, 0,
+ gbaudio_widget_event,
+ SND_SOC_DAPM_PRE_PMU |
+ SND_SOC_DAPM_POST_PMD),
+};
+
static int gbaudio_tplg_create_widget(struct gbaudio_module_info *module,
struct snd_soc_dapm_widget *dw,
struct gb_audio_widget *w, int *w_size)
@@ -1050,78 +1088,28 @@ static int gbaudio_tplg_create_widget(struct gbaudio_module_info *module,
strlcpy(temp_name, w->name, NAME_SIZE);
snprintf(w->name, NAME_SIZE, "GB %d %s", module->dev_id, temp_name);

+ if (w->type > ARRAY_SIZE(gbaudio_widgets)) {
+ ret = -EINVAL;
+ goto error;
+ }
+ *dw = gbaudio_widgets[w->type];
+ dw->name = w->name;
+
switch (w->type) {
case snd_soc_dapm_spk:
- *dw = (struct snd_soc_dapm_widget)
- SND_SOC_DAPM_SPK(w->name, gbcodec_event_spk);
module->op_devices |= GBAUDIO_DEVICE_OUT_SPEAKER;
break;
case snd_soc_dapm_hp:
- *dw = (struct snd_soc_dapm_widget)
- SND_SOC_DAPM_HP(w->name, gbcodec_event_hp);
module->op_devices |= (GBAUDIO_DEVICE_OUT_WIRED_HEADSET
- | GBAUDIO_DEVICE_OUT_WIRED_HEADPHONE);
+ | GBAUDIO_DEVICE_OUT_WIRED_HEADPHONE),
module->ip_devices |= GBAUDIO_DEVICE_IN_WIRED_HEADSET;
break;
case snd_soc_dapm_mic:
- *dw = (struct snd_soc_dapm_widget)
- SND_SOC_DAPM_MIC(w->name, gbcodec_event_int_mic);
module->ip_devices |= GBAUDIO_DEVICE_IN_BUILTIN_MIC;
break;
- case snd_soc_dapm_output:
- *dw = (struct snd_soc_dapm_widget)SND_SOC_DAPM_OUTPUT(w->name);
- break;
- case snd_soc_dapm_input:
- *dw = (struct snd_soc_dapm_widget)SND_SOC_DAPM_INPUT(w->name);
- break;
- case snd_soc_dapm_switch:
- *dw = (struct snd_soc_dapm_widget)
- SND_SOC_DAPM_SWITCH_E(w->name, SND_SOC_NOPM, 0, 0,
- widget_kctls,
- gbaudio_widget_event,
- SND_SOC_DAPM_PRE_PMU |
- SND_SOC_DAPM_POST_PMD);
- break;
- case snd_soc_dapm_pga:
- *dw = (struct snd_soc_dapm_widget)
- SND_SOC_DAPM_PGA_E(w->name, SND_SOC_NOPM, 0, 0, NULL, 0,
- gbaudio_widget_event,
- SND_SOC_DAPM_PRE_PMU |
- SND_SOC_DAPM_POST_PMD);
- break;
- case snd_soc_dapm_mixer:
- *dw = (struct snd_soc_dapm_widget)
- SND_SOC_DAPM_MIXER_E(w->name, SND_SOC_NOPM, 0, 0, NULL,
- 0, gbaudio_widget_event,
- SND_SOC_DAPM_PRE_PMU |
- SND_SOC_DAPM_POST_PMD);
- break;
- case snd_soc_dapm_mux:
- *dw = (struct snd_soc_dapm_widget)
- SND_SOC_DAPM_MUX_E(w->name, SND_SOC_NOPM, 0, 0,
- widget_kctls, gbaudio_widget_event,
- SND_SOC_DAPM_PRE_PMU |
- SND_SOC_DAPM_POST_PMD);
- break;
case snd_soc_dapm_aif_in:
- *dw = (struct snd_soc_dapm_widget)
- SND_SOC_DAPM_AIF_IN_E(w->name, w->sname, 0,
- SND_SOC_NOPM,
- 0, 0, gbaudio_widget_event,
- SND_SOC_DAPM_PRE_PMU |
- SND_SOC_DAPM_POST_PMD);
- break;
case snd_soc_dapm_aif_out:
- *dw = (struct snd_soc_dapm_widget)
- SND_SOC_DAPM_AIF_OUT_E(w->name, w->sname, 0,
- SND_SOC_NOPM,
- 0, 0, gbaudio_widget_event,
- SND_SOC_DAPM_PRE_PMU |
- SND_SOC_DAPM_POST_PMD);
- break;
- default:
- ret = -EINVAL;
- goto error;
+ dw->sname = w->sname;
}

dev_dbg(module->dev, "%s: widget of type %d created\n", dw->name,
--
2.29.2

2021-01-04 03:47:39

by Alex Elder

[permalink] [raw]

Subject: Re: [PATCH] staging: greybus: fix stack size warning with UBSAN

On 1/3/21 4:35 PM, Arnd Bergmann wrote:
> From: Arnd Bergmann <[email protected]>
>
> clang warns about excessive stack usage in this driver when
> UBSAN is enabled:
>
> drivers/staging/greybus/audio_topology.c:977:12: error: stack frame size of 1836 bytes in function 'gbaudio_tplg_create_widget' [-Werror,-Wframe-larger-than=]
>
> Rework this code to no longer use compound literals for
> initializing the structure in each case, but instead keep
> the common bits in a preallocated constant array and copy
> them as needed.

This is good, but I have a few comments.

You took out the default case, and it seems you are using
a w->type value bigger than the initialization array to
determine validity. But there are more values defined in
the snd_soc_dapm_type enumerated type than are explicitly
listed as cases in the switch statement. So the switch
statement no longer treats some types as invalid (such
as snd_soc_dapm_demux). Am I missing something?

You are setting explicit names, such as "spk", "hp",
"mic", etc. in the initialization array. But you
update the name after (struct) assigning from the
array. I have no real objection I guess, but why
bother? Why not just use null pointers in the
initialization array?

You change a semicolon to a comma in one spot, and you
should not have. I'll point that out below.

I like that you got rid of the type casts, which were
apparently unnecessary.

You dropped the break in the final case in the switch
statement, but in an earlier discussion I think we
concluded that wasn't a problem.

I guess the main thing is the first thing mentioned.

Thanks.

-Alex

> Signed-off-by: Arnd Bergmann <[email protected]>
> ---
> drivers/staging/greybus/audio_topology.c | 106 ++++++++++-------------
> 1 file changed, 47 insertions(+), 59 deletions(-)
>
> diff --git a/drivers/staging/greybus/audio_topology.c b/drivers/staging/greybus/audio_topology.c
> index 96b8b29fe899..c03873915c20 100644
> --- a/drivers/staging/greybus/audio_topology.c
> +++ b/drivers/staging/greybus/audio_topology.c
> @@ -974,6 +974,44 @@ static int gbaudio_widget_event(struct snd_soc_dapm_widget *w,
> return ret;
> }
>
> +static const struct snd_soc_dapm_widget gbaudio_widgets[] = {
> + [snd_soc_dapm_spk] = SND_SOC_DAPM_SPK("spk", gbcodec_event_spk),
> + [snd_soc_dapm_hp] = SND_SOC_DAPM_HP("hp", gbcodec_event_hp),
> + [snd_soc_dapm_mic] = SND_SOC_DAPM_MIC("mic", gbcodec_event_int_mic),

. . .

> @@ -1050,78 +1088,28 @@ static int gbaudio_tplg_create_widget(struct gbaudio_module_info *module,
> strlcpy(temp_name, w->name, NAME_SIZE);
> snprintf(w->name, NAME_SIZE, "GB %d %s", module->dev_id, temp_name);
>
> + if (w->type > ARRAY_SIZE(gbaudio_widgets)) {
> + ret = -EINVAL;
> + goto error;
> + }
> + *dw = gbaudio_widgets[w->type];
> + dw->name = w->name;
> +
> switch (w->type) {
> case snd_soc_dapm_spk:
> - *dw = (struct snd_soc_dapm_widget)
> - SND_SOC_DAPM_SPK(w->name, gbcodec_event_spk);
> module->op_devices |= GBAUDIO_DEVICE_OUT_SPEAKER;
> break;
> case snd_soc_dapm_hp:
> - *dw = (struct snd_soc_dapm_widget)
> - SND_SOC_DAPM_HP(w->name, gbcodec_event_hp);
> module->op_devices |= (GBAUDIO_DEVICE_OUT_WIRED_HEADSET
> - | GBAUDIO_DEVICE_OUT_WIRED_HEADPHONE);
> + | GBAUDIO_DEVICE_OUT_WIRED_HEADPHONE),

Please fix this (above) to preserve the original semicolon.

> module->ip_devices |= GBAUDIO_DEVICE_IN_WIRED_HEADSET;
> break;
> case snd_soc_dapm_mic:
> - *dw = (struct snd_soc_dapm_widget)
> - SND_SOC_DAPM_MIC(w->name, gbcodec_event_int_mic);
> module->ip_devices |= GBAUDIO_DEVICE_IN_BUILTIN_MIC;
> break;

. . .

2021-01-04 07:00:38

by Dan Carpenter

[permalink] [raw]

Subject: Re: [PATCH] staging: greybus: fix stack size warning with UBSAN

On Sun, Jan 03, 2021 at 11:35:32PM +0100, Arnd Bergmann wrote:
> @@ -1050,78 +1088,28 @@ static int gbaudio_tplg_create_widget(struct gbaudio_module_info *module,
> strlcpy(temp_name, w->name, NAME_SIZE);
> snprintf(w->name, NAME_SIZE, "GB %d %s", module->dev_id, temp_name);
>
> + if (w->type > ARRAY_SIZE(gbaudio_widgets)) {
^^

Off by one. >= here.

> + ret = -EINVAL;
> + goto error;
> + }
> + *dw = gbaudio_widgets[w->type];
> + dw->name = w->name;

regards,
dan carpenter