On 7/20/2022 8:52 PM, Nathan Chancellor wrote:
When building ARCH=arm64 allmodconfig with clang, there is a warning about high stack usage in avs_path_create(), which breaks the build due to CONFIG_WERROR=y:
sound/soc/intel/avs/path.c:815:18: error: stack frame size (2176) exceeds limit (2048) in 'avs_path_create' [-Werror,-Wframe-larger-than] struct avs_path *avs_path_create(struct avs_dev *adev, u32 dma_id, ^ 1 error generated.
This warning is also visible with allmodconfig on other architectures. The minimum set of configs that triggers this on top of ARCH=arm64 allnoconfig:
CONFIG_COMPILE_TEST=y CONFIG_FORTIFY_SOURCE=y CONFIG_KASAN=y CONFIG_PCI=y CONFIG_SOUND=y CONFIG_SND=y CONFIG_SND_SOC=y CONFIG_SND_SOC_INTEL_AVS=y
When CONFIG_FORTIFY_SOURCE is enabled, memcmp() (called from guid_equal()) becomes a wrapper to do compile time checking, which interacts poorly with inlining plus CONFIG_KASAN=y.
With ARCH=arm64 allmodconfig + CONFIG_KASAN=n + CONFIG_FRAME_WARN=128, the stack usage is much better:
sound/soc/intel/avs/path.c:815:18: warning: stack frame size (624) exceeds limit (128) in 'avs_path_create' [-Wframe-larger-than] struct avs_path *avs_path_create(struct avs_dev *adev, u32 dma_id, ^ sound/soc/intel/avs/path.c:873:5: warning: stack frame size (144) exceeds limit (128) in 'avs_path_bind' [-Wframe-larger-than] int avs_path_bind(struct avs_path *path) ^ 2 warnings generated.
To avoid this warning, mark avs_path_module_type_create() as noinline_for_stack, which redistributes the stack usage across multiple functions, regardless of CONFIG_KASAN.
With ARCH=arm64 allmodconfig + CONFIG_FRAME_WARN=128, the warnings show:
avs_path_create(): 192 avs_path_bind(): 272 avs_path_module_type_create(): 416 avs_mux_create(): 160 avs_updown_mix_create(): 160 avs_aec_create(): 176 avs_asrc_create(): 144
With ARCH=arm64 allmodconfig + CONFIG_FRAME_WARN=128 + CONFIG_KASAN=n, the warnings show:
avs_path_create(): 192 avs_path_bind(): 144 avs_path_module_type_create(): 416 avs_mux_create(): 176 avs_updown_mix_create(): 176 avs_src_create(): 144 avs_aec_create(): 192 avs_asrc_create(): 144 avs_wov_create(): 144
Link: https://github.com/ClangBuiltLinux/linux/issues/1642 Signed-off-by: Nathan Chancellor nathan@kernel.org
sound/soc/intel/avs/path.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/sound/soc/intel/avs/path.c b/sound/soc/intel/avs/path.c index 3d46dd5e5bc4..ec2aa0001f91 100644 --- a/sound/soc/intel/avs/path.c +++ b/sound/soc/intel/avs/path.c @@ -449,7 +449,8 @@ static int avs_modext_create(struct avs_dev *adev, struct avs_path_module *mod) return ret; }
-static int avs_path_module_type_create(struct avs_dev *adev, struct avs_path_module *mod) +static noinline_for_stack int avs_path_module_type_create(struct avs_dev *adev,
{ const guid_t *type = &mod->template->cfg_ext->type;struct avs_path_module *mod)
base-commit: ff6992735ade75aae3e35d16b17da1008d753d28
Not a fan of this.
My first question would be what clang does differently in this configuration (ARM) than in all other configurations (x86, etc.) and gcc.
Overall as evidenced by:
CONFIG_COMPILE_TEST=y
this is test only and this commit doesn't fix anything for x86 this driver targets.
Based on description in message and in github link: Looking at avs_path_module_type_create() it uses guid_equal() which is marked as inline, but is just a wrapper around memcmp(), which in case of fortify is still marked as inline... memcmp itself has 2 size_t variables for performing fortify check... no matter how I calculate, it shouldn't go above stack size, unless clang decides to also inline all calls to static avs_xxx_create functions. They are not marked as inline or noinline, so in theory compiler is free to do whatever it wants, but apparently it goes wrong way? Of course the above may be wrong, because I just analyzed code, not real output of clang.
Anyway it is probably ok, to do this, as while it needs to be fast module creation is not really time critical, and some time will be spend to communicate with DSP instead of calculating things, but still wonder if there isn't something that can be done on compiler side...