KUnit aborts the current thread when an assertion fails. Currently, this is done conditionally as part of the kunit_do_failed_assertion() function, but this hides the kunit_abort() call from the compiler (particularly if it's in another module). This, in turn, can lead to both suboptimal code generation (the compiler can't know if kunit_do_failed_assertion() will return), and to static analysis tools like smatch giving false positives.
Moving the kunit_abort() call into the macro should give the compiler and tools a better chance at understanding what's going on. Doing so requires exporting kunit_abort(), though it's recommended to continue to use assertions in lieu of aborting directly.
In addition, kunit_abort() and kunit_do_failed_assertion() are renamed to make it clear they they're intended for internal KUnit use, to: __kunit_do_failed_assertion() and __kunit_abort()
Suggested-by: Dan Carpenter dan.carpenter@linaro.org Signed-off-by: David Gow davidgow@google.com ---
Changes since RFCv1: https://lore.kernel.org/linux-kselftest/20230526075355.586335-1-davidgow@goo... - Add missing MODULE_EXPORT_GPL() (Thanks kernel test robot) - Rename kunit_abort() and kunit_do_failed_assertion() to make it clear they're intended for internal use. - Thanks Daniel Latypov!
--- include/kunit/test.h | 20 ++++++++++++-------- lib/kunit/test.c | 10 ++++------ 2 files changed, 16 insertions(+), 14 deletions(-)
diff --git a/include/kunit/test.h b/include/kunit/test.h index 2f23d6efa505..f40e65adfb1f 100644 --- a/include/kunit/test.h +++ b/include/kunit/test.h @@ -481,7 +481,9 @@ void __printf(2, 3) kunit_log_append(char *log, const char *fmt, ...); */ #define KUNIT_SUCCEED(test) do {} while (0)
-void kunit_do_failed_assertion(struct kunit *test, +void __noreturn __kunit_abort(struct kunit *test); + +void __kunit_do_failed_assertion(struct kunit *test, const struct kunit_loc *loc, enum kunit_assert_type type, const struct kunit_assert *assert, @@ -491,13 +493,15 @@ void kunit_do_failed_assertion(struct kunit *test, #define _KUNIT_FAILED(test, assert_type, assert_class, assert_format, INITIALIZER, fmt, ...) do { \ static const struct kunit_loc __loc = KUNIT_CURRENT_LOC; \ const struct assert_class __assertion = INITIALIZER; \ - kunit_do_failed_assertion(test, \ - &__loc, \ - assert_type, \ - &__assertion.assert, \ - assert_format, \ - fmt, \ - ##__VA_ARGS__); \ + __kunit_do_failed_assertion(test, \ + &__loc, \ + assert_type, \ + &__assertion.assert, \ + assert_format, \ + fmt, \ + ##__VA_ARGS__); \ + if (assert_type == KUNIT_ASSERTION) \ + __kunit_abort(test); \ } while (0)
diff --git a/lib/kunit/test.c b/lib/kunit/test.c index d3fb93a23ccc..e652ab0d9996 100644 --- a/lib/kunit/test.c +++ b/lib/kunit/test.c @@ -310,7 +310,7 @@ static void kunit_fail(struct kunit *test, const struct kunit_loc *loc, string_stream_destroy(stream); }
-static void __noreturn kunit_abort(struct kunit *test) +void __noreturn __kunit_abort(struct kunit *test) { kunit_try_catch_throw(&test->try_catch); /* Does not return. */
@@ -322,8 +322,9 @@ static void __noreturn kunit_abort(struct kunit *test) */ WARN_ONCE(true, "Throw could not abort from test!\n"); } +EXPORT_SYMBOL_GPL(__kunit_abort);
-void kunit_do_failed_assertion(struct kunit *test, +void __kunit_do_failed_assertion(struct kunit *test, const struct kunit_loc *loc, enum kunit_assert_type type, const struct kunit_assert *assert, @@ -340,11 +341,8 @@ void kunit_do_failed_assertion(struct kunit *test, kunit_fail(test, loc, type, assert, assert_format, &message);
va_end(args); - - if (type == KUNIT_ASSERTION) - kunit_abort(test); } -EXPORT_SYMBOL_GPL(kunit_do_failed_assertion); +EXPORT_SYMBOL_GPL(__kunit_do_failed_assertion);
void kunit_init_test(struct kunit *test, const char *name, char *log) {
On Wed, May 31, 2023 at 01:21:57PM +0800, David Gow wrote:
KUnit aborts the current thread when an assertion fails. Currently, this is done conditionally as part of the kunit_do_failed_assertion() function, but this hides the kunit_abort() call from the compiler (particularly if it's in another module). This, in turn, can lead to both suboptimal code generation (the compiler can't know if kunit_do_failed_assertion() will return), and to static analysis tools like smatch giving false positives.
Moving the kunit_abort() call into the macro should give the compiler and tools a better chance at understanding what's going on. Doing so requires exporting kunit_abort(), though it's recommended to continue to use assertions in lieu of aborting directly.
In addition, kunit_abort() and kunit_do_failed_assertion() are renamed to make it clear they they're intended for internal KUnit use, to: __kunit_do_failed_assertion() and __kunit_abort()
Suggested-by: Dan Carpenter dan.carpenter@linaro.org Signed-off-by: David Gow davidgow@google.com
Fantastic! Thanks so much!
regards, dan carpenter
On Wed, May 31, 2023 at 7:22 AM David Gow davidgow@google.com wrote:
KUnit aborts the current thread when an assertion fails. Currently, this is done conditionally as part of the kunit_do_failed_assertion() function, but this hides the kunit_abort() call from the compiler (particularly if it's in another module). This, in turn, can lead to both suboptimal code generation (the compiler can't know if kunit_do_failed_assertion() will return), and to static analysis tools like smatch giving false positives.
Moving the kunit_abort() call into the macro should give the compiler and tools a better chance at understanding what's going on. Doing so requires exporting kunit_abort(), though it's recommended to continue to use assertions in lieu of aborting directly.
In addition, kunit_abort() and kunit_do_failed_assertion() are renamed to make it clear they they're intended for internal KUnit use, to: __kunit_do_failed_assertion() and __kunit_abort()
Suggested-by: Dan Carpenter dan.carpenter@linaro.org Signed-off-by: David Gow davidgow@google.com
Reviewed-by: Miguel Ojeda ojeda@kernel.org
Also tested on top of the Rust doctests KUnit changes with [1].
Thanks!
Cheers, Miguel
[1]
diff --git a/rust/kernel/kunit.rs b/rust/kernel/kunit.rs index 48adb992da936..3fae6284abbc2 100644 --- a/rust/kernel/kunit.rs +++ b/rust/kernel/kunit.rs @@ -61,7 +61,7 @@ macro_rules! kunit_assert { // next test runs, that test failures should be fixed and that KUnit is explicitly // documented as not suitable for production environments, we feel it is reasonable. unsafe { - $crate::bindings::kunit_do_failed_assertion( + $crate::bindings::__kunit_do_failed_assertion( $test, core::ptr::addr_of!(LOCATION.0), $crate::bindings::kunit_assert_type_KUNIT_ASSERTION, @@ -70,6 +70,13 @@ macro_rules! kunit_assert { core::ptr::null(), ); } + + // SAFETY: FFI call; the `test` pointer is valid because this hidden macro should only + // be called by the generated documentation tests which forward the test pointer given + // by KUnit. + unsafe { + $crate::bindings::__kunit_abort($test); + } } }}; }
On Tue, May 30, 2023 at 10:22 PM David Gow davidgow@google.com wrote:
KUnit aborts the current thread when an assertion fails. Currently, this is done conditionally as part of the kunit_do_failed_assertion() function, but this hides the kunit_abort() call from the compiler (particularly if it's in another module). This, in turn, can lead to both suboptimal code generation (the compiler can't know if kunit_do_failed_assertion() will return), and to static analysis tools like smatch giving false positives.
Moving the kunit_abort() call into the macro should give the compiler and tools a better chance at understanding what's going on. Doing so requires exporting kunit_abort(), though it's recommended to continue to use assertions in lieu of aborting directly.
In addition, kunit_abort() and kunit_do_failed_assertion() are renamed to make it clear they they're intended for internal KUnit use, to: __kunit_do_failed_assertion() and __kunit_abort()
Suggested-by: Dan Carpenter dan.carpenter@linaro.org Signed-off-by: David Gow davidgow@google.com
Reviewed-by: Daniel Latypov dlatypov@google.com
Minor note, there's a reference to the old `kunit_abort` name still.
Documentation/dev-tools/kunit/architecture.rst 122: ``void __noreturn kunit_abort(struct kunit *)``. 124: - ``kunit_abort`` calls the function:
Note that this comes from commit bc145b370c11 ("Documentation: KUnit: Added KUnit Architecture"). I had forgotten this existed until now.
linux-kselftest-mirror@lists.linaro.org
-
Dan Carpenter -
Daniel Latypov -
David Gow -
Miguel Ojeda