lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <ZugliLgw5VFb9yau@gallifrey>
Date: Mon, 16 Sep 2024 12:33:12 +0000
From: "Dr. David Alan Gilbert" <linux@...blig.org>
To: david@...hat.com
Cc: linux-kernel@...r.kernel.org, kees@...nel.org
Subject: Dead code by symbols

Hi David,
  A while ago we were chatting about me spotting dead structs, and
you wondered if it might be possible to spot dead functions that
were exported from an object but never used - and I've been trying
it for the last few days.

  I'm pretty early on, but it's already got some fun things:

https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git/commit/?id=6a36d828bdef0e02b1e6c12e2160f5b83be6aab5
  Core code not used for ~20 years

https://lore.kernel.org/lkml/1690847.1726346402@warthog.procyon.org.uk/
  A bug! A recently added function that lost the place it was wired up
  so was currently unused.

https://lore.kernel.org/lkml/ZuXOWjvVYa64c1-5@gallifrey/
  A few small dead files.

Now, it does take some more guesswork, for example an unused function
which was added a couple of years back, might be something that's
there for consistency, might have been forgotten to be wired up,
or might just be something that's going to be used but the
authors haven't got to it yet, e.g.
   https://lore.kernel.org/lkml/ZuRGRKU9bjgC52mD@gallifrey/

My patience varies from Ooh core code, to meh old driver to very meh
for old undead staging code.

  I've got some nasty awk which kind of works some of the time;
but it does require a lot of handholding; often things like inlining
isn't spotted so gives a false positive, and I'm only looking at
the objects from a single architecture, so again have to grep
for the symbol name to make sure it's not used by a different
architecture build.

  And heck, I wish git log -G was faster.

Anyway, thanks for the suggestion!

Dave

Nasty scripts:

find . -name \*.o -exec ~/sym/dosyms {} \;

dosyms:
---------------
echo $1
DIR=$(dirname $1)
NEWN=$DIR/$(basename -s .o $1).x

readelf -W -s -r $1 | awk -f ~/sym/relocs.awk |sort|uniq > $NEWN
---------------

awk -f ~/sym/collate.awk $(find . -name \*.x)

collate.awk:
---------------

{ if (($1=="u") || ($1=="U")) {
    use[$2]=use[$2] "," FILENAME
    usecount[$2]++
  } else {
    def[$2]=def[$2] ",:" $1 ":" FILENAME
    defcount[$2]++
  }
}
END {
  for (s in def) {
    if (usecount[s] == 0) {
      printf("%s:%d: %s from %s\n", s, usecount[s], use[s], def[s]) 
    }
  }
}

---------------


-- 
 -----Open up your eyes, open up your mind, open up your code -------   
/ Dr. David Alan Gilbert    |       Running GNU/Linux       | Happy  \ 
\        dave @ treblig.org |                               | In Hex /
 \ _________________________|_____ http://www.treblig.org   |_______/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ