lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 7 Jun 2018 11:39:27 +0200
From:   Peter Zijlstra <peterz@...radead.org>
To:     Daniel Lezcano <daniel.lezcano@...aro.org>
Cc:     Viresh Kumar <viresh.kumar@...aro.org>, rjw@...ysocki.net,
        linux-kernel@...r.kernel.org,
        Eduardo Valentin <edubezval@...il.com>,
        Javi Merino <javi.merino@...nel.org>,
        Leo Yan <leo.yan@...aro.org>,
        Kevin Wangtao <kevin.wangtao@...aro.org>,
        Vincent Guittot <vincent.guittot@...aro.org>,
        Rui Zhang <rui.zhang@...el.com>,
        Daniel Thompson <daniel.thompson@...aro.org>,
        "open list:POWER MANAGEMENT CORE" <linux-pm@...r.kernel.org>
Subject: Re: [PATCH V5] powercap/drivers/idle_injection: Add an idle
 injection framework

On Thu, Jun 07, 2018 at 11:32:01AM +0200, Peter Zijlstra wrote:
> On Thu, Jun 07, 2018 at 11:09:13AM +0200, Daniel Lezcano wrote:
> > On 07/06/2018 10:49, Viresh Kumar wrote:
> > > On 07-06-18, 10:46, Daniel Lezcano wrote:
> > >> Yes, correct.
> > >>
> > >> But if we don't care about who wins to store to value, is there a risk
> > >> of scramble variable if we just assign a value ?
> > > 
> > > Normally no, as the compiler wouldn't screw it up badly. But there is no rule
> > > which stops the compiler from doing this:
> > > 
> > > idle_duration_ms = 5;
> > > idle_duration_ms = -5;
> > > idle_duration_ms = 0;
> > > idle_duration_ms = <real-value-we-want-to-write>;
> > > 
> > > So we *must* use READ/WRITE_ONCE() to make sure garbage values aren't seen by
> > > readers.
> > 
> > Ok understood. Why would a compiler do this kind of things ?
> 
> I think the above can happen when the compiler uses the variable as a
> scratch pad -- very rare I would say.
> 
> In general a compiler needs to proof that doing this makes no observable
> difference ("as-if" rule). And since it is a regular variable it can
> assume data-race-free and do the above (or something like that). Because
> if there is a data-race it is UB and it can still do whatever it
> pleases.
> 
> And here I think the point is that regular variables are considered only
> in the context of a single linear execution context. Locks are assumed
> to bound observability.
> 
> And here the "volatile" and "_atomic" type specifiers again tell the
> compiler something 'special' is going on and you should not muck with
> things.

Also, I think, more likely:

	if (cond)
		X = 5;
	else
		X = 4;

is allowed to be transformed into:

	X = 4;
	if (cond)
		X = 5;

as long as cond doesn't involve a sequence point of sorts (think
function call).

For the single execution context case, this transformation is valid, but
it is not in the threaded case. But then we go back to the assumption
that regular variables are data-race-free.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ