[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <4B2A65C6.7080009@caviumnetworks.com>
Date: Thu, 17 Dec 2009 09:09:26 -0800
From: David Daney <ddaney@...iumnetworks.com>
To: Jamie Lokier <jamie@...reable.org>,
"gcc@....gnu.org" <gcc@....gnu.org>
CC: Uwe Kleine-König
<u.kleine-koenig@...gutronix.de>,
linux-arm-kernel@...ts.infradead.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH] ARM: Convert BUG() to use unreachable()
Jamie Lokier wrote:
> Uwe Kleine-König wrote:
>> Use the new unreachable() macro instead of for(;;);
>> *(int *)0 = 0;
>>
>> /* Avoid "noreturn function does return" */
>> - for (;;);
>> + unreachable();
>
> Will GCC-4.5 remove ("optimise away") the *(int *)0 = 0 because it
> knows the branch of the code leading to unreachable can never be reached?
>
I don't know the definitive answer, so I am sending to gcc@...
FYI: #define unreachable() __builtin_unreachable()
> If GCC-4.5 does not, are you sure a future version of GCC will never
> remove it? In other words, is __builtin_unreachable() _defined_ in
> such a way that it cannot remove the previous assignment?
>
> We have seen problems with GCC optimising away important tests for
> NULL pointers in the kernel, due to similar propagation of "impossible
> to occur" conditions, so it's worth checking with GCC people what the
> effect of this one would be.
>
> In C, there is a general theoretical problem with back-propagation of
> optimisations from code with undefined behaviour. In the case of
> __builtin_unreachable(), it would depend on all sorts of unclearly
> defined semantics whether it can remove a preceding *(int *)0 = 0.
>
> I'd strongly suggest asking on the GCC list. (I'd have mentioned this
> earlier, if I'd known about the patch for other architectures).
>
> The documentation for __builtin_unreachable() only says the program is
> undefined if control flow reaches it. In other words, it does not say
> what effect it can have on previous instructions, and I think it's
> quite likely that it has not been analysed in a case like this.
>
> One thing that would give me a lot more confidence, because the GCC
> documentation does mention asm(), is this:
>
>> *(int *)0 = 0;
>> /* Ensure unreachableness optimisations cannot propagate back. *I/
>> __asm__ volatile("");
>> /* Avoid "noreturn function does return" */
>> unreachable();
>
> -- Jamie
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists