[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <alpine.LFD.2.21.1907292302451.16059@eddie.linux-mips.org>
Date: Mon, 29 Jul 2019 23:16:45 +0100 (BST)
From: "Maciej W. Rozycki" <macro@...ux-mips.org>
To: Nick Desaulniers <ndesaulniers@...gle.com>
cc: Ralf Baechle <ralf@...ux-mips.org>,
Paul Burton <paul.burton@...s.com>,
James Hogan <jhogan@...nel.org>,
Nathan Chancellor <natechancellor@...il.com>,
Eli Friedman <efriedma@...cinc.com>,
Hassan Naveed <hnaveed@...ecomp.com>,
Stephen Kitt <steve@....org>,
Serge Semin <fancer.lancer@...il.com>,
Mike Rapoport <rppt@...ux.ibm.com>,
Andrew Morton <akpm@...ux-foundation.org>,
Michal Hocko <mhocko@...e.com>, linux-mips@...r.kernel.org,
linux-kernel@...r.kernel.org, clang-built-linux@...glegroups.com
Subject: Re: [PATCH] mips: avoid explicit UB in assignment of
mips_io_port_base
On Mon, 29 Jul 2019, Nick Desaulniers wrote:
> The code in question is modifying a variable declared const through
> pointer manipulation. Such code is explicitly undefined behavior, and
> is the lone issue preventing malta_defconfig from booting when built
> with Clang:
>
> If an attempt is made to modify an object defined with a const-qualified
> type through use of an lvalue with non-const-qualified type, the
> behavior is undefined.
>
> LLVM is removing such assignments. A simple fix is to not declare
> variables const that you plan on modifying. Limiting the scope would be
> a better method of preventing unwanted writes to such a variable.
>
> Further, the code in question mentions "compiler bugs" without any links
> to bug reports, so it is difficult to know if the issue is resolved in
> GCC. The patch was authored in 2006, which would have been GCC 4.0.3 or
> 4.1.1. The minimal supported version of GCC in the Linux kernel is
> currently 4.6.
It's somewhat older than that. My investigation points to:
commit c94e57dcd61d661749d53ee876ab265883b0a103
Author: Ralf Baechle <ralf@...ux-mips.org>
Date: Sun Nov 25 09:25:53 2001 +0000
Cleanup of include/asm-mips/io.h. Now looks neat and harmless.
However the purpose of the arrangement does not appear to me to be
particularly specific to a compiler version.
> For what its worth, there was UB before the commit in question, it just
> added a barrier and got lucky IRT codegen. I don't think there's any
> actual compiler bugs related, just runtime bugs due to UB.
Does your solution preserves the original purpose of the hack though as
documented in the comment you propose to be removed?
Clearly it was defined enough to work for almost 18 years, so it would be
good to keep the optimisation functionally by using different means that
do not rely on UB. This variable is assigned at most once throughout the
life of the kernel and then early on, so considering it r/w with all the
consequences for all accesses does not appear to me to be a good use of
it.
Maybe a piece of inline asm to hide the initialisation or suchlike then?
Maciej
Powered by blists - more mailing lists