> > 4. Some drivers allow user-mode code to mmap() some of their > > state. Any changes undertaken by the user-mode code would > > be invisible to the compiler. > > A good point, but a compiler that doesn't try to (incorrectly) assume > something about the semantics of mmap will simply see that the mmap'ed > data will escape to stuff if can't analyze, so it will not be able to > make a proof. > > This is different from, for example, malloc(), which is guaranteed to > return "fresh" nonaliasing memory. The kernel side of this is different.. it looks like 'normal' memory, we just happen to allow it to end up in userspace too. But on that point; how do you tell the compiler the difference between malloc() and mmap()? Is that some function attribute? -- To unsubscribe from this list: send the line "unsubscribe linux-arch" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
