On Mon, Sep 30, 2019 at 5:18 AM Will Deacon <will@xxxxxxxxxx> wrote: > > On Mon, Sep 30, 2019 at 09:05:11PM +0900, Masahiro Yamada wrote: > > On Mon, Sep 30, 2019 at 8:26 PM Will Deacon <will@xxxxxxxxxx> wrote: > > > On Fri, Sep 27, 2019 at 03:38:44PM -0700, Linus Torvalds wrote: > > > > Soem of that code is pretty subtle. They have fixed register usage > > > > (but the asm macros actually check them). And the inline asms clobber > > > > the link register, but they do seem to clearly _state_ that they > > > > clobber it, so who knows. > > > > > > > > Just based on the EFAULT, I'd _guess_ that it's some interaction with > > > > the domain access control register (so that get/set_domain() thing). > > > > But I'm not even sure that code is enabled for the Rpi2, so who > > > > knows.. > > > > > > FWIW, we've run into issues with CONFIG_OPTIMIZE_INLINING and local > > > variables marked as 'register' where GCC would do crazy things and end > > > up corrupting data, so I suspect the use of fixed registers in the arm > > > uaccess functions is hitting something similar: > > > > > > https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91111 > > > > No. Not similar at all. > > They're similar in that enabling CONFIG_OPTIMIZE_INLINING causes register > variables to go wrong. I agree that the ARM code looks dodgy with > that call to uaccess_save_and_enable(), but there are __asmeq macros > in there to try to catch that, so it's still very fishy. > > > I fixed it already. See > > https://lore.kernel.org/patchwork/patch/1132459/ > > You fixed the specific case above for 32-bit ARM, but the arm64 case > is due to a compiler bug. As it happens, we've reworked our atomics > in 5.4 so that particular issue no longer triggers, but the fact remains > that GCC has been shown to screw up explicit register allocation for > perfectly legitimate code when giving the flexibility to move code out > of line. So __attribute__((always_inline)) doesn't guarantee that code will be inlined. For instance in LLVM's inliner, it asks/answers "should I inline" and "can I inline." "Should" has to do with a cost model, and is very heuristic-y. "Can" has more to do with the transforms, and whether they're all implemented and safe. If you if you say __attribute__((always_inline)), the answer to "can I inline this" can still be *no*. The only way to guarantee inlining is via the C preprocessor. The only way to prevent inlining is via __attribute__((no_inline)). inline and __attribute__((always_inline)) are a heuristic laden mess and should not be relied upon. I would also look closely at code that *requires* inlining or the lack there of to be correct. That the kernel no longer compiles at -O0 is not a good thing IMO, and hurts developers that want a short compile/execute/debug cycle. In this case, if there's a known codegen bug in a particular compiler or certain versions of it, I recommend the use of either the C preprocessor or __attribute__((no_inline)) to get the desired behavior localized to the function in question, and for us to proceed with Masahiro's cleanup. The comment above the use of CONFIG_OPTIMIZE_INLINING in include/linux/compiler_types.h says: * Force always-inline if the user requests it so via the .config. Which makes me grimace (__attribute__((always_inline)) doesn't *force* anything as per above), and the idea that forcing things marked inline to also be __attribute__((always_inline)) is an "optimization" (re: the name of the config; CONFIG_OPTIMIZE_INLINING) is also highly suspect. Aggressive inlining leads to image size bloat, instruction cache and register pressure; it is not exclusively an optimization. > > > The problems are fixable by writing correct code. > > Right, in the compiler ;) > > > I think we discussed this already. > > We did? > > > - There is nothing arch-specific in CONFIG_OPTIMIZE_INLINING > > Apart from the bugs... and even then, that's just based on reports. > > > - 'inline' is just a hint. It does not guarantee function inlining. > > This is standard. > > > > - The kernel macrofies 'inline' to add __attribute__((__always_inline__)) > > This terrible hack must end. > > I'm all for getting rid of hacks, but not at the cost of correctness. > > > - __attribute__((__always_inline__)) takes aways compiler's freedom, > > and prevents it from optimizing the code for -O2, -Os, or whatever. > > s/whatever/miscompiling the code/ > > If it helps, here is more information about the arm64 failure which > triggered the GCC bugzilla: > > https://www.spinics.net/lists/arm-kernel/msg730329.html > > Will -- Thanks, ~Nick Desaulniers
