|
Message-ID: <CA+55aFybrMeMDEW6bO6XkLVzvgaz9bzTM7CMFxxwHnwD4bcebg@mail.gmail.com> Date: Tue, 6 Mar 2018 14:19:21 -0800 From: Linus Torvalds <torvalds@...ux-foundation.org> To: Arnd Bergmann <arnd@...db.de> Cc: Steven Rostedt <rostedt@...dmis.org>, Ard Biesheuvel <ard.biesheuvel@...aro.org>, Daniel Micay <danielmicay@...il.com>, Ingo Molnar <mingo@...nel.org>, Kees Cook <keescook@...omium.org>, Dave Hansen <dave.hansen@...ux.intel.com>, Alexander Popov <alex.popov@...ux.com>, Kernel Hardening <kernel-hardening@...ts.openwall.com>, PaX Team <pageexec@...email.hu>, Brad Spengler <spender@...ecurity.net>, Andy Lutomirski <luto@...nel.org>, Tycho Andersen <tycho@...ho.ws>, Laura Abbott <labbott@...hat.com>, Mark Rutland <mark.rutland@....com>, Borislav Petkov <bp@...en8.de>, Richard Sandiford <richard.sandiford@....com>, Thomas Gleixner <tglx@...utronix.de>, "H . Peter Anvin" <hpa@...or.com>, Peter Zijlstra <a.p.zijlstra@...llo.nl>, "Dmitry V . Levin" <ldv@...linux.org>, Emese Revfy <re.emese@...il.com>, Jonathan Corbet <corbet@....net>, Andrey Ryabinin <aryabinin@...tuozzo.com>, "Kirill A . Shutemov" <kirill.shutemov@...ux.intel.com>, Thomas Garnier <thgarnie@...gle.com>, Andrew Morton <akpm@...ux-foundation.org>, Alexei Starovoitov <ast@...nel.org>, Josef Bacik <jbacik@...com>, Masami Hiramatsu <mhiramat@...nel.org>, Nicholas Piggin <npiggin@...il.com>, Al Viro <viro@...iv.linux.org.uk>, "David S . Miller" <davem@...emloft.net>, Ding Tianhong <dingtianhong@...wei.com>, David Woodhouse <dwmw@...zon.co.uk>, Josh Poimboeuf <jpoimboe@...hat.com>, Dominik Brodowski <linux@...inikbrodowski.net>, Juergen Gross <jgross@...e.com>, Greg Kroah-Hartman <gregkh@...uxfoundation.org>, Dan Williams <dan.j.williams@...el.com>, Mathias Krause <minipli@...glemail.com>, Vikas Shivappa <vikas.shivappa@...ux.intel.com>, Kyle Huey <me@...ehuey.com>, Dmitry Safonov <dsafonov@...tuozzo.com>, Will Deacon <will.deacon@....com>, X86 ML <x86@...nel.org>, LKML <linux-kernel@...r.kernel.org> Subject: Re: [PATCH RFC v9 4/7] x86/entry: Erase kernel stack in syscall_trace_enter() On Tue, Mar 6, 2018 at 1:47 PM, Arnd Bergmann <arnd@...db.de> wrote: > > I don't really understand it myself, but I do understand that > the gcc developers think this is a hard problem to solve. Depending on the internal representation, things that look absolutely trivially obvious to humans may not actually be all that trivial at all. In particular, the only sane modern IR for a compiler is based on SSA (single static assignment), and in that form, the example code is actually very obvious: the variable 'i' is assigned to exactly once, and has the value 1, so *OBVIOUSLY* the value of 'i' is 1 at each use. It's really so obvious that sparse does exactly the same. If you use the sparse "test-linearize" program, you will see that test program result in g: .L0: <entry-point> ret.32 $1 because it is very obvious to the optimizer that 'i' is 1. In fact, to get anything else, you almost _have_ to initialize 'i' to "UNDEFINED" in the compiler. At that point the SSA representation says 'i' has two sources, one undefined and one '1', and all the SSA optimizations and simplifications just DTRT automatically. But it literally involves adding that initialization. This is actually one reason I think the C "automatic variables are undefined" behavior is wrong. It made sense historically, but in an SSA world, it actually ends up not even helping. You might as well just initialize the damn things to zero, avoiding an undefined case and just be done with it, and make that part of the language definition. It would just be consistent with static variables anyway, so it would actually clean up the language conceptually too. Of course, within the confines of C _history_, that didn't make sense. SSA became a thing two decades after C had been invented, and it took even longer for it to become the de-facto standard IR for any sane optimization. Honestly, that whole "local variable might be used uninitialized" is just a historical accident, and is not some fundamentally good warning. It's _only_ a valid warning due to a language mis-feature. Linus
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.