From mboxrd@z Thu Jan  1 00:00:00 1970
From: "Jan Beulich" <JBeulich@suse.com>
Subject: Re: [PATCH 4/4] xen/arm: correctly handle an empty
 array of platform descs.
Date: Tue, 14 May 2013 15:29:30 +0100
Message-ID: <5192666A02000078000D60F8@nat28.tlf.novell.com>
References: <1368462160.537.125.camel@zakaz.uk.xensource.com>
	<1368462182-10317-4-git-send-email-ian.campbell@citrix.com>
	<alpine.DEB.2.02.1305131748510.4799@kaball.uk.xensource.com>
	<1368523975.14264.22.camel@zakaz.uk.xensource.com>
	<5192248402000078000D5E7F@nat28.tlf.novell.com>
	<1368526880.14264.29.camel@zakaz.uk.xensource.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Return-path: <xen-devel-bounces@lists.xen.org>
In-Reply-To: <1368526880.14264.29.camel@zakaz.uk.xensource.com>
Content-Disposition: inline
List-Unsubscribe: <http://lists.xen.org/cgi-bin/mailman/options/xen-devel>,
	<mailto:xen-devel-request@lists.xen.org?subject=unsubscribe>
List-Post: <mailto:xen-devel@lists.xen.org>
List-Help: <mailto:xen-devel-request@lists.xen.org?subject=help>
List-Subscribe: <http://lists.xen.org/cgi-bin/mailman/listinfo/xen-devel>,
	<mailto:xen-devel-request@lists.xen.org?subject=subscribe>
Sender: xen-devel-bounces@lists.xen.org
Errors-To: xen-devel-bounces@lists.xen.org
To: Ian Campbell <Ian.Campbell@citrix.com>
Cc: "Keir (Xen.org)" <keir@xen.org>, Stefano Stabellini <Stefano.Stabellini@eu.citrix.com>, Ian Jackson <Ian.Jackson@eu.citrix.com>, "Tim (Xen.org)" <tim@xen.org>, "xen-devel@lists.xen.org" <xen-devel@lists.xen.org>, Julien Grall <julien.grall@citrix.com>
List-Id: xen-devel@lists.xenproject.org

>>> On 14.05.13 at 12:21, Ian Campbell <Ian.Campbell@citrix.com> wrote:
> On Tue, 2013-05-14 at 10:48 +0100, Jan Beulich wrote:
>> >>> On 14.05.13 at 11:32, Ian Campbell <Ian.Campbell@citrix.com> wrote:
>> > Sadly this turns out to be a bit more complicated :-( CCing Jan and Keir
>> > since this was wider implications (this construct is used elsewhere) and
>> > Ian J because he pointed this out.
>> > 
>> > TL;DR: There is probably a problem here, but I'm not sure it is one
>> > worth worrying about, at least not yet/for 4.3.
>> > 
>> > The problem is that the compiler is allowed to assume that:
>> >         extern const struct platform_desc _splatform[], _eplatform[];
>> > Defines two *distinct* arrays, which therefore can never be equal. Hence
>> > it optimises 
>> >     for ( platform = _splatform; platform != _eplatform; platform++ )
>> > with the assumption that there must always be at least one iteration.
>> 
>> Did you actually observe gcc doing this?
> 
> Yes, leading to an infinite loop.
> 
> With my "fixed" version (with the <) it just did one needless iteration
> of whatever happened to be at _splatform =_eplatform, which luckily was
> accessible data. It happens to be the device data (which likely suffers
> the same issue).
> 
> I've also semi-confirmed by staring at the disassembly...

Just compiled (-O2) this

extern unsigned _s[], _e[];

void u(unsigned*);

void test(void) {
	unsigned*p;

	for(p = _s; p != _e; ++p)
		u(p);
}

with gcc 4.7.3 for ix86, x86-64, and arm32, and none of them
produced an infinite loop. And as said before, I'd be surprised a
non-buggy gcc would, considering that with empty structures
(which gcc allows) you can have zero-sized objects, and hence
two named objects at the same address. And similarly, they
support attributes to create symbol aliases, and for those it
would again be necessary to account for the addresses of two
distinct symbols to actually resolve to the same address.

What compiler version and switches were you using for the case
where you spotted bad code to be generated?

Jan