Date: Thu, 05 Feb 2015 11:00:46 -0800 From: Peter Wemm <peter@wemm.org> To: John Baldwin <jhb@freebsd.org> Cc: Konstantin Belousov <kostikbel@gmail.com>, freebsd-current@freebsd.org, Luigi Rizzo <rizzo@iet.unipi.it> Subject: Re: PSA: If you run -current, beware! Message-ID: <14095201.eEMelRF1IS@overcee.wemm.org> In-Reply-To: <8273349.HE1luBF2tk@ralph.baldwin.cx> References: <8089702.oYScRm8BTN@overcee.wemm.org> <20150205152223.GA59664@onelab2.iet.unipi.it> <8273349.HE1luBF2tk@ralph.baldwin.cx>
next in thread | previous in thread | raw e-mail | index | archive | help
[-- Attachment #1 --] On Thursday, February 05, 2015 10:48:54 AM John Baldwin wrote: > On Thursday, February 05, 2015 04:22:23 PM Luigi Rizzo wrote: > > On Thu, Feb 05, 2015 at 08:21:45AM -0500, John Baldwin wrote: > > > On Thursday, February 05, 2015 08:48:33 AM Luigi Rizzo wrote: > > ... > > > > > > > > It is fixed (in the proper meaning of the word, not like worked > > > > > > around, > > > > > > covered by paper) by the patch at the end of the mail. > > > > > > > > > > > > We already have a story trying to enable much less ambitious > > > > > > option > > > > > > -fno-strict-overflow, see r259045 and the revert in r259422. I do > > > > > > not > > > > > > see other way than try one more time. Too many places in kernel > > > > > > depend on the correctly wrapping 2-complement arithmetic, among > > > > > > others > > > > > > are callweel and scheduler. > > > > > > > > Rather than depending on a compiler option, wouldn't it be better/more > > > > robust to change ticks to unsigned, which has specified wrapping > > > > behavior? > > > > > > Yes, but non-trivial. It's also not limited to ticks. Since the > > > compiler > > > knows when it would apply these optimizations, it would be nice if it > > > could > > > warn instead (GCC apparently has a warning, but clang does not). Having > > > people do a manual audit of every signed integer expression in the tree > > > will take a long time. > > > > I think I misunderstood the problem as being limited to ticks, > > which is probably only one symptom of a fundamental change in behaviour > > of the compiler. > > Still, it might be worthwhile start looking at ints that ought to be > > implemented as u_int > > I actually agree, I just think we are stuck with -fwrapv in the interval, > but it's probably not a short interval. I think converting ticks to > unsigned would be a good first start. For the record, I agree. However, I suspect that attempts to do so will have a non trivial number of bugs introduced. We have a track record of recurring problems with tcp sequence number space arithmetic and tcp timing, partly because the wraparounds happens infrequently. In the mean time, I feel that telling the compiler that it's OK to let it behave the way we expect (vs actively sabotaging it) is a viable stopgap. -- Peter Wemm - peter@wemm.org; peter@FreeBSD.org; peter@yahoo-inc.com; KI6FJV UTF-8: for when a ' or ... just won\342\200\231t do\342\200\246 [-- Attachment #2 --] -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQEcBAABCAAGBQJU073eAAoJEDXWlwnsgJ4EJbUIAJHyUd7B5SIb1Kh40OBbxnqx +qH8tvo+KFNie5R7IaLL+JmcOuliyycFO32Fen5vXhW/Eiu0iXFQseRFDPme5/yd BSEfd/NrkLCgjlKJmuzmGR+P4l+8V0Xj8Aa1l/I/73Veuev8qGPHsO5gyhDHKTcY y9MEvTVGj/I4FGRlUVdO8Cr9veKASQuTtzu2i53ZVqUPMTtn1M6GgYHdF2i+xvn6 uKUsOByoXf+YaeLYfcPv5W8AZJ0AHXF6OMYnte7fqJkQXG/jUMNxgidYTw8oMns0 GEnwn/AimtoE7bFgiQr+gpesEWtoBqbfmn+OSf2A9tE/1PpiczSmcZg3pLXsK4k= =69Dg -----END PGP SIGNATURE-----
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?14095201.eEMelRF1IS>