Date: Thu, 5 Feb 2015 17:08:05 +0000 From: Brooks Davis <brooks@freebsd.org> To: John Baldwin <jhb@freebsd.org> Cc: Konstantin Belousov <kostikbel@gmail.com>, freebsd-current@freebsd.org, Luigi Rizzo <rizzo@iet.unipi.it>, Peter Wemm <peter@wemm.org> Subject: Re: PSA: If you run -current, beware! Message-ID: <20150205170805.GA19463@spindle.one-eyed-alien.net> In-Reply-To: <8273349.HE1luBF2tk@ralph.baldwin.cx> References: <8089702.oYScRm8BTN@overcee.wemm.org> <2613155.3ZBxDvY16q@ralph.baldwin.cx> <20150205152223.GA59664@onelab2.iet.unipi.it> <8273349.HE1luBF2tk@ralph.baldwin.cx>
next in thread | previous in thread | raw e-mail | index | archive | help
--yrj/dFKFPuw6o+aM Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Thu, Feb 05, 2015 at 10:48:54AM -0500, John Baldwin wrote: > On Thursday, February 05, 2015 04:22:23 PM Luigi Rizzo wrote: > > On Thu, Feb 05, 2015 at 08:21:45AM -0500, John Baldwin wrote: > > > On Thursday, February 05, 2015 08:48:33 AM Luigi Rizzo wrote: > > ... > >=20 > > > > > > It is fixed (in the proper meaning of the word, not like worked > > > > > > around, > > > > > > covered by paper) by the patch at the end of the mail. > > > > > >=20 > > > > > > We already have a story trying to enable much less ambitious op= tion > > > > > > -fno-strict-overflow, see r259045 and the revert in r259422. I= do > > > > > > not > > > > > > see other way than try one more time. Too many places in kernel > > > > > > depend on the correctly wrapping 2-complement arithmetic, among > > > > > > others > > > > > > are callweel and scheduler. > > > >=20 > > > > Rather than depending on a compiler option, wouldn't it be better/m= ore > > > > robust to change ticks to unsigned, which has specified wrapping > > > > behavior? > > >=20 > > > Yes, but non-trivial. It's also not limited to ticks. Since the com= piler > > > knows when it would apply these optimizations, it would be nice if it > > > could > > > warn instead (GCC apparently has a warning, but clang does not). Hav= ing > > > people do a manual audit of every signed integer expression in the tr= ee > > > will take a long time. > >=20 > > I think I misunderstood the problem as being limited to ticks, > > which is probably only one symptom of a fundamental change in behaviour > > of the compiler. > > Still, it might be worthwhile start looking at ints that ought to be > > implemented as u_int >=20 > I actually agree, I just think we are stuck with -fwrapv in the interval,= but=20 > it's probably not a short interval. I think converting ticks to unsigned= =20 > would be a good first start. In principle MIT's KINT tool should help here. Unfortunatly, it's based on LLVM 3.1 and appears to be unmaintained. -- Brooks --yrj/dFKFPuw6o+aM Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iEYEARECAAYFAlTTo3QACgkQXY6L6fI4GtQIVgCfaOa98qizfggqoDYC010pj5pk mUoAniE3N7MSvxyjC02sNG4cSSktyOB9 =5e3p -----END PGP SIGNATURE----- --yrj/dFKFPuw6o+aM--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20150205170805.GA19463>