public inbox for [email protected]
 help / color / mirror / Atom feed
From: Ammar Faizi <[email protected]>
To: Greg KH <[email protected]>
Cc: Borislav Petkov <[email protected]>,
	Dave Hansen <[email protected]>,
	"H. Peter Anvin" <[email protected]>, Ingo Molnar <[email protected]>,
	Thomas Gleixner <[email protected]>,
	Tony Luck <[email protected]>,
	[email protected], [email protected],
	[email protected], [email protected], [email protected]
Subject: Re: [PATCH v2 1/2] x86/delay: Fix the wrong asm constraint in `delay_loop()`
Date: Tue, 1 Mar 2022 15:46:15 +0700	[thread overview]
Message-ID: <[email protected]> (raw)
In-Reply-To: <Yh3YyU2VVK/[email protected]>

Hi Greg,

On 3/1/22 3:26 PM, Greg KH wrote:
> On Tue, Mar 01, 2022 at 02:32:22PM +0700, Ammar Faizi wrote:
>> The asm constraint does not reflect that the asm statement can modify
>> the value of @loops. But the asm statement in delay_loop() does change
>> the @loops.
>>
>> If by any chance the compiler inlines this function, it may clobber
>> random stuff (e.g. local variable, important temporary value in reg,
>> etc.).
>>
>> Fortunately, delay_loop() is only called indirectly (so it can't
>> inline), and then the register it clobbers is %rax (which is by the
>> nature of the calling convention, it's a caller saved register), so it
>> didn't yield any bug.
>>
>> ^ That shouldn't be an excuse for using the wrong constraint anyway.
>>
>> This changes "a" (as an input) to "+a" (as an input and output).
>>
>> Cc: Thomas Gleixner <[email protected]>
>> Cc: Ingo Molnar <[email protected]>
>> Cc: Borislav Petkov <[email protected]>
>> Cc: Dave Hansen <[email protected]>
>> Cc: "H. Peter Anvin" <[email protected]>
>> Fixes: e01b70ef3eb3080fecc35e15f68cd274c0a48163 ("x86: fix bug in arch/i386/lib/delay.c file, delay_loop function")
> 
> You only need 12 characters here :)

Ah well, that's too verbose. Will fix it in the v4.

>> Signed-off-by: Ammar Faizi <[email protected]>
>> ---
> 
> Why is this one not tagged for stable?

As far as I can tell, the compiler will never inline that function,
because despite the function is static, it's assigned to a global
variable and it's called indirectly via a function pointer variable,
so it can't be inline. Therefore, it will always be a function call.

Note that %eax is a call clobbered register w.r.t. System V ABI. As
such, *by luck*, this wrong constraint doesn't yield any bug.

The compiler will not assume the %eax value is the same as before the
function call is done. So the compiler isn't aware that constraint
violation. Not sure if it's worth it for backport.

x86 maintainers, any comment on this?

-- 
Ammar Faizi

  reply	other threads:[~2022-03-01  8:46 UTC|newest]

Thread overview: 5+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2022-03-01  7:32 [PATCH 0/2] Two x86 fixes Ammar Faizi
2022-03-01  7:32 ` [PATCH v2 1/2] x86/delay: Fix the wrong asm constraint in `delay_loop()` Ammar Faizi
2022-03-01  8:26   ` Greg KH
2022-03-01  8:46     ` Ammar Faizi [this message]
2022-03-01  7:32 ` [PATCH v2 2/2] x86/mce/amd: Fix memory leak when `threshold_create_bank()` fails Ammar Faizi

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    [email protected] \
    [email protected] \
    [email protected] \
    [email protected] \
    [email protected] \
    [email protected] \
    [email protected] \
    [email protected] \
    [email protected] \
    [email protected] \
    [email protected] \
    [email protected] \
    [email protected] \
    [email protected] \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox