| Message ID | ed361403b8ee965f758fe491c47336dddcfb8fd5.1676358308.git.jpoimboe@kernel.org (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | cpu,sched: Mark arch_cpu_idle_dead() __noreturn | expand |
On Mon, Feb 13, 2023 at 11:05:37PM -0800, Josh Poimboeuf wrote: > arch_cpu_idle_dead() doesn't return. Make that more explicit with a > BUG(). > > BUG() is preferable to unreachable() because BUG() is a more explicit > failure mode and avoids undefined behavior like falling off the edge of > the function into whatever code happens to be next. This is silly. Just mark the function __noreturn and be done with it. If the CPU ever executes code past the "b" instruction, it's already really broken that the extra instructions that BUG() gives will be meaningless. This patch does nothing except add yet more bloat the kernel. Sorry, but NAK.
On Tue, Feb 14, 2023 at 11:15:23AM +0000, Russell King (Oracle) wrote: > On Mon, Feb 13, 2023 at 11:05:37PM -0800, Josh Poimboeuf wrote: > > arch_cpu_idle_dead() doesn't return. Make that more explicit with a > > BUG(). > > > > BUG() is preferable to unreachable() because BUG() is a more explicit > > failure mode and avoids undefined behavior like falling off the edge of > > the function into whatever code happens to be next. > > This is silly. Just mark the function __noreturn and be done with it. > If the CPU ever executes code past the "b" instruction, it's already > really broken that the extra instructions that BUG() gives will be > meaningless. > > This patch does nothing except add yet more bloat the kernel. > > Sorry, but NAK. Problem is, the compiler can't read inline asm. So you'd get a "'noreturn' function does return" warning. We can do an unreachable() instead of a BUG() here if you prefer undefined behavior.
On Tue, Feb 14, 2023 at 10:39:26AM -0800, Josh Poimboeuf wrote: > On Tue, Feb 14, 2023 at 11:15:23AM +0000, Russell King (Oracle) wrote: > > On Mon, Feb 13, 2023 at 11:05:37PM -0800, Josh Poimboeuf wrote: > > > arch_cpu_idle_dead() doesn't return. Make that more explicit with a > > > BUG(). > > > > > > BUG() is preferable to unreachable() because BUG() is a more explicit > > > failure mode and avoids undefined behavior like falling off the edge of > > > the function into whatever code happens to be next. > > > > This is silly. Just mark the function __noreturn and be done with it. > > If the CPU ever executes code past the "b" instruction, it's already > > really broken that the extra instructions that BUG() gives will be > > meaningless. > > > > This patch does nothing except add yet more bloat the kernel. > > > > Sorry, but NAK. > > Problem is, the compiler can't read inline asm. So you'd get a > "'noreturn' function does return" warning. > > We can do an unreachable() instead of a BUG() here if you prefer > undefined behavior. That's fine.
diff --git a/arch/arm/kernel/smp.c b/arch/arm/kernel/smp.c index 0b8c25763adc..adcd417c526b 100644 --- a/arch/arm/kernel/smp.c +++ b/arch/arm/kernel/smp.c @@ -382,6 +382,8 @@ void arch_cpu_idle_dead(void) : "r" (task_stack_page(current) + THREAD_SIZE - 8), "r" (current) : "r0"); + + BUG(); } #endif /* CONFIG_HOTPLUG_CPU */
arch_cpu_idle_dead() doesn't return. Make that more explicit with a BUG(). BUG() is preferable to unreachable() because BUG() is a more explicit failure mode and avoids undefined behavior like falling off the edge of the function into whatever code happens to be next. Signed-off-by: Josh Poimboeuf <jpoimboe@kernel.org> --- arch/arm/kernel/smp.c | 2 ++ 1 file changed, 2 insertions(+)