On Thu, Mar 04, 2021 at 08:01:29PM +0100, Marco Elver wrote: > On Thu, 4 Mar 2021 at 19:51, Mark Rutland <mark.rutl...@arm.com> wrote: > > On Thu, Mar 04, 2021 at 07:22:53PM +0100, Marco Elver wrote:
> > > I was having this problem with KCSAN, where the compiler would > > > tail-call-optimize __tsan_X instrumentation. > > > > Those are compiler-generated calls, right? When those are generated the > > compilation unit (and whatever it has included) might not have provided > > a prototype anyway, and the compiler has special knowledge of the > > functions, so it feels like the compiler would need to inhibit TCO here > > for this to be robust. For their intended usage subjecting them to TCO > > doesn't seem to make sense AFAICT. > > > > I suspect that compilers have some way of handling that; otherwise I'd > > expect to have heard stories of mcount/fentry calls getting TCO'd and > > causing problems. So maybe there's an easy fix there? > > I agree, the compiler builtins should be handled by the compiler > directly, perhaps that was a bad example. But we also have "explicit > instrumentation", e.g. everything that's in <linux/instrumented.h>. True -- I agree for those we want similar, and can see a case for a no-tco-calls-to-me attribute on functions as with noreturn. Maybe for now it's worth adding prevent_tail_call_optimization() to the instrument_*() call wrappers in <linux/instrumented.h>? As those are __always_inline, that should keep the function they get inlined in around. Though we probably want to see if we can replace the mb() in prevent_tail_call_optimization() with something that doesn't require a real CPU barrier. [...] > > I reckon for basically any instrumentation we don't want calls to be > > TCO'd, though I'm not immediately sure of cases beyond sanitizers and > > mcount/fentry. > > Thinking about this more, I think it's all debugging tools. E.g. > lockdep, if you lock/unlock at the end of a function, you might tail > call into lockdep. If the compiler applies TCO, and lockdep determines > there's a bug and then shows a trace, you'll have no idea where the > actual bug is. The kernel has lots of debugging facilities that add > instrumentation in this way. So perhaps it's a general debugging-tool > problem (rather than just sanitizers). This makes sense to me. Thanks, Mark.