From: Yuqi Jin <[email protected]>
Commit adb03115f459 ("net: get rid of an signed integer overflow in ip_idents_reserve()")
used atomic_cmpxchg to replace "atomic_add_return" inside the function
"ip_idents_reserve". The reason was to avoid UBSAN warning.
However, this change has caused performance degrade and in GCC-8,
fno-strict-overflow is now mapped to -fwrapv -fwrapv-pointer
and signed integer overflow is now undefined by default at all
optimization levels[1]. Moreover, it was a bug in UBSAN vs -fwrapv
/-fno-strict-overflow, so Let's revert it safely.
[1] https://gcc.gnu.org/gcc-8/changes.html
Suggested-by: Peter Zijlstra <[email protected]>
Suggested-by: Eric Dumazet <[email protected]>
Cc: "David S. Miller" <[email protected]>
Cc: Alexey Kuznetsov <[email protected]>
Cc: Hideaki YOSHIFUJI <[email protected]>
Cc: Jakub Kicinski <[email protected]>
Cc: Jiri Pirko <[email protected]>
Cc: Arvind Sankar <[email protected]>
Cc: Peter Zijlstra <[email protected]>
Cc: Eric Dumazet <[email protected]>
Cc: Jiong Wang <[email protected]>
Signed-off-by: Yuqi Jin <[email protected]>
Signed-off-by: Shaokun Zhang <[email protected]>
---
ChangLog:
* Revise the commit log
* Add some comments. If it's wholly unnecessary, we
can remove it.
Patch v1: https://patchwork.ozlabs.org/project/netdev/patch/[email protected]/
net/ipv4/route.c | 14 ++++++--------
1 file changed, 6 insertions(+), 8 deletions(-)
diff --git a/net/ipv4/route.c b/net/ipv4/route.c
index 788c69d9bfe0..455871d6b3a0 100644
--- a/net/ipv4/route.c
+++ b/net/ipv4/route.c
@@ -491,18 +491,16 @@ u32 ip_idents_reserve(u32 hash, int segs)
atomic_t *p_id = ip_idents + hash % IP_IDENTS_SZ;
u32 old = READ_ONCE(*p_tstamp);
u32 now = (u32)jiffies;
- u32 new, delta = 0;
+ u32 delta = 0;
if (old != now && cmpxchg(p_tstamp, old, now) == old)
delta = prandom_u32_max(now - old);
- /* Do not use atomic_add_return() as it makes UBSAN unhappy */
- do {
- old = (u32)atomic_read(p_id);
- new = old + delta + segs;
- } while (atomic_cmpxchg(p_id, old, new) != old);
-
- return new - segs;
+ /* If UBSAN reports an error there, please make sure your compiler
+ * supports -fno-strict-overflow before reporting it that was a bug
+ * in UBSAN, and it has been fixed in GCC-8.
+ */
+ return atomic_add_return(segs + delta, p_id) - segs;
}
EXPORT_SYMBOL(ip_idents_reserve);
--
2.7.4
From: Shaokun Zhang <[email protected]>
Date: Sat, 16 May 2020 11:46:49 +0800
> From: Yuqi Jin <[email protected]>
>
> Commit adb03115f459 ("net: get rid of an signed integer overflow in ip_idents_reserve()")
> used atomic_cmpxchg to replace "atomic_add_return" inside the function
> "ip_idents_reserve". The reason was to avoid UBSAN warning.
> However, this change has caused performance degrade and in GCC-8,
> fno-strict-overflow is now mapped to -fwrapv -fwrapv-pointer
> and signed integer overflow is now undefined by default at all
> optimization levels[1]. Moreover, it was a bug in UBSAN vs -fwrapv
> /-fno-strict-overflow, so Let's revert it safely.
>
> [1] https://gcc.gnu.org/gcc-8/changes.html
>
> Suggested-by: Peter Zijlstra <[email protected]>
> Suggested-by: Eric Dumazet <[email protected]>
...
> Signed-off-by: Yuqi Jin <[email protected]>
> Signed-off-by: Shaokun Zhang <[email protected]>
Applied, thanks.