Re: reordering of trapping operations and volatile

[Martin Uecker <ma.uecker@gmail.com>]

Am Montag, den 10.01.2022, 10:04 +0100 schrieb Richard Biener:
> On Sat, Jan 8, 2022 at 10:09 PM Martin Uecker via Gcc <gcc@gcc.gnu.org> wrote:
> > Am Samstag, den 08.01.2022, 10:35 -0800 schrieb Andrew Pinski:
> > > On Sat, Jan 8, 2022 at 12:33 AM Martin Uecker via Gcc <gcc@gcc.gnu.org> wrote:
> > > > Hi Richard,
> > > > 
> > > > I have a question regarding reodering of volatile
> > > > accesses and trapping operations. My initial
> > > > assumption (and  hope) was that compilers take
> > > > care to avoid creating traps that are incorrectly
> > > > ordered relative to observable behavior.
> > > > 
> > > > I had trouble finding examples, and my cursory
> > > > glace at the code seemed to confirm that GCC
> > > > carefully avoids this.  But then someone showed
> > > > me this example, where this can happen in GCC:
> > > > 
> > > > 
> > > > volatile int x;
> > > > 
> > > > int foo(int a, int b, _Bool store_to_x)
> > > > {
> > > >   if (!store_to_x)
> > > >     return a / b;
> > > >   x = b;
> > > >   return a / b;
> > > > }
> > > > 
> > > > 
> > > > https://godbolt.org/z/vq3r8vjxr
> > > 
> > > The question becomes what is a trapping instruction vs an undefined
> > > instruction?
> > > For floating point types, it is well defined what is a trapping
> > > instruction while for integer types it is not well defined.
> > > On some (many?) targets dividing by 0 is just undefined and does not
> > > trap (powerpc, aarch64, arm and many others; MIPS it depends on the
> > > options passed to GCC if the conditional trap should be inserted or
> > > not).
> > > The other side is if there is undefined code on the path, should
> > > observable results happen first (stores to volatile/atomics, etc.)?
> > 
> > I think for volatile stores and I/O, I think it would be
> > nice of we could guarantee that those happen before the UB
> > ruins the day. (I am not sure about atomics, those are
> > not directly obsevable)
> > 
> > For I/O this is probably already the case (?).
> 
> I/O usually happens through function calls where this is usually
> already guaranteed as GCC doesn't know whether the function
> will always return normally so the UB of a divide by zero might
> be properly guarded.

Yes.

> > For volatile, it seems this would need some tweaks.
> 
> Yes, likewise when re-ordering (observable) traps like
> 
>   r = a / b;
>   q = c / d;

I think this could also be useful. But at the moment I am
concerned about the effect previous defined behavior
being affected. For this, reordering traps is OK.  Also
sinking traps across observable behavior is OK. Just
hoisting it up across observable behavior would 
be a problem.

> > I am trying to figure out whether this is feasible.
> 
> For PRE yes, you'd just need to include the observable stmts you
> care in the set of stmts that cause PRE to set BB_MAY_NOTRETURN.
> In general this is of course harder.

What other passes would need to be checked?

And do you think there is any negative impact on
an important optimization (considering this affects
only volatile accesses)?

> > > GCC assumes by default that divide is trappable but stores not are not
> > > observable. This is where -fnon-call-exceptions come into play.
> > 
> > Ok, thanks! I will look at this!
> > 
> > > In the second case, GCC assumes reducing trappable instructions are
> > > fine.
> > 
> > -fnon-call-exceptions would treat trapping instructions
> > as defined (and trapping) instead of UB? This is
> > then probably even stronger than the requirement above.
> 
> No, I don't think it turns UB into defined behavior.  Some frontends might
> expect that to some extent.  So even with -fnon-call-exceptions we'd
> happily do the re-ordering unless the exception is catched in the same
> function.

Thanks,
Martin

> > > Note I thought -fno-delete-dead-exceptions would fix the sink
> > > but it didn't.
> > 
> > Martin
> > 
> >