On Tue, Mar 17, 2009 at 01:47:04PM -0400, Mike Frysinger wrote:
On Tuesday 17 March 2009 13:09:31 Scott Wood wrote:
This board currently sets DBAT6 to cover all of the final 256MiB of address space; however, not all of this space is covered by a device. In particular, flash sits at 0xfe000000-0xfe7fffff, and nothing is mapped at the far end of the address space.
In zlib, there is a loop that references p[-1] if p is non-NULL. Under some circumstances, this leads to the CPU speculatively loading from 0xfffffff8 if p is NULL. This leads to a machine check.
isnt that a compiler generating bad code then ?
No. The dereference was on a not-taken side of a conditional branch.
if C code is doing ptr checks, the compiler should make sure that pointer is not dereferenced at all if the hardware cannot suffer the consequences, even speculatively.
There is no reasonable way for the compiler to prevent such speculative accesses. Non-memory-like mappings must have the guarded bit set. That is what the bit is there for.
-Scott