[PATCH bpf-next 08/10] riscv, bpf: Add ex_insn_off and ex_jmp_off for exception table handling

Pu Lehui pulehui at huaweicloud.com
Mon Sep 15 02:39:51 PDT 2025 


On 2025/9/13 23:51, Chris Mason wrote:
> On Sat, 19 Jul 2025 09:17:28 +0000 Pu Lehui <pulehui at huaweicloud.com> wrote:
> 
>> From: Pu Lehui <pulehui at huawei.com>
>>
>> Add ex_insn_off and ex_jmp_off fields to struct rv_jit_context so that
>> add_exception_handler() does not need to be immediately followed by the
>> instruction to add the exception table. ex_insn_off indicates the offset
>> of the instruction to add the exception table, and ex_jmp_off indicates
>> the offset to jump over the faulting instruction. This is to prepare for
>> adding the exception table to atomic instructions later, because some
>> atomic instructions need to perform zext or other operations.
>>
> 
> Hi everyone,
> 
> I've been working on some patch review automation, and I recently ran it on
> the bpf-next branch.  I don't know the verifier well enough to decide if this
> is a false positive, but Alexei asked me to kick off discussion, so:
> 
>> diff --git a/arch/riscv/net/bpf_jit_comp64.c b/arch/riscv/net/bpf_jit_comp64.c
>> index 8e813809d3054..56b592af53a64 100644
>> --- a/arch/riscv/net/bpf_jit_comp64.c
>> +++ b/arch/riscv/net/bpf_jit_comp64.c
> 
> [ ... ]
> 
>> -static int emit_stx(u8 rd, s16 off, u8 rs, u8 size, struct rv_jit_context *ctx)
>> +static void emit_stx(u8 rd, s16 off, u8 rs, u8 size, struct rv_jit_context *ctx)
>>   {
>> -	int insns_start;
>> -
>>   	if (is_12b_int(off)) {
>> -		insns_start = ctx->ninsns;
>> +		ctx->ex_insn_off = ctx->ninsns;
>>   		emit_stx_insn(rd, off, rs, size, ctx);
>> -		return ctx->ninsns - insns_start;
>> +		ctx->ex_jmp_off = ctx->ex_jmp_off;

Hi Chris,

I'm not sure if I have misunderstood your intention, maybe just for 
talking about reviewing automation? But the code I checked in the 
bpf-next branch is inconsistent with yours. The code here in bpf-next is:

`ctx->ex_jmp_off = ctx->ninsns;`

https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git/tree/arch/riscv/net/bpf_jit_comp64.c?h=next-20250912#n553

> 
> Does this assignment leave ex_jmp_off uninitialized? Looking at emit_ldx()
> and emit_st(), this should probably be "ctx->ex_jmp_off = ctx->ninsns;" to
> match the pattern. Without proper initialization, add_exception_handler()
> might use stale offset values when creating exception table entries for
> the is_12b_int() code path in emit_stx().
> 
>> +		return;
>>   	}
>>   
>>   	emit_imm(RV_REG_T1, off, ctx);
>>   	emit_add(RV_REG_T1, RV_REG_T1, rd, ctx);
>> -	insns_start = ctx->ninsns;
>> +	ctx->ex_insn_off = ctx->ninsns;
>>   	emit_stx_insn(RV_REG_T1, 0, rs, size, ctx);
>> -	return ctx->ninsns - insns_start;
>> +	ctx->ex_jmp_off = ctx->ninsns;
>>   }
> 
> -chris

More information about the linux-riscv mailing list