From: George Guo <dongtai.guo@linux.dev>
To: Xi Ruoyao <xry111@xry111.site>
Cc: Alexei Starovoitov <ast@kernel.org>,
Daniel Borkmann <daniel@iogearbox.net>,
Andrii Nakryiko <andrii@kernel.org>,
Martin KaFai Lau <martin.lau@linux.dev>,
Eduard Zingerman <eddyz87@gmail.com>, Song Liu <song@kernel.org>,
Yonghong Song <yonghong.song@linux.dev>,
John Fastabend <john.fastabend@gmail.com>,
KP Singh <kpsingh@kernel.org>,
Stanislav Fomichev <sdf@fomichev.me>,
Hao Luo <haoluo@google.com>, Jiri Olsa <jolsa@kernel.org>,
Tiezhu Yang <yangtiezhu@loongson.cn>,
Hengqi Chen <hengqi.chen@gmail.com>,
Huacai Chen <chenhuacai@kernel.org>,
WANG Xuerui <kernel@xen0n.name>,
Youling Tang <tangyouling@loongson.cn>,
bpf@vger.kernel.org, loongarch@lists.linux.dev,
linux-kernel@vger.kernel.org, George Guo <guodongtai@kylinos.cn>,
Bing Huang <huangbing@kylinos.cn>
Subject: Re: [PATCH] LoongArch: BPF: Fix sign extension for 12-bit immediates
Date: Mon, 29 Dec 2025 15:06:19 +0800 [thread overview]
Message-ID: <20251229150619.0000195f@linux.dev> (raw)
In-Reply-To: <130f896382dc8f56ead371208d9809ec06c7400c.camel@xry111.site>
[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #1: Type: text/plain; charset=GB18030, Size: 2082 bytes --]
On Fri, 19 Dec 2025 17:33:17 +0800
Xi Ruoyao <xry111@xry111.site> wrote:
> On Mon, 2025-11-03 at 16:42 +0800, george wrote:
> > From: George Guo <guodongtai@kylinos.cn>
> >
> > When loading immediate values that fit within 12-bit signed range,
> > the move_imm function incorrectly used zero extension instead of
> > sign extension.
> >
> > The bug was exposed when scx_simple scheduler failed with -EINVAL
> > in ops.init() after passing node = -1 to scx_bpf_create_dsq().
> > Due to incorrect sign extension, `node >= (int)nr_node_ids`
> > evaluated to true instead of false, causing BPF program failure.
> >
> > Verified by testing with the scx_simple scheduler (located in
> > tools/sched_ext/). After building with `make` and running
> > ./tools/sched_ext/build/bin/scx_simple, the scheduler now
> > initializes successfully with this fix.
> >
> > Fix this by using sign extension (sext) instead of zero extension
> > for signed immediate values in move_imm.
> >
> > Fixes: 5dc615520c4d ("LoongArch: Add BPF JIT support")
> > Reported-by: Bing Huang <huangbing@kylinos.cn>
> > Signed-off-by: George Guo <guodongtai@kylinos.cn>
> > ---
> > Signed-off-by: george <dongtai.guo@linux.dev>
> > ---
> > 0„2arch/loongarch/net/bpf_jit.h | 3 ++-
> > 0„21 file changed, 2 insertions(+), 1 deletion(-)
> >
> > diff --git a/arch/loongarch/net/bpf_jit.h
> > b/arch/loongarch/net/bpf_jit.h index
> > 5697158fd1645fdc3d83f598b00a9e20dfaa8f6d..f1398eb135b69ae61a27ed81f80b4bb0788cf0a0
> > 100644 --- a/arch/loongarch/net/bpf_jit.h +++
> > b/arch/loongarch/net/bpf_jit.h @@ -122,7 +122,8 @@ static inline
> > void move_imm(struct jit_ctx *ctx, enum loongarch_gpr rd, long imm
> > /* addiw rd, $zero, imm_11_0 */ if (is_signed_imm12(imm)) {
> > 0„2 emit_insn(ctx, addiw, rd, LOONGARCH_GPR_ZERO, imm);
> > - goto zext;
> > + emit_sext_32(ctx, rd, is32);
>
> The addi.w instruction already produces the sign-extended value. Why
> do we need to sign-extend it again?
>
Hi Ruoyao,
I tried, it's not easy to do that.
It's better merge this patch, then consider next step.
Thanks!
next prev parent reply other threads:[~2025-12-29 7:06 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-11-03 8:42 [PATCH] LoongArch: BPF: Fix sign extension for 12-bit immediates george
2025-11-04 6:53 ` Hengqi Chen
2025-12-19 9:20 ` George Guo
2025-12-19 9:33 ` Xi Ruoyao
2025-12-29 7:06 ` George Guo [this message]
2025-12-29 14:20 ` Hengqi Chen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20251229150619.0000195f@linux.dev \
--to=dongtai.guo@linux.dev \
--cc=andrii@kernel.org \
--cc=ast@kernel.org \
--cc=bpf@vger.kernel.org \
--cc=chenhuacai@kernel.org \
--cc=daniel@iogearbox.net \
--cc=eddyz87@gmail.com \
--cc=guodongtai@kylinos.cn \
--cc=haoluo@google.com \
--cc=hengqi.chen@gmail.com \
--cc=huangbing@kylinos.cn \
--cc=john.fastabend@gmail.com \
--cc=jolsa@kernel.org \
--cc=kernel@xen0n.name \
--cc=kpsingh@kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=loongarch@lists.linux.dev \
--cc=martin.lau@linux.dev \
--cc=sdf@fomichev.me \
--cc=song@kernel.org \
--cc=tangyouling@loongson.cn \
--cc=xry111@xry111.site \
--cc=yangtiezhu@loongson.cn \
--cc=yonghong.song@linux.dev \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.