From: sashiko-bot@kernel.org
To: "Charlie Jenkins via B4 Relay"
<devnull+thecharlesjenkins.gmail.com@kernel.org>
Cc: kvm@vger.kernel.org
Subject: Re: [PATCH v2 01/16] riscv: Introduce instruction table generation
Date: Mon, 22 Jun 2026 04:13:19 +0000 [thread overview]
Message-ID: <20260622041319.854F11F000E9@smtp.kernel.org> (raw)
In-Reply-To: <20260621-riscv_insn_table-v2-1-7f0810ee2274@gmail.com>
Thank you for your contribution! Sashiko AI review found 4 potential issue(s) to consider:
- [High] The shell script incorrectly truncates multiple instruction constraints during bash parameter expansion, causing generated matchers to drop all but the first constraint.
- [High] Extracted immediate values for compressed instructions are incorrectly truncated to 16 bits, corrupting instructions with large shifted immediates like c.lui.
- [Low] The generated header relies on `sign_extend32` but fails to include `<linux/bitops.h>`.
- [Low] Signed integer shift overflow when generating instruction masks and matches.
--
commit 2e4d01f18f465b8609784ae2ae57f5539bddd357
Author: Charlie Jenkins <thecharlesjenkins@gmail.com>
riscv: Introduce instruction table generation
Eliminate the need to hand-write riscv instructions by using a shell
script to autogenerate a header from an instruction table. This is modeled
after the syscall table infrastructure. The table is generated externally
by riscv-unified-db.
Link: https://github.com/riscv-software-src/riscv-unified-db
> diff --git a/arch/riscv/tools/insn_tbl.sh b/arch/riscv/tools/insn_tbl.sh
> new file mode 100755
> index 0000000000000..aede14c80146f
> --- /dev/null
> +++ b/arch/riscv/tools/insn_tbl.sh
> @@ -0,0 +1,256 @@
[ ... ]
> +echo "#ifndef RISCV_INSN_GEN_H" >> $outfile
> +echo "#define RISCV_INSN_GEN_H" >> $outfile
> +echo >> $outfile
> +
> +printf "#include <linux/bits.h>" >> $outfile
> +echo >> $outfile
[Severity: Low]
The generated header relies on sign_extend32() for signed fields, but only
includes <linux/bits.h>. Could this missing <linux/bitops.h> inclusion cause
compilation failures for future standalone inclusions of the generated header?
[ ... ]
> + if [ ${offset} -gt 0 ]; then
> + s=" << ${offset}"
> + else
> + s=""
> + fi
> +
> + mask="${mask}${s}"
> +
> + match="${match} | 0b${bits}${s}"
[Severity: Low]
Does this code trigger signed integer shift overflow warnings? The script
generates macros using signed binary literals shifted by large amounts
(e.g., 0b111000100000 << 20 for fclass.d). Even with -fno-strict-overflow,
this can cause compiler warnings if -Wshift-overflow is enabled. Would it be
better to append a U suffix to these binary literals to ensure unsigned
shifts?
[ ... ]
> + if [ "${variable}" != "${variable#*!}" ]; then
> + raw_constraints="${variable#*!}"
> + raw_constraints="${raw_constraints%%[=<~!]**}"
[Severity: High]
Does this parameter expansion inadvertently truncate multiple constraints?
Because the ! character is included in the character class [=<~!], the
%% operator greedily matches the longest suffix starting with the first !
it encounters.
For example, with c.ldsp which has constraints like xd!0!1!3!5!7=11-7, it
looks like this strips everything after the first !, leaving only 0. This
would cause the generated matcher to only verify that xd != 0 and fail to
enforce the rest of the constraints.
[ ... ]
> + if [ ${sign_extend} ]; then
> + extract="sign_extend32(${extract}, $((offset + left_shift - 1)))"
> + type="s"
> + else
> + type="u"
> + fi
> +
> + printf "static __always_inline ${type}${size} riscv_insn_${formatted_inst_name}_extract_${variable_name}(u${size} ${insn})\n"
[Severity: High]
Does this return type cause unintended truncation for compressed instructions
with large immediates?
The script deduces the return type as s16 or u16 for compressed instructions.
However, instructions like c.lui encode a 6-bit immediate shifted left by 12,
resulting in an 18-bit signed value. It appears the generated function correctly
computes the 32-bit signed value, but returning it as s16 silently truncates
the upper 16 bits (including the sign bit). Could this cause data corruption
when decoding such instructions?
--
Sashiko AI review · https://sashiko.dev/#/patchset/20260621-riscv_insn_table-v2-0-7f0810ee2274@gmail.com?part=1
next prev parent reply other threads:[~2026-06-22 4:13 UTC|newest]
Thread overview: 29+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-06-22 4:01 [PATCH v2 00/16] riscv: Generate riscv instruction functions Charlie Jenkins via B4 Relay
2026-06-22 4:01 ` [PATCH v2 01/16] riscv: Introduce instruction table generation Charlie Jenkins via B4 Relay
2026-06-22 4:13 ` sashiko-bot [this message]
2026-06-22 4:01 ` [PATCH v2 02/16] riscv: alternatives: Use generated instruction headers for patching code Charlie Jenkins via B4 Relay
2026-06-22 4:28 ` sashiko-bot
2026-06-22 4:01 ` [PATCH v2 03/16] riscv: kgdb: Use generated instruction headers Charlie Jenkins via B4 Relay
2026-06-22 4:01 ` [PATCH v2 04/16] riscv: Add kprobes instruction simulation KUnit Charlie Jenkins via B4 Relay
2026-06-22 4:19 ` sashiko-bot
2026-06-22 4:01 ` [PATCH v2 05/16] riscv: kprobes: Use generated instruction headers Charlie Jenkins via B4 Relay
2026-06-22 4:01 ` [PATCH v2 06/16] riscv: cfi: " Charlie Jenkins via B4 Relay
2026-06-22 4:35 ` sashiko-bot
2026-06-22 4:01 ` [PATCH v2 07/16] riscv: Use generated instruction headers for misaligned loads/stores Charlie Jenkins via B4 Relay
2026-06-22 4:18 ` sashiko-bot
2026-06-22 4:01 ` [PATCH v2 08/16] riscv: kvm: Use generated instruction headers for csr code Charlie Jenkins via B4 Relay
2026-06-22 4:18 ` sashiko-bot
2026-06-22 4:01 ` [PATCH v2 09/16] KVM: device: Add test device Charlie Jenkins via B4 Relay
2026-06-22 4:13 ` sashiko-bot
2026-06-22 4:01 ` [PATCH v2 10/16] KVM: riscv: selftests: Add mmio test Charlie Jenkins via B4 Relay
2026-06-22 4:18 ` sashiko-bot
2026-06-22 4:01 ` [PATCH v2 11/16] riscv: kvm: Use generated instruction headers for mmio emulation Charlie Jenkins via B4 Relay
2026-06-22 4:27 ` sashiko-bot
2026-06-22 4:01 ` [PATCH v2 12/16] riscv: kvm: Add emulated test csr Charlie Jenkins via B4 Relay
2026-06-22 4:23 ` sashiko-bot
2026-06-22 4:01 ` [PATCH v2 13/16] KVM: riscv: selftests: Add csr emulation test Charlie Jenkins via B4 Relay
2026-06-22 4:24 ` sashiko-bot
2026-06-22 4:01 ` [PATCH v2 14/16] riscv: kvm: Use generated instruction headers for csr emulation Charlie Jenkins via B4 Relay
2026-06-22 4:30 ` sashiko-bot
2026-06-22 4:01 ` [PATCH v2 15/16] riscv: kexec: Use generated instruction headers for kexec relocations Charlie Jenkins via B4 Relay
2026-06-22 4:01 ` [PATCH v2 16/16] riscv: Remove unused instruction headers Charlie Jenkins via B4 Relay
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20260622041319.854F11F000E9@smtp.kernel.org \
--to=sashiko-bot@kernel.org \
--cc=devnull+thecharlesjenkins.gmail.com@kernel.org \
--cc=kvm@vger.kernel.org \
--cc=sashiko-reviews@lists.linux.dev \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox