在 2025-07-16星期三的 09:31 +0800,Hengqi Chen写道:
> Hi Haoran,
>
> On Tue, Jul 8, 2025 at 3:19 PM Haoran Jiang <
jianghaoran@xxxxxxxxxx> > wrote:
> >
> > The extra pass of bpf_int_jit_compile() skips JIT context initialization
> > which essentially skips offset calculation leaving out_offset = -1,
> > the jmp_offset in emit_bpf_tail_call is calculated
> > by #define jmp_offset (out_offset - (cur_offset)) is a negative number,
> > which does not meet expectations.The final generated assembly as follow.
> >
>
> "does not meet expectations" ? Simply "is wrong" ?
>
> The subject line should be something like:
> Fix jump offset calculation in tailcall
>
> It's a fix, not optimization.
>
> Other than that, feel free to add:
> Reviewed-by: Hengqi Chen <
hengqi.chen@xxxxxxxxx> >
I will make the modification in the next version.
> > 54: bgeu $a2, $t1, -8 # 0x0000004c
> > 58: addi.d $a6, $s5, -1
> > 5c: bltz $a6, -16 # 0x0000004c
> > 60: alsl.d $t2, $a2, $a1, 0x3
> > 64: ld.d $t2, $t2, 264
> > 68: beq $t2, $zero, -28 # 0x0000004c
> >
> > Before apply this patch, the follow test case will reveal soft
> > lock issues.
> >
> > cd tools/testing/selftests/bpf/
> > ./test_progs --allow=tailcalls/tailcall_bpf2bpf_1
> >
> > dmesg:
> > watchdog: BUG: soft lockup - CPU#2 stuck for 26s!
> > [test_progs:25056]
> >
> > Fixes: 5dc615520c4d ("LoongArch: Add BPF JIT support")
> > Signed-off-by: Haoran Jiang <
> > jianghaoran@xxxxxxxxxx
> > >
> > ---
> > arch/loongarch/net/bpf_jit.c | 21 ++++++---------------
> > 1 file changed, 6 insertions(+), 15 deletions(-)
> >
> > diff --git a/arch/loongarch/net/bpf_jit.c
> > b/arch/loongarch/net/bpf_jit.c
> > index fa1500d4aa3e..5061bfc978f2 100644
> > --- a/arch/loongarch/net/bpf_jit.c
> > +++ b/arch/loongarch/net/bpf_jit.c
> > @@ -208,9 +208,7 @@ bool bpf_jit_supports_far_kfunc_call(void)
> > return true;
> > }
> >
> > -/* initialized on the first pass of build_body() */
> > -static int out_offset = -1;
> > -static int emit_bpf_tail_call(struct jit_ctx *ctx)
> > +static int emit_bpf_tail_call(struct jit_ctx *ctx, int insn)
> > {
> > int off;
> > u8 tcc = tail_call_reg(ctx);
> > @@ -220,9 +218,10 @@ static int emit_bpf_tail_call(struct
> > jit_ctx *ctx)
> > u8 t2 = LOONGARCH_GPR_T2;
> > u8 t3 = LOONGARCH_GPR_T3;
> > const int idx0 = ctx->idx;
> > + int tc_ninsn = 0;
> >
> > #define cur_offset (ctx->idx - idx0)
> > -#define jmp_offset (out_offset - (cur_offset))
> > +#define jmp_offset (tc_ninsn - (cur_offset))
> >
> > /*
> > * a0: &ctx
> > @@ -232,6 +231,8 @@ static int emit_bpf_tail_call(struct
> > jit_ctx *ctx)
> > * if (index >= array->map.max_entries)
> > * goto out;
> > */
> > + tc_ninsn = insn ? ctx->offset[insn+1] - ctx-
> > >offset[insn] :
> > + ctx->offset[0];
> > off = offsetof(struct bpf_array, map.max_entries);
> > emit_insn(ctx, ldwu, t1, a1, off);
> > /* bgeu $a2, $t1, jmp_offset */
> > @@ -263,15 +264,6 @@ static int emit_bpf_tail_call(struct
> > jit_ctx *ctx)
> > emit_insn(ctx, ldd, t3, t2, off);
> > __build_epilogue(ctx, true);
> >
> > - /* out: */
> > - if (out_offset == -1)
> > - out_offset = cur_offset;
> > - if (cur_offset != out_offset) {
> > - pr_err_once("tail_call out_offset = %d,
> > expected %d!\n",
> > - cur_offset, out_offset);
> > - return -1;
> > - }
> > -
> > return 0;
> >
> > toofar:
> > @@ -916,7 +908,7 @@ static int build_insn(const struct bpf_insn
> > *insn, struct jit_ctx *ctx, bool ext
> > /* tail call */
> > case BPF_JMP | BPF_TAIL_CALL:
> > mark_tail_call(ctx);
> > - if (emit_bpf_tail_call(ctx) < 0)
> > + if (emit_bpf_tail_call(ctx, i) < 0)
> > return -EINVAL;
> > break;
> >
> > @@ -1342,7 +1334,6 @@ struct bpf_prog
> > *bpf_int_jit_compile(struct bpf_prog *prog)
> > if (tmp_blinded)
> > bpf_jit_prog_release_other(prog, prog ==
> > orig_prog ? tmp : orig_prog);
> >
> > - out_offset = -1;
> >
> > return prog;
> >
> > --
> > 2.43.0
> >
> >
