On Wed, Apr 03, 2024 at 03:40:22AM +0800, kernel test robot wrote: > tree: https://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs.git misc.cmpxchg > head: 9e2f22ef1ae21b949a3903727d7e7cd5eb48810f > commit: 1b2857f7277164d8bed4e831e3c3696572a51f0b [4/8] sparc32: add __cmpxchg_u{8,16}() and teach __cmpxchg() to handle those sizes > config: sparc-randconfig-r132-20240403 (https://download.01.org/0day-ci/archive/20240403/202404030332.d8MKrNbM-lkp@xxxxxxxxx/config) > compiler: sparc-linux-gcc (GCC) 13.2.0 > reproduce: (https://download.01.org/0day-ci/archive/20240403/202404030332.d8MKrNbM-lkp@xxxxxxxxx/reproduce) > sparse warnings: (new ones prefixed by >>) > kernel/bpf/helpers.c:2157:18: sparse: sparse: symbol 'bpf_task_release_dtor' was not declared. Should it be static? > kernel/bpf/helpers.c:2187:18: sparse: sparse: symbol 'bpf_cgroup_release_dtor' was not declared. Should it be static? > kernel/bpf/helpers.c: note: in included file (through arch/sparc/include/asm/cmpxchg.h, arch/sparc/include/asm/atomic_32.h, arch/sparc/include/asm/atomic.h, ...): > >> arch/sparc/include/asm/cmpxchg_32.h:51:61: sparse: sparse: cast truncates bits from constant value (eb9f becomes 9f) > kernel/bpf/helpers.c: note: in included file (through include/linux/timer.h, include/linux/workqueue.h, include/linux/bpf.h): > include/linux/list.h:83:21: sparse: sparse: self-comparison always evaluates to true > include/linux/list.h:83:21: sparse: sparse: self-comparison always evaluates to true > kernel/bpf/helpers.c: note: in included file (through arch/sparc/include/asm/cmpxchg.h, arch/sparc/include/asm/atomic_32.h, arch/sparc/include/asm/atomic.h, ...): > >> arch/sparc/include/asm/cmpxchg_32.h:51:61: sparse: sparse: cast truncates bits from constant value (eb9f becomes 9f) > kernel/bpf/helpers.c:2495:18: sparse: sparse: context imbalance in 'bpf_rcu_read_lock' - wrong count at exit > kernel/bpf/helpers.c:2500:18: sparse: sparse: context imbalance in 'bpf_rcu_read_unlock' - unexpected unlock > > vim +51 arch/sparc/include/asm/cmpxchg_32.h > > 44 > 45 /* don't worry...optimizer will get rid of most of this */ > 46 static inline unsigned long > 47 __cmpxchg(volatile void *ptr, unsigned long old, unsigned long new_, int size) > 48 { > 49 switch (size) { > 50 case 1: > > 51 return __cmpxchg_u8((u8 *)ptr, (u8)old, (u8)new_); > 52 case 2: > 53 return __cmpxchg_u16((u16 *)ptr, (u16)old, (u16)new_); > 54 case 4: > 55 return __cmpxchg_u32((u32 *)ptr, (u32)old, (u32)new_); > 56 default: > 57 __cmpxchg_called_with_bad_pointer(); > 58 break; > 59 } > 60 return old; > 61 } ... and calls are cmpxchg(&node->owner, NULL, BPF_PTR_POISON). IOW, that's a false positive - size will be 4, not 1. IMO it's a sparse bug; one way to work around that would've been return size == 1 ? __cmpxchg_u8(ptr, old, new_) : size == 2 ? __cmpxchg_u16(ptr, old, new_) : size == 4 ? __cmpxchg_u32(ptr, old, new_) : (__cmpxchg_called_with_bad_pointer(), old); instead of that switch - elimination of dead subexpressions *does* suppress such warnings. Elimination of dead branches doesn't...
