From: Ankur Arora <ankur.a.arora@oracle.com>
To: <linux-kernel@vger.kernel.org>, <linux-arch@vger.kernel.org>,
<linux-arm-kernel@lists.infradead.org>,
<linux-pm@vger.kernel.org>, <bpf@vger.kernel.org>
Cc: Ankur Arora <ankur.a.arora@oracle.com>, <bpf@vger.kernel.org>,
<arnd@arndb.de>, <catalin.marinas@arm.com>, <will@kernel.org>,
<peterz@infradead.org>, <akpm@linux-foundation.org>,
<mark.rutland@arm.com>, <harisokn@amazon.com>, <cl@gentwo.org>,
<ast@kernel.org>, <rafael@kernel.org>,
<daniel.lezcano@linaro.org>, <memxor@gmail.com>,
<zhenglifeng1@huawei.com>, <xueshuai@linux.alibaba.com>,
<rdunlap@infradead.org>, <david.laight.linux@gmail.com>,
<broonie@kernel.org>, <joao.m.martins@oracle.com>,
<boris.ostrovsky@oracle.com>, <konrad.wilk@oracle.com>,
<ashok.bhat@arm.com>, Ankur Arora <ankur.a.arora@oracle.com>,
Boqun Feng <boqun.feng@gmail.com>, <sashiko-bot@kernel.org>
Subject: Re: [PATCH v12 07/15] atomic: Add atomic_cond_read_*_timeout()
Date: Mon, 15 Jun 2026 00:41:06 -0700 [thread overview]
Message-ID: <87ldcg45f1.fsf@oracle.com> (raw)
In-Reply-To: <20260608082304.ADEA61F00893@smtp.kernel.org>
sashiko-bot@kernel.org writes:
> Thank you for your contribution! Sashiko AI review found 1 potential issue(s) to consider:
> - [High] The `atomic64_cond_read_acquire_timeout` and `atomic64_cond_read_relaxed_timeout` macros can cause torn reads and synchronization failures on 32-bit architectures.
> --
>
> commit aafb3af0335d368d82aaca86bf6b2a18f8ae6033
> Author: Ankur Arora <ankur.a.arora@oracle.com>
>
> atomic: Add atomic_cond_read_*_timeout()
>
> Add atomic load wrappers, atomic_cond_read_*_timeout() and
> atomic64_cond_read_*_timeout() for the cond-load timeout interfaces. Also
> add a short description for the interfaces.
>
>> diff --git a/include/linux/atomic.h b/include/linux/atomic.h
>> index 8dd57c3a99e9b..5bcb86e077845 100644
>> --- a/include/linux/atomic.h
>> +++ b/include/linux/atomic.h
>
> [ ... ]
>
>> @@ -31,6 +31,16 @@
>> #define atomic64_cond_read_acquire(v, c) smp_cond_load_acquire(&(v)->counter, (c))
>> #define atomic64_cond_read_relaxed(v, c) smp_cond_load_relaxed(&(v)->counter, (c))
>>
>> +#define atomic_cond_read_acquire_timeout(v, c, e, t) \
>> + smp_cond_load_acquire_timeout(&(v)->counter, (c), (e), (t))
>> +#define atomic_cond_read_relaxed_timeout(v, c, e, t) \
>> + smp_cond_load_relaxed_timeout(&(v)->counter, (c), (e), (t))
>> +
>> +#define atomic64_cond_read_acquire_timeout(v, c, e, t) \
>> + smp_cond_load_acquire_timeout(&(v)->counter, (c), (e), (t))
>> +#define atomic64_cond_read_relaxed_timeout(v, c, e, t) \
>> + smp_cond_load_relaxed_timeout(&(v)->counter, (c), (e), (t))
>
> [Severity: High]
> Will this cause torn reads and synchronization failures on 32-bit
> architectures?
>
> On 32-bit platforms, atomic64_t operations typically rely on spinlocks or
> specific instructions to prevent tearing. These new macros bypass the
> architecture-specific atomic64_read() and directly use
> smp_cond_load_acquire_timeout() and smp_cond_load_relaxed_timeout() on the
> counter member.
>
> These macros poll using a lockless READ_ONCE(). On 32-bit systems, a 64-bit
> READ_ONCE() compiles into two separate 32-bit memory loads. If concurrent
> writers modify the counter via spinlocked atomic64 operations, the lockless
> polling loop could observe torn (partially updated) reads.
So, yes 32bit would run into torn reads but it shouldn't really be using
atomic64_cond_* interfaces.
Those interfaces are typically used via atomic_long_cond -- which should
be using atomic64_cond_* only if CONFIG_64BIT is defined.
Ankur
> If a torn read spuriously satisfies the polling condition, the loop might exit
> prematurely with a corrupt value.
next prev parent reply other threads:[~2026-06-15 7:41 UTC|newest]
Thread overview: 24+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-06-08 8:04 [PATCH v12 00/15] barrier: Add smp_cond_load_{relaxed,acquire}_timeout() Ankur Arora
2026-06-08 8:04 ` [PATCH v12 01/15] asm-generic: barrier: Add smp_cond_load_relaxed_timeout() Ankur Arora
2026-06-08 8:53 ` bot+bpf-ci
2026-06-08 8:04 ` [PATCH v12 02/15] arm64: barrier: Support smp_cond_load_relaxed_timeout() Ankur Arora
2026-06-08 8:53 ` bot+bpf-ci
2026-06-10 6:32 ` Ankur Arora
2026-06-08 8:04 ` [PATCH v12 03/15] arm64/delay: move some constants out to a separate header Ankur Arora
2026-06-08 8:04 ` [PATCH v12 04/15] arm64: support WFET in smp_cond_load_relaxed_timeout() Ankur Arora
2026-06-08 8:04 ` [PATCH v12 05/15] arm64: rqspinlock: Remove private copy of smp_cond_load_acquire_timewait() Ankur Arora
2026-06-08 8:53 ` bot+bpf-ci
2026-06-08 8:04 ` [PATCH v12 06/15] asm-generic: barrier: Add smp_cond_load_acquire_timeout() Ankur Arora
[not found] ` <20260608082746.399BB1F00898@smtp.kernel.org>
2026-06-15 7:32 ` Ankur Arora
2026-06-08 8:04 ` [PATCH v12 07/15] atomic: Add atomic_cond_read_*_timeout() Ankur Arora
[not found] ` <20260608082304.ADEA61F00893@smtp.kernel.org>
2026-06-15 7:41 ` Ankur Arora [this message]
2026-06-08 8:04 ` [PATCH v12 08/15] locking/atomic: scripts: build atomic_long_cond_read_*_timeout() Ankur Arora
2026-06-08 8:04 ` [PATCH v12 09/15] bpf/rqspinlock: switch check_timeout() to a clock interface Ankur Arora
2026-06-08 8:04 ` [PATCH v12 10/15] bpf/rqspinlock: Use smp_cond_load_acquire_timeout() Ankur Arora
2026-06-08 9:04 ` bot+bpf-ci
2026-06-08 8:04 ` [PATCH v12 11/15] sched: add need-resched timed wait interface Ankur Arora
2026-06-08 8:04 ` [PATCH v12 12/15] cpuidle/poll_state: Wait for need-resched via tif_need_resched_relaxed_wait() Ankur Arora
2026-06-08 8:04 ` [PATCH v12 13/15] arm64/delay: enable testing smp_cond_load_relaxed_timeout() Ankur Arora
2026-06-08 8:04 ` [PATCH v12 14/15] barrier: add tests for smp_cond_load_*_timeout() Ankur Arora
2026-06-08 8:04 ` [PATCH v12 15/15] barrier: add clock tests for smp_cond_load_relaxed_timeout() Ankur Arora
2026-06-10 6:44 ` [PATCH v12 00/15] barrier: Add smp_cond_load_{relaxed,acquire}_timeout() Ankur Arora
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87ldcg45f1.fsf@oracle.com \
--to=ankur.a.arora@oracle.com \
--cc=akpm@linux-foundation.org \
--cc=arnd@arndb.de \
--cc=ashok.bhat@arm.com \
--cc=ast@kernel.org \
--cc=boqun.feng@gmail.com \
--cc=boris.ostrovsky@oracle.com \
--cc=bpf@vger.kernel.org \
--cc=broonie@kernel.org \
--cc=catalin.marinas@arm.com \
--cc=cl@gentwo.org \
--cc=daniel.lezcano@linaro.org \
--cc=david.laight.linux@gmail.com \
--cc=harisokn@amazon.com \
--cc=joao.m.martins@oracle.com \
--cc=konrad.wilk@oracle.com \
--cc=linux-arch@vger.kernel.org \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-pm@vger.kernel.org \
--cc=mark.rutland@arm.com \
--cc=memxor@gmail.com \
--cc=peterz@infradead.org \
--cc=rafael@kernel.org \
--cc=rdunlap@infradead.org \
--cc=sashiko-bot@kernel.org \
--cc=will@kernel.org \
--cc=xueshuai@linux.alibaba.com \
--cc=zhenglifeng1@huawei.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox