Re: [RFC v2 2/3] atomic: Specify alignment for atomic_t and atomic64_t
From: Arnd Bergmann
Date: Mon Oct 06 2025 - 06:08:52 EST
On Mon, Oct 6, 2025, at 11:25, Finn Thain wrote:
> On Tue, 30 Sep 2025, Arnd Bergmann wrote:
>> On Tue, Sep 30, 2025, at 04:18, Finn Thain wrote:
>>
>> Since there is nothing telling the compiler that the 'old' argument to
>> atomic*_try_cmpcxchg() needs to be naturally aligned, maybe that check
>> should be changed to only test for the ABI-guaranteed alignment? I think
>> that would still be needed on x86-32.
>>
>> diff --git a/include/linux/atomic/atomic-instrumented.h b/include/linux/atomic/atomic-instrumented.h
>> index 9409a6ddf3e0..e57763a889bd 100644
>> --- a/include/linux/atomic/atomic-instrumented.h
>> +++ b/include/linux/atomic/atomic-instrumented.h
>> @@ -1276,7 +1276,7 @@ atomic_try_cmpxchg(atomic_t *v, int *old, int new)
>> {
>> kcsan_mb();
>> instrument_atomic_read_write(v, sizeof(*v));
>> - instrument_atomic_read_write(old, sizeof(*old));
>> + instrument_atomic_read_write(old, alignof(*old));
>> return raw_atomic_try_cmpxchg(v, old, new);
>> }
>>
>
> In the same file, we have:
>
> #define try_cmpxchg(ptr, oldp, ...) \
> ({ \
> typeof(ptr) __ai_ptr = (ptr); \
> typeof(oldp) __ai_oldp = (oldp); \
> kcsan_mb(); \
> instrument_atomic_read_write(__ai_ptr, sizeof(*__ai_ptr)); \
> instrument_read_write(__ai_oldp, sizeof(*__ai_oldp)); \
> raw_try_cmpxchg(__ai_ptr, __ai_oldp, __VA_ARGS__); \
> })
>
> In try_cmpxchg(), unlike atomic_try_cmpxchg(), the 'old' parameter is
> checked by instrument_read_write() instead of
> instrument_atomic_read_write(), which suggests a different patch.
Right, we still need the effect of instrument_read_write() for
kasan/kcsan sanitizing with the correct size, only the alignment
check from the instrument_atomic_read_write() is wrong here
here.
It looks like Mark Rutland fixed the try_cmpxchg() function this
way in commit ec570320b09f ("locking/atomic: Correct (cmp)xchg()
instrumentation"), but for some reason we still have the wrong
annotation on the atomic_try_cmpxchg() helpers.
> This header is generated by a script so the change below would be more
> complicated in practice.
>
> diff --git a/include/linux/atomic/atomic-instrumented.h
> b/include/linux/atomic/atomic-instrumented.h
> index 9409a6ddf3e0..ce3890bcd903 100644
> --- a/include/linux/atomic/atomic-instrumented.h
> +++ b/include/linux/atomic/atomic-instrumented.h
> @@ -1276,7 +1276,7 @@ atomic_try_cmpxchg(atomic_t *v, int *old, int new)
> {
> kcsan_mb();
> instrument_atomic_read_write(v, sizeof(*v));
> - instrument_atomic_read_write(old, sizeof(*old));
> + instrument_read_write(old, sizeof(*old));
> return raw_atomic_try_cmpxchg(v, old, new);
> }
This looks good to me.
Mark, I've tried to modify your script to produce that output,
the output looks correct to me, but it makes the script more
complex than I liked and I'm not sure that matching on
"${type}"="p" is the best way to check for this.
Maybe you can come up with a version that is clearer or more robust.
Arnd
diff --git a/scripts/atomic/gen-atomic-instrumented.sh b/scripts/atomic/gen-atomic-instrumented.sh
index 592f3ec89b5f..9c1d53f81eb2 100755
--- a/scripts/atomic/gen-atomic-instrumented.sh
+++ b/scripts/atomic/gen-atomic-instrumented.sh
@@ -12,7 +12,7 @@ gen_param_check()
local arg="$1"; shift
local type="${arg%%:*}"
local name="$(gen_param_name "${arg}")"
- local rw="write"
+ local rw="atomic_write"
case "${type#c}" in
i) return;;
@@ -20,14 +20,17 @@ gen_param_check()
if [ ${type#c} != ${type} ]; then
# We don't write to constant parameters.
- rw="read"
+ rw="atomic_read"
+ elif [ "${type}" = "p" ] ; then
+ # The "old" argument in try_cmpxchg() gets accessed non-atomically
+ rw="read_write"
elif [ "${meta}" != "s" ]; then
# An atomic RMW: if this parameter is not a constant, and this atomic is
# not just a 's'tore, this parameter is both read from and written to.
- rw="read_write"
+ rw="atomic_read_write"
fi
- printf "\tinstrument_atomic_${rw}(${name}, sizeof(*${name}));\n"
+ printf "\tinstrument_${rw}(${name}, sizeof(*${name}));\n"
}
#gen_params_checks(meta, arg...)