[PATCH 4/5] rust: hrtimer: use READ_ONCE instead of read_volatile
Boqun Feng
boqun.feng at gmail.com
Tue Jan 6 17:18:53 PST 2026
On Tue, Jan 06, 2026 at 06:43:17PM +0000, Alice Ryhl wrote:
> On Tue, Jan 06, 2026 at 03:23:00PM +0000, Gary Guo wrote:
> > On Tue, 06 Jan 2026 13:37:34 +0100
> > Andreas Hindborg <a.hindborg at kernel.org> wrote:
> >
> > > "FUJITA Tomonori" <fujita.tomonori at gmail.com> writes:
> > > >
> > > > Sorry, of course this should be:
> > > >
> > > > +__rust_helper ktime_t rust_helper_hrtimer_get_expires(const struct hrtimer *timer)
> > > > +{
> > > > + return hrtimer_get_expires(timer);
> > > > +}
> > > >
> > >
> > > This is a potentially racy read. As far as I recall, we determined that
> > > using read_once is the proper way to handle the situation.
> > >
> > > I do not think it makes a difference that the read is done by C code.
> >
> > If that's the case I think the C code should be fixed by inserting the
> > READ_ONCE?
>
> I maintain my position that if this is what you recommend C code does,
> it's confusing to not make the same recommendation for Rust abstractions
> to the same thing.
The problem here is that C code should use atomic operation here, and
it can be done via READ_ONCE() in C, and in Rust, it should be done by
Atomic::from_ptr().load().
The recommendation is not "using READ_ONCE()" for C, it should be "using
reads that are atomic here", and that's why introducing READ_ONCE() in
Rust is a bad idea, because what we need here is an atomic operation not
a "magical thing that C relies on so we are fine".
>
> After all, nothing is stopping you from calling atomic_read() in C too.
>
Actually using atomic_read() in C should also work, it'll be technically
correct as well.
Regards,
Boqun
> Alice
More information about the linux-arm-kernel
mailing list