From: "Onur Özkan" <work@onurozkan.dev>
To: rust-for-linux@vger.kernel.org
Cc: ojeda@kernel.org, alex.gaynor@gmail.com, boqun.feng@gmail.com,
gary@garyguo.net, bjorn3_gh@protonmail.com, lossin@kernel.org,
a.hindborg@kernel.org, aliceryhl@google.com, tmgross@umich.edu,
dakr@kernel.org, yutaro.ono.418@gmail.com, charmitro@posteo.net,
borys.tyran@protonmail.com, daniel@sedlak.dev, tamird@gmail.com,
linux-kernel@vger.kernel.org, "Onur Özkan" <work@onurozkan.dev>
Subject: [PATCH v1] rbtree: reduce unsafe blocks on pointer derefs
Date: Thu, 13 Nov 2025 17:45:47 +0300 [thread overview]
Message-ID: <20251113144547.502-1-work@onurozkan.dev> (raw)
Refactors parts of the get() and cursor_lower_bound()
traversal logic to minimize the scope of unsafe blocks
and avoid duplicating same safety comments.
One of the removed comments was also misleading:
// SAFETY: `node` is a non-null node...
Ordering::Equal => return Some(unsafe { &(*this).value }),
as `node` should have been `this`.
No functional changes intended; this is purely a safety
improvement that reduces the amount of unsafe blocks
while keeping all invariants intact.
Signed-off-by: Onur Özkan <work@onurozkan.dev>
---
rust/kernel/rbtree.rs | 27 +++++++++++++++------------
1 file changed, 15 insertions(+), 12 deletions(-)
diff --git a/rust/kernel/rbtree.rs b/rust/kernel/rbtree.rs
index b8fe6be6fcc4..d44f305e5161 100644
--- a/rust/kernel/rbtree.rs
+++ b/rust/kernel/rbtree.rs
@@ -384,14 +384,17 @@ pub fn get(&self, key: &K) -> Option<&V> {
// SAFETY: By the type invariant of `Self`, all non-null `rb_node` pointers stored in `self`
// point to the links field of `Node<K, V>` objects.
let this = unsafe { container_of!(node, Node<K, V>, links) };
+
// SAFETY: `this` is a non-null node so it is valid by the type invariants.
- node = match key.cmp(unsafe { &(*this).key }) {
- // SAFETY: `node` is a non-null node so it is valid by the type invariants.
- Ordering::Less => unsafe { (*node).rb_left },
- // SAFETY: `node` is a non-null node so it is valid by the type invariants.
- Ordering::Greater => unsafe { (*node).rb_right },
- // SAFETY: `node` is a non-null node so it is valid by the type invariants.
- Ordering::Equal => return Some(unsafe { &(*this).value }),
+ let this_ref = unsafe { &*this };
+
+ // SAFETY: `node` is a non-null node so it is valid by the type invariants.
+ let node_ref = unsafe { &*node };
+
+ node = match key.cmp(&this_ref.key) {
+ Ordering::Less => node_ref.rb_left,
+ Ordering::Greater => node_ref.rb_right,
+ Ordering::Equal => return Some(&this_ref.value),
}
}
None
@@ -433,17 +436,17 @@ pub fn cursor_lower_bound(&mut self, key: &K) -> Option<Cursor<'_, K, V>>
let this = unsafe { container_of!(node, Node<K, V>, links) };
// SAFETY: `this` is a non-null node so it is valid by the type invariants.
let this_key = unsafe { &(*this).key };
+
// SAFETY: `node` is a non-null node so it is valid by the type invariants.
- let left_child = unsafe { (*node).rb_left };
- // SAFETY: `node` is a non-null node so it is valid by the type invariants.
- let right_child = unsafe { (*node).rb_right };
+ let node_ref = unsafe { &*node };
+
match key.cmp(this_key) {
Ordering::Equal => {
best_match = NonNull::new(this);
break;
}
Ordering::Greater => {
- node = right_child;
+ node = node_ref.rb_right;
}
Ordering::Less => {
let is_better_match = match best_match {
@@ -457,7 +460,7 @@ pub fn cursor_lower_bound(&mut self, key: &K) -> Option<Cursor<'_, K, V>>
if is_better_match {
best_match = NonNull::new(this);
}
- node = left_child;
+ node = node_ref.rb_left;
}
};
}
--
2.51.2
next reply other threads:[~2025-11-13 14:53 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-11-13 14:45 Onur Özkan [this message]
2025-11-17 12:13 ` [PATCH v1] rbtree: reduce unsafe blocks on pointer derefs Charalampos Mitrodimas
2026-01-18 21:03 ` Miguel Ojeda
2026-01-19 8:36 ` Charalampos Mitrodimas
2026-01-19 8:39 ` Miguel Ojeda
2026-01-14 8:42 ` Alice Ryhl
2026-01-18 21:02 ` Miguel Ojeda
2026-01-18 21:27 ` Alice Ryhl
2026-01-19 8:21 ` Miguel Ojeda
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20251113144547.502-1-work@onurozkan.dev \
--to=work@onurozkan.dev \
--cc=a.hindborg@kernel.org \
--cc=alex.gaynor@gmail.com \
--cc=aliceryhl@google.com \
--cc=bjorn3_gh@protonmail.com \
--cc=boqun.feng@gmail.com \
--cc=borys.tyran@protonmail.com \
--cc=charmitro@posteo.net \
--cc=dakr@kernel.org \
--cc=daniel@sedlak.dev \
--cc=gary@garyguo.net \
--cc=linux-kernel@vger.kernel.org \
--cc=lossin@kernel.org \
--cc=ojeda@kernel.org \
--cc=rust-for-linux@vger.kernel.org \
--cc=tamird@gmail.com \
--cc=tmgross@umich.edu \
--cc=yutaro.ono.418@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.