From: Andreas Hindborg <a.hindborg@kernel.org>
To: "Benno Lossin" <benno.lossin@proton.me>
Cc: "Miguel Ojeda" <ojeda@kernel.org>,
"Alex Gaynor" <alex.gaynor@gmail.com>,
"Anna-Maria Behnsen" <anna-maria@linutronix.de>,
"Frederic Weisbecker" <frederic@kernel.org>,
"Thomas Gleixner" <tglx@linutronix.de>,
"Boqun Feng" <boqun.feng@gmail.com>,
"Gary Guo" <gary@garyguo.net>,
"Björn Roy Baron" <bjorn3_gh@protonmail.com>,
"Alice Ryhl" <aliceryhl@google.com>,
rust-for-linux@vger.kernel.org, linux-kernel@vger.kernel.org
Subject: Re: [PATCH v2 04/14] rust: sync: add `Arc::clone_from_raw`
Date: Thu, 19 Sep 2024 07:54:06 +0200 [thread overview]
Message-ID: <874j6cjiip.fsf@kernel.org> (raw)
In-Reply-To: <43b9bc9b-f64c-4421-8cf2-795f1f0ec94a@proton.me> (Benno Lossin's message of "Wed, 18 Sep 2024 18:19:20 +0000")
"Benno Lossin" <benno.lossin@proton.me> writes:
> On 18.09.24 00:27, Andreas Hindborg wrote:
>> Add a method to clone an arc from a pointer to the data managed by the
>> `Arc`.
>>
>> Signed-off-by: Andreas Hindborg <a.hindborg@kernel.org>
>> ---
>> rust/kernel/sync/arc.rs | 20 ++++++++++++++++++++
>> 1 file changed, 20 insertions(+)
>>
>> diff --git a/rust/kernel/sync/arc.rs b/rust/kernel/sync/arc.rs
>> index a57ea3e2b44c..2c95712d12a2 100644
>> --- a/rust/kernel/sync/arc.rs
>> +++ b/rust/kernel/sync/arc.rs
>> @@ -282,6 +282,26 @@ pub unsafe fn from_raw(ptr: *const T) -> Self {
>> unsafe { Self::from_inner(ptr) }
>> }
>>
>> + /// Clones an [`Arc`] instance from a pointer to the contained data.
>> + ///
>> + /// # Safety
>> + ///
>> + /// `ptr` must point to an allocation that is contained within a live [`Arc<T>`].
>> + pub unsafe fn clone_from_raw(ptr: *const T) -> Self {
>> + // SAFETY: The caller promises that this pointer points to data
>> + // contained in an `Arc` that is still valid.
>> + let inner = unsafe { ArcInner::container_of(ptr).as_ref() };
>> +
>> + // INVARIANT: C `refcount_inc` saturates the refcount, so it cannot
>> + // overflow to zero. SAFETY: By the function safety requirement, there
>> + // is necessarily a reference to the object, so it is safe to increment
>> + // the refcount.
>> + unsafe { bindings::refcount_inc(inner.refcount.get()) };
>> +
>> + // SAFETY: We just incremented the refcount. This increment is now owned by the new `Arc`.
>> + unsafe { Self::from_inner(inner.into()) }
>
> The implementation of this function looks a bit strange to me, how about
> this?:
>
> // SAFETY: this function has the same safety requirements as `from_raw`.
> let arc = unsafe { Self::from_raw(ptr) };
> let clone = arc.clone();
> // Prevent decrementing the refcount.
> mem::forget(arc);
> clone
>
We do not own
a refcount on the Arc. For a short duration you will have a wrong
refcount. If you have two Arcs and the refcount is 1, the ArcInner might
be dropped after the first line of this suggestion, before you do clone,
and then this is not sound.
Best regards,
Andreas
next prev parent reply other threads:[~2024-09-19 6:01 UTC|newest]
Thread overview: 59+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-09-17 22:27 [PATCH v2 00/14] hrtimer Rust API Andreas Hindborg
2024-09-17 22:27 ` [PATCH v2 01/14] rust: time: Add Ktime::from_ns() Andreas Hindborg
2024-09-17 22:27 ` [PATCH v2 02/14] rust: hrtimer: introduce hrtimer support Andreas Hindborg
2024-09-18 18:13 ` Benno Lossin
2024-09-19 5:43 ` Andreas Hindborg
2024-09-19 14:09 ` Benno Lossin
2024-09-23 16:35 ` Andreas Hindborg
2024-09-23 16:59 ` Benno Lossin
2024-10-10 12:24 ` Andreas Hindborg
2024-09-17 22:27 ` [PATCH v2 03/14] rust: sync: add `Arc::as_ptr` Andreas Hindborg
2024-09-19 14:03 ` Benno Lossin
2024-09-21 15:58 ` Gary Guo
2024-09-21 18:17 ` Benno Lossin
2024-09-23 8:14 ` Alice Ryhl
2024-10-01 4:56 ` Dirk Behme
2024-10-01 8:39 ` Benno Lossin
2024-09-17 22:27 ` [PATCH v2 04/14] rust: sync: add `Arc::clone_from_raw` Andreas Hindborg
2024-09-18 18:19 ` Benno Lossin
2024-09-18 20:12 ` Gary Guo
2024-09-18 21:09 ` Benno Lossin
2024-09-19 6:00 ` Andreas Hindborg
2024-09-19 14:15 ` Benno Lossin
2024-09-20 8:25 ` Andreas Hindborg
2024-09-19 5:54 ` Andreas Hindborg [this message]
2024-09-19 6:19 ` Andreas Hindborg
2024-09-19 6:41 ` Alice Ryhl
2024-09-17 22:27 ` [PATCH v2 05/14] rust: hrtimer: implement `TimerPointer` for `Arc` Andreas Hindborg
2024-09-17 22:27 ` [PATCH v2 06/14] rust: hrtimer: allow timer restart from timer handler Andreas Hindborg
2024-09-20 14:25 ` kernel test robot
2024-09-17 22:27 ` [PATCH v2 07/14] rust: hrtimer: add `UnsafeTimerPointer` Andreas Hindborg
2024-09-17 22:27 ` [PATCH v2 08/14] rust: hrtimer: implement `UnsafeTimerPointer` for `Pin<&T>` Andreas Hindborg
2024-09-17 22:27 ` [PATCH v2 09/14] rust: hrtimer: implement `UnsafeTimerPointer` for `Pin<&mut T>` Andreas Hindborg
2024-09-17 22:27 ` [PATCH v2 10/14] rust: hrtimer: add `hrtimer::ScopedTimerPointer` Andreas Hindborg
2024-09-17 22:27 ` [PATCH v2 11/14] rust: hrtimer: allow specifying a distinct callback parameter Andreas Hindborg
2024-09-17 22:27 ` [PATCH v2 12/14] rust: hrtimer: implement `TimerPointer` for `Pin<Box<T>>` Andreas Hindborg
2024-09-17 22:27 ` [PATCH v2 13/14] rust: hrtimer: add `schedule_function` to schedule closures Andreas Hindborg
2024-09-17 22:27 ` [PATCH v2 14/14] rust: hrtimer: add maintainer entry Andreas Hindborg
2024-10-12 15:19 ` Boqun Feng
2024-09-30 9:36 ` [PATCH v2 00/14] hrtimer Rust API Anna-Maria Behnsen
2024-10-04 10:47 ` Andreas Hindborg
2024-10-01 12:37 ` Dirk Behme
2024-10-01 14:42 ` Boqun Feng
2024-10-03 8:14 ` Dirk Behme
2024-10-03 13:03 ` Boqun Feng
2024-10-03 16:18 ` Dirk Behme
2024-10-11 14:52 ` Andreas Hindborg
2024-10-11 15:43 ` Dirk Behme
2024-10-11 23:21 ` Boqun Feng
2024-10-12 5:19 ` Dirk Behme
2024-10-12 7:41 ` Boqun Feng
2024-10-12 7:50 ` Dirk Behme
2024-10-12 22:26 ` Boqun Feng
2024-10-13 17:39 ` Dirk Behme
2024-10-13 21:06 ` Boqun Feng
2024-10-14 6:58 ` Dirk Behme
2024-10-14 9:17 ` Andreas Hindborg
2024-10-14 9:38 ` Alice Ryhl
2024-10-14 11:53 ` Dirk Behme
2024-10-14 11:58 ` Alice Ryhl
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=874j6cjiip.fsf@kernel.org \
--to=a.hindborg@kernel.org \
--cc=alex.gaynor@gmail.com \
--cc=aliceryhl@google.com \
--cc=anna-maria@linutronix.de \
--cc=benno.lossin@proton.me \
--cc=bjorn3_gh@protonmail.com \
--cc=boqun.feng@gmail.com \
--cc=frederic@kernel.org \
--cc=gary@garyguo.net \
--cc=linux-kernel@vger.kernel.org \
--cc=ojeda@kernel.org \
--cc=rust-for-linux@vger.kernel.org \
--cc=tglx@linutronix.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.