From: Andreas Hindborg <a.hindborg@kernel.org>
To: "Benno Lossin" <benno.lossin@proton.me>
Cc: "Miguel Ojeda" <ojeda@kernel.org>,
"Anna-Maria Behnsen" <anna-maria@linutronix.de>,
"Frederic Weisbecker" <frederic@kernel.org>,
"Thomas Gleixner" <tglx@linutronix.de>,
"Danilo Krummrich" <dakr@kernel.org>,
"Alex Gaynor" <alex.gaynor@gmail.com>,
"Boqun Feng" <boqun.feng@gmail.com>,
"Gary Guo" <gary@garyguo.net>,
"Björn Roy Baron" <bjorn3_gh@protonmail.com>,
"Alice Ryhl" <aliceryhl@google.com>,
"Trevor Gross" <tmgross@umich.edu>,
"Lyude Paul" <lyude@redhat.com>,
"Guangbo Cui" <2407018371@qq.com>,
"Dirk Behme" <dirk.behme@gmail.com>,
"Daniel Almeida" <daniel.almeida@collabora.com>,
"Tamir Duberstein" <tamird@gmail.com>,
"Markus Elfring" <Markus.Elfring@web.de>,
rust-for-linux@vger.kernel.org, linux-kernel@vger.kernel.org
Subject: Re: [PATCH v10 03/13] rust: hrtimer: implement `HrTimerPointer` for `Arc`
Date: Fri, 07 Mar 2025 14:27:28 +0100 [thread overview]
Message-ID: <87senp3r9b.fsf@kernel.org> (raw)
In-Reply-To: <D8A1Z043VPGR.2OBGSBH1ALUL6@proton.me> (Benno Lossin's message of "Fri, 07 Mar 2025 13:03:06 +0000")
"Benno Lossin" <benno.lossin@proton.me> writes:
> On Fri Mar 7, 2025 at 11:11 AM CET, Andreas Hindborg wrote:
>> +impl<T> HrTimerPointer for Arc<T>
>> +where
>> + T: 'static,
>> + T: Send + Sync,
>> + T: HasHrTimer<T>,
>> + T: for<'a> HrTimerCallback<Pointer<'a> = Self>,
>> + Arc<T>: for<'a> RawHrTimerCallback<CallbackTarget<'a> = ArcBorrow<'a, T>>,
>
> I don't understand why you need this bound here.
This impl is applicable only when `Arc<T> has an implementation of
`RawTimerCallback` where CallbackTarget<'a> = ArcBorrow<'a, T>. I don't
want the impl to be available if that is not the case.
It's just an additional check.
>
>> +{
>> + type TimerHandle = ArcHrTimerHandle<T>;
>> +
>> + fn start(self, expires: Ktime) -> ArcHrTimerHandle<T> {
>> + // SAFETY:
>> + // - We keep `self` alive by wrapping it in a handle below.
>> + // - Since we generate the pointer passed to `start` from a valid
>> + // reference, it is a valid pointer.
>> + unsafe { T::start(Arc::as_ptr(&self), expires) };
>> + ArcHrTimerHandle { inner: self }
>> + }
>> +}
>> +
>> +impl<T> RawHrTimerCallback for Arc<T>
>> +where
>> + T: 'static,
>> + T: HasHrTimer<T>,
>> + T: for<'a> HrTimerCallback<Pointer<'a> = Self>,
>> +{
>> + type CallbackTarget<'a> = ArcBorrow<'a, T>;
>> +
>> + unsafe extern "C" fn run(ptr: *mut bindings::hrtimer) -> bindings::hrtimer_restart {
>> + // `HrTimer` is `repr(C)`
>> + let timer_ptr = ptr.cast::<super::HrTimer<T>>();
>> +
>> + // SAFETY: By C API contract `ptr` is the pointer we passed when
>> + // queuing the timer, so it is a `HrTimer<T>` embedded in a `T`.
>> + let data_ptr = unsafe { T::timer_container_of(timer_ptr) };
>> +
>> + // SAFETY: `data_ptr` points to the `T` that was used to queue the
>> + // timer. This `T` is contained in an `Arc`.
>
> You're not justifying all safety requirements of `ArcBorrow::from_raw`.
How is this:
// SAFETY:
// - `data_ptr` is derived form the pointer to the `T` that was used to
// queue the timer.
// - The `ArcTimerHandle` associated with this timer is guaranteed to
// be alive for the duration of the lifetime of `receiver`, so the
// refcount of the underlying `Arc` is guaranteed to be nonzero for
// the duration.
// - We own one refcount in the `ArcTimerHandle` associted with this
// timer, so it is not possible to get a `UniqueArc` to this
// allocation from other `Arc` clones.
Best regards,
Andreas Hindborg
next prev parent reply other threads:[~2025-03-07 13:27 UTC|newest]
Thread overview: 42+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-03-07 10:11 [PATCH v10 00/13] hrtimer Rust API Andreas Hindborg
2025-03-07 10:11 ` [PATCH v10 01/13] rust: hrtimer: introduce hrtimer support Andreas Hindborg
2025-03-07 12:43 ` Benno Lossin
2025-03-07 13:10 ` Andreas Hindborg
2025-03-07 13:46 ` Benno Lossin
2025-03-07 14:17 ` Andreas Hindborg
2025-03-07 10:11 ` [PATCH v10 02/13] rust: sync: add `Arc::as_ptr` Andreas Hindborg
2025-03-07 10:11 ` [PATCH v10 03/13] rust: hrtimer: implement `HrTimerPointer` for `Arc` Andreas Hindborg
2025-03-07 13:03 ` Benno Lossin
2025-03-07 13:27 ` Andreas Hindborg [this message]
2025-03-07 13:36 ` Benno Lossin
2025-03-07 14:16 ` Andreas Hindborg
2025-03-07 14:24 ` Benno Lossin
2025-03-07 10:11 ` [PATCH v10 04/13] rust: hrtimer: allow timer restart from timer handler Andreas Hindborg
2025-03-07 13:03 ` Benno Lossin
2025-03-07 10:11 ` [PATCH v10 05/13] rust: hrtimer: add `UnsafeHrTimerPointer` Andreas Hindborg
2025-03-07 10:11 ` [PATCH v10 06/13] rust: hrtimer: add `hrtimer::ScopedHrTimerPointer` Andreas Hindborg
2025-03-07 10:11 ` [PATCH v10 07/13] rust: hrtimer: implement `UnsafeHrTimerPointer` for `Pin<&T>` Andreas Hindborg
2025-03-07 13:12 ` Benno Lossin
2025-03-07 13:37 ` Andreas Hindborg
2025-03-07 13:51 ` Benno Lossin
2025-03-07 14:21 ` Andreas Hindborg
2025-03-07 14:25 ` Benno Lossin
2025-03-07 10:11 ` [PATCH v10 08/13] rust: hrtimer: implement `UnsafeHrTimerPointer` for `Pin<&mut T>` Andreas Hindborg
2025-03-07 13:15 ` Benno Lossin
2025-03-07 13:41 ` Andreas Hindborg
2025-03-07 13:49 ` Benno Lossin
2025-03-07 14:20 ` Andreas Hindborg
2025-03-07 10:11 ` [PATCH v10 09/13] rust: alloc: add `Box::into_pin` Andreas Hindborg
2025-03-07 10:11 ` [PATCH v10 10/13] rust: hrtimer: implement `HrTimerPointer` for `Pin<Box<T>>` Andreas Hindborg
2025-03-07 13:21 ` Benno Lossin
2025-03-07 14:01 ` Andreas Hindborg
2025-03-07 14:29 ` Benno Lossin
2025-03-07 15:33 ` Andreas Hindborg
2025-03-07 10:11 ` [PATCH v10 11/13] rust: hrtimer: add `HrTimerMode` Andreas Hindborg
2025-03-07 13:22 ` Benno Lossin
2025-03-07 10:11 ` [PATCH v10 12/13] rust: hrtimer: add clocksource selection through `ClockId` Andreas Hindborg
2025-03-07 13:23 ` Benno Lossin
2025-03-07 10:11 ` [PATCH v10 13/13] rust: hrtimer: add maintainer entry Andreas Hindborg
2025-03-07 13:28 ` Benno Lossin
2025-03-07 14:10 ` Andreas Hindborg
2025-03-07 14:14 ` Benno Lossin
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87senp3r9b.fsf@kernel.org \
--to=a.hindborg@kernel.org \
--cc=2407018371@qq.com \
--cc=Markus.Elfring@web.de \
--cc=alex.gaynor@gmail.com \
--cc=aliceryhl@google.com \
--cc=anna-maria@linutronix.de \
--cc=benno.lossin@proton.me \
--cc=bjorn3_gh@protonmail.com \
--cc=boqun.feng@gmail.com \
--cc=dakr@kernel.org \
--cc=daniel.almeida@collabora.com \
--cc=dirk.behme@gmail.com \
--cc=frederic@kernel.org \
--cc=gary@garyguo.net \
--cc=linux-kernel@vger.kernel.org \
--cc=lyude@redhat.com \
--cc=ojeda@kernel.org \
--cc=rust-for-linux@vger.kernel.org \
--cc=tamird@gmail.com \
--cc=tglx@linutronix.de \
--cc=tmgross@umich.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.