From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 9AF3E1917C4; Thu, 8 Aug 2024 17:44:17 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1723139057; cv=none; b=uyrLfGGNLqr8sX9EfLXznvaG47REEn1Ij+WwTgbXyQmyhTe0dRpEMPQrNnAEE3vPYNpD5FZ4u+osy+cmMFx1UQx/f7ntkwgemBeTkcVyU0FaZYsXjFo8vfXXnQNKl251Gmb2znq+Ih1U8/u2FqcXIBAHOOn4e4eFm3+aP/+ykkc= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1723139057; c=relaxed/simple; bh=/IoibKIEN2iPANCmt6FqmNCj5fP9Lkngw7sQEkFdwh4=; h=Date:From:To:Cc:Subject:Message-ID:References:MIME-Version: Content-Type:Content-Disposition:In-Reply-To; b=Qr8biZc+mTz/w8Ip/18Av0i8/E8nPko2ekGifBmXxNGMPIZ2tZpMgtm697/RzeqYDbdei6gnzh4BAQmKRnZAf5P9IO0/QrDKVh/eBHjsFel7MtimxrELdeTJ80SRWZGG3XscIN87qPIgZwGWu09XZzWrrqscPTU1f3WWG/xRCbo= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=HgF7RJxj; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="HgF7RJxj" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 2DD12C32782; Thu, 8 Aug 2024 17:44:11 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1723139057; bh=/IoibKIEN2iPANCmt6FqmNCj5fP9Lkngw7sQEkFdwh4=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=HgF7RJxjk0vIZejK3wFDDxuzJKKJ2Wt7oyymYL/FEKHPutcjn0AGcacetSH6LZi9A 3RoPi6i5b/eNl/SLR7TMqo8K1qTwIlHt5nuHl1jEbDSd/AijcRosw+uzsRUHx4hXpd I8I+EUpqosQvN6dxu/Zh6i+CxwUNqTe0rSVs2axlJTAUl8873xLcroQzM8aiaqXz11 hAFQgISXZQg7FdoAuZ4X9sdxqg0JkT/rS9dGmyF5PlNvlmOFbeEaGvoHbRLMdlvXqX BAUmUQmRsUdITEwb/r1ns7lFKIm9aG7YfvHLB6M9OlTQgDnZVD/CaKf2LJhUKM1uqv qfgTC7z308BVQ== Date: Thu, 8 Aug 2024 19:44:09 +0200 From: Danilo Krummrich To: Benno Lossin Cc: ojeda@kernel.org, alex.gaynor@gmail.com, wedsonaf@gmail.com, boqun.feng@gmail.com, gary@garyguo.net, bjorn3_gh@protonmail.com, a.hindborg@samsung.com, aliceryhl@google.com, akpm@linux-foundation.org, daniel.almeida@collabora.com, faith.ekstrand@collabora.com, boris.brezillon@collabora.com, lina@asahilina.net, mcanal@igalia.com, zhiw@nvidia.com, acurrid@nvidia.com, cjia@nvidia.com, jhubbard@nvidia.com, airlied@redhat.com, ajanulgu@redhat.com, lyude@redhat.com, linux-kernel@vger.kernel.org, rust-for-linux@vger.kernel.org, linux-mm@kvack.org Subject: Re: [PATCH v4 09/28] rust: alloc: implement kernel `Box` Message-ID: References: <20240805152004.5039-1-dakr@kernel.org> <20240805152004.5039-10-dakr@kernel.org> <012f5a12-2408-4658-8318-55fa8d4285e1@proton.me> Precedence: bulk X-Mailing-List: rust-for-linux@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <012f5a12-2408-4658-8318-55fa8d4285e1@proton.me> On Wed, Aug 07, 2024 at 07:49:31AM +0000, Benno Lossin wrote: > >>> +impl Drop for Box > >>> +where > >>> + T: ?Sized, > >>> + A: Allocator, > >>> +{ > >>> + fn drop(&mut self) { > >>> + let ptr = self.0.as_ptr(); > >>> + > >>> + // SAFETY: `ptr` is always properly aligned, dereferenceable and points to an initialized > >>> + // instance of `T`. > >>> + let size = unsafe { core::mem::size_of_val(&*ptr) }; > >> > >> 1. `size_of_val` is not `unsafe`. > > > > Right, but dereferencing the `ptr` is unsafe. > > > >> 2. why not use `&*self` instead of using the raw pointer? (then move the > >> let binding below this line) > > > > If we ever support non-ZST `Allocator`s using `self` would not always evaluate > > to the correct size. I think evaluating the size of `T` rather than `Box` is > > the correct thing to do. > > I mean use `Box::deref` (that's what `&*self` should do), you don't need Actually, this must either be `size_of_val(&**self)` or `size_of_val::(self). `size_of_val(&*self)` should indeed resolve to `&Box`, right? > to repeat the same SAFETY comment when it already is wrapped by a safe > function. > > --- > Cheers, > Benno >