Re: [PATCH v3 3/4] rust: devres: get rid of Devres' inner Arc

From: Benno Lossin
Date: Thu Jun 26 2025 - 09:09:44 EST

Next message: Aruna Ramakrishna: "[PATCH] sched: Change nr_uninterruptible type to unsigned long"
Previous message: Arun Raghavan: "[PATCH v4] ASoC: fsl_sai: Force a software reset when starting in consumer mode"
In reply to: Danilo Krummrich: "Re: [PATCH v3 3/4] rust: devres: get rid of Devres' inner Arc"
Next in thread: Benno Lossin: "Re: [PATCH v3 3/4] rust: devres: get rid of Devres' inner Arc"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu Jun 26, 2025 at 1:40 PM CEST, Danilo Krummrich wrote:
> On Thu, Jun 26, 2025 at 01:07:25PM +0200, Danilo Krummrich wrote:
>> On Thu, Jun 26, 2025 at 12:27:18PM +0200, Benno Lossin wrote:
>> > On Thu Jun 26, 2025 at 12:01 PM CEST, Danilo Krummrich wrote:
>> > > On Wed, Jun 25, 2025 at 09:13:24PM -0700, Boqun Feng wrote:
>> > >> On Tue, Jun 24, 2025 at 11:54:01PM +0200, Danilo Krummrich wrote:
>> > >> [...]
>> > >> > +#[pin_data(PinnedDrop)]
>> > >> > +pub struct Devres<T> {
>> > >>
>> > >> It makes me realize: I think we need to make `T` being `Send`? Because
>> > >> the devm callback can happen on a different thread other than
>> > >> `Devres::new()` and the callback may drop `T` because of revoke(), so we
>> > >> are essientially sending `T`. Alternatively we can make `Devres::new()`
>> > >> and its friend require `T` being `Send`.
>> > >>
>> > >> If it's true, we need a separate patch that "Fixes" this.
>> > >
>> > > Indeed, that needs a fix.
>> >
>> > Oh and we have no `'static` bound on `T` either... We should require
>> > that as well.
>>
>> I don't think we actually need that, The Devres instance can't out-live a &T
>> passed into it. And the &T can't out-live the &Device<Bound>, hence we're
>> guaranteed that devres_callback() is never called because Devres::drop() will be
>> able successfully unregister the callback given that we're still in the
>> &Device<Bound> scope.
>>
>> The only thing that could technically out-live the &Device<Bound> would be
>> &'static T, but that would obviously be fine.
>>
>> Do I miss anything?
>
> Thinking a bit more about it, a similar argumentation is true for not needing
> T: Send. The only way to leave the &Device<Bound> scope and hence the thread
> would be to stuff the Devres into a ForeignOwnable container, no?

I think `T: Send` is required, since we drop the `T` in the other thread
when `devres_callback` is called from the device unbinding.

> Analogous to Benno asking for ForeignOwnable: 'static, should we also require
> ForeignOwnable: Send + Sync?

I don't think so, you could have a type that stores the pointer in C,
but only ever allows access from the same thread.

> Alternatively, the safety requirements of ForeignOwnable:::from_foreign() and
> ForeignOwnable::borrow() would need to cover this, which they currently they
> are not.

Oh right, yeah they should cover that.

---
Cheers,
Benno

Next message: Aruna Ramakrishna: "[PATCH] sched: Change nr_uninterruptible type to unsigned long"
Previous message: Arun Raghavan: "[PATCH v4] ASoC: fsl_sai: Force a software reset when starting in consumer mode"
In reply to: Danilo Krummrich: "Re: [PATCH v3 3/4] rust: devres: get rid of Devres' inner Arc"
Next in thread: Benno Lossin: "Re: [PATCH v3 3/4] rust: devres: get rid of Devres' inner Arc"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]