Make pinned-init usable with 1.82.0+#24
Conversation
|
do you mind rebasing this one on top of main? thanks! |
BennoLossin
left a comment
BennoLossin
left a comment
There was a problem hiding this comment.
If I only enable the arc feature (with default-features = false), then it doesn't compile, this should fix it.
bonzini
force-pushed
the
stable
branch
8 times, most recently
from
60eb861 to
0b1558a
Compare
bonzini
force-pushed
the
stable
branch
4 times, most recently
from
bfe482d to
bc78bd2
Compare
Thinking more about it, after the introduction of InPlaceWrite you actually need to check that you're not writing to a shared Arc. Thus |
|
You're correct. But having the function panic is not a good idea, since panics in the kernel are not an option. In that case, it probably makes more sense to just not implement |
As you prefer! The choice is:
It's not strictly necessary. There are cases in which get_mut_unchecked is useful even with refcount > 1, but pinned_init is only concerned with the case of refcount == 1 because it provides a safe API. So using get_mut_unchecked is only a small optimization. Again there are multiple choices:
In both cases, just tell me which of the possibilities you prefer and I'll implement it. :) |
I think we should remove the
Oh I have an idea, we can just use match Arc::get_mut(...) {
Ok(...) => ...
Err(...) => unsafe { hint::unreachable_unchecked() },
}That way we have the performance and don't rely on an unstable feature. |
I mean that future backports may have to account for the Arc implementation being in |
BennoLossin
left a comment
BennoLossin
left a comment
There was a problem hiding this comment.
some minor things, but otherwise looks pretty good.
bonzini
force-pushed
the
stable
branch
2 times, most recently
from
87f96df to
0251607
Compare
BennoLossin
left a comment
BennoLossin
left a comment
There was a problem hiding this comment.
I sadly can't comment on commit messages, in the first commit 876f228 ("lib: revert InPlaceWrite implementation for Arc<MaybeUninit<T>>") I would prefer if you put Suggested-by: Benno Lossin <benno.lossin@proton.me>, for kernel tags, I use that. Thanks!
Same of course for the next one.
1919cf5 ("lib: make "std" independent of allocator_api") also needs its commit message updated, it still references the get_mut_unchecked feature.
The kernel version of pinned_init implemented InPlaceWrite on UniqueArc, not Arc. This ensures that InPlaceWrite is not writing to a shared Arc. Userspace does not have this facility and therefore cannot lift the kernel implementation of InPlaceWrite directly into Arc<>. One possibility would be to use Arc::get_mut(), though this would introduce a panic in the case where the Arc is shared. So just revert part of commit 6841b61 ("rust: init: add `write_[pin_]init` functions", 2024-11-22). Suggested-by: Benno Lossin <benno.lossin@proton.me> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Instead of using an unstable feature use unreachable_unchecked() to enable optimization. Suggested-by: Benno Lossin <benno.lossin@proton.me> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
The only dependency of the InPlaceInit trait on the allocator API is the AllocError type. Replace it with Infallible instead, i.e. allow any error as long as it has an "impl From<Infallible> for MyError" - which can have a trivial implementation as seen in examples/rror.rs. While admittedly of limited usefulness due to orphan rules, this is a first step towards allowing usage of pinned_init entirely without the allocator API, and therefore on stable Rust. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Memory allocation (i.e. the Box and Arc) can be present even without the allocator_api. Allow feature = "std" when the code is simply checking for the existence of Box and Arc, and the allocator API is not used. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
When compiling without allocator_api, assume that allocations cannot fail. This way, nightly Rust features are not absolutely needed for pinned_init, and it can be used with stable Rust; right now the minimum supported Rust version is 1.82.0, where the new_uninit version was stabilized. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
|
thanks again for all the help! |
2 participants
This pull request, on top of #23, makes it possible to use
pinned_initwith stable Rust. In particular:new_uninithas been stabilized (and anyway in the end it was just a glorified Box::<MaybeUninit>::new())allocator_apiis needed to have fallible allocation, but not if you just replacecore::alloc::AllocErrorwithcore::convert::Infallibleget_mut_uncheckedis not needed, because after the introduction ofInPlaceWriteyou actually need to check that you're not writing to a sharedArc—thusArc::get_mutis the right associated function to use.The main work is to isolate a little bit more the pieces of code that refer to
feature(allocator_api).Successful CI run at bonzini#2.
Diff on top of #23 here.