Re: [PATCH v1 5/7] rust: workqueue: add helper for defining work_struct fields
From: Alice Ryhl
Date: Wed May 31 2023 - 05:00:43 EST
Andreas Hindborg <nmi@xxxxxxxxxxxx> writes:
> Alice Ryhl <aliceryhl@xxxxxxxxxx> writes:
>> +/// Used to safely implement the [`HasWork<T>`] trait.
>> +///
>> +/// # Examples
>> +///
>> +/// ```
>> +/// use kernel::sync::Arc;
>> +///
>> +/// struct MyStruct {
>> +/// work_field: Work<Arc<MyStruct>>,
>> +/// }
>> +///
>> +/// impl_has_work! {
>> +/// impl HasWork<Arc<MyStruct>> for MyStruct { self.work_field }
>> +/// }
>> +/// ```
>> +///
>> +/// [`HasWork<T>`]: HasWork
>> +#[macro_export]
>> +macro_rules! impl_has_work {
>> + ($(impl$(<$($implarg:ident),*>)?
>> + HasWork<$work_type:ty>
>> + for $self:ident $(<$($selfarg:ident),*>)?
>> + { self.$field:ident }
>> + )*) => {$(
>> + // SAFETY: The implementation of `raw_get_work` only compiles if the field has the right
>> + // type.
>> + unsafe impl$(<$($implarg),*>)? $crate::workqueue::HasWork<$work_type> for $self $(<$($selfarg),*>)? {
>> + const OFFSET: usize = $crate::offset_of!(Self, $field) as usize;
>> +
>> + #[inline]
>> + unsafe fn raw_get_work(ptr: *mut Self) -> *mut $crate::workqueue::Work<$work_type> {
>> + // SAFETY: The caller promises that the pointer is not dangling.
>> + unsafe {
>> + ::core::ptr::addr_of_mut!((*ptr).$field)
>> + }
>> + }
>
> What is the reason for overriding the default implementation of `raw_get_work()`?
>
> BR Andreas
That's how the macro checks that the field actually has the type you
claim it has. If you lie about the type, then `raw_get_work` will not
compile. (See the safety comment on the impl block.)
Alice