Re: [PATCH v3 05/13] rust: init: wrap type checking struct initializers in a closure
From: Gary Guo
Date: Wed Aug 02 2023 - 13:54:23 EST
On Sat, 29 Jul 2023 09:09:46 +0000
Benno Lossin <benno.lossin@xxxxxxxxx> wrote:
> In the implementation of the init macros there is a `if false` statement
> that type checks the initializer to ensure every field is initialized.
> Since the next patch has a stack variable to store the struct, the
> function might allocate too much memory on debug builds. Putting the
> struct into a closure that is never executed ensures that even in debug
> builds no stack overflow error is caused. In release builds this was not
> a problem since the code was optimized away due to the `if false`.
>
> Reviewed-by: Martin Rodriguez Reboredo <yakoyoku@xxxxxxxxx>
> Reviewed-by: Alice Ryhl <aliceryhl@xxxxxxxxxx>
> Signed-off-by: Benno Lossin <benno.lossin@xxxxxxxxx>
Reviewed-by: Gary Guo <gary@xxxxxxxxxxx>
> ---
> v2 -> v3:
> - added Reviewed-by's from Martin and Alice.
>
> v1 -> v2:
> - do not call the created closure.
>
> rust/kernel/init/macros.rs | 8 ++++----
> 1 file changed, 4 insertions(+), 4 deletions(-)
>
> diff --git a/rust/kernel/init/macros.rs b/rust/kernel/init/macros.rs
> index 454f31b8c614..2bad086cda0a 100644
> --- a/rust/kernel/init/macros.rs
> +++ b/rust/kernel/init/macros.rs
> @@ -1040,14 +1040,14 @@ macro_rules! __init_internal {
> // once, this struct initializer will still be type-checked and complain with a
> // very natural error message if a field is forgotten/mentioned more than once.
> #[allow(unreachable_code, clippy::diverging_sub_expression)]
> - if false {
> + let _ = || {
> $crate::__init_internal!(make_initializer:
> @slot(slot),
> @type_name($t),
> @munch_fields($($fields)*,),
> @acc(),
> );
> - }
> + };
> }
> Ok(__InitOk)
> }
> @@ -1168,8 +1168,8 @@ macro_rules! __init_internal {
> @acc($($acc:tt)*),
> ) => {
> // Endpoint, nothing more to munch, create the initializer.
> - // Since we are in the `if false` branch, this will never get executed. We abuse `slot` to
> - // get the correct type inference here:
> + // Since we are in the closure that is never called, this will never get executed.
> + // We abuse `slot` to get the correct type inference here:
> unsafe {
> ::core::ptr::write($slot, $t {
> $($acc)*