Re: [PATCH] rust: init: change the generated name of guard variables

From: Boqun Feng
Date: Wed Apr 03 2024 - 17:21:42 EST

Next message: David Hildenbrand: "[PATCH v2 0/3] x86/mm/pat: fix VM_PAT handling in COW mappings"
Previous message: Kees Cook: "Re: [PATCH v3 00/15] Add support for suppressing warning backtraces"
In reply to: Benno Lossin: "[PATCH] rust: init: change the generated name of guard variables"
Next in thread: Benno Lossin: "Re: [PATCH] rust: init: change the generated name of guard variables"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, Apr 03, 2024 at 07:43:37PM +0000, Benno Lossin wrote:
> The initializers created by the `[try_][pin_]init!` macros utilize the
> guard pattern to drop already initialized fields, when initialization
> fails mid-way. These guards are generated to have the same name as the
> field that they handle. To prevent namespacing issues when the field

Do you have an example of this kind of issues?

Regards,
Boqun

> name is the same as e.g. a constant name, add `__` as a prefix and
> `_guard` as the suffix.
>
> Signed-off-by: Benno Lossin <benno.lossin@xxxxxxxxx>
> ---
> rust/kernel/init/macros.rs | 28 ++++++++++++++--------------
> 1 file changed, 14 insertions(+), 14 deletions(-)
>
> diff --git a/rust/kernel/init/macros.rs b/rust/kernel/init/macros.rs
> index cb6e61b6c50b..93bf4c3080f9 100644
> --- a/rust/kernel/init/macros.rs
> +++ b/rust/kernel/init/macros.rs
> @@ -250,7 +250,7 @@
> //! // error type is `Infallible`) we will need to drop this field if there
> //! // is an error later. This `DropGuard` will drop the field when it gets
> //! // dropped and has not yet been forgotten.
> -//! let t = unsafe {
> +//! let __t_guard = unsafe {
> //! ::pinned_init::__internal::DropGuard::new(::core::addr_of_mut!((*slot).t))
> //! };
> //! // Expansion of `x: 0,`:
> @@ -261,14 +261,14 @@
> //! unsafe { ::core::ptr::write(::core::addr_of_mut!((*slot).x), x) };
> //! }
> //! // We again create a `DropGuard`.
> -//! let x = unsafe {
> +//! let __x_guard = unsafe {
> //! ::kernel::init::__internal::DropGuard::new(::core::addr_of_mut!((*slot).x))
> //! };
> //! // Since initialization has successfully completed, we can now forget
> //! // the guards. This is not `mem::forget`, since we only have
> //! // `&DropGuard`.
> -//! ::core::mem::forget(x);
> -//! ::core::mem::forget(t);
> +//! ::core::mem::forget(__x_guard);
> +//! ::core::mem::forget(__t_guard);
> //! // Here we use the type checker to ensure that every field has been
> //! // initialized exactly once, since this is `if false` it will never get
> //! // executed, but still type-checked.
> @@ -461,16 +461,16 @@
> //! {
> //! unsafe { ::core::ptr::write(::core::addr_of_mut!((*slot).a), a) };
> //! }
> -//! let a = unsafe {
> +//! let __a_guard = unsafe {
> //! ::kernel::init::__internal::DropGuard::new(::core::addr_of_mut!((*slot).a))
> //! };
> //! let init = Bar::new(36);
> //! unsafe { data.b(::core::addr_of_mut!((*slot).b), b)? };
> -//! let b = unsafe {
> +//! let __b_guard = unsafe {
> //! ::kernel::init::__internal::DropGuard::new(::core::addr_of_mut!((*slot).b))
> //! };
> -//! ::core::mem::forget(b);
> -//! ::core::mem::forget(a);
> +//! ::core::mem::forget(__b_guard);
> +//! ::core::mem::forget(__a_guard);
> //! #[allow(unreachable_code, clippy::diverging_sub_expression)]
> //! let _ = || {
> //! unsafe {
> @@ -1192,14 +1192,14 @@ fn assert_zeroable<T: $crate::init::Zeroable>(_: *mut T) {}
> // We use `paste!` to create new hygiene for `$field`.
> ::kernel::macros::paste! {
> // SAFETY: We forget the guard later when initialization has succeeded.
> - let [<$field>] = unsafe {
> + let [< __ $field _guard >] = unsafe {
> $crate::init::__internal::DropGuard::new(::core::ptr::addr_of_mut!((*$slot).$field))
> };
>
> $crate::__init_internal!(init_slot($use_data):
> @data($data),
> @slot($slot),
> - @guards([<$field>], $($guards,)*),
> + @guards([< __ $field _guard >], $($guards,)*),
> @munch_fields($($rest)*),
> );
> }
> @@ -1223,14 +1223,14 @@ fn assert_zeroable<T: $crate::init::Zeroable>(_: *mut T) {}
> // We use `paste!` to create new hygiene for `$field`.
> ::kernel::macros::paste! {
> // SAFETY: We forget the guard later when initialization has succeeded.
> - let [<$field>] = unsafe {
> + let [< __ $field _guard >] = unsafe {
> $crate::init::__internal::DropGuard::new(::core::ptr::addr_of_mut!((*$slot).$field))
> };
>
> $crate::__init_internal!(init_slot():
> @data($data),
> @slot($slot),
> - @guards([<$field>], $($guards,)*),
> + @guards([< __ $field _guard >], $($guards,)*),
> @munch_fields($($rest)*),
> );
> }
> @@ -1255,14 +1255,14 @@ fn assert_zeroable<T: $crate::init::Zeroable>(_: *mut T) {}
> // We use `paste!` to create new hygiene for `$field`.
> ::kernel::macros::paste! {
> // SAFETY: We forget the guard later when initialization has succeeded.
> - let [<$field>] = unsafe {
> + let [< __ $field _guard >] = unsafe {
> $crate::init::__internal::DropGuard::new(::core::ptr::addr_of_mut!((*$slot).$field))
> };
>
> $crate::__init_internal!(init_slot($($use_data)?):
> @data($data),
> @slot($slot),
> - @guards([<$field>], $($guards,)*),
> + @guards([< __ $field _guard >], $($guards,)*),
> @munch_fields($($rest)*),
> );
> }
>
> base-commit: 9ffe2a730313f27cebd0859ea856247ac59c576c
> --
> 2.44.0
>
>
>

Next message: David Hildenbrand: "[PATCH v2 0/3] x86/mm/pat: fix VM_PAT handling in COW mappings"
Previous message: Kees Cook: "Re: [PATCH v3 00/15] Add support for suppressing warning backtraces"
In reply to: Benno Lossin: "[PATCH] rust: init: change the generated name of guard variables"
Next in thread: Benno Lossin: "Re: [PATCH] rust: init: change the generated name of guard variables"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]