Re: [PATCH v9 8/8] task: rust: rework how current is accessed

From: Alice Ryhl
Date: Fri Nov 22 2024 - 13:48:38 EST

Next message: Sebastian Reichel: "Re: [PATCH v3 1/2] dt-bindings: phy: Add Rockchip MIPI CSI/DSI PHY schema"
Previous message: syzbot: "[syzbot] [fs?] WARNING in minix_unlink"
In reply to: Boqun Feng: "Re: [PATCH v9 8/8] task: rust: rework how current is accessed"
Next in thread: Boqun Feng: "Re: [PATCH v9 8/8] task: rust: rework how current is accessed"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, Nov 22, 2024 at 7:03 PM Boqun Feng <boqun.feng@xxxxxxxxx> wrote:
>
> On Fri, Nov 22, 2024 at 03:40:33PM +0000, Alice Ryhl wrote:
> > +/// Represents a [`Task`] obtained from the `current` global.
> > +///
> > +/// This type exists to provide more efficient operations that are only valid on the current task.
> > +/// For example, to retrieve the pid-namespace of a task, you must use rcu protection unless it is
> > +/// the current task.
> > +///
> > +/// # Invariants
> > +///
> > +/// Must be equal to `current` of some thread that is currently running somewhere.
> > +pub struct CurrentTask(Task);
> > +
>
> I think you need to make `CurrentTask` `!Sync`, right? Otherwise, other
> threads can access the shared reference of a `CurrentTask` and the ->mm
> field. I'm thinking if we have a scoped thread/workqueue support in the
> future:
>
> let task = current!();
> Workqueue::scoped(|s| {
> s.spawn(|| {
> let mm = task.mm();
> // do something with the mm
> });
> });

I don't think this is a problem? As long as a thread exists somewhere
with `current` being equal to the task, we should be fine?

> > +impl CurrentTask {
> > + /// Access the address space of this task.
> > + ///
> > + /// To increment the refcount of the referenced `mm`, you can use `ARef::from`.
> > + #[inline]
> > + pub fn mm(&self) -> Option<&MmWithUser> {
>
> Hmm... similar issue, `MmWithUser` is `Sync`.

What is the problem with that?

> > + let mm = unsafe { (*self.as_ptr()).mm };
> > +
> > + if mm.is_null() {
> > + None
> > + } else {
> > + // SAFETY: If `current->mm` is non-null, then it references a valid mm with a non-zero
> > + // value of `mm_users`. The returned `&MmWithUser` borrows from `CurrentTask`, so the
> > + // `&MmWithUser` cannot escape the current task, meaning `mm_users` can't reach zero
> > + // while the reference is still live.
>
> Regards,
> Boqun
>
> > + Some(unsafe { MmWithUser::from_raw(mm) })
> > + }
> > + }
> > +}
> > +
> > // SAFETY: The type invariants guarantee that `Task` is always refcounted.
> > unsafe impl crate::types::AlwaysRefCounted for Task {
> > fn inc_ref(&self) {
> >
> > --
> > 2.47.0.371.ga323438b13-goog
> >

Next message: Sebastian Reichel: "Re: [PATCH v3 1/2] dt-bindings: phy: Add Rockchip MIPI CSI/DSI PHY schema"
Previous message: syzbot: "[syzbot] [fs?] WARNING in minix_unlink"
In reply to: Boqun Feng: "Re: [PATCH v9 8/8] task: rust: rework how current is accessed"
Next in thread: Boqun Feng: "Re: [PATCH v9 8/8] task: rust: rework how current is accessed"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]