Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

add statx operation #41

Merged
merged 13 commits into from
Feb 8, 2024
Merged

add statx operation #41

merged 13 commits into from
Feb 8, 2024

Conversation

problame
Copy link
Collaborator

@problame problame commented Feb 7, 2024

No description provided.

@problame problame mentioned this pull request Feb 7, 2024
@problame problame changed the title add statx operation add statx operation Feb 7, 2024
@problame problame requested review from koivunej and arpad-m February 7, 2024 10:21
Comment on lines 30 to 31
let leaked = Box::leak(inner);
*self = Self::Submitting(leaked as *mut _);
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Box::into_raw exists as well, would give you the mut directly. Had not considered Box::leak could be used for this. I wonder if we could run miri on this codebase.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
let leaked = Box::leak(inner);
*self = Self::Submitting(leaked as *mut _);
*self = Self::Submitting(Box::into_raw(inner));

However, the &mut existence at the same time is probably not an issue.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

miri

miri cannot talk to the OS sadly, as it runs in a VM. There is cargo-careful but it only does a fraction of what miri does (just enables some assertions in std instead of executing all code in a VM).

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

However, the &mut existence at the same time is probably not an issue.

👍 .&mut exists at the same time as *mut does. There is no problem with that, the problem is only with &mut T vs &T and &mut T vs &mut T. The &mut T goes out of scope later on, so from what I can tell it's safe. It's definitely not beautiful though, Box::into_raw is better.

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Comment on lines 186 to 189
let buf: Box<uring_common::libc::statx> = Box::new(
// TODO replace with Box<MaybeUninit>, https://github.com/rust-lang/rust/issues/63291
// SAFETY: we only use the memory if the fstat succeeds, should be using MaybeUninit here.
unsafe { std::mem::zeroed() },
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Note the API which is unstable is Box::uninit, this is stable:

Suggested change
let buf: Box<uring_common::libc::statx> = Box::new(
// TODO replace with Box<MaybeUninit>, https://github.com/rust-lang/rust/issues/63291
// SAFETY: we only use the memory if the fstat succeeds, should be using MaybeUninit here.
unsafe { std::mem::zeroed() },
let buf: Box<MaybeUninit<uring_common::libc::statx>> = Box::new(
MaybeUninit::uninit()

But without Box::assume_init this would require extra wrestling.

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

extra wrestling

= keeping track of the MaybeUninit vs T state in the SubmittingBox.

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Base automatically changed from problame/fsync to main February 8, 2024 08:38
unsafe {
// It seems weird that current rust 1.75 Box::assume_init doesn't do the assert_inhabited
// that the regular MaybeUninit::assume_init does. Out of precaution, do that here.
statxbuf.assume_init_ref();
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'll approve the PR right away, but this assume_init_ref call here was my idea. It might be that the compiler is now inserting these automatically whenever * (const|mut) MaybeInit<T> is cast to * (const|mut) T but as noted, the Box::assume_init right now does only have the cast.

I do think this cannot hurt, and this assuming init is what we are actually aiming to do here.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Meant to tag @arpad-m in the above 🤦.

@problame problame merged commit 510d1d1 into main Feb 8, 2024
3 checks passed
@problame problame deleted the problame/statx branch February 8, 2024 10:41
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants