Message-Id: <06C410F4-8534-43B4-8DE1-039F70B26E5A@collabora.com>
Date: Fri, 28 Nov 2025 14:50:21 -0300
From: Daniel Almeida <daniel.almeida@...labora.com>
To: Oliver Mangold <oliver.mangold@...me>
Cc: Miguel Ojeda <ojeda@...nel.org>,
 Alex Gaynor <alex.gaynor@...il.com>,
 Boqun Feng <boqun.feng@...il.com>,
 Gary Guo <gary@...yguo.net>,
 Björn Roy Baron <bjorn3_gh@...tonmail.com>,
 Andreas Hindborg <a.hindborg@...nel.org>,
 Alice Ryhl <aliceryhl@...gle.com>,
 Trevor Gross <tmgross@...ch.edu>,
 Benno Lossin <lossin@...nel.org>,
 Danilo Krummrich <dakr@...nel.org>,
 Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
 Dave Ertman <david.m.ertman@...el.com>,
 Ira Weiny <ira.weiny@...el.com>,
 Leon Romanovsky <leon@...nel.org>,
 "Rafael J. Wysocki" <rafael@...nel.org>,
 Maarten Lankhorst <maarten.lankhorst@...ux.intel.com>,
 Maxime Ripard <mripard@...nel.org>,
 Thomas Zimmermann <tzimmermann@...e.de>,
 David Airlie <airlied@...il.com>,
 Simona Vetter <simona@...ll.ch>,
 Alexander Viro <viro@...iv.linux.org.uk>,
 Christian Brauner <brauner@...nel.org>,
 Jan Kara <jack@...e.cz>,
 Lorenzo Stoakes <lorenzo.stoakes@...cle.com>,
 "Liam R. Howlett" <Liam.Howlett@...cle.com>,
 Viresh Kumar <vireshk@...nel.org>,
 Nishanth Menon <nm@...com>,
 Stephen Boyd <sboyd@...nel.org>,
 Bjorn Helgaas <bhelgaas@...gle.com>,
 Krzysztof Wilczyński <kwilczynski@...nel.org>,
 Paul Moore <paul@...l-moore.com>,
 Serge Hallyn <sergeh@...nel.org>,
 Asahi Lina <lina+kernel@...hilina.net>,
 rust-for-linux@...r.kernel.org,
 linux-kernel@...r.kernel.org,
 linux-block@...r.kernel.org,
 dri-devel@...ts.freedesktop.org,
 linux-fsdevel@...r.kernel.org,
 linux-mm@...ck.org,
 linux-pm@...r.kernel.org,
 linux-pci@...r.kernel.org,
 linux-security-module@...r.kernel.org
Subject: Re: [PATCH v13 3/4] rust: Add missing SAFETY documentation for `ARef`
 example



> On 17 Nov 2025, at 07:08, Oliver Mangold <oliver.mangold@...me> wrote:
> 
> SAFETY comment in rustdoc example was just 'TODO'. Fixed.
> 
> Signed-off-by: Oliver Mangold <oliver.mangold@...me>
> Co-developed-by: Andreas Hindborg <a.hindborg@...nel.org>
> Signed-off-by: Andreas Hindborg <a.hindborg@...nel.org>
> ---
> rust/kernel/sync/aref.rs | 10 ++++++----
> 1 file changed, 6 insertions(+), 4 deletions(-)
> 
> diff --git a/rust/kernel/sync/aref.rs b/rust/kernel/sync/aref.rs
> index 4226119d5ac9..937dcf6ed5de 100644
> --- a/rust/kernel/sync/aref.rs
> +++ b/rust/kernel/sync/aref.rs
> @@ -129,12 +129,14 @@ pub unsafe fn from_raw(ptr: NonNull<T>) -> Self {
>     /// # Examples
>     ///
>     /// ```
> -    /// use core::ptr::NonNull;
> -    /// use kernel::sync::aref::{ARef, RefCounted};
> +    /// # use core::ptr::NonNull;
> +    /// # use kernel::sync::aref::{ARef, RefCounted};
>     ///
>     /// struct Empty {}
>     ///
> -    /// # // SAFETY: TODO.
> +    /// // SAFETY: The `RefCounted` implementation for `Empty` does not count references and
> +    /// // never frees the underlying object. Thus we can act as having a refcount on the object

nit: perhaps saying “an increment on the refcount” is clearer?

> +    /// // that we pass to the newly created `ARef`.
>     /// unsafe impl RefCounted for Empty {
>     ///     fn inc_ref(&self) {}
>     ///     unsafe fn dec_ref(_obj: NonNull<Self>) {}
> @@ -142,7 +144,7 @@ pub unsafe fn from_raw(ptr: NonNull<T>) -> Self {
>     ///
>     /// let mut data = Empty {};
>     /// let ptr = NonNull::<Empty>::new(&mut data).unwrap();
> -    /// # // SAFETY: TODO.
> +    /// // SAFETY: We keep `data` around longer than the `ARef`.
>     /// let data_ref: ARef<Empty> = unsafe { ARef::from_raw(ptr) };
>     /// let raw_ptr: NonNull<Empty> = ARef::into_raw(data_ref);
>     ///
> 
> -- 
> 2.51.2
> 
> 
> 

Reviewed-by: Daniel Almeida <daniel.almeida@...labora.com>

Powered by blists - more mailing lists