[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <20231030.075852.213658405543618455.fujita.tomonori@gmail.com>
Date: Mon, 30 Oct 2023 07:58:52 +0900 (JST)
From: FUJITA Tomonori <fujita.tomonori@...il.com>
To: benno.lossin@...ton.me, boqun.feng@...il.com
Cc: fujita.tomonori@...il.com, andrew@...n.ch, netdev@...r.kernel.org,
rust-for-linux@...r.kernel.org, tmgross@...ch.edu,
miguel.ojeda.sandonis@...il.com, wedsonaf@...il.com
Subject: Re: [PATCH net-next v7 1/5] rust: core abstractions for network
PHY drivers
On Sun, 29 Oct 2023 09:48:41 -0700
Boqun Feng <boqun.feng@...il.com> wrote:
> On Sun, Oct 29, 2023 at 01:21:12PM +0900, FUJITA Tomonori wrote:
> [...]
>>
>> The current code is fine from Rust perspective because the current
>> code copies phy_driver on stack and makes a reference to the copy, if
>> I undertand correctly.
>>
>
> I had the same thought Benno brought the issue on `&`, but unfortunately
> it's not true ;-) In the following code:
>
> let phydev = unsafe { *self.0.get() };
>
> , semantically the *whole* `bindings::phy_device` is being read, so if
> there is any modification (i.e. write) that may happen in the meanwhile,
> it's data race, and data races are UB (even in C).
Benno said so? I'm not sure about the logic (whole v.s. partial). Even
if you read partially, the part might be modified by the C side during
reading.
For me, the issue is that creating &T for an object that might be
modified.
Powered by blists - more mailing lists