Received: by 2002:a05:6358:11c7:b0:104:8066:f915 with SMTP id i7csp4885433rwl; Mon, 3 Apr 2023 11:00:04 -0700 (PDT) X-Google-Smtp-Source: AKy350YfX1qDC5Sri7EU3GtZ07ib6a3vfuVcfUGdCVdtWI9sjcZLFPEqXCwcVCEpSvQ/U/xIUwh6 X-Received: by 2002:aa7:cb45:0:b0:4fa:fcee:1727 with SMTP id w5-20020aa7cb45000000b004fafcee1727mr94855edt.13.1680544804060; Mon, 03 Apr 2023 11:00:04 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1680544804; cv=none; d=google.com; s=arc-20160816; b=bY8z027HlscxauSGxHacBnMAJ9x9v7oYWDVbjlMPlfFXerq8lV8mtkZjkYbMCnLnQs 3Irjl7JbuKmcFVgv27hsoub3xG8RAQRyntLi4dbEm26yMVLaifHpch2SZ0mmtZskoFue HGyRxe9+PrMztvhW45Xk5L/lVLYxAFM67JCpSyMT9AgfsWYjCHRaQdwMkpMMup3JJXce 0NtXD5Ie6QkFt/ISWcChmDALaYqNCopPW/d/kUYOMGvjytow7FBMArUzRL1tmISZSP0v Z33QoUh8WpsmSlil179N9YZ6SQxwTt+IYPzzi7FxZ4reBiAVE5ZiNw3NfPOD+dHPsTDe Ta4w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:in-reply-to :content-language:references:cc:to:subject:from:user-agent :mime-version:date:message-id:feedback-id:dkim-signature :dkim-signature; bh=VcOAbiou2sds8XmkBJZfmWlB/w58JiopJQlNifYn9ps=; b=mDKwm1bZemwpVzlHuzJx/o5U2pI5KLkdGXGAhJ6HsHcDsrhu9aD0D/9on+jgdmoquP a1VxJzVau0O9JEInFAkPpYEJ0ngh5OxRno11BQ3yH/085aLF6/BAnI8Cs+XpyUNdmiP7 MzMsTyJwjXVb0FIqxG0fN2rEuo1BGr+X+cimxDfij0UZVoKLq+xIOB191evYDss8WZ0N ij5jVS+upKhzb41fVnHeiAQRxTY3jFyvGJGb6mSLQp35Z01RbSqj6tG5ByEXZ4nmcxPh MUukB2U0b35SCS/BhY/JVBQn6mkV4Zxtcr/HD0g1yF+jVQYq9VH+dT2jM+Ja+XDz5Db7 uMbA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@ryhl.io header.s=fm2 header.b="XEf/WjSF"; dkim=pass header.i=@messagingengine.com header.s=fm2 header.b=tTDekSXh; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=ryhl.io Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id v1-20020a056402184100b004fd26753f3esi5964522edy.129.2023.04.03.10.59.39; Mon, 03 Apr 2023 11:00:04 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@ryhl.io header.s=fm2 header.b="XEf/WjSF"; dkim=pass header.i=@messagingengine.com header.s=fm2 header.b=tTDekSXh; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=ryhl.io Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232967AbjDCR57 (ORCPT + 99 others); Mon, 3 Apr 2023 13:57:59 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:47770 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232994AbjDCR5n (ORCPT ); Mon, 3 Apr 2023 13:57:43 -0400 Received: from out5-smtp.messagingengine.com (out5-smtp.messagingengine.com [66.111.4.29]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 69FA53ABF; Mon, 3 Apr 2023 10:57:21 -0700 (PDT) Received: from compute5.internal (compute5.nyi.internal [10.202.2.45]) by mailout.nyi.internal (Postfix) with ESMTP id C036D5C00FB; Mon, 3 Apr 2023 13:57:18 -0400 (EDT) Received: from mailfrontend2 ([10.202.2.163]) by compute5.internal (MEProxy); Mon, 03 Apr 2023 13:57:18 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ryhl.io; h=cc:cc :content-transfer-encoding:content-type:content-type:date:date :from:from:in-reply-to:in-reply-to:message-id:mime-version :references:reply-to:sender:subject:subject:to:to; s=fm2; t= 1680544638; x=1680631038; bh=VcOAbiou2sds8XmkBJZfmWlB/w58JiopJQl NifYn9ps=; b=XEf/WjSFOIGtGKSpCahHgDurfBBBmzz9FNvnKqucIKCtv627Tm0 3fwImD/CpJtnEhK2kCTrEuOILwnjETklimXV11W9OuXworh6uGaA5z28BuQ9pEpO 8frcRm6oBi/lTVrCzPXsXs/tcEZneI+KHIenl1RD0zKbL0cOwkJ1nwqIr6jQTmbs Po26Ot19oWY7aJOnT89tqyMUbtqJxlmEPcI0mthvJWydHc7zkgHZ+I+NPY5SbnSq aVd7YkNb9RnQAOrwQ7gQuqAIS3dAyRxxwmh0wwnNJREm/6Z/8l7KioTGOWhNa2T+ XIg2EWFcbQiQk2okWAVhvDllbwSu32GAgmA== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-transfer-encoding :content-type:content-type:date:date:feedback-id:feedback-id :from:from:in-reply-to:in-reply-to:message-id:mime-version :references:reply-to:sender:subject:subject:to:to:x-me-proxy :x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s=fm2; t= 1680544638; x=1680631038; bh=VcOAbiou2sds8XmkBJZfmWlB/w58JiopJQl NifYn9ps=; b=tTDekSXhNaLBgN09YhgbTEAGEaaKJt8IYGu/M1GG4xEwttZs0HM ckq9lzNYpf07urKSjDaJ0rhGsINAlW727V7KKYulU/9DApy/hZuvC1IlznzbZw4t PMt/AvfjSamDDsqOXyl/MnrDCkGVWWQ5fTV975g4KQ0zp3zSBH999evdMKSVp8rx TLnYgiHkxy/BEWsQnI7ReKsBcD41oAPHZcO2YE9KInWOfbNpBQuWn40hlu7F5uhH WDn90qaRGJKxthCO2SNO+I0NEfwith2cAXYI3gY5Nir7s7AnN0y5KWfdUraCEnR8 ZaEKMOPAQpV6a12mDH+hlt6yd0E/TQWBvwA== X-ME-Sender: X-ME-Received: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvhedrvdeijedguddvtdcutefuodetggdotefrod ftvfcurfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfgh necuuegrihhlohhuthemuceftddtnecusecvtfgvtghiphhivghnthhsucdlqddutddtmd enucfjughrpefkffggfgfhuffvvehfjggtgfesthejredttdefjeenucfhrhhomheptehl ihgtvgcutfihhhhluceorghlihgtvgesrhihhhhlrdhioheqnecuggftrfgrthhtvghrnh ephfehueeileevjeefkeetvdffveffudeuhffgtedvuefgiefgiedvjeegvdejleejnecu vehluhhsthgvrhfuihiivgepudenucfrrghrrghmpehmrghilhhfrhhomheprghlihgtvg esrhihhhhlrdhioh X-ME-Proxy: Feedback-ID: i56684263:Fastmail Received: by mail.messagingengine.com (Postfix) with ESMTPA; Mon, 3 Apr 2023 13:57:16 -0400 (EDT) Message-ID: <93225277-91a8-a1b5-abda-e936cd50d6a3@ryhl.io> Date: Mon, 3 Apr 2023 19:56:27 +0200 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Thunderbird/102.9.0 From: Alice Ryhl Subject: Re: [PATCH v5 10/15] rust: init: add `stack_pin_init!` macro To: Benno Lossin Cc: rust-for-linux@vger.kernel.org, linux-kernel@vger.kernel.org, patches@lists.linux.dev, Alice Ryhl , Andreas Hindborg , Miguel Ojeda , Alex Gaynor , Wedson Almeida Filho , Boqun Feng , Gary Guo , =?UTF-8?Q?Bj=c3=b6rn_Roy_Baron?= References: <20230403154422.168633-1-y86-dev@protonmail.com> <20230403160511.174894-3-y86-dev@protonmail.com> Content-Language: en-US In-Reply-To: <20230403160511.174894-3-y86-dev@protonmail.com> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit X-Spam-Status: No, score=-2.3 required=5.0 tests=DKIM_SIGNED,DKIM_VALID, DKIM_VALID_AU,DKIM_VALID_EF,NICE_REPLY_A,RCVD_IN_DNSWL_LOW, SPF_HELO_PASS,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 4/3/23 18:05, Benno Lossin wrote: > The `stack_pin_init!` macro allows pin-initializing a value on the > stack. It accepts a `impl PinInit` to initialize a `T`. It allows > propagating any errors via `?` or handling it normally via `match`. > > Signed-off-by: Benno Lossin > Cc: Alice Ryhl > Cc: Andreas Hindborg > Cc: Gary Guo > --- If you fix the issue below, then you may add Reviewed-by: Alice Ryhl > + /// Initializes the contents and returns the result. > + #[inline] > + pub fn init(self: Pin<&mut Self>, init: impl PinInit) -> Result, E> { > + // SAFETY: We never move out of `this`. > + let this = unsafe { Pin::into_inner_unchecked(self) }; > + // The value is currently initialized, so it needs to be dropped before we can reuse > + // the memory (this is a safety guarantee of `Pin`). > + if this.1 { > + // SAFETY: `this.1` is true and we set it to false after this. > + unsafe { this.0.assume_init_drop() }; > + this.1 = false; > + } This would double-free the value if `assume_init_drop` panics. I know that we configure panics to abort the kernel, but someone could copy this into another codebase and then they would have this issue. You can fix it by setting `this.1` to false *before* calling `assume_init_drop`.