On Fri Jun 27, 2025 at 1:53 AM CEST, Danilo Krummrich wrote:
> On Fri, Jun 27, 2025 at 01:33:41AM +0200, Benno Lossin wrote:
>> On Thu Jun 26, 2025 at 10:00 PM CEST, Danilo Krummrich wrote:
>> > diff --git a/drivers/gpu/nova-core/gpu.rs b/drivers/gpu/nova-core/gpu.rs
>> > index 60b86f370284..47653c14838b 100644
>> > --- a/drivers/gpu/nova-core/gpu.rs
>> > +++ b/drivers/gpu/nova-core/gpu.rs
>>
>> > @@ -161,14 +161,14 @@ fn new(bar: &Bar0) -> Result<Spec> {
>> > pub(crate) struct Gpu {
>> > spec: Spec,
>> > /// MMIO mapping of PCI BAR 0
>> > - bar: Devres<Bar0>,
>> > + bar: Arc<Devres<Bar0>>,
>>
>> Can't you store it inline, given that you return an `impl PinInit<Self>`
>> below?
>
> I could, but I already know that we'll have to share bar later on.
Ahh, planning ahead :)
How would you have shared it if you didn't do the devres rework? Or is
this one of the reasons to do that?
>> > fw: Firmware,
>> > }
>> >
>> > impl Gpu {
>> > pub(crate) fn new(
>> > pdev: &pci::Device<device::Bound>,
>> > - devres_bar: Devres<Bar0>,
>> > + devres_bar: Arc<Devres<Bar0>>,
>> > ) -> Result<impl PinInit<Self>> {
>>
>> While I see this code, is it really necessary to return `Result`
>> wrapping the initializer here? I think it's probably better to return
>> `impl PinInit<Self, Error>` instead. (of course in a different patch/an
>> issue)
>
> I will double check, but it's rather unlikely it makes sense. There's a lot of
> initialization going on in Gpu::new(), the try_pin_init! call would probably get
> too crazy.
Makes sense, I don't have too much data on where to place the error,
since I only have had rather simple uses of pin-init. So you could have
a case where it makes sense to put the error outside of the initializer.
>> > /// # Example
>> > ///
>> > /// ```no_run
>>
>> > @@ -213,44 +233,63 @@ pub fn new(dev: &Device<Bound>, data: T, flags: Flags) -> Result<Self> {
>> > /// }
>> > /// ```
>> > pub fn access<'a>(&'a self, dev: &'a Device<Bound>) -> Result<&'a T> {
>> > - if self.0.dev.as_raw() != dev.as_raw() {
>> > + if self.dev.as_raw() != dev.as_raw() {
>> > return Err(EINVAL);
>> > }
>> >
>> > // SAFETY: `dev` being the same device as the device this `Devres` has been created for
>> > - // proves that `self.0.data` hasn't been revoked and is guaranteed to not be revoked as
>> > - // long as `dev` lives; `dev` lives at least as long as `self`.
>> > - Ok(unsafe { self.0.data.access() })
>> > + // proves that `self.data` hasn't been revoked and is guaranteed to not be revoked as long
>> > + // as `dev` lives; `dev` lives at least as long as `self`.
>>
>> What if the device has been unbound and a new device has been allocated
>> in the exact same memory?
>
> Unbound doesn't mean freed. Devres holds a reference of the device is was
> created with, so it is impossible that it has been freed.
Ahh right, I thought I was missing something! This also should be
mentioned in the safety comment though! Feel free to do it in some later
patch or create a good-first-issue :)
---
Cheers,
Benno
