On Fri, May 24, 2024 at 07:17:13PM +0000, Alice Ryhl wrote:
> > And then those both implement a get_file() method so the caller can take
> > an explicit long-term reference to the file.
>
> Even if you call `get_file` to get a long-term reference from something
> you have an fdget_pos reference to, that doesn't necessarily mean that
> you can share that long-term reference with other threads. You would
> need to release the fdget_pos reference first. For that reason, the
> long-term reference returned by `get_file` would still need to have the
> `File<MaybeFdgetPos>` type.
Why would you want such a bizarre requirement?
> Note that since it forgets which fd and fd table it came from, calls to
> `fdget` are actually not a problem for sending our long-term references
> across threads. The `fdget` requirements only care about things that
> touch the entry in the file descriptor table, such as closing the fd.
> The `ARef<File>` type does not provide any methods that could lead to
> that happening, so sharing it across threads is okay *even if* there is
> an light reference. That's why I have an `MaybeFdgetPos` but no
> `MaybeFdget`.
Huh?
What is "the entry in the file descriptor table"? Which one and in which one?
> let file = File::fget(my_fd)?;
> // SAFETY: We know that there are no active `fdget_pos` calls on
> // the current thread, since this is an ioctl and we have not
> // called `fdget_pos` inside the Binder driver.
> let thread_safe_file = unsafe { file.assume_no_fdget_pos() };
>
> (search for File::from_fd in the RFC to find where this would go)
>
> The `assume_no_fdget_pos` call has no effect at runtime - it is purely a
> compile-time thing to force the user to use unsafe to "promise" that
> there aren't any `fdget_pos` calls on the same fd.
Why does fdget_pos() even matter? The above makes no sense...
Again, cloning a reference and sending it to another thread is perfectly
fine. And what's so special about fdget_pos()/fdput_pos() compared to
fdget()/fdput()?
_What_ memory safety issues are you talking about?
