diff options
author | Alice Ryhl <aliceryhl@google.com> | 2023-05-31 14:59:37 +0000 |
---|---|---|
committer | Miguel Ojeda <ojeda@kernel.org> | 2023-05-31 18:53:10 +0200 |
commit | d701e061cb14f589f8c4f48fd7fbe81c0e34b7e7 (patch) | |
tree | cd4df82f1656a5d98eeb6a7e48c34cad1fad7de5 /rust | |
parent | f8110cd157833e721f50f779dc70f8ae5b429832 (diff) | |
download | linux-starfive-d701e061cb14f589f8c4f48fd7fbe81c0e34b7e7.tar.gz linux-starfive-d701e061cb14f589f8c4f48fd7fbe81c0e34b7e7.tar.bz2 linux-starfive-d701e061cb14f589f8c4f48fd7fbe81c0e34b7e7.zip |
rust: sync: reword the `Arc` safety comment for `Sync`
The safety comment on `impl Sync for Arc` references the Send safety
comment. This commit avoids that in case the two comments drift apart in
the future.
Suggested-by: Andreas Hindborg <a.hindborg@samsung.com>
Signed-off-by: Alice Ryhl <aliceryhl@google.com>
Reviewed-by: Andreas Hindborg <a.hindborg@samsung.com>
Reviewed-by: Boqun Feng <boqun.feng@gmail.com>
Reviewed-by: Martin Rodriguez Reboredo <yakoyoku@gmail.com>
Reviewed-by: Benno Lossin <benno.lossin@proton.me>
Link: https://lore.kernel.org/r/20230531145939.3714886-3-aliceryhl@google.com
Signed-off-by: Miguel Ojeda <ojeda@kernel.org>
Diffstat (limited to 'rust')
-rw-r--r-- | rust/kernel/sync/arc.rs | 8 |
1 files changed, 5 insertions, 3 deletions
diff --git a/rust/kernel/sync/arc.rs b/rust/kernel/sync/arc.rs index a8c2177950cd..a89843cacaad 100644 --- a/rust/kernel/sync/arc.rs +++ b/rust/kernel/sync/arc.rs @@ -150,9 +150,11 @@ impl<T: ?Sized + Unsize<U>, U: ?Sized> core::ops::DispatchFromDyn<Arc<U>> for Ar // mutable reference when the reference count reaches zero and `T` is dropped. unsafe impl<T: ?Sized + Sync + Send> Send for Arc<T> {} -// SAFETY: It is safe to send `&Arc<T>` to another thread when the underlying `T` is `Sync` for the -// same reason as above. `T` needs to be `Send` as well because a thread can clone an `&Arc<T>` -// into an `Arc<T>`, which may lead to `T` being accessed by the same reasoning as above. +// SAFETY: It is safe to send `&Arc<T>` to another thread when the underlying `T` is `Sync` +// because it effectively means sharing `&T` (which is safe because `T` is `Sync`); additionally, +// it needs `T` to be `Send` because any thread that has a `&Arc<T>` may clone it and get an +// `Arc<T>` on that thread, so the thread may ultimately access `T` using a mutable reference when +// the reference count reaches zero and `T` is dropped. unsafe impl<T: ?Sized + Sync + Send> Sync for Arc<T> {} impl<T> Arc<T> { |