refactor: remove UserPtr and UserConstPtr usages#107
Open
Ticonderoga2017 wants to merge 1 commit intoStarry-OS:mainfrom
Open
refactor: remove UserPtr and UserConstPtr usages#107Ticonderoga2017 wants to merge 1 commit intoStarry-OS:mainfrom
Ticonderoga2017 wants to merge 1 commit intoStarry-OS:mainfrom
Conversation
Contributor
|
Good job 👍 |
AsakuraMizu
requested changes
Jan 2, 2026
Contributor
AsakuraMizu
left a comment
AsakuraMizu
left a comment
There was a problem hiding this comment.
Sorry, there were too many files, and I haven't had time to look at a few of them myself.
AsakuraMizu
reviewed
Jan 8, 2026
Contributor
There was a problem hiding this comment.
Pull request overview
This pull request refactors the codebase to remove custom UserPtr and UserConstPtr types in favor of a unified memory access interface from starry_vm. The changes introduce VmPtr/VmMutPtr primitives and helper functions like vm_read_slice, vm_write_slice, and vm_load_until_nul for safer user-space memory operations.
Key Changes:
- Replaced all
UserPtr/UserConstPtrusages with raw pointers andstarry_vmprimitives - Updated system call signatures to accept raw pointers instead of custom wrapper types
- Refactored
CMsgBuilderto work with raw pointers and returnResultfrom constructor - Simplified syscall dispatcher by replacing
.into()calls withas _casts
Reviewed changes
Copilot reviewed 16 out of 16 changed files in this pull request and generated 2 comments.
Show a summary per file
| File | Description |
|---|---|
| api/src/mm.rs | Removed UserPtr/UserConstPtr implementations; kept VmBytes/VmBytesMut wrappers and vm_load_string helper |
| api/src/vfs/dev/event.rs | Converted event device ioctls to use vm_write_slice and allocate temporary buffers |
| api/src/syscall/net/socket.rs | Updated socket syscalls to use raw pointers with VmPtr/VmMutPtr traits |
| api/src/syscall/net/opt.rs | Refactored getsockopt/setsockopt to use vm_read/vm_write with temporary variables |
| api/src/syscall/net/name.rs | Simplified getsockname/getpeername to use raw pointers |
| api/src/syscall/net/io.rs | Updated sendmsg/recvmsg to use vm_read_uninit and addr_of_mut for field access |
| api/src/syscall/net/cmsg.rs | Refactored CMsgBuilder to use raw pointers and made constructor fallible |
| api/src/syscall/mod.rs | Replaced .into() conversions with as _ casts throughout syscall dispatcher |
| api/src/syscall/ipc/shm.rs | Updated shmctl to use vm_read/vm_write with nullable pointer handling |
| api/src/syscall/io_mpx/select.rs | Converted select/pselect6 to read/write local copies and use nullable pattern |
| api/src/syscall/io_mpx/poll.rs | Updated poll/ppoll to use local Vec buffers with vm_read/vm_write |
| api/src/syscall/io_mpx/epoll.rs | Converted epoll functions to use temporary buffers and vm_write |
| api/src/syscall/fs/memfd.rs | Changed memfd_create signature to use raw pointer |
| api/src/syscall/fs/io.rs | Updated truncate to use vm_load_string |
| api/src/syscall/fs/fd_ops.rs | Modified fcntl to use vm_read_uninit/vm_write for flock64 |
| api/src/socket.rs | Updated SocketAddrExt trait to use raw pointers; refactored read/write methods |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Mivik
reviewed
Feb 28, 2026
| nullable!(sigmask.get_as_ref())?.copied(), | ||
| || match block_on(future::timeout( | ||
| let mut buf = vec![epoll_event { events: 0, data: 0 }; maxevents as usize]; | ||
| let sig = match sigmask.nullable() { |
| ) | ||
| } | ||
| })?; | ||
| for (i, ev) in buf.iter().take(n as usize).enumerate() { |
| }; | ||
| do_poll(fds, timeout, None) | ||
| let ret = do_poll(&mut local, timeout, None)?; | ||
| for (i, it) in local.iter().enumerate() { |
Contributor
There was a problem hiding this comment.
Use vm_write_slice. Please apply the same fix to other instances.
| let sigmask = match sigmask.nullable() { | ||
| Some(p) => { | ||
| let sig = unsafe { p.vm_read_uninit()?.assume_init() }; | ||
| check_sigset_size(sig.sigsetsize)?; |
| Some(p) => { | ||
| let sig = unsafe { p.vm_read_uninit()?.assume_init() }; | ||
| check_sigset_size(sig.sigsetsize)?; | ||
| match sig.set.nullable() { |
Contributor
There was a problem hiding this comment.
Use Option::map. Please apply the same fix to other instances.
| let mut bits = vec![0u8; size]; | ||
| if ty == 0 { | ||
| Ok(copy_bytes(self.ev_bits.as_bytes(), bits)) | ||
| let written = copy_bytes(self.ev_bits.as_bytes(), &mut bits); |
Contributor
There was a problem hiding this comment.
Maybe we can use vm_write_slice instead to avoid extra copy?
| let mut bits = vec![0u8; size]; | ||
| let n = | ||
| copy_bytes(self.inner.lock().key_state.as_bytes(), &mut bits); | ||
| vm_write_slice(arg as *mut u8, &bits[..n])?; |
| } | ||
| Ok(bits.len().min(ty.bits_count().div_ceil(8))) | ||
| let written = bits.len().min(ty.bits_count().div_ceil(8)); | ||
| vm_write_slice(arg as *mut u8, &bits[..written])?; |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
#39
Description
UserPtr/UserConstPtrand their supporting memory validation functions to implement a unified user-space memory access interface.VmPtr/VmMutPtr,vm_read_slice,vm_write_slice, andvm_load_until_nulfromstarry_vm, covering scenarios such as read/write operations and string loading.axioframework'sRead/WriteandIoBuf/IoBufMutmodels, avoiding inconsistencies caused by custom pointer types.