Closed brooksdavis closed 6 years ago
This seems to be a variant on #180
Likewise &ujob->_aiocb_private.error
when ujob
is a capability looses capabilityness.
The current fix only looks up one level so it looks at as::name which is a pointer in the hybrid ABI and therefore concludes that the result should be a pointer and not a capability. Same issue for &ujob->_aiocb_private.error
It's worth noting the we need to do this to arbitrary depth. The compiler is wrong in thinking that it can turn an arbitrary capability into a pointer as there's no assurance a virtual address accessible via a capability is accessible via dcc. There is in-fact no assurance that the virtual address has any meaning at all relative to ddc in the general case of capability systems. That just happens to be true in our current implementation. (An implementation where each ring had its own capability type and shared the same virtual address space range would be interesting.)
This code:
produces:
Removing the
[0]
avoids the error, but both should do the same thing.