Remove Android-specific platform differences #118
Conversation
|
@notgull thanks for sending this in, I wouldn't call the original a screw-up outright but haven't caught up to the discussion in existing issues PRs (which should definitely be linked and explained as part of the context for why this PR is making this change 😉). Will take a closer look tomorrow, and we can always push users to not use the no-op via It quite surprises me that these changes have been made and pressured into a release within a timespan of about two weeks, without any apparent community discussion/review not to mention a comment from active Android+Rust platform maintainers (turns out @rib was on holiday, and I had a massive backlog to process after also being out of country for a conference). I get it, it's sometimes hard to not have a release while porting other crates in the ecosystem to the new thing, but using temporary (And for the commit title: |
Would probably be for the best (although I doubt there are any extant users aside from my PRs).
Yes, this was undeniably a mistake on my part with no excuses. At this stage, I'd been able to implement In the future, I'll make sure to check with
This is actually the original path I took. See rust-windowing/winit#2744, rust-windowing/glutin#1582 and rust-windowing/softbuffer#82. Like I said above, my rationale was that I'd already gotten enough eyes on the system that it was ready to be published. But, ah well, this is recoverable. Chances are, with #104 we're likely to have a breaking release in the future anyways. |
notgull
force-pushed
the
notgull/de-active
branch
from
1be0e38
to
ac9636b
Compare
|
Cool, thanks for the follow up @notgull Sorry that I'm again a bit slow with responding - I actually just started a new job this week, so been a bit busy :) as it happens though I'll be responsible for lots of Android + Rust enabling though, so fingers crossed I'll be in a good position to actively help with this kind of thing. Yeah I wouldn't call it a screw up either - it's an awkward corner of Android - and I'll even be ready to accept egg on my face at some point when we discover there is some weird safety issue here that we've all overlooked. To the best of my understanding currently though I think the conclusion above is correct. Btw, although I generally try to follow |
Ooo, sounds fun! Good luck!
Thanks. My gut still tells me that there's some kind of edge case here that we're forgetting. I feel like, every time a project touches Java, it gets ten times more complex for no reason.
I guess that's the curse of trying to do things that not many people are doing; there just aren't enough experts to go around.
I'll take this as approval of the new system. Once @MarijnS95 signs off on this I'll go ahead and merge it. |
Yeah, generally, that's probably a reasonable concern. Since (accidentally) becoming maintainer of the For this particular issue I feel like it's something that I've looked at quite a few times and I think my focus is generally on the requirement that Android apps need to drop their graphics surfaces when suspending - which is slightly different to what the Just in terms of a C API it would be particularly cruel to provide a ref-counting API for some state and somehow let that state get pulled from under your feet while you think you hold a reference to it.
yeah, I guess as you get into the weeds there will always be fewer and fewer people that are coming along with you :) This is a particularly gnarly area I think. You need some interest in lower-level graphics stacks in addition to Android architecture and Rust <-> Java JNI.
sound good to me |
|
@MarijnS95 Poke, does this look good to you? |
|
@notgull perhaps, I haven't had the time to look into anything over the Easter weekend, sorry for enjoying time off and slacking on this! |
| /// On Android, it was previously believed that the application could enter the suspended state | ||
| /// and immediately invalidate all window handles. However, it was later discovered that the | ||
| /// handle actually remains valid, but the window does not produce any more GPU buffers. This | ||
| /// type is a no-op and will be removed at the next major release. |
There was a problem hiding this comment.
Tad odd that some of the original documentation is still up above, and being nullified again right here?
src/borrowed.rs
Outdated
| @@ -96,8 +65,9 @@ impl Active { | |||
| /// use raw_window_handle::Active; | |||
| /// let active = Active::new(); | |||
| /// ``` | |||
| #[deprecated = "Will be removed at next major release, use ActiveHandle::new() for now"] | |||
There was a problem hiding this comment.
Is this sensible (same for the other deprecated attributes on member fns) if the Active type as a whole is already marked as deprecated?
src/borrowed.rs
Outdated
| /// On non-Android platforms, this is a ZST. On Android, this is a reference counted handle that | ||
| /// keeps the application active while it is alive. | ||
| #[derive(Clone)] | ||
| pub struct ActiveHandle<'a>(imp::ActiveHandle<'a>); | ||
| pub struct ActiveHandle<'a>(PhantomData<&'a UnsafeCell<()>>); |
There was a problem hiding this comment.
Should the docs here be updated?
There was a problem hiding this comment.
I'm not familiar with the new "borrowed" API of raw-window-handle and have just pointed out some generic findings on the diff. Overall the gain in removing this Active handling on Android is solid since the handle won't be pulled out from under you if holding a reference to it (which the NDK crate does for you; and graphics API's like Vulkan do too internally). The handle will just be "useless".
|
Thank you! |
Makes
Activea no-op on all platforms.cc @rib and @MarijnS95 Is this valid? I want to make extra sure, I don't want to screw this up twice
Post-Mortem
Originally I had created a
window-handlecrate to act as a safe window handle abstraction overraw-window-handleand proposed it be added towinitin rust-windowing/winit#2744. It was suggested that it should be moved intoraw-window-handleso that both systems could be developed in lockstep, so I merged the crates in #110.I also opened #111 for further discussion of raw window handles, to make sure that they worked for all platforms, present and future. At the time, I used a strategy where there would be a single
Activetoken that only existed when the application was active. However, I soon realized that there were soundness flaws in this strategy, among other issues. Therefore, in #116, I implemented the current strategy, where anRwLockis used on Android to ensure that window handles can only be active when the application is.Between the closing of #116 and the release, I'd implemented the new strategy in the form of other PRs in the
rust-windowingecosystem: rust-windowing/winit#2744, rust-windowing/glutin#1582 and rust-windowing/softbuffer#82. I'd also written a blog post about the initiative and posted it on Reddit, where it had received some visibility. Between both of these, I'd decided that the proposal had received enough eyes to be ready. At this point, I was unaware that both rib and MarjinS95 were predisposed, and took their perceived silence as approval. I pushed for a release and it was eventually released as v0.5.2.In retrospect, I should have waited for one of the Android platform maintainers to directly respond to the issue.
Two days later, rib responded to #111 and pointed out an issue that I was previously unaware of: it is possible to increase the refcount on
ANativeWindowsuch that it is not deleted. After some discussion that got leaked elsewhere (here, here, here), the conclusion we came to was:Activesystem can be bypassed by cloning anANativeWindowpointer.ANativeWindowcan be cloned and the reference sticks around, the reason why theActivesystem exists (to prevent using the reference after it's been deleted) can be worked around safely. This means that theActiveisn't necessary.However, since there's been a release we can't actually remove the
Active/ActiveHandletypes from the crate, until the next breaking release. So, this is the next best thing; just turning theActiveinto a no-op.