From: Paolo Bonzini <pbonzini@redhat.com>
To: qemu-devel@nongnu.org
Cc: Manos Pitsidianakis <manos.pitsidianakis@linaro.org>,
Junjie Mao <junjie.mao@hotmail.com>
Subject: [PATCH v2 12/13] rust: provide safe wrapper for MaybeUninit::zeroed()
Date: Mon, 21 Oct 2024 18:35:37 +0200 [thread overview]
Message-ID: <20241021163538.136941-13-pbonzini@redhat.com> (raw)
In-Reply-To: <20241021163538.136941-1-pbonzini@redhat.com>
MaybeUninit::zeroed() is handy, but it introduces unsafe (and has a
pretty heavy syntax in general). Introduce a trait that provides the
same functionality while staying within safe Rust.
In addition, MaybeUninit::zeroed() is not available as a "const"
function until Rust 1.75.0, so this also prepares for having handwritten
implementations of the trait until we can assume that version.
Reviewed-by: Junjie Mao <junjie.mao@hotmail.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
---
rust/hw/char/pl011/src/device_class.rs | 8 ++++++--
rust/hw/char/pl011/src/memory_ops.rs | 11 +++++++----
rust/qemu-api/meson.build | 1 +
rust/qemu-api/src/device_class.rs | 8 ++++----
rust/qemu-api/src/lib.rs | 1 +
rust/qemu-api/src/zeroable.rs | 23 +++++++++++++++++++++++
6 files changed, 42 insertions(+), 10 deletions(-)
create mode 100644 rust/qemu-api/src/zeroable.rs
diff --git a/rust/hw/char/pl011/src/device_class.rs b/rust/hw/char/pl011/src/device_class.rs
index 2ad80451e87..78fa1cdd5b6 100644
--- a/rust/hw/char/pl011/src/device_class.rs
+++ b/rust/hw/char/pl011/src/device_class.rs
@@ -4,7 +4,11 @@
use core::ptr::NonNull;
-use qemu_api::{bindings::*, definitions::ObjectImpl};
+use qemu_api::{
+ bindings::*,
+ definitions::ObjectImpl,
+ zeroable::Zeroable,
+};
use crate::device::PL011State;
@@ -12,7 +16,7 @@
pub static VMSTATE_PL011: VMStateDescription = VMStateDescription {
name: PL011State::TYPE_INFO.name,
unmigratable: true,
- ..unsafe { ::core::mem::MaybeUninit::<VMStateDescription>::zeroed().assume_init() }
+ ..Zeroable::ZERO
};
qemu_api::declare_properties! {
diff --git a/rust/hw/char/pl011/src/memory_ops.rs b/rust/hw/char/pl011/src/memory_ops.rs
index 5a5320e66c3..24ac9c870c1 100644
--- a/rust/hw/char/pl011/src/memory_ops.rs
+++ b/rust/hw/char/pl011/src/memory_ops.rs
@@ -2,9 +2,12 @@
// Author(s): Manos Pitsidianakis <manos.pitsidianakis@linaro.org>
// SPDX-License-Identifier: GPL-2.0-or-later
-use core::{mem::MaybeUninit, ptr::NonNull};
+use core::ptr::NonNull;
-use qemu_api::bindings::*;
+use qemu_api::{
+ bindings::*,
+ zeroable::Zeroable
+};
use crate::device::PL011State;
@@ -14,11 +17,11 @@
read_with_attrs: None,
write_with_attrs: None,
endianness: device_endian::DEVICE_NATIVE_ENDIAN,
- valid: unsafe { MaybeUninit::<MemoryRegionOps__bindgen_ty_1>::zeroed().assume_init() },
+ valid: Zeroable::ZERO,
impl_: MemoryRegionOps__bindgen_ty_2 {
min_access_size: 4,
max_access_size: 4,
- ..unsafe { MaybeUninit::<MemoryRegionOps__bindgen_ty_2>::zeroed().assume_init() }
+ ..Zeroable::ZERO
},
};
diff --git a/rust/qemu-api/meson.build b/rust/qemu-api/meson.build
index 1fc36078027..1b0fd406378 100644
--- a/rust/qemu-api/meson.build
+++ b/rust/qemu-api/meson.build
@@ -5,6 +5,7 @@ _qemu_api_rs = static_library(
'src/lib.rs',
'src/definitions.rs',
'src/device_class.rs',
+ 'src/zeroable.rs',
],
{'.' : bindings_rs},
),
diff --git a/rust/qemu-api/src/device_class.rs b/rust/qemu-api/src/device_class.rs
index d885f2fcf19..ed2d7ce1a54 100644
--- a/rust/qemu-api/src/device_class.rs
+++ b/rust/qemu-api/src/device_class.rs
@@ -31,7 +31,7 @@ macro_rules! define_property {
offset: ::core::mem::offset_of!($state, $field) as isize,
set_default: true,
defval: $crate::bindings::Property__bindgen_ty_1 { u: $defval.into() },
- ..unsafe { ::core::mem::MaybeUninit::<$crate::bindings::Property>::zeroed().assume_init() }
+ ..$crate::zeroable::Zeroable::ZERO
}
};
($name:expr, $state:ty, $field:expr, $prop:expr, $type:expr$(,)*) => {
@@ -41,7 +41,7 @@ macro_rules! define_property {
info: $prop,
offset: ::core::mem::offset_of!($state, $field) as isize,
set_default: false,
- ..unsafe { ::core::mem::MaybeUninit::<$crate::bindings::Property>::zeroed().assume_init() }
+ ..$crate::zeroable::Zeroable::ZERO
}
};
}
@@ -58,7 +58,7 @@ macro_rules! declare_properties {
len
}] = [
$($prop),*,
- unsafe { ::core::mem::MaybeUninit::<$crate::bindings::Property>::zeroed().assume_init() },
+ $crate::zeroable::Zeroable::ZERO,
];
};
}
@@ -79,7 +79,7 @@ macro_rules! vm_state_description {
$vname.as_ptr()
},)*
unmigratable: true,
- ..unsafe { ::core::mem::MaybeUninit::<$crate::bindings::VMStateDescription>::zeroed().assume_init() }
+ ..$crate::zeroable::Zeroable::ZERO
};
}
}
diff --git a/rust/qemu-api/src/lib.rs b/rust/qemu-api/src/lib.rs
index 6bc68076aae..e94a15bb823 100644
--- a/rust/qemu-api/src/lib.rs
+++ b/rust/qemu-api/src/lib.rs
@@ -29,6 +29,7 @@ unsafe impl Sync for bindings::VMStateDescription {}
pub mod definitions;
pub mod device_class;
+pub mod zeroable;
use std::alloc::{GlobalAlloc, Layout};
diff --git a/rust/qemu-api/src/zeroable.rs b/rust/qemu-api/src/zeroable.rs
new file mode 100644
index 00000000000..45ec95c9f70
--- /dev/null
+++ b/rust/qemu-api/src/zeroable.rs
@@ -0,0 +1,23 @@
+// SPDX-License-Identifier: GPL-2.0-or-later
+
+/// Encapsulates the requirement that
+/// `MaybeUninit::<Self>::zeroed().assume_init()` does not cause
+/// undefined behavior.
+///
+/// # Safety
+///
+/// Do not add this trait to a type unless all-zeroes is
+/// a valid value for the type. In particular, remember that raw
+/// pointers can be zero, but references and `NonNull<T>` cannot
+/// unless wrapped with `Option<>`.
+pub unsafe trait Zeroable: Default {
+ /// SAFETY: If the trait was added to a type, then by definition
+ /// this is safe.
+ const ZERO: Self = unsafe { ::core::mem::MaybeUninit::<Self>::zeroed().assume_init() };
+}
+
+unsafe impl Zeroable for crate::bindings::Property__bindgen_ty_1 {}
+unsafe impl Zeroable for crate::bindings::Property {}
+unsafe impl Zeroable for crate::bindings::VMStateDescription {}
+unsafe impl Zeroable for crate::bindings::MemoryRegionOps__bindgen_ty_1 {}
+unsafe impl Zeroable for crate::bindings::MemoryRegionOps__bindgen_ty_2 {}
--
2.46.2
next prev parent reply other threads:[~2024-10-21 16:39 UTC|newest]
Thread overview: 48+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-10-21 16:35 [PATCH v2 00/13] rust: miscellaneous cleanups + QOM integration tests Paolo Bonzini
2024-10-21 16:35 ` [PATCH v2 01/13] meson: import rust module into a global variable Paolo Bonzini
2024-10-23 10:29 ` Manos Pitsidianakis
2024-10-21 16:35 ` [PATCH v2 02/13] meson: remove repeated search for rust_root_crate.sh Paolo Bonzini
2024-10-21 16:35 ` [PATCH v2 03/13] meson: pass rustc_args when building all crates Paolo Bonzini
2024-10-22 2:35 ` Junjie Mao
2024-10-22 15:35 ` Zhao Liu
2024-10-21 16:35 ` [PATCH v2 04/13] rust: do not use --no-size_t-is-usize Paolo Bonzini
2024-10-22 2:38 ` Junjie Mao
2024-10-23 4:24 ` Zhao Liu
2024-10-21 16:35 ` [PATCH v2 05/13] rust: remove uses of #[no_mangle] Paolo Bonzini
2024-10-23 10:48 ` Paolo Bonzini
2024-10-23 14:06 ` Zhao Liu
2024-10-23 14:13 ` Zhao Liu
2024-10-21 16:35 ` [PATCH v2 06/13] rust: modernize link_section usage for ELF platforms Paolo Bonzini
2024-10-23 15:31 ` Zhao Liu
2024-10-24 6:04 ` Paolo Bonzini
2024-10-21 16:35 ` [PATCH v2 07/13] rust: build integration test for the qemu_api crate Paolo Bonzini
2024-10-22 1:52 ` Junjie Mao
2024-10-24 17:23 ` Zhao Liu
2024-10-21 16:35 ` [PATCH v2 08/13] rust: cleanup module_init!, use it from #[derive(Object)] Paolo Bonzini
2024-10-22 2:02 ` Junjie Mao
2024-10-22 5:16 ` Paolo Bonzini
2024-10-22 6:00 ` Junjie Mao
2024-10-22 7:20 ` Paolo Bonzini
2024-10-22 20:32 ` Kevin Wolf
2024-10-23 6:46 ` Junjie Mao
2024-10-25 8:59 ` Zhao Liu
2024-10-25 9:12 ` Paolo Bonzini
2024-10-21 16:35 ` [PATCH v2 09/13] rust: clean up define_property macro Paolo Bonzini
2024-10-22 19:46 ` Kevin Wolf
2024-10-23 7:10 ` Paolo Bonzini
2024-10-23 10:38 ` Manos Pitsidianakis
2024-10-23 11:23 ` Paolo Bonzini
2024-10-25 9:17 ` Zhao Liu
2024-10-21 16:35 ` [PATCH v2 10/13] qdev: make properties array "const" Paolo Bonzini
2024-10-22 4:31 ` Philippe Mathieu-Daudé
2024-10-22 5:23 ` Paolo Bonzini
2024-10-22 21:43 ` Philippe Mathieu-Daudé
2024-10-23 7:06 ` Paolo Bonzini
2024-10-21 16:35 ` [PATCH v2 11/13] rust: make properties array immutable Paolo Bonzini
2024-10-25 11:27 ` Zhao Liu
2024-10-21 16:35 ` Paolo Bonzini [this message]
2024-10-25 10:10 ` [PATCH v2 12/13] rust: provide safe wrapper for MaybeUninit::zeroed() Zhao Liu
2024-10-21 16:35 ` [PATCH v2 13/13] rust: do not use TYPE_CHARDEV unnecessarily Paolo Bonzini
2024-10-25 10:05 ` Zhao Liu
2024-10-22 20:46 ` [PATCH v2 00/13] rust: miscellaneous cleanups + QOM integration tests Kevin Wolf
2024-10-23 7:14 ` Paolo Bonzini
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20241021163538.136941-13-pbonzini@redhat.com \
--to=pbonzini@redhat.com \
--cc=junjie.mao@hotmail.com \
--cc=manos.pitsidianakis@linaro.org \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).