From: Paolo Bonzini <pbonzini@redhat.com>
To: qemu-devel@nongnu.org
Cc: manos.pitsidianakis@linaro.org, zhao1.liu@intel.com,
junjie.mao@hotmail.com, berrange@redhat.com
Subject: [PATCH 16/23] rust: do not use MaybeUninit::zeroed()
Date: Fri, 25 Oct 2024 18:02:01 +0200 [thread overview]
Message-ID: <20241025160209.194307-17-pbonzini@redhat.com> (raw)
In-Reply-To: <20241025160209.194307-1-pbonzini@redhat.com>
MaybeUninit::zeroed() is handy but is not available as a "const" function
until Rust 1.75.0.
Remove the default implementation of Zeroable::ZERO, and write by hand
the definitions for those types that need it. It may be possible to
add automatic implementation of the trait, via a procedural macro and/or
a trick similar to offset_of!, but do it the easy way for now.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
---
rust/qemu-api/src/zeroable.rs | 91 +++++++++++++++++++++++++++++------
1 file changed, 77 insertions(+), 14 deletions(-)
diff --git a/rust/qemu-api/src/zeroable.rs b/rust/qemu-api/src/zeroable.rs
index 45ec95c9f70..13cdb2ccba5 100644
--- a/rust/qemu-api/src/zeroable.rs
+++ b/rust/qemu-api/src/zeroable.rs
@@ -1,23 +1,86 @@
// SPDX-License-Identifier: GPL-2.0-or-later
+use std::ptr;
+
/// Encapsulates the requirement that
-/// `MaybeUninit::<Self>::zeroed().assume_init()` does not cause
-/// undefined behavior.
+/// `MaybeUninit::<Self>::zeroed().assume_init()` does not cause undefined
+/// behavior. This trait in principle could be implemented as just:
+///
+/// ```
+/// const ZERO: Self = unsafe {
+/// ::core::mem::MaybeUninit::<$crate::bindings::Property>::zeroed().assume_init()
+/// },
+/// ```
+///
+/// The need for a manual implementation is only because `zeroed()` cannot
+/// be used as a `const fn` prior to Rust 1.75.0. Once we can assume a new
+/// enough version of the compiler, we could provide a `#[derive(Zeroable)]`
+/// macro to check at compile-time that all struct fields are Zeroable, and
+/// use the above blanket implementation of the `ZERO` constant.
///
/// # Safety
///
-/// Do not add this trait to a type unless all-zeroes is
-/// a valid value for the type. In particular, remember that raw
-/// pointers can be zero, but references and `NonNull<T>` cannot
-/// unless wrapped with `Option<>`.
+/// Because the implementation of `ZERO` is manual, it does not make
+/// any assumption on the safety of `zeroed()`. However, other users of the
+/// trait could use it that way. Do not add this trait to a type unless
+/// all-zeroes is a valid value for the type. In particular, remember that
+/// raw pointers can be zero, but references and `NonNull<T>` cannot
pub unsafe trait Zeroable: Default {
- /// SAFETY: If the trait was added to a type, then by definition
- /// this is safe.
- const ZERO: Self = unsafe { ::core::mem::MaybeUninit::<Self>::zeroed().assume_init() };
+ const ZERO: Self;
}
-unsafe impl Zeroable for crate::bindings::Property__bindgen_ty_1 {}
-unsafe impl Zeroable for crate::bindings::Property {}
-unsafe impl Zeroable for crate::bindings::VMStateDescription {}
-unsafe impl Zeroable for crate::bindings::MemoryRegionOps__bindgen_ty_1 {}
-unsafe impl Zeroable for crate::bindings::MemoryRegionOps__bindgen_ty_2 {}
+unsafe impl Zeroable for crate::bindings::Property__bindgen_ty_1 {
+ const ZERO: Self = Self { i: 0 };
+}
+
+unsafe impl Zeroable for crate::bindings::Property {
+ const ZERO: Self = Self {
+ name: ptr::null(),
+ info: ptr::null(),
+ offset: 0,
+ bitnr: 0,
+ bitmask: 0,
+ set_default: false,
+ defval: Zeroable::ZERO,
+ arrayoffset: 0,
+ arrayinfo: ptr::null(),
+ arrayfieldsize: 0,
+ link_type: ptr::null(),
+ };
+}
+
+unsafe impl Zeroable for crate::bindings::VMStateDescription {
+ const ZERO: Self = Self {
+ name: ptr::null(),
+ unmigratable: false,
+ early_setup: false,
+ version_id: 0,
+ minimum_version_id: 0,
+ priority: crate::bindings::MigrationPriority::MIG_PRI_DEFAULT,
+ pre_load: None,
+ post_load: None,
+ pre_save: None,
+ post_save: None,
+ needed: None,
+ dev_unplug_pending: None,
+ fields: ptr::null(),
+ subsections: ptr::null(),
+ };
+}
+
+unsafe impl Zeroable for crate::bindings::MemoryRegionOps__bindgen_ty_1 {
+ const ZERO: Self = Self {
+ min_access_size: 0,
+ max_access_size: 0,
+ unaligned: false,
+ accepts: None,
+ };
+}
+
+unsafe impl Zeroable for crate::bindings::MemoryRegionOps__bindgen_ty_2 {
+ const ZERO: Self = Self {
+ min_access_size: 0,
+ max_access_size: 0,
+ unaligned: false,
+ };
+}
--
2.47.0
next prev parent reply other threads:[~2024-10-25 16:09 UTC|newest]
Thread overview: 67+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-10-25 16:01 [PATCH v3 00/23] rust: fix CI + allow older versions of rustc and bindgen Paolo Bonzini
2024-10-25 16:01 ` [PATCH 01/23] rust: add definitions for vmstate Paolo Bonzini
2024-10-25 16:01 ` [PATCH 02/23] rust/pl011: fix default value for migrate-clock Paolo Bonzini
2024-10-25 16:01 ` [PATCH 03/23] rust/pl011: add support for migration Paolo Bonzini
2024-10-25 16:01 ` [PATCH 04/23] rust/pl011: move CLK_NAME static to function scope Paolo Bonzini
2024-10-25 16:01 ` [PATCH 05/23] rust/pl011: add TYPE_PL011_LUMINARY device Paolo Bonzini
2024-10-31 14:58 ` Zhao Liu
2024-10-25 16:01 ` [PATCH 06/23] rust/pl011: remove commented out C code Paolo Bonzini
2024-10-25 16:01 ` [PATCH 07/23] rust/pl011: Use correct masks for IBRD and FBRD Paolo Bonzini
2024-10-25 16:01 ` [PATCH 08/23] rust: patch bilge-impl to allow compilation with 1.63.0 Paolo Bonzini
2024-10-25 16:01 ` [PATCH 09/23] rust: fix cfgs of proc-macro2 for 1.63.0 Paolo Bonzini
2024-10-25 16:01 ` [PATCH 10/23] rust: use std::os::raw instead of core::ffi Paolo Bonzini
2024-10-25 16:01 ` [PATCH 11/23] rust: introduce a c_str macro Paolo Bonzini
2024-10-31 10:39 ` Zhao Liu
2024-10-25 16:01 ` [PATCH 12/23] rust: silence unknown warnings for the sake of old compilers Paolo Bonzini
2024-10-25 16:01 ` [PATCH 13/23] rust: synchronize dependencies between subprojects and Cargo.lock Paolo Bonzini
2024-10-31 11:31 ` Zhao Liu
2024-11-01 10:14 ` Junjie Mao
2024-11-01 15:30 ` Paolo Bonzini
2024-11-02 2:13 ` Junjie Mao
2024-10-25 16:01 ` [PATCH 14/23] rust: create a cargo workspace Paolo Bonzini
2024-10-31 13:46 ` Zhao Liu
2024-11-01 10:21 ` Junjie Mao
2024-10-25 16:02 ` [PATCH 15/23] rust: introduce alternative implementation of offset_of! Paolo Bonzini
2024-11-03 9:54 ` Junjie Mao
2024-11-04 16:02 ` Paolo Bonzini
2024-11-04 16:03 ` Paolo Bonzini
2024-11-04 16:03 ` Paolo Bonzini
2024-11-05 2:07 ` Junjie Mao
2024-10-25 16:02 ` Paolo Bonzini [this message]
2024-10-25 16:02 ` [PATCH 17/23] rust: clean up detection of the language Paolo Bonzini
2024-10-25 16:02 ` [PATCH 18/23] rust: allow version 1.63.0 of rustc Paolo Bonzini
2024-10-25 16:02 ` [PATCH 19/23] rust: do not use --generate-cstr Paolo Bonzini
2024-10-25 20:03 ` Michael Tokarev
2024-10-25 20:06 ` Pierrick Bouvier
2024-10-25 20:10 ` Michael Tokarev
2024-10-25 20:12 ` Pierrick Bouvier
2024-10-25 20:11 ` Paolo Bonzini
2024-10-25 16:02 ` [PATCH 20/23] rust: allow older version of bindgen Paolo Bonzini
2024-10-25 16:02 ` [PATCH 21/23] rust: make rustfmt optional Paolo Bonzini
2024-10-25 16:02 ` [PATCH 22/23] dockerfiles: install bindgen from cargo on Ubuntu 22.04 Paolo Bonzini
2024-10-25 18:51 ` Pierrick Bouvier
2024-10-25 19:35 ` Paolo Bonzini
2024-10-25 19:47 ` Pierrick Bouvier
2024-10-25 20:08 ` Paolo Bonzini
2024-10-25 20:14 ` Pierrick Bouvier
2024-10-25 20:21 ` Paolo Bonzini
2024-10-25 20:08 ` Pierrick Bouvier
2024-10-25 16:02 ` [PATCH 23/23] ci: enable rust in the Debian and Ubuntu system build job Paolo Bonzini
2024-10-25 18:55 ` Pierrick Bouvier
2024-10-25 18:58 ` Pierrick Bouvier
2024-10-25 19:27 ` Paolo Bonzini
2024-10-25 19:33 ` Pierrick Bouvier
2024-10-25 20:08 ` Pierrick Bouvier
2024-10-25 16:23 ` [PATCH v3 00/23] rust: fix CI + allow older versions of rustc and bindgen Manos Pitsidianakis
2024-10-31 16:28 ` Paolo Bonzini
2024-10-27 7:01 ` Michael Tokarev
2024-10-27 8:00 ` Paolo Bonzini
2024-10-27 9:38 ` Michael Tokarev
2024-10-27 9:42 ` Michael Tokarev
2024-10-27 9:57 ` Michael Tokarev
2024-10-27 12:39 ` Paolo Bonzini
2024-10-28 9:21 ` Daniel P. Berrangé
2024-10-28 12:26 ` Alex Bennée
2024-10-28 12:41 ` Paolo Bonzini
2024-10-30 16:52 ` Paolo Bonzini
2024-10-31 16:41 ` Zhao Liu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20241025160209.194307-17-pbonzini@redhat.com \
--to=pbonzini@redhat.com \
--cc=berrange@redhat.com \
--cc=junjie.mao@hotmail.com \
--cc=manos.pitsidianakis@linaro.org \
--cc=qemu-devel@nongnu.org \
--cc=zhao1.liu@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).