rust/comprehensive-rust
1
0
Fork 0
mirror of https://github.com/google/comprehensive-rust.git synced 2025-12-23 23:12:52 +02:00
Code Issues Releases Activity
Files
096a0a6ff36f788a29eadcc399a787c3b5c243d3
comprehensive-rust/src/unsafe-rust/unsafe-traits.md

41 lines
1.1 KiB
Markdown
Raw Normal View History

Comprehensive Rust v2 (#1073) I've taken some work by @fw-immunant and others on the new organization of the course and condensed it into a form amenable to a text editor and some computational analysis. You can see the inputs in `course.py` but the interesting bits are the output: `outline.md` and `slides.md`. The idea is to break the course into more, smaller segments with exercises at the ends and breaks in between. So `outline.md` lists the segments, their duration, and sums those durations up per-day. It shows we're about an hour too long right now! There are more details of the segments in `slides.md`, or you can see mostly the same stuff in `course.py`. This now contains all of the content from the v1 course, ensuring both that we've covered everything and that we'll have somewhere to redirect every page. Fixes #1082. Fixes #1465. --------- Co-authored-by: Nicole LeGare <dlegare.1001@gmail.com> Co-authored-by: Martin Geisler <mgeisler@google.com>
2023-11-29 10:39:24 -05:00
---
minutes: 5
---
Add slide for unsafe traits.
2023-01-17 16:41:51 +00:00
# Implementing Unsafe Traits
Format all Markdown files with `dprint` (#1157) This is the result of running `dprint fmt` after removing `src/` from the list of excluded directories. This also reformats the Rust code: we might want to tweak this a bit in the future since some of the changes removes the hand-formatting. Of course, this formatting can be seen as a mis-feature, so maybe this is good overall. Thanks to mdbook-i18n-helpers 0.2, the POT file is nearly unchanged after this, meaning that all existing translations remain valid! A few messages were changed because of stray whitespace characters: msgid "" "Slices always borrow from another object. In this example, `a` has to remain " -"'alive' (in scope) for at least as long as our slice. " +"'alive' (in scope) for at least as long as our slice." msgstr "" The formatting is enforced in CI and we will have to see how annoying this is in practice for the many contributors. If it becomes annoying, we should look into fixing dprint/check#11 so that `dprint` can annotate the lines that need fixing directly, then I think we can consider more strict formatting checks. I added more customization to `rustfmt.toml`. This is to better emulate the dense style used in the course: - `max_width = 85` allows lines to take up the full width available in our code blocks (when taking margins and the line numbers into account). - `wrap_comments = true` ensures that we don't show very long comments in the code examples. I edited some comments to shorten them and avoid unnecessary line breaks — please trim other unnecessarily long comments when you see them! Remember we're writing code for slides :smile: - `use_small_heuristics = "Max"` allows for things like struct literals and if-statements to take up the full line width configured above. The formatting settings apply to all our Rust code right now — I think we could improve this with https://github.com/dprint/dprint/issues/711 which lets us add per-directory `dprint` configuration files. However, the `inherit: true` setting is not yet implemented (as far as I can tell), so a nested configuration file will have to copy most or all of the top-level file.
2023-12-31 00:15:07 +01:00
Like with functions, you can mark a trait as `unsafe` if the implementation must
guarantee particular conditions to avoid undefined behaviour.
Add slide for unsafe traits.
2023-01-17 16:41:51 +00:00
For example, the `zerocopy` crate has an unsafe trait that looks
Update unsafe trait example to zerocopy version 0.8 (#2434) Zerocopy crate version 0.8 introduced changes to its API, which caused the example code to break. https://github.com/google/zerocopy/discussions/1680 > AsBytes -> [IntoBytes](https://docs.rs/zerocopy/0.8.*/zerocopy/trait.IntoBytes.html) --------- Co-authored-by: Martin Geisler <martin@geisler.net>
2024-11-04 14:01:45 +03:00
[something like this](https://docs.rs/zerocopy/latest/zerocopy/trait.IntoBytes.html):
Add slide for unsafe traits.
2023-01-17 16:41:51 +00:00
```rust,editable
Update unsafe trait example to zerocopy version 0.8 (#2434) Zerocopy crate version 0.8 introduced changes to its API, which caused the example code to break. https://github.com/google/zerocopy/discussions/1680 > AsBytes -> [IntoBytes](https://docs.rs/zerocopy/0.8.*/zerocopy/trait.IntoBytes.html) --------- Co-authored-by: Martin Geisler <martin@geisler.net>
2024-11-04 14:01:45 +03:00
use std::{mem, slice};
Add slide for unsafe traits.
2023-01-17 16:41:51 +00:00
/// ...
/// # Safety
/// The type must have a defined representation and no padding.
Update unsafe trait example to zerocopy version 0.8 (#2434) Zerocopy crate version 0.8 introduced changes to its API, which caused the example code to break. https://github.com/google/zerocopy/discussions/1680 > AsBytes -> [IntoBytes](https://docs.rs/zerocopy/0.8.*/zerocopy/trait.IntoBytes.html) --------- Co-authored-by: Martin Geisler <martin@geisler.net>
2024-11-04 14:01:45 +03:00
pub unsafe trait IntoBytes {
Add slide for unsafe traits.
2023-01-17 16:41:51 +00:00
fn as_bytes(&self) -> &[u8] {
Update unsafe trait example to zerocopy version 0.8 (#2434) Zerocopy crate version 0.8 introduced changes to its API, which caused the example code to break. https://github.com/google/zerocopy/discussions/1680 > AsBytes -> [IntoBytes](https://docs.rs/zerocopy/0.8.*/zerocopy/trait.IntoBytes.html) --------- Co-authored-by: Martin Geisler <martin@geisler.net>
2024-11-04 14:01:45 +03:00
let len = mem::size_of_val(self);
Fix example from zerocopy. (#2511) This was changed incorrectly in #2434. Fixes #2472.
2024-12-13 09:17:37 +00:00
let slf: *const Self = self;
unsafe { slice::from_raw_parts(slf.cast::<u8>(), len) }
Add slide for unsafe traits.
2023-01-17 16:41:51 +00:00
}
}
Add safety comments and use consistent format for existing ones. (#1981) We should have safety comments on all `unsafe` blocks, to set a good example.
2024-04-12 18:19:19 +01:00
// SAFETY: `u32` has a defined representation and no padding.
Update unsafe trait example to zerocopy version 0.8 (#2434) Zerocopy crate version 0.8 introduced changes to its API, which caused the example code to break. https://github.com/google/zerocopy/discussions/1680 > AsBytes -> [IntoBytes](https://docs.rs/zerocopy/0.8.*/zerocopy/trait.IntoBytes.html) --------- Co-authored-by: Martin Geisler <martin@geisler.net>
2024-11-04 14:01:45 +03:00
unsafe impl IntoBytes for u32 {}
Add slide for unsafe traits.
2023-01-17 16:41:51 +00:00
```
<details>
Format all Markdown files with `dprint` (#1157) This is the result of running `dprint fmt` after removing `src/` from the list of excluded directories. This also reformats the Rust code: we might want to tweak this a bit in the future since some of the changes removes the hand-formatting. Of course, this formatting can be seen as a mis-feature, so maybe this is good overall. Thanks to mdbook-i18n-helpers 0.2, the POT file is nearly unchanged after this, meaning that all existing translations remain valid! A few messages were changed because of stray whitespace characters: msgid "" "Slices always borrow from another object. In this example, `a` has to remain " -"'alive' (in scope) for at least as long as our slice. " +"'alive' (in scope) for at least as long as our slice." msgstr "" The formatting is enforced in CI and we will have to see how annoying this is in practice for the many contributors. If it becomes annoying, we should look into fixing dprint/check#11 so that `dprint` can annotate the lines that need fixing directly, then I think we can consider more strict formatting checks. I added more customization to `rustfmt.toml`. This is to better emulate the dense style used in the course: - `max_width = 85` allows lines to take up the full width available in our code blocks (when taking margins and the line numbers into account). - `wrap_comments = true` ensures that we don't show very long comments in the code examples. I edited some comments to shorten them and avoid unnecessary line breaks — please trim other unnecessarily long comments when you see them! Remember we're writing code for slides :smile: - `use_small_heuristics = "Max"` allows for things like struct literals and if-statements to take up the full line width configured above. The formatting settings apply to all our Rust code right now — I think we could improve this with https://github.com/dprint/dprint/issues/711 which lets us add per-directory `dprint` configuration files. However, the `inherit: true` setting is not yet implemented (as far as I can tell), so a nested configuration file will have to copy most or all of the top-level file.
2023-12-31 00:15:07 +01:00
There should be a `# Safety` section on the Rustdoc for the trait explaining the
requirements for the trait to be safely implemented.
Add slide for unsafe traits.
2023-01-17 16:41:51 +00:00
Update unsafe trait example to zerocopy version 0.8 (#2434) Zerocopy crate version 0.8 introduced changes to its API, which caused the example code to break. https://github.com/google/zerocopy/discussions/1680 > AsBytes -> [IntoBytes](https://docs.rs/zerocopy/0.8.*/zerocopy/trait.IntoBytes.html) --------- Co-authored-by: Martin Geisler <martin@geisler.net>
2024-11-04 14:01:45 +03:00
The actual safety section for `IntoBytes` is rather longer and more complicated.
Add slide for unsafe traits.
2023-01-17 16:41:51 +00:00
The built-in `Send` and `Sync` traits are unsafe.
</details>
Reference in New Issue Copy Permalink