-
Notifications
You must be signed in to change notification settings - Fork 105
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fix some clippy warnings #512
Conversation
Thanks for the PR!
No, both H747 and H757 are supported through the same feature gate. So actually just remove line 114 115
It's the start of an incomplete implementation. This trait is implemented - but not used as a trait bound and not available outside the
Yes, or removed alongside all the commented code. The commented code is still available in the git history and previous releases |
Done, thanks :) Any recommendations for this one?
|
I think I understand the reason for the lint generally. However in this particular instance where we as programmers can easily check that there in fact is no other reference to the static, so it should be ok right? As long as we dont have multiple mutable references it is fine, right? Reading post on urlo seems to suggest that Do you have any preferences? Edit: Since UnsafeCell impls Also, sorry, but what does the linker section things do on the statics? Edit: 2 Having that AtomicBool in that magic linker section place might be not great... |
This is also being discussed over on #509, and in #513 . In #509 we discussed the static-cell crate which provides a use-once wrapper around The |
One way forward would be to define |
Thanks for the info and links :)
How does the safety rules apply to structs where all the actual data is behind a MaybeUninit but the entire struct is uninit. Is it ok to call methods on it like // In our case T=[MaybeUninit<u8>; 10], so all actual data is behind `MaybeUninit`(?)
struct BorrowOnce<T> {
data: UnsafeCell<T>,
}
unsafe impl<T: Sync> Sync for BorrowOnce<T> {}
impl<T> BorrowOnce<T> {
const fn new(data: T) -> Self {
Self {
data: UnsafeCell::new(data),
}
}
/// SAFETY: Make sure to only ever have at most one single reference live at any point in time
#[allow(clippy::mut_from_ref)]
unsafe fn get_mut(&self) -> &mut T {
&mut *self.data.get()
}
} I am not entirely sure of the rules here |
According to the documentation for MaybeUninit::as_ptr these rules are not finalised even. There exists a UnsafeCell::raw_get method to avoid the creation of temporary references, which suggests there is a reason for avoiding this. The documentation for that method offers some hints about combining MaybeUninit and UnsafeCell, I think it would look something like this struct BorrowOnce<T> {
data: MaybeUninit<UnsafeCell<T>>,
}
unsafe impl<T: Sync> Sync for BorrowOnce<T> {}
impl<T> BorrowOnce<T> {
const fn new() -> Self {
Self {
data: MaybeUninit::uninit(),
}
}
unsafe fn init(&'static self, val: T) -> &'static mut T {
// initialise data without creating a temporary reference
// this is safe as long as our reference to self.data is unique (no aliasing)
UnsafeCell::raw_get(self.data.as_ptr()).write(val);
// this is safe as long as our reference to self.data is unique (no aliasing)
&mut *self.data.assume_init_ref().get()
}
} |
But are we even allowed to call any methods on
Is that even ok? Or does init have to take a pointer to the |
It's certainly allowed to call methods on |
My concern is not with the data within MaybeUninit but with what is outside(technically nothing?). Also, just to clarify I am no memory safety expert so take my concern/questions with a truck load of salt :) Not sure if this is close enough to what we are trying to do memory wise but Miri seems happy playground |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@usbalbin Yes, agreed. The contents of this PR look good!
An attempt at making clippy happy
stm32h747cm7
but nostm32h757cm7
, should I add that? - Removedallow(dead-code)
ed? - Allowed