Introduce custom derive for ByteValued/replace ByteValued with zerocopy #246
Comments
|
rust-vmm/vhost#215 and rust-vmm/vhost#208 are an examples where this would have helped. The helper should probably also check that the types of the fields are only integeral types that can be safely assigning from byte slices. Checking repr(C) would also help. |
|
As @roypat suggested on #274, there is https://docs.rs/zerocopy/latest/zerocopy that may be useful here. However, it only allows (de)serializing from and to &[u8]. That does not work for our volatile memory scenarios. But maybe one could contribute a pointer based API towards that crate? 🤔 |
|
I don't think we'd need a pointer based API for zerocopy, our |
|
It seems that rust-vmm/acpi_tables has done the switch from I think doing this can be a good first step towards reducing our confusing jungle of traits |
roypat
changed the title
|
Ah. You are right. I misunderstood the API. I thought that it would require an additional copy from the slice to the object. But it just turns a reference to a slice into a reference to a struct instance. So we can just copy to a slice and then use zerocopy. |
|
I have a crate that solves this without requiring any procedural macros. |
This means we don't have to reason about when it's safe to implement `ByteValued`, as `zerocopy` gives us derives for `FromBytes` and `AsBytes` that are safe to use. Closes rust-vmm#246 Signed-off-by: Patrick Roy <[email protected]>
ByteValuedis an unsafe trait and implementing it is tricky with the padding requirement. But I think it can be autoderived.Basically, a custom derive that does two things:
const __ASSERT_SIZES_Foo: [(); mem::size_of::<Foo>()] = [(); mem::size_of::<Field1>() + mem::size_of::<Field2>() + ...] ] ]to assert that there is no paddingThis might significantly reduce the amount of
unsafeneeded by crate users.The text was updated successfully, but these errors were encountered: