<feed xmlns='http://www.w3.org/2005/Atom'>
<title>linux.git/rust/kernel/init.rs, branch v6.14-rc2</title>
<subtitle>Linux kernel source tree</subtitle>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/'/>
<entry>
<title>rust: init: use explicit ABI to clean warning in future compilers</title>
<updated>2025-02-05T23:15:49+00:00</updated>
<author>
<name>Miguel Ojeda</name>
<email>ojeda@kernel.org</email>
</author>
<published>2025-01-21T20:09:34+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=c21bdb3d8a850afdfa4afe77eea39ae9533629b0'/>
<id>c21bdb3d8a850afdfa4afe77eea39ae9533629b0</id>
<content type='text'>
Starting with Rust 1.86.0 (currently in nightly, to be released on
2025-04-03), the `missing_abi` lint is warn-by-default [1]:

    error: extern declarations without an explicit ABI are deprecated
        --&gt; rust/doctests_kernel_generated.rs:3158:1
         |
    3158 | extern {
         | ^^^^^^ help: explicitly specify the C ABI: `extern "C"`
         |
         = note: `-D missing-abi` implied by `-D warnings`
         = help: to override `-D warnings` add `#[allow(missing_abi)]`

Thus clean it up.

Cc: &lt;stable@vger.kernel.org&gt; # Needed in 6.12.y and 6.13.y only (Rust is pinned in older LTSs).
Fixes: 7f8977a7fe6d ("rust: init: add `{pin_}chain` functions to `{Pin}Init&lt;T, E&gt;`")
Link: https://github.com/rust-lang/rust/pull/132397 [1]
Reviewed-by: Gary Guo &lt;gary@garyguo.net&gt;
Reviewed-by: Alice Ryhl &lt;aliceryhl@google.com&gt;
Reviewed-by: Fiona Behrens &lt;me@kloenk.dev&gt;
Link: https://lore.kernel.org/r/20250121200934.222075-1-ojeda@kernel.org
[ Added 6.13.y to Cc: stable tag. - Miguel ]
Signed-off-by: Miguel Ojeda &lt;ojeda@kernel.org&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
Starting with Rust 1.86.0 (currently in nightly, to be released on
2025-04-03), the `missing_abi` lint is warn-by-default [1]:

    error: extern declarations without an explicit ABI are deprecated
        --&gt; rust/doctests_kernel_generated.rs:3158:1
         |
    3158 | extern {
         | ^^^^^^ help: explicitly specify the C ABI: `extern "C"`
         |
         = note: `-D missing-abi` implied by `-D warnings`
         = help: to override `-D warnings` add `#[allow(missing_abi)]`

Thus clean it up.

Cc: &lt;stable@vger.kernel.org&gt; # Needed in 6.12.y and 6.13.y only (Rust is pinned in older LTSs).
Fixes: 7f8977a7fe6d ("rust: init: add `{pin_}chain` functions to `{Pin}Init&lt;T, E&gt;`")
Link: https://github.com/rust-lang/rust/pull/132397 [1]
Reviewed-by: Gary Guo &lt;gary@garyguo.net&gt;
Reviewed-by: Alice Ryhl &lt;aliceryhl@google.com&gt;
Reviewed-by: Fiona Behrens &lt;me@kloenk.dev&gt;
Link: https://lore.kernel.org/r/20250121200934.222075-1-ojeda@kernel.org
[ Added 6.13.y to Cc: stable tag. - Miguel ]
Signed-off-by: Miguel Ojeda &lt;ojeda@kernel.org&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>rust: init: update `stack_try_pin_init` examples</title>
<updated>2025-01-13T22:45:13+00:00</updated>
<author>
<name>Jimmy Ostler</name>
<email>jtostler1@gmail.com</email>
</author>
<published>2024-12-20T06:25:32+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=59d5846594e9f82c11af72151de7cef3f325dd4b'/>
<id>59d5846594e9f82c11af72151de7cef3f325dd4b</id>
<content type='text'>
Change documentation imports to use `kernel::alloc::AllocError`,
because `KBox::new()` now returns that, instead of the `core`'s
`AllocError`.

Reviewed-by: Danilo Krummrich &lt;dakr@kernel.org&gt;
Signed-off-by: Jimmy Ostler &lt;jtostler1@gmail.com&gt;
Link: https://lore.kernel.org/r/ec8badbe94c5e78f22315325a7f2ae96129d6a65.1734674670.git.jtostler1@gmail.com
[ Fixed formatting of imports (still unordered). Slightly reworded
  commit. - Miguel ]
Signed-off-by: Miguel Ojeda &lt;ojeda@kernel.org&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
Change documentation imports to use `kernel::alloc::AllocError`,
because `KBox::new()` now returns that, instead of the `core`'s
`AllocError`.

Reviewed-by: Danilo Krummrich &lt;dakr@kernel.org&gt;
Signed-off-by: Jimmy Ostler &lt;jtostler1@gmail.com&gt;
Link: https://lore.kernel.org/r/ec8badbe94c5e78f22315325a7f2ae96129d6a65.1734674670.git.jtostler1@gmail.com
[ Fixed formatting of imports (still unordered). Slightly reworded
  commit. - Miguel ]
Signed-off-by: Miguel Ojeda &lt;ojeda@kernel.org&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>rust: init: replace unwraps with question mark operators</title>
<updated>2025-01-13T22:44:13+00:00</updated>
<author>
<name>Daniel Sedlak</name>
<email>daniel@sedlak.dev</email>
</author>
<published>2024-11-23T09:50:28+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=7eeb0e7a50b8f13094f164c126ca9c0d75241d35'/>
<id>7eeb0e7a50b8f13094f164c126ca9c0d75241d35</id>
<content type='text'>
Use `?` operator in the doctests. Since it is in the examples,
using unwraps can convey a wrong impression that unwrapping is
fine in general, thus this patch removes this unwrapping.

Suggested-by: Miguel Ojeda &lt;ojeda@kernel.org&gt;
Link: https://lore.kernel.org/rust-for-linux/CANiq72nsK1D4NuQ1U7NqMWoYjXkqQSj4QuUEL98OmFbq022Z9A@mail.gmail.com/
Signed-off-by: Daniel Sedlak &lt;daniel@sedlak.dev&gt;
Reviewed-by: Alice Ryhl &lt;aliceryhl@google.com&gt;
Link: https://lore.kernel.org/r/20241123095033.41240-2-daniel@sedlak.dev
[ Reworded commit slightly. - Miguel ]
Signed-off-by: Miguel Ojeda &lt;ojeda@kernel.org&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
Use `?` operator in the doctests. Since it is in the examples,
using unwraps can convey a wrong impression that unwrapping is
fine in general, thus this patch removes this unwrapping.

Suggested-by: Miguel Ojeda &lt;ojeda@kernel.org&gt;
Link: https://lore.kernel.org/rust-for-linux/CANiq72nsK1D4NuQ1U7NqMWoYjXkqQSj4QuUEL98OmFbq022Z9A@mail.gmail.com/
Signed-off-by: Daniel Sedlak &lt;daniel@sedlak.dev&gt;
Reviewed-by: Alice Ryhl &lt;aliceryhl@google.com&gt;
Link: https://lore.kernel.org/r/20241123095033.41240-2-daniel@sedlak.dev
[ Reworded commit slightly. - Miguel ]
Signed-off-by: Miguel Ojeda &lt;ojeda@kernel.org&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>rust: use custom FFI integer types</title>
<updated>2024-11-10T22:58:00+00:00</updated>
<author>
<name>Gary Guo</name>
<email>gary@garyguo.net</email>
</author>
<published>2024-09-13T21:29:23+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=d072acda4862f095ec9056979b654cc06a22cc68'/>
<id>d072acda4862f095ec9056979b654cc06a22cc68</id>
<content type='text'>
Currently FFI integer types are defined in libcore. This commit creates
the `ffi` crate and asks bindgen to use that crate for FFI integer types
instead of `core::ffi`.

This commit is preparatory and no type changes are made in this commit
yet.

Signed-off-by: Gary Guo &lt;gary@garyguo.net&gt;
Link: https://lore.kernel.org/r/20240913213041.395655-4-gary@garyguo.net
[ Added `rustdoc`, `rusttest` and KUnit tests support. Rebased on top of
  `rust-next` (e.g. migrated more `core::ffi` cases). Reworded crate
  docs slightly and formatted. - Miguel ]
Signed-off-by: Miguel Ojeda &lt;ojeda@kernel.org&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
Currently FFI integer types are defined in libcore. This commit creates
the `ffi` crate and asks bindgen to use that crate for FFI integer types
instead of `core::ffi`.

This commit is preparatory and no type changes are made in this commit
yet.

Signed-off-by: Gary Guo &lt;gary@garyguo.net&gt;
Link: https://lore.kernel.org/r/20240913213041.395655-4-gary@garyguo.net
[ Added `rustdoc`, `rusttest` and KUnit tests support. Rebased on top of
  `rust-next` (e.g. migrated more `core::ffi` cases). Reworded crate
  docs slightly and formatted. - Miguel ]
Signed-off-by: Miguel Ojeda &lt;ojeda@kernel.org&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>rust: alloc: remove extension of std's `Box`</title>
<updated>2024-10-15T20:56:59+00:00</updated>
<author>
<name>Danilo Krummrich</name>
<email>dakr@kernel.org</email>
</author>
<published>2024-10-04T15:41:17+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=e8c6ccdbcaaf31f26c0fffd4073edd0b0147cdc6'/>
<id>e8c6ccdbcaaf31f26c0fffd4073edd0b0147cdc6</id>
<content type='text'>
Now that all existing `Box` users were moved to the kernel `Box` type,
remove the `BoxExt` extension and all other related extensions.

Reviewed-by: Alice Ryhl &lt;aliceryhl@google.com&gt;
Reviewed-by: Benno Lossin &lt;benno.lossin@proton.me&gt;
Reviewed-by: Gary Guo &lt;gary@garyguo.net&gt;
Signed-off-by: Danilo Krummrich &lt;dakr@kernel.org&gt;
Link: https://lore.kernel.org/r/20241004154149.93856-14-dakr@kernel.org
Signed-off-by: Miguel Ojeda &lt;ojeda@kernel.org&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
Now that all existing `Box` users were moved to the kernel `Box` type,
remove the `BoxExt` extension and all other related extensions.

Reviewed-by: Alice Ryhl &lt;aliceryhl@google.com&gt;
Reviewed-by: Benno Lossin &lt;benno.lossin@proton.me&gt;
Reviewed-by: Gary Guo &lt;gary@garyguo.net&gt;
Signed-off-by: Danilo Krummrich &lt;dakr@kernel.org&gt;
Link: https://lore.kernel.org/r/20241004154149.93856-14-dakr@kernel.org
Signed-off-by: Miguel Ojeda &lt;ojeda@kernel.org&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>rust: treewide: switch to our kernel `Box` type</title>
<updated>2024-10-15T20:56:59+00:00</updated>
<author>
<name>Danilo Krummrich</name>
<email>dakr@kernel.org</email>
</author>
<published>2024-10-04T15:41:16+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=8373147ce4961665c5700016b1c76299e962d077'/>
<id>8373147ce4961665c5700016b1c76299e962d077</id>
<content type='text'>
Now that we got the kernel `Box` type in place, convert all existing
`Box` users to make use of it.

Reviewed-by: Alice Ryhl &lt;aliceryhl@google.com&gt;
Reviewed-by: Benno Lossin &lt;benno.lossin@proton.me&gt;
Reviewed-by: Gary Guo &lt;gary@garyguo.net&gt;
Signed-off-by: Danilo Krummrich &lt;dakr@kernel.org&gt;
Link: https://lore.kernel.org/r/20241004154149.93856-13-dakr@kernel.org
Signed-off-by: Miguel Ojeda &lt;ojeda@kernel.org&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
Now that we got the kernel `Box` type in place, convert all existing
`Box` users to make use of it.

Reviewed-by: Alice Ryhl &lt;aliceryhl@google.com&gt;
Reviewed-by: Benno Lossin &lt;benno.lossin@proton.me&gt;
Reviewed-by: Gary Guo &lt;gary@garyguo.net&gt;
Signed-off-by: Danilo Krummrich &lt;dakr@kernel.org&gt;
Link: https://lore.kernel.org/r/20241004154149.93856-13-dakr@kernel.org
Signed-off-by: Miguel Ojeda &lt;ojeda@kernel.org&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>rust: start using the `#[expect(...)]` attribute</title>
<updated>2024-10-07T19:39:57+00:00</updated>
<author>
<name>Miguel Ojeda</name>
<email>ojeda@kernel.org</email>
</author>
<published>2024-09-04T20:43:45+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=1f9ed172545687e5c04c77490a45896be6d2e459'/>
<id>1f9ed172545687e5c04c77490a45896be6d2e459</id>
<content type='text'>
In Rust, it is possible to `allow` particular warnings (diagnostics,
lints) locally, making the compiler ignore instances of a given warning
within a given function, module, block, etc.

It is similar to `#pragma GCC diagnostic push` + `ignored` + `pop` in C:

    #pragma GCC diagnostic push
    #pragma GCC diagnostic ignored "-Wunused-function"
    static void f(void) {}
    #pragma GCC diagnostic pop

But way less verbose:

    #[allow(dead_code)]
    fn f() {}

By that virtue, it makes it possible to comfortably enable more
diagnostics by default (i.e. outside `W=` levels) that may have some
false positives but that are otherwise quite useful to keep enabled to
catch potential mistakes.

The `#[expect(...)]` attribute [1] takes this further, and makes the
compiler warn if the diagnostic was _not_ produced. For instance, the
following will ensure that, when `f()` is called somewhere, we will have
to remove the attribute:

    #[expect(dead_code)]
    fn f() {}

If we do not, we get a warning from the compiler:

    warning: this lint expectation is unfulfilled
     --&gt; x.rs:3:10
      |
    3 | #[expect(dead_code)]
      |          ^^^^^^^^^
      |
      = note: `#[warn(unfulfilled_lint_expectations)]` on by default

This means that `expect`s do not get forgotten when they are not needed.

See the next commit for more details, nuances on its usage and
documentation on the feature.

The attribute requires the `lint_reasons` [2] unstable feature, but it
is becoming stable in 1.81.0 (to be released on 2024-09-05) and it has
already been useful to clean things up in this patch series, finding
cases where the `allow`s should not have been there.

Thus, enable `lint_reasons` and convert some of our `allow`s to `expect`s
where possible.

This feature was also an example of the ongoing collaboration between
Rust and the kernel -- we tested it in the kernel early on and found an
issue that was quickly resolved [3].

Cc: Fridtjof Stoldt &lt;xfrednet@gmail.com&gt;
Cc: Urgau &lt;urgau@numericable.fr&gt;
Link: https://rust-lang.github.io/rfcs/2383-lint-reasons.html#expect-lint-attribute [1]
Link: https://github.com/rust-lang/rust/issues/54503 [2]
Link: https://github.com/rust-lang/rust/issues/114557 [3]
Reviewed-by: Alice Ryhl &lt;aliceryhl@google.com&gt;
Reviewed-by: Trevor Gross &lt;tmgross@umich.edu&gt;
Tested-by: Gary Guo &lt;gary@garyguo.net&gt;
Reviewed-by: Gary Guo &lt;gary@garyguo.net&gt;
Link: https://lore.kernel.org/r/20240904204347.168520-18-ojeda@kernel.org
Signed-off-by: Miguel Ojeda &lt;ojeda@kernel.org&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
In Rust, it is possible to `allow` particular warnings (diagnostics,
lints) locally, making the compiler ignore instances of a given warning
within a given function, module, block, etc.

It is similar to `#pragma GCC diagnostic push` + `ignored` + `pop` in C:

    #pragma GCC diagnostic push
    #pragma GCC diagnostic ignored "-Wunused-function"
    static void f(void) {}
    #pragma GCC diagnostic pop

But way less verbose:

    #[allow(dead_code)]
    fn f() {}

By that virtue, it makes it possible to comfortably enable more
diagnostics by default (i.e. outside `W=` levels) that may have some
false positives but that are otherwise quite useful to keep enabled to
catch potential mistakes.

The `#[expect(...)]` attribute [1] takes this further, and makes the
compiler warn if the diagnostic was _not_ produced. For instance, the
following will ensure that, when `f()` is called somewhere, we will have
to remove the attribute:

    #[expect(dead_code)]
    fn f() {}

If we do not, we get a warning from the compiler:

    warning: this lint expectation is unfulfilled
     --&gt; x.rs:3:10
      |
    3 | #[expect(dead_code)]
      |          ^^^^^^^^^
      |
      = note: `#[warn(unfulfilled_lint_expectations)]` on by default

This means that `expect`s do not get forgotten when they are not needed.

See the next commit for more details, nuances on its usage and
documentation on the feature.

The attribute requires the `lint_reasons` [2] unstable feature, but it
is becoming stable in 1.81.0 (to be released on 2024-09-05) and it has
already been useful to clean things up in this patch series, finding
cases where the `allow`s should not have been there.

Thus, enable `lint_reasons` and convert some of our `allow`s to `expect`s
where possible.

This feature was also an example of the ongoing collaboration between
Rust and the kernel -- we tested it in the kernel early on and found an
issue that was quickly resolved [3].

Cc: Fridtjof Stoldt &lt;xfrednet@gmail.com&gt;
Cc: Urgau &lt;urgau@numericable.fr&gt;
Link: https://rust-lang.github.io/rfcs/2383-lint-reasons.html#expect-lint-attribute [1]
Link: https://github.com/rust-lang/rust/issues/54503 [2]
Link: https://github.com/rust-lang/rust/issues/114557 [3]
Reviewed-by: Alice Ryhl &lt;aliceryhl@google.com&gt;
Reviewed-by: Trevor Gross &lt;tmgross@umich.edu&gt;
Tested-by: Gary Guo &lt;gary@garyguo.net&gt;
Reviewed-by: Gary Guo &lt;gary@garyguo.net&gt;
Link: https://lore.kernel.org/r/20240904204347.168520-18-ojeda@kernel.org
Signed-off-by: Miguel Ojeda &lt;ojeda@kernel.org&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>rust: enable Clippy's `check-private-items`</title>
<updated>2024-10-07T19:39:57+00:00</updated>
<author>
<name>Miguel Ojeda</name>
<email>ojeda@kernel.org</email>
</author>
<published>2024-09-04T20:43:43+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=624063b9ac97f40cadca32a896aafeb28b1220fd'/>
<id>624063b9ac97f40cadca32a896aafeb28b1220fd</id>
<content type='text'>
In Rust 1.76.0, Clippy added the `check-private-items` lint configuration
option. When turned on (the default is off), it makes several lints
check private items as well.

In our case, it affects two lints we have enabled [1]:
`missing_safety_doc` and `unnecessary_safety_doc`.

It also seems to affect the new `too_long_first_doc_paragraph` lint [2],
even though the documentation does not mention it.

Thus allow the few instances remaining we currently hit and enable
the lint.

Link: https://doc.rust-lang.org/nightly/clippy/lint_configuration.html#check-private-items [1]
Link: https://rust-lang.github.io/rust-clippy/master/index.html#/too_long_first_doc_paragraph [2]
Reviewed-by: Trevor Gross &lt;tmgross@umich.edu&gt;
Reviewed-by: Alice Ryhl &lt;aliceryhl@google.com&gt;
Tested-by: Gary Guo &lt;gary@garyguo.net&gt;
Reviewed-by: Gary Guo &lt;gary@garyguo.net&gt;
Link: https://lore.kernel.org/r/20240904204347.168520-16-ojeda@kernel.org
Signed-off-by: Miguel Ojeda &lt;ojeda@kernel.org&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
In Rust 1.76.0, Clippy added the `check-private-items` lint configuration
option. When turned on (the default is off), it makes several lints
check private items as well.

In our case, it affects two lints we have enabled [1]:
`missing_safety_doc` and `unnecessary_safety_doc`.

It also seems to affect the new `too_long_first_doc_paragraph` lint [2],
even though the documentation does not mention it.

Thus allow the few instances remaining we currently hit and enable
the lint.

Link: https://doc.rust-lang.org/nightly/clippy/lint_configuration.html#check-private-items [1]
Link: https://rust-lang.github.io/rust-clippy/master/index.html#/too_long_first_doc_paragraph [2]
Reviewed-by: Trevor Gross &lt;tmgross@umich.edu&gt;
Reviewed-by: Alice Ryhl &lt;aliceryhl@google.com&gt;
Tested-by: Gary Guo &lt;gary@garyguo.net&gt;
Reviewed-by: Gary Guo &lt;gary@garyguo.net&gt;
Link: https://lore.kernel.org/r/20240904204347.168520-16-ojeda@kernel.org
Signed-off-by: Miguel Ojeda &lt;ojeda@kernel.org&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>rust: init: remove unneeded `#[allow(clippy::disallowed_names)]`</title>
<updated>2024-10-07T19:39:05+00:00</updated>
<author>
<name>Miguel Ojeda</name>
<email>ojeda@kernel.org</email>
</author>
<published>2024-09-04T20:43:37+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=d5cc7ab0a0a99496de1bd933dac242699a417809'/>
<id>d5cc7ab0a0a99496de1bd933dac242699a417809</id>
<content type='text'>
These few cases, unlike others in the same file, did not need the `allow`.

Thus clean them up.

Reviewed-by: Alice Ryhl &lt;aliceryhl@google.com&gt;
Reviewed-by: Trevor Gross &lt;tmgross@umich.edu&gt;
Tested-by: Gary Guo &lt;gary@garyguo.net&gt;
Reviewed-by: Gary Guo &lt;gary@garyguo.net&gt;
Link: https://lore.kernel.org/r/20240904204347.168520-10-ojeda@kernel.org
Signed-off-by: Miguel Ojeda &lt;ojeda@kernel.org&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
These few cases, unlike others in the same file, did not need the `allow`.

Thus clean them up.

Reviewed-by: Alice Ryhl &lt;aliceryhl@google.com&gt;
Reviewed-by: Trevor Gross &lt;tmgross@umich.edu&gt;
Tested-by: Gary Guo &lt;gary@garyguo.net&gt;
Reviewed-by: Gary Guo &lt;gary@garyguo.net&gt;
Link: https://lore.kernel.org/r/20240904204347.168520-10-ojeda@kernel.org
Signed-off-by: Miguel Ojeda &lt;ojeda@kernel.org&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>rust: enable `clippy::undocumented_unsafe_blocks` lint</title>
<updated>2024-10-07T19:39:05+00:00</updated>
<author>
<name>Miguel Ojeda</name>
<email>ojeda@kernel.org</email>
</author>
<published>2024-09-04T20:43:32+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=db4f72c904cb116e2bf56afdd67fc5167a607a7b'/>
<id>db4f72c904cb116e2bf56afdd67fc5167a607a7b</id>
<content type='text'>
Checking that we are not missing any `// SAFETY` comments in our `unsafe`
blocks is something we have wanted to do for a long time, as well as
cleaning up the remaining cases that were not documented [1].

Back when Rust for Linux started, this was something that could have
been done via a script, like Rust's `tidy`. Soon after, in Rust 1.58.0,
Clippy implemented the `undocumented_unsafe_blocks` lint [2].

Even though the lint has a few false positives, e.g. in some cases where
attributes appear between the comment and the `unsafe` block [3], there
are workarounds and the lint seems quite usable already.

Thus enable the lint now.

We still have a few cases to clean up, so just allow those for the moment
by writing a `TODO` comment -- some of those may be good candidates for
new contributors.

Link: https://github.com/Rust-for-Linux/linux/issues/351 [1]
Link: https://rust-lang.github.io/rust-clippy/master/#/undocumented_unsafe_blocks [2]
Link: https://github.com/rust-lang/rust-clippy/issues/13189 [3]
Reviewed-by: Alice Ryhl &lt;aliceryhl@google.com&gt;
Reviewed-by: Trevor Gross &lt;tmgross@umich.edu&gt;
Tested-by: Gary Guo &lt;gary@garyguo.net&gt;
Reviewed-by: Gary Guo &lt;gary@garyguo.net&gt;
Link: https://lore.kernel.org/r/20240904204347.168520-5-ojeda@kernel.org
Signed-off-by: Miguel Ojeda &lt;ojeda@kernel.org&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
Checking that we are not missing any `// SAFETY` comments in our `unsafe`
blocks is something we have wanted to do for a long time, as well as
cleaning up the remaining cases that were not documented [1].

Back when Rust for Linux started, this was something that could have
been done via a script, like Rust's `tidy`. Soon after, in Rust 1.58.0,
Clippy implemented the `undocumented_unsafe_blocks` lint [2].

Even though the lint has a few false positives, e.g. in some cases where
attributes appear between the comment and the `unsafe` block [3], there
are workarounds and the lint seems quite usable already.

Thus enable the lint now.

We still have a few cases to clean up, so just allow those for the moment
by writing a `TODO` comment -- some of those may be good candidates for
new contributors.

Link: https://github.com/Rust-for-Linux/linux/issues/351 [1]
Link: https://rust-lang.github.io/rust-clippy/master/#/undocumented_unsafe_blocks [2]
Link: https://github.com/rust-lang/rust-clippy/issues/13189 [3]
Reviewed-by: Alice Ryhl &lt;aliceryhl@google.com&gt;
Reviewed-by: Trevor Gross &lt;tmgross@umich.edu&gt;
Tested-by: Gary Guo &lt;gary@garyguo.net&gt;
Reviewed-by: Gary Guo &lt;gary@garyguo.net&gt;
Link: https://lore.kernel.org/r/20240904204347.168520-5-ojeda@kernel.org
Signed-off-by: Miguel Ojeda &lt;ojeda@kernel.org&gt;
</pre>
</div>
</content>
</entry>
</feed>
