diff options
Diffstat (limited to 'rust/qemu-api/src')
| -rw-r--r-- | rust/qemu-api/src/prelude.rs | 2 | ||||
| -rw-r--r-- | rust/qemu-api/src/qdev.rs | 16 | ||||
| -rw-r--r-- | rust/qemu-api/src/qom.rs | 21 | ||||
| -rw-r--r-- | rust/qemu-api/src/vmstate.rs | 652 | ||||
| -rw-r--r-- | rust/qemu-api/src/zeroable.rs | 118 |
5 files changed, 509 insertions, 300 deletions
diff --git a/rust/qemu-api/src/prelude.rs b/rust/qemu-api/src/prelude.rs index 4ea70b9c82..2dc86e19b2 100644 --- a/rust/qemu-api/src/prelude.rs +++ b/rust/qemu-api/src/prelude.rs @@ -18,3 +18,5 @@ pub use crate::qom::ObjectType; pub use crate::qom_isa; pub use crate::sysbus::SysBusDeviceMethods; + +pub use crate::vmstate::VMState; diff --git a/rust/qemu-api/src/qdev.rs b/rust/qemu-api/src/qdev.rs index 686054e737..f4c75c752f 100644 --- a/rust/qemu-api/src/qdev.rs +++ b/rust/qemu-api/src/qdev.rs @@ -4,7 +4,7 @@ //! Bindings to create devices and access device functionality from Rust. -use std::ffi::CStr; +use std::{ffi::CStr, ptr::NonNull}; pub use bindings::{DeviceClass, DeviceState, Property}; @@ -23,14 +23,14 @@ pub trait DeviceImpl { /// /// If not `None`, the parent class's `realize` method is overridden /// with the function pointed to by `REALIZE`. - const REALIZE: Option<fn(&mut Self)> = None; + const REALIZE: Option<fn(&Self)> = None; /// If not `None`, the parent class's `reset` method is overridden /// with the function pointed to by `RESET`. /// /// Rust does not yet support the three-phase reset protocol; this is /// usually okay for leaf classes. - const RESET: Option<fn(&mut Self)> = None; + const RESET: Option<fn(&Self)> = None; /// An array providing the properties that the user can set on the /// device. Not a `const` because referencing statics in constants @@ -55,9 +55,8 @@ pub trait DeviceImpl { /// can be downcasted to type `T`. We also expect the device is /// readable/writeable from one thread at any time. unsafe extern "C" fn rust_realize_fn<T: DeviceImpl>(dev: *mut DeviceState, _errp: *mut *mut Error) { - assert!(!dev.is_null()); - let state = dev.cast::<T>(); - T::REALIZE.unwrap()(unsafe { &mut *state }); + let state = NonNull::new(dev).unwrap().cast::<T>(); + T::REALIZE.unwrap()(unsafe { state.as_ref() }); } /// # Safety @@ -66,9 +65,8 @@ unsafe extern "C" fn rust_realize_fn<T: DeviceImpl>(dev: *mut DeviceState, _errp /// can be downcasted to type `T`. We also expect the device is /// readable/writeable from one thread at any time. unsafe extern "C" fn rust_reset_fn<T: DeviceImpl>(dev: *mut DeviceState) { - assert!(!dev.is_null()); - let state = dev.cast::<T>(); - T::RESET.unwrap()(unsafe { &mut *state }); + let mut state = NonNull::new(dev).unwrap().cast::<T>(); + T::RESET.unwrap()(unsafe { state.as_mut() }); } impl<T> ClassInitImpl<DeviceClass> for T diff --git a/rust/qemu-api/src/qom.rs b/rust/qemu-api/src/qom.rs index 97901fb908..f50ee371aa 100644 --- a/rust/qemu-api/src/qom.rs +++ b/rust/qemu-api/src/qom.rs @@ -58,6 +58,7 @@ use std::{ fmt, ops::{Deref, DerefMut}, os::raw::c_void, + ptr::NonNull, }; pub use bindings::{Object, ObjectClass}; @@ -153,27 +154,34 @@ impl<T: fmt::Display + ObjectType> fmt::Display for ParentField<T> { } unsafe extern "C" fn rust_instance_init<T: ObjectImpl>(obj: *mut Object) { + let mut state = NonNull::new(obj).unwrap().cast::<T>(); // SAFETY: obj is an instance of T, since rust_instance_init<T> // is called from QOM core as the instance_init function // for class T - unsafe { T::INSTANCE_INIT.unwrap()(&mut *obj.cast::<T>()) } + unsafe { + T::INSTANCE_INIT.unwrap()(state.as_mut()); + } } unsafe extern "C" fn rust_instance_post_init<T: ObjectImpl>(obj: *mut Object) { + let state = NonNull::new(obj).unwrap().cast::<T>(); // SAFETY: obj is an instance of T, since rust_instance_post_init<T> // is called from QOM core as the instance_post_init function // for class T - T::INSTANCE_POST_INIT.unwrap()(unsafe { &*obj.cast::<T>() }) + T::INSTANCE_POST_INIT.unwrap()(unsafe { state.as_ref() }); } unsafe extern "C" fn rust_class_init<T: ObjectType + ClassInitImpl<T::Class>>( klass: *mut ObjectClass, _data: *mut c_void, ) { + let mut klass = NonNull::new(klass) + .unwrap() + .cast::<<T as ObjectType>::Class>(); // SAFETY: klass is a T::Class, since rust_class_init<T> // is called from QOM core as the class_init function // for class T - T::class_init(unsafe { &mut *klass.cast::<T::Class>() }) + T::class_init(unsafe { klass.as_mut() }) } unsafe extern "C" fn drop_object<T: ObjectImpl>(obj: *mut Object) { @@ -581,11 +589,8 @@ pub trait ClassInitImpl<T> { /// can be downcasted to type `T`. We also expect the device is /// readable/writeable from one thread at any time. unsafe extern "C" fn rust_unparent_fn<T: ObjectImpl>(dev: *mut Object) { - unsafe { - assert!(!dev.is_null()); - let state = core::ptr::NonNull::new_unchecked(dev.cast::<T>()); - T::UNPARENT.unwrap()(state.as_ref()); - } + let state = NonNull::new(dev).unwrap().cast::<T>(); + T::UNPARENT.unwrap()(unsafe { state.as_ref() }); } impl<T> ClassInitImpl<ObjectClass> for T diff --git a/rust/qemu-api/src/vmstate.rs b/rust/qemu-api/src/vmstate.rs index 63c897abcd..6ac432cf52 100644 --- a/rust/qemu-api/src/vmstate.rs +++ b/rust/qemu-api/src/vmstate.rs @@ -4,277 +4,477 @@ //! Helper macros to declare migration state for device models. //! -//! Some macros are direct equivalents to the C macros declared in -//! `include/migration/vmstate.h` while -//! [`vmstate_subsections`](crate::vmstate_subsections) and -//! [`vmstate_fields`](crate::vmstate_fields) are meant to be used when -//! declaring a device model state struct. +//! This module includes four families of macros: +//! +//! * [`vmstate_unused!`](crate::vmstate_unused) and +//! [`vmstate_of!`](crate::vmstate_of), which are used to express the +//! migration format for a struct. This is based on the [`VMState`] trait, +//! which is defined by all migrateable types. +//! +//! * [`impl_vmstate_forward`](crate::impl_vmstate_forward) and +//! [`impl_vmstate_bitsized`](crate::impl_vmstate_bitsized), which help with +//! the definition of the [`VMState`] trait (respectively for transparent +//! structs and for `bilge`-defined types) +//! +//! * helper macros to declare a device model state struct, in particular +//! [`vmstate_subsections`](crate::vmstate_subsections) and +//! [`vmstate_fields`](crate::vmstate_fields). +//! +//! * direct equivalents to the C macros declared in +//! `include/migration/vmstate.h`. These are not type-safe and only provide +//! functionality that is missing from `vmstate_of!`. -pub use crate::bindings::VMStateDescription; +use core::{marker::PhantomData, mem, ptr::NonNull}; -#[doc(alias = "VMSTATE_UNUSED_BUFFER")] +pub use crate::bindings::{VMStateDescription, VMStateField}; +use crate::{ + bindings::{self, VMStateFlags}, + zeroable::Zeroable, +}; + +/// This macro is used to call a function with a generic argument bound +/// to the type of a field. The function must take a +/// [`PhantomData`]`<T>` argument; `T` is the type of +/// field `$field` in the `$typ` type. +/// +/// # Examples +/// +/// ``` +/// # use qemu_api::call_func_with_field; +/// # use core::marker::PhantomData; +/// const fn size_of_field<T>(_: PhantomData<T>) -> usize { +/// std::mem::size_of::<T>() +/// } +/// +/// struct Foo { +/// x: u16, +/// }; +/// // calls size_of_field::<u16>() +/// assert_eq!(call_func_with_field!(size_of_field, Foo, x), 2); +/// ``` #[macro_export] -macro_rules! vmstate_unused_buffer { - ($field_exists_fn:expr, $version_id:expr, $size:expr) => {{ - $crate::bindings::VMStateField { - name: c_str!("unused").as_ptr(), - err_hint: ::core::ptr::null(), - offset: 0, - size: $size, - start: 0, - num: 0, - num_offset: 0, - size_offset: 0, - info: unsafe { ::core::ptr::addr_of!($crate::bindings::vmstate_info_unused_buffer) }, - flags: VMStateFlags::VMS_BUFFER, - vmsd: ::core::ptr::null(), - version_id: $version_id, - struct_version_id: 0, - field_exists: $field_exists_fn, - } - }}; +macro_rules! call_func_with_field { + // Based on the answer by user steffahn (Frank Steffahn) at + // https://users.rust-lang.org/t/inferring-type-of-field/122857 + // and used under MIT license + ($func:expr, $typ:ty, $($field:tt).+) => { + $func(loop { + #![allow(unreachable_code)] + const fn phantom__<T>(_: &T) -> ::core::marker::PhantomData<T> { ::core::marker::PhantomData } + // Unreachable code is exempt from checks on uninitialized values. + // Use that trick to infer the type of this PhantomData. + break ::core::marker::PhantomData; + break phantom__(&{ let value__: $typ; value__.$($field).+ }); + }) + }; } -#[doc(alias = "VMSTATE_UNUSED_V")] -#[macro_export] -macro_rules! vmstate_unused_v { - ($version_id:expr, $size:expr) => {{ - $crate::vmstate_unused_buffer!(None, $version_id, $size) - }}; +/// Workaround for lack of `const_refs_static`: references to global variables +/// can be included in a `static`, but not in a `const`; unfortunately, this +/// is exactly what would go in the `VMStateField`'s `info` member. +/// +/// This enum contains the contents of the `VMStateField`'s `info` member, +/// but as an `enum` instead of a pointer. +#[allow(non_camel_case_types)] +pub enum VMStateFieldType { + null, + vmstate_info_bool, + vmstate_info_int8, + vmstate_info_int16, + vmstate_info_int32, + vmstate_info_int64, + vmstate_info_uint8, + vmstate_info_uint16, + vmstate_info_uint32, + vmstate_info_uint64, + vmstate_info_timer, } -#[doc(alias = "VMSTATE_UNUSED")] +/// Workaround for lack of `const_refs_static`. Converts a `VMStateFieldType` +/// to a `*const VMStateInfo`, for inclusion in a `VMStateField`. #[macro_export] -macro_rules! vmstate_unused { - ($size:expr) => {{ - $crate::vmstate_unused_v!(0, $size) - }}; +macro_rules! info_enum_to_ref { + ($e:expr) => { + unsafe { + match $e { + $crate::vmstate::VMStateFieldType::null => ::core::ptr::null(), + $crate::vmstate::VMStateFieldType::vmstate_info_bool => { + ::core::ptr::addr_of!($crate::bindings::vmstate_info_bool) + } + $crate::vmstate::VMStateFieldType::vmstate_info_int8 => { + ::core::ptr::addr_of!($crate::bindings::vmstate_info_int8) + } + $crate::vmstate::VMStateFieldType::vmstate_info_int16 => { + ::core::ptr::addr_of!($crate::bindings::vmstate_info_int16) + } + $crate::vmstate::VMStateFieldType::vmstate_info_int32 => { + ::core::ptr::addr_of!($crate::bindings::vmstate_info_int32) + } + $crate::vmstate::VMStateFieldType::vmstate_info_int64 => { + ::core::ptr::addr_of!($crate::bindings::vmstate_info_int64) + } + $crate::vmstate::VMStateFieldType::vmstate_info_uint8 => { + ::core::ptr::addr_of!($crate::bindings::vmstate_info_uint8) + } + $crate::vmstate::VMStateFieldType::vmstate_info_uint16 => { + ::core::ptr::addr_of!($crate::bindings::vmstate_info_uint16) + } + $crate::vmstate::VMStateFieldType::vmstate_info_uint32 => { + ::core::ptr::addr_of!($crate::bindings::vmstate_info_uint32) + } + $crate::vmstate::VMStateFieldType::vmstate_info_uint64 => { + ::core::ptr::addr_of!($crate::bindings::vmstate_info_uint64) + } + $crate::vmstate::VMStateFieldType::vmstate_info_timer => { + ::core::ptr::addr_of!($crate::bindings::vmstate_info_timer) + } + } + } + }; +} + +/// A trait for types that can be included in a device's migration stream. It +/// provides the base contents of a `VMStateField` (minus the name and offset). +/// +/// # Safety +/// +/// The contents of this trait go straight into structs that are parsed by C +/// code and used to introspect into other structs. Generally, you don't need +/// to implement it except via macros that do it for you, such as +/// `impl_vmstate_bitsized!`. +pub unsafe trait VMState { + /// The `info` member of a `VMStateField` is a pointer and as such cannot + /// yet be included in the [`BASE`](VMState::BASE) associated constant; + /// this is only allowed by Rust 1.83.0 and newer. For now, include the + /// member as an enum which is stored in a separate constant. + const SCALAR_TYPE: VMStateFieldType = VMStateFieldType::null; + + /// The base contents of a `VMStateField` (minus the name and offset) for + /// the type that is implementing the trait. + const BASE: VMStateField; + + /// A flag that is added to another field's `VMStateField` to specify the + /// length's type in a variable-sized array. If this is not a supported + /// type for the length (i.e. if it is not `u8`, `u16`, `u32`), using it + /// in a call to [`vmstate_of!`](crate::vmstate_of) will cause a + /// compile-time error. + const VARRAY_FLAG: VMStateFlags = { + panic!("invalid type for variable-sized array"); + }; +} + +/// Internal utility function to retrieve a type's `VMStateFieldType`; +/// used by [`vmstate_of!`](crate::vmstate_of). +pub const fn vmstate_scalar_type<T: VMState>(_: PhantomData<T>) -> VMStateFieldType { + T::SCALAR_TYPE +} + +/// Internal utility function to retrieve a type's `VMStateField`; +/// used by [`vmstate_of!`](crate::vmstate_of). +pub const fn vmstate_base<T: VMState>(_: PhantomData<T>) -> VMStateField { + T::BASE +} + +/// Internal utility function to retrieve a type's `VMStateFlags` when it +/// is used as the element count of a `VMSTATE_VARRAY`; used by +/// [`vmstate_of!`](crate::vmstate_of). +pub const fn vmstate_varray_flag<T: VMState>(_: PhantomData<T>) -> VMStateFlags { + T::VARRAY_FLAG } -#[doc(alias = "VMSTATE_SINGLE_TEST")] +/// Return the `VMStateField` for a field of a struct. The field must be +/// visible in the current scope. +/// +/// Only a limited set of types is supported out of the box: +/// * scalar types (integer and `bool`) +/// * the C struct `QEMUTimer` +/// * a transparent wrapper for any of the above (`Cell`, `UnsafeCell`, +/// [`BqlCell`](crate::cell::BqlCell), [`BqlRefCell`](crate::cell::BqlRefCell) +/// * a raw pointer to any of the above +/// * a `NonNull` pointer or a `Box` for any of the above +/// * an array of any of the above +/// +/// In order to support other types, the trait `VMState` must be implemented +/// for them. The macros +/// [`impl_vmstate_bitsized!`](crate::impl_vmstate_bitsized) +/// and [`impl_vmstate_forward!`](crate::impl_vmstate_forward) help with this. #[macro_export] -macro_rules! vmstate_single_test { - ($field_name:ident, $struct_name:ty, $field_exists_fn:expr, $version_id:expr, $info:expr, $size:expr) => {{ +macro_rules! vmstate_of { + ($struct_name:ty, $field_name:ident $([0 .. $num:ident $(* $factor:expr)?])? $(,)?) => { $crate::bindings::VMStateField { - name: ::core::concat!(::core::stringify!($field_name), 0) + name: ::core::concat!(::core::stringify!($field_name), "\0") .as_bytes() .as_ptr() as *const ::std::os::raw::c_char, - err_hint: ::core::ptr::null(), offset: $crate::offset_of!($struct_name, $field_name), - size: $size, - start: 0, - num: 0, - num_offset: 0, - size_offset: 0, - info: unsafe { $info }, - flags: VMStateFlags::VMS_SINGLE, - vmsd: ::core::ptr::null(), - version_id: $version_id, - struct_version_id: 0, - field_exists: $field_exists_fn, + $(.num_offset: $crate::offset_of!($struct_name, $num),)? + // The calls to `call_func_with_field!` are the magic that + // computes most of the VMStateField from the type of the field. + info: $crate::info_enum_to_ref!($crate::call_func_with_field!( + $crate::vmstate::vmstate_scalar_type, + $struct_name, + $field_name + )), + ..$crate::call_func_with_field!( + $crate::vmstate::vmstate_base, + $struct_name, + $field_name + )$(.with_varray_flag($crate::call_func_with_field!( + $crate::vmstate::vmstate_varray_flag, + $struct_name, + $num)) + $(.with_varray_multiply($factor))?)? } - }}; + }; } -#[doc(alias = "VMSTATE_SINGLE")] -#[macro_export] -macro_rules! vmstate_single { - ($field_name:ident, $struct_name:ty, $version_id:expr, $info:expr, $size:expr) => {{ - $crate::vmstate_single_test!($field_name, $struct_name, None, $version_id, $info, $size) - }}; +impl VMStateFlags { + const VMS_VARRAY_FLAGS: VMStateFlags = VMStateFlags( + VMStateFlags::VMS_VARRAY_INT32.0 + | VMStateFlags::VMS_VARRAY_UINT8.0 + | VMStateFlags::VMS_VARRAY_UINT16.0 + | VMStateFlags::VMS_VARRAY_UINT32.0, + ); } -#[doc(alias = "VMSTATE_UINT32_V")] -#[macro_export] -macro_rules! vmstate_uint32_v { - ($field_name:ident, $struct_name:ty, $version_id:expr) => {{ - $crate::vmstate_single!( - $field_name, - $struct_name, - $version_id, - ::core::ptr::addr_of!($crate::bindings::vmstate_info_uint32), - ::core::mem::size_of::<u32>() - ) - }}; +// Add a couple builder-style methods to VMStateField, allowing +// easy derivation of VMStateField constants from other types. +impl VMStateField { + #[must_use] + pub const fn with_version_id(mut self, version_id: i32) -> Self { + assert!(version_id >= 0); + self.version_id = version_id; + self + } + + #[must_use] + pub const fn with_array_flag(mut self, num: usize) -> Self { + assert!(num <= 0x7FFF_FFFFusize); + assert!((self.flags.0 & VMStateFlags::VMS_ARRAY.0) == 0); + assert!((self.flags.0 & VMStateFlags::VMS_VARRAY_FLAGS.0) == 0); + if (self.flags.0 & VMStateFlags::VMS_POINTER.0) != 0 { + self.flags = VMStateFlags(self.flags.0 & !VMStateFlags::VMS_POINTER.0); + self.flags = VMStateFlags(self.flags.0 | VMStateFlags::VMS_ARRAY_OF_POINTER.0); + } + self.flags = VMStateFlags(self.flags.0 & !VMStateFlags::VMS_SINGLE.0); + self.flags = VMStateFlags(self.flags.0 | VMStateFlags::VMS_ARRAY.0); + self.num = num as i32; + self + } + + #[must_use] + pub const fn with_pointer_flag(mut self) -> Self { + assert!((self.flags.0 & VMStateFlags::VMS_POINTER.0) == 0); + self.flags = VMStateFlags(self.flags.0 | VMStateFlags::VMS_POINTER.0); + self + } + + #[must_use] + pub const fn with_varray_flag<T: VMState>(mut self, flag: VMStateFlags) -> VMStateField { + assert!((self.flags.0 & VMStateFlags::VMS_ARRAY.0) != 0); + self.flags = VMStateFlags(self.flags.0 & !VMStateFlags::VMS_ARRAY.0); + self.flags = VMStateFlags(self.flags.0 | flag.0); + self + } + + #[must_use] + pub const fn with_varray_multiply(mut self, num: u32) -> VMStateField { + assert!(num <= 0x7FFF_FFFFu32); + self.flags = VMStateFlags(self.flags.0 | VMStateFlags::VMS_MULTIPLY_ELEMENTS.0); + self.num = num as i32; + self + } } -#[doc(alias = "VMSTATE_UINT32")] +/// This macro can be used (by just passing it a type) to forward the `VMState` +/// trait to the first field of a tuple. This is a workaround for lack of +/// support of nested [`offset_of`](core::mem::offset_of) until Rust 1.82.0. +/// +/// # Examples +/// +/// ``` +/// # use qemu_api::vmstate::impl_vmstate_forward; +/// pub struct Fifo([u8; 16]); +/// impl_vmstate_forward!(Fifo); +/// ``` #[macro_export] -macro_rules! vmstate_uint32 { - ($field_name:ident, $struct_name:ty) => {{ - $crate::vmstate_uint32_v!($field_name, $struct_name, 0) - }}; +macro_rules! impl_vmstate_forward { + // This is similar to impl_vmstate_transparent below, but it + // uses the same trick as vmstate_of! to obtain the type of + // the first field of the tuple + ($tuple:ty) => { + unsafe impl $crate::vmstate::VMState for $tuple { + const SCALAR_TYPE: $crate::vmstate::VMStateFieldType = + $crate::call_func_with_field!($crate::vmstate::vmstate_scalar_type, $tuple, 0); + const BASE: $crate::bindings::VMStateField = + $crate::call_func_with_field!($crate::vmstate::vmstate_base, $tuple, 0); + } + }; } -#[doc(alias = "VMSTATE_ARRAY")] -#[macro_export] -macro_rules! vmstate_array { - ($field_name:ident, $struct_name:ty, $length:expr, $version_id:expr, $info:expr, $size:expr) => {{ - $crate::bindings::VMStateField { - name: ::core::concat!(::core::stringify!($field_name), 0) - .as_bytes() - .as_ptr() as *const ::std::os::raw::c_char, - err_hint: ::core::ptr::null(), - offset: $crate::offset_of!($struct_name, $field_name), - size: $size, - start: 0, - num: $length as _, - num_offset: 0, - size_offset: 0, - info: unsafe { $info }, - flags: VMStateFlags::VMS_ARRAY, - vmsd: ::core::ptr::null(), - version_id: $version_id, - struct_version_id: 0, - field_exists: None, +// Transparent wrappers: just use the internal type + +macro_rules! impl_vmstate_transparent { + ($type:ty where $base:tt: VMState $($where:tt)*) => { + unsafe impl<$base> VMState for $type where $base: VMState $($where)* { + const SCALAR_TYPE: VMStateFieldType = <$base as VMState>::SCALAR_TYPE; + const BASE: VMStateField = VMStateField { + size: mem::size_of::<$type>(), + ..<$base as VMState>::BASE + }; + const VARRAY_FLAG: VMStateFlags = <$base as VMState>::VARRAY_FLAG; } - }}; + }; } -#[doc(alias = "VMSTATE_UINT32_ARRAY_V")] +impl_vmstate_transparent!(std::cell::Cell<T> where T: VMState); +impl_vmstate_transparent!(std::cell::UnsafeCell<T> where T: VMState); +impl_vmstate_transparent!(crate::cell::BqlCell<T> where T: VMState); +impl_vmstate_transparent!(crate::cell::BqlRefCell<T> where T: VMState); + #[macro_export] -macro_rules! vmstate_uint32_array_v { - ($field_name:ident, $struct_name:ty, $length:expr, $version_id:expr) => {{ - $crate::vmstate_array!( - $field_name, - $struct_name, - $length, - $version_id, - ::core::ptr::addr_of!($crate::bindings::vmstate_info_uint32), - ::core::mem::size_of::<u32>() - ) - }}; +macro_rules! impl_vmstate_bitsized { + ($type:ty) => { + unsafe impl $crate::vmstate::VMState for $type { + const SCALAR_TYPE: $crate::vmstate::VMStateFieldType = + <<<$type as ::bilge::prelude::Bitsized>::ArbitraryInt + as ::bilge::prelude::Number>::UnderlyingType + as $crate::vmstate::VMState>::SCALAR_TYPE; + const BASE: $crate::bindings::VMStateField = + <<<$type as ::bilge::prelude::Bitsized>::ArbitraryInt + as ::bilge::prelude::Number>::UnderlyingType + as $crate::vmstate::VMState>::BASE; + const VARRAY_FLAG: $crate::bindings::VMStateFlags = + <<<$type as ::bilge::prelude::Bitsized>::ArbitraryInt + as ::bilge::prelude::Number>::UnderlyingType + as $crate::vmstate::VMState>::VARRAY_FLAG; + } + }; } -#[doc(alias = "VMSTATE_UINT32_ARRAY")] -#[macro_export] -macro_rules! vmstate_uint32_array { - ($field_name:ident, $struct_name:ty, $length:expr) => {{ - $crate::vmstate_uint32_array_v!($field_name, $struct_name, $length, 0) - }}; +// Scalar types using predefined VMStateInfos + +macro_rules! impl_vmstate_scalar { + ($info:ident, $type:ty$(, $varray_flag:ident)?) => { + unsafe impl VMState for $type { + const SCALAR_TYPE: VMStateFieldType = VMStateFieldType::$info; + const BASE: VMStateField = VMStateField { + size: mem::size_of::<$type>(), + flags: VMStateFlags::VMS_SINGLE, + ..Zeroable::ZERO + }; + $(const VARRAY_FLAG: VMStateFlags = VMStateFlags::$varray_flag;)? + } + }; } -#[doc(alias = "VMSTATE_STRUCT_POINTER_V")] -#[macro_export] -macro_rules! vmstate_struct_pointer_v { - ($field_name:ident, $struct_name:ty, $version_id:expr, $vmsd:expr, $type:ty) => {{ - $crate::bindings::VMStateField { - name: ::core::concat!(::core::stringify!($field_name), 0) - .as_bytes() - .as_ptr() as *const ::std::os::raw::c_char, - err_hint: ::core::ptr::null(), - offset: $crate::offset_of!($struct_name, $field_name), - size: ::core::mem::size_of::<*const $type>(), - start: 0, - num: 0, - num_offset: 0, - size_offset: 0, - info: ::core::ptr::null(), - flags: VMStateFlags(VMStateFlags::VMS_STRUCT.0 | VMStateFlags::VMS_POINTER.0), - vmsd: unsafe { $vmsd }, - version_id: $version_id, - struct_version_id: 0, - field_exists: None, +impl_vmstate_scalar!(vmstate_info_bool, bool); +impl_vmstate_scalar!(vmstate_info_int8, i8); +impl_vmstate_scalar!(vmstate_info_int16, i16); +impl_vmstate_scalar!(vmstate_info_int32, i32); +impl_vmstate_scalar!(vmstate_info_int64, i64); +impl_vmstate_scalar!(vmstate_info_uint8, u8, VMS_VARRAY_UINT8); +impl_vmstate_scalar!(vmstate_info_uint16, u16, VMS_VARRAY_UINT16); +impl_vmstate_scalar!(vmstate_info_uint32, u32, VMS_VARRAY_UINT32); +impl_vmstate_scalar!(vmstate_info_uint64, u64); +impl_vmstate_scalar!(vmstate_info_timer, bindings::QEMUTimer); + +// Pointer types using the underlying type's VMState plus VMS_POINTER +// Note that references are not supported, though references to cells +// could be allowed. + +macro_rules! impl_vmstate_pointer { + ($type:ty where $base:tt: VMState $($where:tt)*) => { + unsafe impl<$base> VMState for $type where $base: VMState $($where)* { + const SCALAR_TYPE: VMStateFieldType = <T as VMState>::SCALAR_TYPE; + const BASE: VMStateField = <$base as VMState>::BASE.with_pointer_flag(); } - }}; + }; +} + +impl_vmstate_pointer!(*const T where T: VMState); +impl_vmstate_pointer!(*mut T where T: VMState); +impl_vmstate_pointer!(NonNull<T> where T: VMState); + +// Unlike C pointers, Box is always non-null therefore there is no need +// to specify VMS_ALLOC. +impl_vmstate_pointer!(Box<T> where T: VMState); + +// Arrays using the underlying type's VMState plus +// VMS_ARRAY/VMS_ARRAY_OF_POINTER + +unsafe impl<T: VMState, const N: usize> VMState for [T; N] { + const SCALAR_TYPE: VMStateFieldType = <T as VMState>::SCALAR_TYPE; + const BASE: VMStateField = <T as VMState>::BASE.with_array_flag(N); } -#[doc(alias = "VMSTATE_ARRAY_OF_POINTER")] +#[doc(alias = "VMSTATE_UNUSED")] #[macro_export] -macro_rules! vmstate_array_of_pointer { - ($field_name:ident, $struct_name:ty, $num:expr, $version_id:expr, $info:expr, $type:ty) => {{ +macro_rules! vmstate_unused { + ($size:expr) => {{ $crate::bindings::VMStateField { - name: ::core::concat!(::core::stringify!($field_name), 0) - .as_bytes() - .as_ptr() as *const ::std::os::raw::c_char, - version_id: $version_id, - num: $num as _, - info: unsafe { $info }, - size: ::core::mem::size_of::<*const $type>(), - flags: VMStateFlags(VMStateFlags::VMS_ARRAY.0 | VMStateFlags::VMS_ARRAY_OF_POINTER.0), - offset: $crate::offset_of!($struct_name, $field_name), - err_hint: ::core::ptr::null(), - start: 0, - num_offset: 0, - size_offset: 0, - vmsd: ::core::ptr::null(), - struct_version_id: 0, - field_exists: None, + name: $crate::c_str!("unused").as_ptr(), + size: $size, + info: unsafe { ::core::ptr::addr_of!($crate::bindings::vmstate_info_unused_buffer) }, + flags: $crate::bindings::VMStateFlags::VMS_BUFFER, + ..$crate::zeroable::Zeroable::ZERO } }}; } -#[doc(alias = "VMSTATE_ARRAY_OF_POINTER_TO_STRUCT")] +// FIXME: including the `vmsd` field in a `const` is not possible without +// the const_refs_static feature (stabilized in Rust 1.83.0). Without it, +// it is not possible to use VMS_STRUCT in a transparent manner using +// `vmstate_of!`. While VMSTATE_CLOCK can at least try to be type-safe, +// VMSTATE_STRUCT includes $type only for documentation purposes; it +// is checked against $field_name and $struct_name, but not against $vmsd +// which is what really would matter. +#[doc(alias = "VMSTATE_STRUCT")] #[macro_export] -macro_rules! vmstate_array_of_pointer_to_struct { - ($field_name:ident, $struct_name:ty, $num:expr, $version_id:expr, $vmsd:expr, $type:ty) => {{ +macro_rules! vmstate_struct { + ($struct_name:ty, $field_name:ident $([0 .. $num:ident $(* $factor:expr)?])?, $vmsd:expr, $type:ty $(,)?) => { $crate::bindings::VMStateField { - name: ::core::concat!(::core::stringify!($field_name), 0) + name: ::core::concat!(::core::stringify!($field_name), "\0") .as_bytes() .as_ptr() as *const ::std::os::raw::c_char, - version_id: $version_id, - num: $num as _, + $(.num_offset: $crate::offset_of!($struct_name, $num),)? + offset: { + $crate::assert_field_type!($struct_name, $field_name, $type); + $crate::offset_of!($struct_name, $field_name) + }, + size: ::core::mem::size_of::<$type>(), + flags: $crate::bindings::VMStateFlags::VMS_STRUCT, vmsd: unsafe { $vmsd }, - size: ::core::mem::size_of::<*const $type>(), - flags: VMStateFlags( - VMStateFlags::VMS_ARRAY.0 - | VMStateFlags::VMS_STRUCT.0 - | VMStateFlags::VMS_ARRAY_OF_POINTER.0, - ), - offset: $crate::offset_of!($struct_name, $field_name), - err_hint: ::core::ptr::null(), - start: 0, - num_offset: 0, - size_offset: 0, - vmsd: ::core::ptr::null(), - struct_version_id: 0, - field_exists: None, + ..$crate::zeroable::Zeroable::ZERO $( + .with_varray_flag($crate::call_func_with_field!( + $crate::vmstate::vmstate_varray_flag, + $struct_name, + $num)) + $(.with_varray_multiply($factor))?)? } - }}; -} - -#[doc(alias = "VMSTATE_CLOCK_V")] -#[macro_export] -macro_rules! vmstate_clock_v { - ($field_name:ident, $struct_name:ty, $version_id:expr) => {{ - $crate::vmstate_struct_pointer_v!( - $field_name, - $struct_name, - $version_id, - ::core::ptr::addr_of!($crate::bindings::vmstate_clock), - $crate::bindings::Clock - ) - }}; + }; } #[doc(alias = "VMSTATE_CLOCK")] #[macro_export] macro_rules! vmstate_clock { - ($field_name:ident, $struct_name:ty) => {{ - $crate::vmstate_clock_v!($field_name, $struct_name, 0) - }}; -} - -#[doc(alias = "VMSTATE_ARRAY_CLOCK_V")] -#[macro_export] -macro_rules! vmstate_array_clock_v { - ($field_name:ident, $struct_name:ty, $num:expr, $version_id:expr) => {{ - $crate::vmstate_array_of_pointer_to_struct!( - $field_name, - $struct_name, - $num, - $version_id, - ::core::ptr::addr_of!($crate::bindings::vmstate_clock), - $crate::bindings::Clock - ) - }}; -} - -#[doc(alias = "VMSTATE_ARRAY_CLOCK")] -#[macro_export] -macro_rules! vmstate_array_clock { - ($field_name:ident, $struct_name:ty, $num:expr) => {{ - $crate::vmstate_array_clock_v!($field_name, $struct_name, $name, 0) + ($struct_name:ty, $field_name:ident) => {{ + $crate::bindings::VMStateField { + name: ::core::concat!(::core::stringify!($field_name), "\0") + .as_bytes() + .as_ptr() as *const ::std::os::raw::c_char, + offset: { + $crate::assert_field_type!( + $struct_name, + $field_name, + core::ptr::NonNull<$crate::bindings::Clock> + ); + $crate::offset_of!($struct_name, $field_name) + }, + size: ::core::mem::size_of::<*const $crate::bindings::Clock>(), + flags: VMStateFlags(VMStateFlags::VMS_STRUCT.0 | VMStateFlags::VMS_POINTER.0), + vmsd: unsafe { ::core::ptr::addr_of!($crate::bindings::vmstate_clock) }, + ..$crate::zeroable::Zeroable::ZERO + } }}; } @@ -287,20 +487,8 @@ macro_rules! vmstate_fields { static _FIELDS: &[$crate::bindings::VMStateField] = &[ $($field),*, $crate::bindings::VMStateField { - name: ::core::ptr::null(), - err_hint: ::core::ptr::null(), - offset: 0, - size: 0, - start: 0, - num: 0, - num_offset: 0, - size_offset: 0, - info: ::core::ptr::null(), - flags: VMStateFlags::VMS_END, - vmsd: ::core::ptr::null(), - version_id: 0, - struct_version_id: 0, - field_exists: None, + flags: $crate::bindings::VMStateFlags::VMS_END, + ..$crate::zeroable::Zeroable::ZERO } ]; _FIELDS.as_ptr() diff --git a/rust/qemu-api/src/zeroable.rs b/rust/qemu-api/src/zeroable.rs index 6125aeed8b..7b04947cb6 100644 --- a/rust/qemu-api/src/zeroable.rs +++ b/rust/qemu-api/src/zeroable.rs @@ -1,13 +1,11 @@ // SPDX-License-Identifier: GPL-2.0-or-later -use std::ptr; - /// Encapsulates the requirement that /// `MaybeUninit::<Self>::zeroed().assume_init()` does not cause undefined /// behavior. This trait in principle could be implemented as just: /// /// ``` -/// pub unsafe trait Zeroable: Default { +/// pub unsafe trait Zeroable { /// const ZERO: Self = unsafe { ::core::mem::MaybeUninit::<Self>::zeroed().assume_init() }; /// } /// ``` @@ -29,58 +27,76 @@ pub unsafe trait Zeroable: Default { const ZERO: Self; } -unsafe impl Zeroable for crate::bindings::Property__bindgen_ty_1 { - const ZERO: Self = Self { i: 0 }; -} - -unsafe impl Zeroable for crate::bindings::Property { - const ZERO: Self = Self { - name: ptr::null(), - info: ptr::null(), - offset: 0, - bitnr: 0, - bitmask: 0, - set_default: false, - defval: Zeroable::ZERO, - arrayoffset: 0, - arrayinfo: ptr::null(), - arrayfieldsize: 0, - link_type: ptr::null(), - }; +/// A macro that acts similarly to [`core::mem::zeroed()`], only is const +/// +/// ## Safety +/// +/// Similar to `core::mem::zeroed()`, except this zeroes padding bits. Zeroed +/// padding usually isn't relevant to safety, but might be if a C union is used. +/// +/// Just like for `core::mem::zeroed()`, an all zero byte pattern might not +/// be a valid value for a type, as is the case for references `&T` and `&mut +/// T`. Reference types trigger a (denied by default) lint and cause immediate +/// undefined behavior if the lint is ignored +/// +/// ```rust compile_fail +/// use const_zero::const_zero; +/// // error: any use of this value will cause an error +/// // note: `#[deny(const_err)]` on by default +/// const STR: &str = unsafe{const_zero!(&'static str)}; +/// ``` +/// +/// `const_zero` does not work on unsized types: +/// +/// ```rust compile_fail +/// use const_zero::const_zero; +/// // error[E0277]: the size for values of type `[u8]` cannot be known at compilation time +/// const BYTES: [u8] = unsafe{const_zero!([u8])}; +/// ``` +/// ## Differences with `core::mem::zeroed` +/// +/// `const_zero` zeroes padding bits, while `core::mem::zeroed` doesn't +macro_rules! const_zero { + // This macro to produce a type-generic zero constant is taken from the + // const_zero crate (v0.1.1): + // + // https://docs.rs/const-zero/latest/src/const_zero/lib.rs.html + // + // and used under MIT license + ($type_:ty) => {{ + const TYPE_SIZE: ::core::primitive::usize = ::core::mem::size_of::<$type_>(); + union TypeAsBytes { + bytes: [::core::primitive::u8; TYPE_SIZE], + inner: ::core::mem::ManuallyDrop<$type_>, + } + const ZERO_BYTES: TypeAsBytes = TypeAsBytes { + bytes: [0; TYPE_SIZE], + }; + ::core::mem::ManuallyDrop::<$type_>::into_inner(ZERO_BYTES.inner) + }}; } -unsafe impl Zeroable for crate::bindings::VMStateDescription { - const ZERO: Self = Self { - name: ptr::null(), - unmigratable: false, - early_setup: false, - version_id: 0, - minimum_version_id: 0, - priority: crate::bindings::MigrationPriority::MIG_PRI_DEFAULT, - pre_load: None, - post_load: None, - pre_save: None, - post_save: None, - needed: None, - dev_unplug_pending: None, - fields: ptr::null(), - subsections: ptr::null(), +/// A wrapper to implement the `Zeroable` trait through the `const_zero` macro. +macro_rules! impl_zeroable { + ($type:ty) => { + unsafe impl Zeroable for $type { + const ZERO: Self = unsafe { const_zero!($type) }; + } }; } -unsafe impl Zeroable for crate::bindings::MemoryRegionOps__bindgen_ty_1 { - const ZERO: Self = Self { - min_access_size: 0, - max_access_size: 0, - unaligned: false, - accepts: None, - }; +// bindgen does not derive Default here +#[allow(clippy::derivable_impls)] +impl Default for crate::bindings::VMStateFlags { + fn default() -> Self { + Self(0) + } } -unsafe impl Zeroable for crate::bindings::MemoryRegionOps__bindgen_ty_2 { - const ZERO: Self = Self { - min_access_size: 0, - max_access_size: 0, - unaligned: false, - }; -} +impl_zeroable!(crate::bindings::Property__bindgen_ty_1); +impl_zeroable!(crate::bindings::Property); +impl_zeroable!(crate::bindings::VMStateFlags); +impl_zeroable!(crate::bindings::VMStateField); +impl_zeroable!(crate::bindings::VMStateDescription); +impl_zeroable!(crate::bindings::MemoryRegionOps__bindgen_ty_1); +impl_zeroable!(crate::bindings::MemoryRegionOps__bindgen_ty_2); |