aboutsummaryrefslogtreecommitdiff
path: root/rust/qemu-api/src
diff options
context:
space:
mode:
authorMarc-André Lureau <marcandre.lureau@redhat.com>2025-09-08 12:49:48 +0200
committerPaolo Bonzini <pbonzini@redhat.com>2025-09-17 19:00:57 +0200
commit593c408a6a8cd8b0af9bf60c7c3625da7910a737 (patch)
treeb149c9ab366981f6dcb903c8c80bb695a9d73e55 /rust/qemu-api/src
parenta6765c04beac0a3e20032b619df6afbc70b6ef74 (diff)
downloadqemu-593c408a6a8cd8b0af9bf60c7c3625da7910a737.zip
qemu-593c408a6a8cd8b0af9bf60c7c3625da7910a737.tar.gz
qemu-593c408a6a8cd8b0af9bf60c7c3625da7910a737.tar.bz2
rust: split Rust-only "common" crate
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Link: https://lore.kernel.org/r/20250827104147.717203-6-marcandre.lureau@redhat.com Reviewed-by: Zhao Liu <zhao1.liu@intel.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Diffstat (limited to 'rust/qemu-api/src')
-rw-r--r--rust/qemu-api/src/assertions.rs148
-rw-r--r--rust/qemu-api/src/bindings.rs21
-rw-r--r--rust/qemu-api/src/bitops.rs119
-rw-r--r--rust/qemu-api/src/callbacks.rs216
-rw-r--r--rust/qemu-api/src/cell.rs235
-rw-r--r--rust/qemu-api/src/chardev.rs5
-rw-r--r--rust/qemu-api/src/errno.rs354
-rw-r--r--rust/qemu-api/src/error.rs3
-rw-r--r--rust/qemu-api/src/irq.rs3
-rw-r--r--rust/qemu-api/src/lib.rs6
-rw-r--r--rust/qemu-api/src/log.rs4
-rw-r--r--rust/qemu-api/src/memory.rs5
-rw-r--r--rust/qemu-api/src/prelude.rs6
-rw-r--r--rust/qemu-api/src/qdev.rs10
-rw-r--r--rust/qemu-api/src/qom.rs3
-rw-r--r--rust/qemu-api/src/sysbus.rs3
-rw-r--r--rust/qemu-api/src/timer.rs8
-rw-r--r--rust/qemu-api/src/uninit.rs85
-rw-r--r--rust/qemu-api/src/vmstate.rs23
-rw-r--r--rust/qemu-api/src/zeroable.rs37
20 files changed, 60 insertions, 1234 deletions
diff --git a/rust/qemu-api/src/assertions.rs b/rust/qemu-api/src/assertions.rs
deleted file mode 100644
index e4fe23b..0000000
--- a/rust/qemu-api/src/assertions.rs
+++ /dev/null
@@ -1,148 +0,0 @@
-// Copyright 2024, Red Hat Inc.
-// Author(s): Paolo Bonzini <pbonzini@redhat.com>
-// SPDX-License-Identifier: GPL-2.0-or-later
-
-#![doc(hidden)]
-//! This module provides macros to check the equality of types and
-//! the type of `struct` fields. This can be useful to ensure that
-//! types match the expectations of C code.
-//!
-//! Documentation is hidden because it only exposes macros, which
-//! are exported directly from `qemu_api`.
-
-// Based on https://stackoverflow.com/questions/64251852/x/70978292#70978292
-// (stackoverflow answers are released under MIT license).
-
-#[doc(hidden)]
-pub trait EqType {
- type Itself;
-}
-
-impl<T> EqType for T {
- type Itself = T;
-}
-
-/// Assert that two types are the same.
-///
-/// # Examples
-///
-/// ```
-/// # use qemu_api::assert_same_type;
-/// # use std::ops::Deref;
-/// assert_same_type!(u32, u32);
-/// assert_same_type!(<Box<u32> as Deref>::Target, u32);
-/// ```
-///
-/// Different types will cause a compile failure
-///
-/// ```compile_fail
-/// # use qemu_api::assert_same_type;
-/// assert_same_type!(&Box<u32>, &u32);
-/// ```
-#[macro_export]
-macro_rules! assert_same_type {
- ($t1:ty, $t2:ty) => {
- const _: () = {
- #[allow(unused)]
- fn assert_same_type(v: $t1) {
- fn types_must_be_equal<T, U>(_: T)
- where
- T: $crate::assertions::EqType<Itself = U>,
- {
- }
- types_must_be_equal::<_, $t2>(v);
- }
- };
- };
-}
-
-/// Assert that a field of a struct has the given type.
-///
-/// # Examples
-///
-/// ```
-/// # use qemu_api::assert_field_type;
-/// pub struct A {
-/// field1: u32,
-/// }
-///
-/// assert_field_type!(A, field1, u32);
-/// ```
-///
-/// Different types will cause a compile failure
-///
-/// ```compile_fail
-/// # use qemu_api::assert_field_type;
-/// # pub struct A { field1: u32 }
-/// assert_field_type!(A, field1, i32);
-/// ```
-#[macro_export]
-macro_rules! assert_field_type {
- (@internal $param_name:ident, $ti:ty, $t:ty, $($field:tt)*) => {
- const _: () = {
- #[allow(unused)]
- const fn assert_field_type($param_name: &$t) {
- const fn types_must_be_equal<T, U>(_: &T)
- where
- T: $crate::assertions::EqType<Itself = U>,
- {
- }
- types_must_be_equal::<_, $ti>(&$($field)*);
- }
- };
- };
-
- ($t:ty, $i:tt, $ti:ty) => {
- $crate::assert_field_type!(@internal v, $ti, $t, v.$i);
- };
-}
-
-/// Assert that an expression matches a pattern. This can also be
-/// useful to compare enums that do not implement `Eq`.
-///
-/// # Examples
-///
-/// ```
-/// # use qemu_api::assert_match;
-/// // JoinHandle does not implement `Eq`, therefore the result
-/// // does not either.
-/// let result: Result<std::thread::JoinHandle<()>, u32> = Err(42);
-/// assert_match!(result, Err(42));
-/// ```
-#[macro_export]
-macro_rules! assert_match {
- ($a:expr, $b:pat) => {
- assert!(
- match $a {
- $b => true,
- _ => false,
- },
- "{} = {:?} does not match {}",
- stringify!($a),
- $a,
- stringify!($b)
- );
- };
-}
-
-/// Assert at compile time that an expression is true. This is similar
-/// to `const { assert!(...); }` but it works outside functions, as well as
-/// on versions of Rust before 1.79.
-///
-/// # Examples
-///
-/// ```
-/// # use qemu_api::static_assert;
-/// static_assert!("abc".len() == 3);
-/// ```
-///
-/// ```compile_fail
-/// # use qemu_api::static_assert;
-/// static_assert!("abc".len() == 2); // does not compile
-/// ```
-#[macro_export]
-macro_rules! static_assert {
- ($x:expr) => {
- const _: () = assert!($x);
- };
-}
diff --git a/rust/qemu-api/src/bindings.rs b/rust/qemu-api/src/bindings.rs
index b8104de..3acdd90 100644
--- a/rust/qemu-api/src/bindings.rs
+++ b/rust/qemu-api/src/bindings.rs
@@ -20,6 +20,8 @@
//! `bindgen`-generated declarations.
+use common::Zeroable;
+
#[cfg(MESON)]
include!("bindings.inc.rs");
@@ -56,3 +58,22 @@ unsafe impl Sync for VMStateField {}
unsafe impl Send for VMStateInfo {}
unsafe impl Sync for VMStateInfo {}
+
+// bindgen does not derive Default here
+#[allow(clippy::derivable_impls)]
+impl Default for crate::bindings::VMStateFlags {
+ fn default() -> Self {
+ Self(0)
+ }
+}
+
+unsafe impl Zeroable for crate::bindings::Property__bindgen_ty_1 {}
+unsafe impl Zeroable for crate::bindings::Property {}
+unsafe impl Zeroable for crate::bindings::VMStateFlags {}
+unsafe impl Zeroable for crate::bindings::VMStateField {}
+unsafe impl Zeroable for crate::bindings::VMStateDescription {}
+unsafe impl Zeroable for crate::bindings::MemoryRegionOps__bindgen_ty_1 {}
+unsafe impl Zeroable for crate::bindings::MemoryRegionOps__bindgen_ty_2 {}
+unsafe impl Zeroable for crate::bindings::MemoryRegionOps {}
+unsafe impl Zeroable for crate::bindings::MemTxAttrs {}
+unsafe impl Zeroable for crate::bindings::CharBackend {}
diff --git a/rust/qemu-api/src/bitops.rs b/rust/qemu-api/src/bitops.rs
deleted file mode 100644
index b1e3a53..0000000
--- a/rust/qemu-api/src/bitops.rs
+++ /dev/null
@@ -1,119 +0,0 @@
-// Copyright (C) 2024 Intel Corporation.
-// Author(s): Zhao Liu <zhao1.liu@intel.com>
-// SPDX-License-Identifier: GPL-2.0-or-later
-
-//! This module provides bit operation extensions to integer types.
-//! It is usually included via the `qemu_api` prelude.
-
-use std::ops::{
- Add, AddAssign, BitAnd, BitAndAssign, BitOr, BitOrAssign, BitXor, BitXorAssign, Div, DivAssign,
- Mul, MulAssign, Not, Rem, RemAssign, Shl, ShlAssign, Shr, ShrAssign,
-};
-
-/// Trait for extensions to integer types
-pub trait IntegerExt:
- Add<Self, Output = Self> + AddAssign<Self> +
- BitAnd<Self, Output = Self> + BitAndAssign<Self> +
- BitOr<Self, Output = Self> + BitOrAssign<Self> +
- BitXor<Self, Output = Self> + BitXorAssign<Self> +
- Copy +
- Div<Self, Output = Self> + DivAssign<Self> +
- Eq +
- Mul<Self, Output = Self> + MulAssign<Self> +
- Not<Output = Self> + Ord + PartialOrd +
- Rem<Self, Output = Self> + RemAssign<Self> +
- Shl<Self, Output = Self> + ShlAssign<Self> +
- Shl<u32, Output = Self> + ShlAssign<u32> + // add more as needed
- Shr<Self, Output = Self> + ShrAssign<Self> +
- Shr<u32, Output = Self> + ShrAssign<u32> // add more as needed
-{
- const BITS: u32;
- const MAX: Self;
- const MIN: Self;
- const ONE: Self;
- const ZERO: Self;
-
- #[inline]
- #[must_use]
- fn bit(start: u32) -> Self
- {
- debug_assert!(start < Self::BITS);
-
- Self::ONE << start
- }
-
- #[inline]
- #[must_use]
- fn mask(start: u32, length: u32) -> Self
- {
- /* FIXME: Implement a more elegant check with error handling support? */
- debug_assert!(start < Self::BITS && length > 0 && length <= Self::BITS - start);
-
- (Self::MAX >> (Self::BITS - length)) << start
- }
-
- #[inline]
- #[must_use]
- fn deposit<U: IntegerExt>(self, start: u32, length: u32,
- fieldval: U) -> Self
- where Self: From<U>
- {
- debug_assert!(length <= U::BITS);
-
- let mask = Self::mask(start, length);
- (self & !mask) | ((Self::from(fieldval) << start) & mask)
- }
-
- #[inline]
- #[must_use]
- fn extract(self, start: u32, length: u32) -> Self
- {
- let mask = Self::mask(start, length);
- (self & mask) >> start
- }
-}
-
-macro_rules! impl_num_ext {
- ($type:ty) => {
- impl IntegerExt for $type {
- const BITS: u32 = <$type>::BITS;
- const MAX: Self = <$type>::MAX;
- const MIN: Self = <$type>::MIN;
- const ONE: Self = 1;
- const ZERO: Self = 0;
- }
- };
-}
-
-impl_num_ext!(u8);
-impl_num_ext!(u16);
-impl_num_ext!(u32);
-impl_num_ext!(u64);
-
-#[cfg(test)]
-mod tests {
- use super::*;
-
- #[test]
- fn test_deposit() {
- assert_eq!(15u32.deposit(8, 8, 1u32), 256 + 15);
- assert_eq!(15u32.deposit(8, 1, 255u8), 256 + 15);
- }
-
- #[test]
- fn test_extract() {
- assert_eq!(15u32.extract(2, 4), 3);
- }
-
- #[test]
- fn test_bit() {
- assert_eq!(u8::bit(7), 128);
- assert_eq!(u32::bit(16), 0x10000);
- }
-
- #[test]
- fn test_mask() {
- assert_eq!(u8::mask(7, 1), 128);
- assert_eq!(u32::mask(8, 8), 0xff00);
- }
-}
diff --git a/rust/qemu-api/src/callbacks.rs b/rust/qemu-api/src/callbacks.rs
deleted file mode 100644
index dbe2305..0000000
--- a/rust/qemu-api/src/callbacks.rs
+++ /dev/null
@@ -1,216 +0,0 @@
-// SPDX-License-Identifier: MIT
-
-//! Utility functions to deal with callbacks from C to Rust.
-
-use std::{mem, ptr::NonNull};
-
-/// Trait for functions (types implementing [`Fn`]) that can be used as
-/// callbacks. These include both zero-capture closures and function pointers.
-///
-/// In Rust, calling a function through the `Fn` trait normally requires a
-/// `self` parameter, even though for zero-sized functions (including function
-/// pointers) the type itself contains all necessary information to call the
-/// function. This trait provides a `call` function that doesn't require `self`,
-/// allowing zero-sized functions to be called using only their type.
-///
-/// This enables zero-sized functions to be passed entirely through generic
-/// parameters and resolved at compile-time. A typical use is a function
-/// receiving an unused parameter of generic type `F` and calling it via
-/// `F::call` or passing it to another function via `func::<F>`.
-///
-/// QEMU uses this trick to create wrappers to C callbacks. The wrappers
-/// are needed to convert an opaque `*mut c_void` into a Rust reference,
-/// but they only have a single opaque that they can use. The `FnCall`
-/// trait makes it possible to use that opaque for `self` or any other
-/// reference:
-///
-/// ```ignore
-/// // The compiler creates a new `rust_bh_cb` wrapper for each function
-/// // passed to `qemu_bh_schedule_oneshot` below.
-/// unsafe extern "C" fn rust_bh_cb<T, F: for<'a> FnCall<(&'a T,)>>(
-/// opaque: *mut c_void,
-/// ) {
-/// // SAFETY: the opaque was passed as a reference to `T`.
-/// F::call((unsafe { &*(opaque.cast::<T>()) }, ))
-/// }
-///
-/// // The `_f` parameter is unused but it helps the compiler build the appropriate `F`.
-/// // Using a reference allows usage in const context.
-/// fn qemu_bh_schedule_oneshot<T, F: for<'a> FnCall<(&'a T,)>>(_f: &F, opaque: &T) {
-/// let cb: unsafe extern "C" fn(*mut c_void) = rust_bh_cb::<T, F>;
-/// unsafe {
-/// bindings::qemu_bh_schedule_oneshot(cb, opaque as *const T as *const c_void as *mut c_void)
-/// }
-/// }
-/// ```
-///
-/// Each wrapper is a separate instance of `rust_bh_cb` and is therefore
-/// compiled to a separate function ("monomorphization"). If you wanted
-/// to pass `self` as the opaque value, the generic parameters would be
-/// `rust_bh_cb::<Self, F>`.
-///
-/// `Args` is a tuple type whose types are the arguments of the function,
-/// while `R` is the returned type.
-///
-/// # Examples
-///
-/// ```
-/// # use qemu_api::callbacks::FnCall;
-/// fn call_it<F: for<'a> FnCall<(&'a str,), String>>(_f: &F, s: &str) -> String {
-/// F::call((s,))
-/// }
-///
-/// let s: String = call_it(&str::to_owned, "hello world");
-/// assert_eq!(s, "hello world");
-/// ```
-///
-/// Note that the compiler will produce a different version of `call_it` for
-/// each function that is passed to it. Therefore the argument is not really
-/// used, except to decide what is `F` and what `F::call` does.
-///
-/// Attempting to pass a non-zero-sized closure causes a compile-time failure:
-///
-/// ```compile_fail
-/// # use qemu_api::callbacks::FnCall;
-/// # fn call_it<'a, F: FnCall<(&'a str,), String>>(_f: &F, s: &'a str) -> String {
-/// # F::call((s,))
-/// # }
-/// let x: &'static str = "goodbye world";
-/// call_it(&move |_| String::from(x), "hello workd");
-/// ```
-///
-/// `()` can be used to indicate "no function":
-///
-/// ```
-/// # use qemu_api::callbacks::FnCall;
-/// fn optional<F: for<'a> FnCall<(&'a str,), String>>(_f: &F, s: &str) -> Option<String> {
-/// if F::IS_SOME {
-/// Some(F::call((s,)))
-/// } else {
-/// None
-/// }
-/// }
-///
-/// assert!(optional(&(), "hello world").is_none());
-/// ```
-///
-/// Invoking `F::call` will then be a run-time error.
-///
-/// ```should_panic
-/// # use qemu_api::callbacks::FnCall;
-/// # fn call_it<F: for<'a> FnCall<(&'a str,), String>>(_f: &F, s: &str) -> String {
-/// # F::call((s,))
-/// # }
-/// let s: String = call_it(&(), "hello world"); // panics
-/// ```
-///
-/// # Safety
-///
-/// Because `Self` is a zero-sized type, all instances of the type are
-/// equivalent. However, in addition to this, `Self` must have no invariants
-/// that could be violated by creating a reference to it.
-///
-/// This is always true for zero-capture closures and function pointers, as long
-/// as the code is able to name the function in the first place.
-pub unsafe trait FnCall<Args, R = ()>: 'static + Sync + Sized {
- /// `true` if `Self` is an actual function type and not `()`.
- ///
- /// # Examples
- ///
- /// You can use `IS_SOME` to catch this at compile time:
- ///
- /// ```compile_fail
- /// # use qemu_api::callbacks::FnCall;
- /// fn call_it<F: for<'a> FnCall<(&'a str,), String>>(_f: &F, s: &str) -> String {
- /// const { assert!(F::IS_SOME) }
- /// F::call((s,))
- /// }
- ///
- /// let s: String = call_it((), "hello world"); // does not compile
- /// ```
- const IS_SOME: bool;
-
- /// `false` if `Self` is an actual function type, `true` if it is `()`.
- fn is_none() -> bool {
- !Self::IS_SOME
- }
-
- /// `true` if `Self` is an actual function type, `false` if it is `()`.
- fn is_some() -> bool {
- Self::IS_SOME
- }
-
- /// Call the function with the arguments in args.
- fn call(a: Args) -> R;
-}
-
-/// `()` acts as a "null" callback. Using `()` and `function` is nicer
-/// than `None` and `Some(function)`, because the compiler is unable to
-/// infer the type of just `None`. Therefore, the trait itself acts as the
-/// option type, with functions [`FnCall::is_some`] and [`FnCall::is_none`].
-unsafe impl<Args, R> FnCall<Args, R> for () {
- const IS_SOME: bool = false;
-
- /// Call the function with the arguments in args.
- fn call(_a: Args) -> R {
- panic!("callback not specified")
- }
-}
-
-macro_rules! impl_call {
- ($($args:ident,)* ) => (
- // SAFETY: because each function is treated as a separate type,
- // accessing `FnCall` is only possible in code that would be
- // allowed to call the function.
- unsafe impl<F, $($args,)* R> FnCall<($($args,)*), R> for F
- where
- F: 'static + Sync + Sized + Fn($($args, )*) -> R,
- {
- const IS_SOME: bool = true;
-
- #[inline(always)]
- fn call(a: ($($args,)*)) -> R {
- const { assert!(mem::size_of::<Self>() == 0) };
-
- // SAFETY: the safety of this method is the condition for implementing
- // `FnCall`. As to the `NonNull` idiom to create a zero-sized type,
- // see https://github.com/rust-lang/libs-team/issues/292.
- let f: &'static F = unsafe { &*NonNull::<Self>::dangling().as_ptr() };
- let ($($args,)*) = a;
- f($($args,)*)
- }
- }
- )
-}
-
-impl_call!(_1, _2, _3, _4, _5,);
-impl_call!(_1, _2, _3, _4,);
-impl_call!(_1, _2, _3,);
-impl_call!(_1, _2,);
-impl_call!(_1,);
-impl_call!();
-
-#[cfg(test)]
-mod tests {
- use super::*;
-
- // The `_f` parameter is unused but it helps the compiler infer `F`.
- fn do_test_call<'a, F: FnCall<(&'a str,), String>>(_f: &F) -> String {
- F::call(("hello world",))
- }
-
- #[test]
- fn test_call() {
- assert_eq!(do_test_call(&str::to_owned), "hello world")
- }
-
- // The `_f` parameter is unused but it helps the compiler infer `F`.
- fn do_test_is_some<'a, F: FnCall<(&'a str,), String>>(_f: &F) {
- assert!(F::is_some());
- }
-
- #[test]
- fn test_is_some() {
- do_test_is_some(&str::to_owned);
- }
-}
diff --git a/rust/qemu-api/src/cell.rs b/rust/qemu-api/src/cell.rs
index 9943d72..d13848d 100644
--- a/rust/qemu-api/src/cell.rs
+++ b/rust/qemu-api/src/cell.rs
@@ -141,82 +141,13 @@
//! Multiple immutable borrows are allowed via [`borrow`](BqlRefCell::borrow),
//! or a single mutable borrow via [`borrow_mut`](BqlRefCell::borrow_mut). The
//! thread will panic if these rules are violated or if the BQL is not held.
-//!
-//! ## Opaque wrappers
-//!
-//! The cell types from the previous section are useful at the boundaries
-//! of code that requires interior mutability. When writing glue code that
-//! interacts directly with C structs, however, it is useful to operate
-//! at a lower level.
-//!
-//! C functions often violate Rust's fundamental assumptions about memory
-//! safety by modifying memory even if it is shared. Furthermore, C structs
-//! often start their life uninitialized and may be populated lazily.
-//!
-//! For this reason, this module provides the [`Opaque<T>`] type to opt out
-//! of Rust's usual guarantees about the wrapped type. Access to the wrapped
-//! value is always through raw pointers, obtained via methods like
-//! [`as_mut_ptr()`](Opaque::as_mut_ptr) and [`as_ptr()`](Opaque::as_ptr). These
-//! pointers can then be passed to C functions or dereferenced; both actions
-//! require `unsafe` blocks, making it clear where safety guarantees must be
-//! manually verified. For example
-//!
-//! ```ignore
-//! unsafe {
-//! let state = Opaque::<MyStruct>::uninit();
-//! qemu_struct_init(state.as_mut_ptr());
-//! }
-//! ```
-//!
-//! [`Opaque<T>`] will usually be wrapped one level further, so that
-//! bridge methods can be added to the wrapper:
-//!
-//! ```ignore
-//! pub struct MyStruct(Opaque<bindings::MyStruct>);
-//!
-//! impl MyStruct {
-//! fn new() -> Pin<Box<MyStruct>> {
-//! let result = Box::pin(unsafe { Opaque::uninit() });
-//! unsafe { qemu_struct_init(result.as_mut_ptr()) };
-//! result
-//! }
-//! }
-//! ```
-//!
-//! This pattern of wrapping bindgen-generated types in [`Opaque<T>`] provides
-//! several advantages:
-//!
-//! * The choice of traits to be implemented is not limited by the
-//! bindgen-generated code. For example, [`Drop`] can be added without
-//! disabling [`Copy`] on the underlying bindgen type
-//!
-//! * [`Send`] and [`Sync`] implementations can be controlled by the wrapper
-//! type rather than being automatically derived from the C struct's layout
-//!
-//! * Methods can be implemented in a separate crate from the bindgen-generated
-//! bindings
-//!
-//! * [`Debug`](std::fmt::Debug) and [`Display`](std::fmt::Display)
-//! implementations can be customized to be more readable than the raw C
-//! struct representation
-//!
-//! The [`Opaque<T>`] type does not include BQL validation; it is possible to
-//! assert in the code that the right lock is taken, to use it together
-//! with a custom lock guard type, or to let C code take the lock, as
-//! appropriate. It is also possible to use it with non-thread-safe
-//! types, since by default (unlike [`BqlCell`] and [`BqlRefCell`]
-//! it is neither `Sync` nor `Send`.
-//!
-//! While [`Opaque<T>`] is necessary for C interop, it should be used sparingly
-//! and only at FFI boundaries. For QEMU-specific types that need interior
-//! mutability, prefer [`BqlCell`] or [`BqlRefCell`].
use std::{
cell::{Cell, UnsafeCell},
cmp::Ordering,
fmt,
- marker::{PhantomData, PhantomPinned},
- mem::{self, MaybeUninit},
+ marker::PhantomData,
+ mem,
ops::{Deref, DerefMut},
ptr::NonNull,
};
@@ -939,165 +870,3 @@ impl<T: fmt::Display> fmt::Display for BqlRefMut<'_, T> {
(**self).fmt(f)
}
}
-
-/// Stores an opaque value that is shared with C code.
-///
-/// Often, C structs can changed when calling a C function even if they are
-/// behind a shared Rust reference, or they can be initialized lazily and have
-/// invalid bit patterns (e.g. `3` for a [`bool`]). This goes against Rust's
-/// strict aliasing rules, which normally prevent mutation through shared
-/// references.
-///
-/// Wrapping the struct with `Opaque<T>` ensures that the Rust compiler does not
-/// assume the usual constraints that Rust structs require, and allows using
-/// shared references on the Rust side.
-///
-/// `Opaque<T>` is `#[repr(transparent)]`, so that it matches the memory layout
-/// of `T`.
-#[repr(transparent)]
-pub struct Opaque<T> {
- value: UnsafeCell<MaybeUninit<T>>,
- // PhantomPinned also allows multiple references to the `Opaque<T>`, i.e.
- // one `&mut Opaque<T>` can coexist with a `&mut T` or any number of `&T`;
- // see https://docs.rs/pinned-aliasable/latest/pinned_aliasable/.
- _pin: PhantomPinned,
-}
-
-impl<T> Opaque<T> {
- /// Creates a new shared reference from a C pointer
- ///
- /// # Safety
- ///
- /// The pointer must be valid, though it need not point to a valid value.
- pub unsafe fn from_raw<'a>(ptr: *mut T) -> &'a Self {
- let ptr = NonNull::new(ptr).unwrap().cast::<Self>();
- // SAFETY: Self is a transparent wrapper over T
- unsafe { ptr.as_ref() }
- }
-
- /// Creates a new opaque object with uninitialized contents.
- ///
- /// # Safety
- ///
- /// Ultimately the pointer to the returned value will be dereferenced
- /// in another `unsafe` block, for example when passing it to a C function,
- /// but the functions containing the dereference are usually safe. The
- /// value returned from `uninit()` must be initialized and pinned before
- /// calling them.
- pub const unsafe fn uninit() -> Self {
- Self {
- value: UnsafeCell::new(MaybeUninit::uninit()),
- _pin: PhantomPinned,
- }
- }
-
- /// Creates a new opaque object with zeroed contents.
- ///
- /// # Safety
- ///
- /// Ultimately the pointer to the returned value will be dereferenced
- /// in another `unsafe` block, for example when passing it to a C function,
- /// but the functions containing the dereference are usually safe. The
- /// value returned from `uninit()` must be pinned (and possibly initialized)
- /// before calling them.
- pub const unsafe fn zeroed() -> Self {
- Self {
- value: UnsafeCell::new(MaybeUninit::zeroed()),
- _pin: PhantomPinned,
- }
- }
-
- /// Returns a raw mutable pointer to the opaque data.
- pub const fn as_mut_ptr(&self) -> *mut T {
- UnsafeCell::get(&self.value).cast()
- }
-
- /// Returns a raw pointer to the opaque data.
- pub const fn as_ptr(&self) -> *const T {
- self.as_mut_ptr().cast_const()
- }
-
- /// Returns a raw pointer to the opaque data that can be passed to a
- /// C function as `void *`.
- pub const fn as_void_ptr(&self) -> *mut std::ffi::c_void {
- UnsafeCell::get(&self.value).cast()
- }
-
- /// Converts a raw pointer to the wrapped type.
- pub const fn raw_get(slot: *mut Self) -> *mut T {
- // Compare with Linux's raw_get method, which goes through an UnsafeCell
- // because it takes a *const Self instead.
- slot.cast()
- }
-}
-
-impl<T> fmt::Debug for Opaque<T> {
- fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result {
- let mut name: String = "Opaque<".to_string();
- name += std::any::type_name::<T>();
- name += ">";
- f.debug_tuple(&name).field(&self.as_ptr()).finish()
- }
-}
-
-impl<T: Default> Opaque<T> {
- /// Creates a new opaque object with default contents.
- ///
- /// # Safety
- ///
- /// Ultimately the pointer to the returned value will be dereferenced
- /// in another `unsafe` block, for example when passing it to a C function,
- /// but the functions containing the dereference are usually safe. The
- /// value returned from `uninit()` must be pinned before calling them.
- pub unsafe fn new() -> Self {
- Self {
- value: UnsafeCell::new(MaybeUninit::new(T::default())),
- _pin: PhantomPinned,
- }
- }
-}
-
-/// Annotates [`Self`] as a transparent wrapper for another type.
-///
-/// Usually defined via the [`qemu_api_macros::Wrapper`] derive macro.
-///
-/// # Examples
-///
-/// ```
-/// # use std::mem::ManuallyDrop;
-/// # use qemu_api::cell::Wrapper;
-/// #[repr(transparent)]
-/// pub struct Example {
-/// inner: ManuallyDrop<String>,
-/// }
-///
-/// unsafe impl Wrapper for Example {
-/// type Wrapped = String;
-/// }
-/// ```
-///
-/// # Safety
-///
-/// `Self` must be a `#[repr(transparent)]` wrapper for the `Wrapped` type,
-/// whether directly or indirectly.
-///
-/// # Methods
-///
-/// By convention, types that implement Wrapper also implement the following
-/// methods:
-///
-/// ```ignore
-/// pub const unsafe fn from_raw<'a>(value: *mut Self::Wrapped) -> &'a Self;
-/// pub const unsafe fn as_mut_ptr(&self) -> *mut Self::Wrapped;
-/// pub const unsafe fn as_ptr(&self) -> *const Self::Wrapped;
-/// pub const unsafe fn raw_get(slot: *mut Self) -> *const Self::Wrapped;
-/// ```
-///
-/// They are not defined here to allow them to be `const`.
-pub unsafe trait Wrapper {
- type Wrapped;
-}
-
-unsafe impl<T> Wrapper for Opaque<T> {
- type Wrapped = T;
-}
diff --git a/rust/qemu-api/src/chardev.rs b/rust/qemu-api/src/chardev.rs
index cb27be5..5a351dc 100644
--- a/rust/qemu-api/src/chardev.rs
+++ b/rust/qemu-api/src/chardev.rs
@@ -18,10 +18,11 @@ use std::{
slice,
};
+use common::{callbacks::FnCall, errno, Opaque};
+
use crate::{
bindings,
- callbacks::FnCall,
- cell::{BqlRefMut, Opaque},
+ cell::{BqlRefCell, BqlRefMut},
prelude::*,
};
diff --git a/rust/qemu-api/src/errno.rs b/rust/qemu-api/src/errno.rs
deleted file mode 100644
index 507850f..0000000
--- a/rust/qemu-api/src/errno.rs
+++ /dev/null
@@ -1,354 +0,0 @@
-// SPDX-License-Identifier: GPL-2.0-or-later
-
-//! Utility functions to convert `errno` to and from
-//! [`io::Error`]/[`io::Result`]
-//!
-//! QEMU C functions often have a "positive success/negative `errno`" calling
-//! convention. This module provides functions to portably convert an integer
-//! into an [`io::Result`] and back.
-
-use std::{
- convert::{self, TryFrom},
- io::{self, ErrorKind},
-};
-
-/// An `errno` value that can be converted into an [`io::Error`]
-pub struct Errno(pub u16);
-
-// On Unix, from_raw_os_error takes an errno value and OS errors
-// are printed using strerror. On Windows however it takes a
-// GetLastError() value; therefore we need to convert errno values
-// into io::Error by hand. This is the same mapping that the
-// standard library uses to retrieve the kind of OS errors
-// (`std::sys::pal::unix::decode_error_kind`).
-impl From<Errno> for ErrorKind {
- fn from(value: Errno) -> ErrorKind {
- use ErrorKind::*;
- let Errno(errno) = value;
- match i32::from(errno) {
- libc::EPERM | libc::EACCES => PermissionDenied,
- libc::ENOENT => NotFound,
- libc::EINTR => Interrupted,
- x if x == libc::EAGAIN || x == libc::EWOULDBLOCK => WouldBlock,
- libc::ENOMEM => OutOfMemory,
- libc::EEXIST => AlreadyExists,
- libc::EINVAL => InvalidInput,
- libc::EPIPE => BrokenPipe,
- libc::EADDRINUSE => AddrInUse,
- libc::EADDRNOTAVAIL => AddrNotAvailable,
- libc::ECONNABORTED => ConnectionAborted,
- libc::ECONNREFUSED => ConnectionRefused,
- libc::ECONNRESET => ConnectionReset,
- libc::ENOTCONN => NotConnected,
- libc::ENOTSUP => Unsupported,
- libc::ETIMEDOUT => TimedOut,
- _ => Other,
- }
- }
-}
-
-// This is used on Windows for all io::Errors, but also on Unix if the
-// io::Error does not have a raw OS error. This is the reversed
-// mapping of the above; EIO is returned for unknown ErrorKinds.
-impl From<io::ErrorKind> for Errno {
- fn from(value: io::ErrorKind) -> Errno {
- use ErrorKind::*;
- let errno = match value {
- // can be both EPERM or EACCES :( pick one
- PermissionDenied => libc::EPERM,
- NotFound => libc::ENOENT,
- Interrupted => libc::EINTR,
- WouldBlock => libc::EAGAIN,
- OutOfMemory => libc::ENOMEM,
- AlreadyExists => libc::EEXIST,
- InvalidInput => libc::EINVAL,
- BrokenPipe => libc::EPIPE,
- AddrInUse => libc::EADDRINUSE,
- AddrNotAvailable => libc::EADDRNOTAVAIL,
- ConnectionAborted => libc::ECONNABORTED,
- ConnectionRefused => libc::ECONNREFUSED,
- ConnectionReset => libc::ECONNRESET,
- NotConnected => libc::ENOTCONN,
- Unsupported => libc::ENOTSUP,
- TimedOut => libc::ETIMEDOUT,
- _ => libc::EIO,
- };
- Errno(errno as u16)
- }
-}
-
-impl From<Errno> for io::Error {
- #[cfg(unix)]
- fn from(value: Errno) -> io::Error {
- let Errno(errno) = value;
- io::Error::from_raw_os_error(errno.into())
- }
-
- #[cfg(windows)]
- fn from(value: Errno) -> io::Error {
- let error_kind: ErrorKind = value.into();
- error_kind.into()
- }
-}
-
-impl From<io::Error> for Errno {
- fn from(value: io::Error) -> Errno {
- if cfg!(unix) {
- if let Some(errno) = value.raw_os_error() {
- return Errno(u16::try_from(errno).unwrap());
- }
- }
- value.kind().into()
- }
-}
-
-impl From<convert::Infallible> for Errno {
- fn from(_value: convert::Infallible) -> Errno {
- panic!("unreachable")
- }
-}
-
-/// Internal traits; used to enable [`into_io_result`] and [`into_neg_errno`]
-/// for the "right" set of types.
-mod traits {
- use super::Errno;
-
- /// A signed type that can be converted into an
- /// [`io::Result`](std::io::Result)
- pub trait GetErrno {
- /// Unsigned variant of `Self`, used as the type for the `Ok` case.
- type Out;
-
- /// Return `Ok(self)` if positive, `Err(Errno(-self))` if negative
- fn into_errno_result(self) -> Result<Self::Out, Errno>;
- }
-
- /// A type that can be taken out of an [`io::Result`](std::io::Result) and
- /// converted into "positive success/negative `errno`" convention.
- pub trait MergeErrno {
- /// Signed variant of `Self`, used as the return type of
- /// [`into_neg_errno`](super::into_neg_errno).
- type Out: From<u16> + std::ops::Neg<Output = Self::Out>;
-
- /// Return `self`, asserting that it is in range
- fn map_ok(self) -> Self::Out;
- }
-
- macro_rules! get_errno {
- ($t:ty, $out:ty) => {
- impl GetErrno for $t {
- type Out = $out;
- fn into_errno_result(self) -> Result<Self::Out, Errno> {
- match self {
- 0.. => Ok(self as $out),
- -65535..=-1 => Err(Errno(-self as u16)),
- _ => panic!("{self} is not a negative errno"),
- }
- }
- }
- };
- }
-
- get_errno!(i32, u32);
- get_errno!(i64, u64);
- get_errno!(isize, usize);
-
- macro_rules! merge_errno {
- ($t:ty, $out:ty) => {
- impl MergeErrno for $t {
- type Out = $out;
- fn map_ok(self) -> Self::Out {
- self.try_into().unwrap()
- }
- }
- };
- }
-
- merge_errno!(u8, i32);
- merge_errno!(u16, i32);
- merge_errno!(u32, i32);
- merge_errno!(u64, i64);
-
- impl MergeErrno for () {
- type Out = i32;
- fn map_ok(self) -> i32 {
- 0
- }
- }
-}
-
-use traits::{GetErrno, MergeErrno};
-
-/// Convert an integer value into a [`io::Result`].
-///
-/// Positive values are turned into an `Ok` result; negative values
-/// are interpreted as negated `errno` and turned into an `Err`.
-///
-/// ```
-/// # use qemu_api::errno::into_io_result;
-/// # use std::io::ErrorKind;
-/// let ok = into_io_result(1i32).unwrap();
-/// assert_eq!(ok, 1u32);
-///
-/// let err = into_io_result(-1i32).unwrap_err(); // -EPERM
-/// assert_eq!(err.kind(), ErrorKind::PermissionDenied);
-/// ```
-///
-/// # Panics
-///
-/// Since the result is an unsigned integer, negative values must
-/// be close to 0; values that are too far away are considered
-/// likely overflows and will panic:
-///
-/// ```should_panic
-/// # use qemu_api::errno::into_io_result;
-/// # #[allow(dead_code)]
-/// let err = into_io_result(-0x1234_5678i32); // panic
-/// ```
-pub fn into_io_result<T: GetErrno>(value: T) -> io::Result<T::Out> {
- value.into_errno_result().map_err(Into::into)
-}
-
-/// Convert a [`Result`] into an integer value, using negative `errno`
-/// values to report errors.
-///
-/// ```
-/// # use qemu_api::errno::into_neg_errno;
-/// # use std::io::{self, ErrorKind};
-/// let ok: io::Result<()> = Ok(());
-/// assert_eq!(into_neg_errno(ok), 0);
-///
-/// let err: io::Result<()> = Err(ErrorKind::InvalidInput.into());
-/// assert_eq!(into_neg_errno(err), -22); // -EINVAL
-/// ```
-///
-/// Since this module also provides the ability to convert [`io::Error`]
-/// to an `errno` value, [`io::Result`] is the most commonly used type
-/// for the argument of this function:
-///
-/// # Panics
-///
-/// Since the result is a signed integer, integer `Ok` values must remain
-/// positive:
-///
-/// ```should_panic
-/// # use qemu_api::errno::into_neg_errno;
-/// # use std::io;
-/// let err: io::Result<u32> = Ok(0x8899_AABB);
-/// into_neg_errno(err) // panic
-/// # ;
-/// ```
-pub fn into_neg_errno<T: MergeErrno, E: Into<Errno>>(value: Result<T, E>) -> T::Out {
- match value {
- Ok(x) => x.map_ok(),
- Err(err) => -T::Out::from(err.into().0),
- }
-}
-
-#[cfg(test)]
-mod tests {
- use std::io::ErrorKind;
-
- use super::*;
- use crate::assert_match;
-
- #[test]
- pub fn test_from_u8() {
- let ok: io::Result<_> = Ok(42u8);
- assert_eq!(into_neg_errno(ok), 42);
-
- let err: io::Result<u8> = Err(io::ErrorKind::PermissionDenied.into());
- assert_eq!(into_neg_errno(err), -1);
-
- if cfg!(unix) {
- let os_err: io::Result<u8> = Err(io::Error::from_raw_os_error(10));
- assert_eq!(into_neg_errno(os_err), -10);
- }
- }
-
- #[test]
- pub fn test_from_u16() {
- let ok: io::Result<_> = Ok(1234u16);
- assert_eq!(into_neg_errno(ok), 1234);
-
- let err: io::Result<u16> = Err(io::ErrorKind::PermissionDenied.into());
- assert_eq!(into_neg_errno(err), -1);
-
- if cfg!(unix) {
- let os_err: io::Result<u16> = Err(io::Error::from_raw_os_error(10));
- assert_eq!(into_neg_errno(os_err), -10);
- }
- }
-
- #[test]
- pub fn test_i32() {
- assert_match!(into_io_result(1234i32), Ok(1234));
-
- let err = into_io_result(-1i32).unwrap_err();
- #[cfg(unix)]
- assert_match!(err.raw_os_error(), Some(1));
- assert_match!(err.kind(), ErrorKind::PermissionDenied);
- }
-
- #[test]
- pub fn test_from_u32() {
- let ok: io::Result<_> = Ok(1234u32);
- assert_eq!(into_neg_errno(ok), 1234);
-
- let err: io::Result<u32> = Err(io::ErrorKind::PermissionDenied.into());
- assert_eq!(into_neg_errno(err), -1);
-
- if cfg!(unix) {
- let os_err: io::Result<u32> = Err(io::Error::from_raw_os_error(10));
- assert_eq!(into_neg_errno(os_err), -10);
- }
- }
-
- #[test]
- pub fn test_i64() {
- assert_match!(into_io_result(1234i64), Ok(1234));
-
- let err = into_io_result(-22i64).unwrap_err();
- #[cfg(unix)]
- assert_match!(err.raw_os_error(), Some(22));
- assert_match!(err.kind(), ErrorKind::InvalidInput);
- }
-
- #[test]
- pub fn test_from_u64() {
- let ok: io::Result<_> = Ok(1234u64);
- assert_eq!(into_neg_errno(ok), 1234);
-
- let err: io::Result<u64> = Err(io::ErrorKind::InvalidInput.into());
- assert_eq!(into_neg_errno(err), -22);
-
- if cfg!(unix) {
- let os_err: io::Result<u64> = Err(io::Error::from_raw_os_error(6));
- assert_eq!(into_neg_errno(os_err), -6);
- }
- }
-
- #[test]
- pub fn test_isize() {
- assert_match!(into_io_result(1234isize), Ok(1234));
-
- let err = into_io_result(-4isize).unwrap_err();
- #[cfg(unix)]
- assert_match!(err.raw_os_error(), Some(4));
- assert_match!(err.kind(), ErrorKind::Interrupted);
- }
-
- #[test]
- pub fn test_from_unit() {
- let ok: io::Result<_> = Ok(());
- assert_eq!(into_neg_errno(ok), 0);
-
- let err: io::Result<()> = Err(io::ErrorKind::OutOfMemory.into());
- assert_eq!(into_neg_errno(err), -12);
-
- if cfg!(unix) {
- let os_err: io::Result<()> = Err(io::Error::from_raw_os_error(2));
- assert_eq!(into_neg_errno(os_err), -2);
- }
- }
-}
diff --git a/rust/qemu-api/src/error.rs b/rust/qemu-api/src/error.rs
index e114fc4..8bac3cb 100644
--- a/rust/qemu-api/src/error.rs
+++ b/rust/qemu-api/src/error.rs
@@ -316,10 +316,11 @@ mod tests {
use std::ffi::CStr;
use anyhow::anyhow;
+ use common::assert_match;
use foreign::OwnedPointer;
use super::*;
- use crate::{assert_match, bindings};
+ use crate::bindings;
#[track_caller]
fn error_for_test(msg: &CStr) -> OwnedPointer<Error> {
diff --git a/rust/qemu-api/src/irq.rs b/rust/qemu-api/src/irq.rs
index 1526e6f..ea6b328 100644
--- a/rust/qemu-api/src/irq.rs
+++ b/rust/qemu-api/src/irq.rs
@@ -10,9 +10,10 @@ use std::{
ptr,
};
+use common::Opaque;
+
use crate::{
bindings::{self, qemu_set_irq},
- cell::Opaque,
prelude::*,
qom::ObjectClass,
};
diff --git a/rust/qemu-api/src/lib.rs b/rust/qemu-api/src/lib.rs
index daa2493..6232e39 100644
--- a/rust/qemu-api/src/lib.rs
+++ b/rust/qemu-api/src/lib.rs
@@ -13,12 +13,8 @@ pub mod bindings;
#[rustfmt::skip]
pub mod prelude;
-pub mod assertions;
-pub mod bitops;
-pub mod callbacks;
pub mod cell;
pub mod chardev;
-pub mod errno;
pub mod error;
pub mod irq;
pub mod log;
@@ -28,9 +24,7 @@ pub mod qdev;
pub mod qom;
pub mod sysbus;
pub mod timer;
-pub mod uninit;
pub mod vmstate;
-pub mod zeroable;
// Allow proc-macros to refer to `::qemu_api` inside the `qemu_api` crate (this
// crate).
diff --git a/rust/qemu-api/src/log.rs b/rust/qemu-api/src/log.rs
index a441b8c..d07f627 100644
--- a/rust/qemu-api/src/log.rs
+++ b/rust/qemu-api/src/log.rs
@@ -8,7 +8,9 @@ use std::{
ptr::NonNull,
};
-use crate::{bindings, errno};
+use common::errno;
+
+use crate::bindings;
#[repr(u32)]
/// Represents specific error categories within QEMU's logging system.
diff --git a/rust/qemu-api/src/memory.rs b/rust/qemu-api/src/memory.rs
index e40fad6..f790cb5 100644
--- a/rust/qemu-api/src/memory.rs
+++ b/rust/qemu-api/src/memory.rs
@@ -10,14 +10,11 @@ use std::{
};
pub use bindings::{hwaddr, MemTxAttrs};
+use common::{callbacks::FnCall, uninit::MaybeUninitField, zeroable::Zeroable, Opaque};
use crate::{
bindings::{self, device_endian, memory_region_init_io},
- callbacks::FnCall,
- cell::Opaque,
prelude::*,
- uninit::MaybeUninitField,
- zeroable::Zeroable,
};
pub struct MemoryRegionOps<T>(
diff --git a/rust/qemu-api/src/prelude.rs b/rust/qemu-api/src/prelude.rs
index 8f9e23e..dcfe714 100644
--- a/rust/qemu-api/src/prelude.rs
+++ b/rust/qemu-api/src/prelude.rs
@@ -4,13 +4,9 @@
//! Commonly used traits and types for QEMU.
-pub use crate::bitops::IntegerExt;
-
pub use crate::cell::BqlCell;
pub use crate::cell::BqlRefCell;
-pub use crate::errno;
-
pub use crate::log_mask_ln;
pub use crate::qdev::DeviceMethods;
@@ -19,8 +15,8 @@ pub use crate::qom::InterfaceType;
pub use crate::qom::IsA;
pub use crate::qom::Object;
pub use crate::qom::ObjectCast;
-pub use crate::qom::ObjectDeref;
pub use crate::qom::ObjectClassMethods;
+pub use crate::qom::ObjectDeref;
pub use crate::qom::ObjectMethods;
pub use crate::qom::ObjectType;
diff --git a/rust/qemu-api/src/qdev.rs b/rust/qemu-api/src/qdev.rs
index e2b4121..8be125f 100644
--- a/rust/qemu-api/src/qdev.rs
+++ b/rust/qemu-api/src/qdev.rs
@@ -10,11 +10,11 @@ use std::{
};
pub use bindings::{ClockEvent, DeviceClass, Property, ResetType};
+use common::{callbacks::FnCall, Opaque};
use crate::{
bindings::{self, qdev_init_gpio_in, qdev_init_gpio_out, ResettableClass},
- callbacks::FnCall,
- cell::{bql_locked, Opaque},
+ cell::bql_locked,
chardev::Chardev,
error::{Error, Result},
impl_vmstate_c_struct,
@@ -246,7 +246,7 @@ macro_rules! define_property {
bitnr: $bitnr,
set_default: true,
defval: $crate::bindings::Property__bindgen_ty_1 { u: $defval as u64 },
- ..$crate::zeroable::Zeroable::ZERO
+ ..::common::zeroable::Zeroable::ZERO
}
};
($name:expr, $state:ty, $field:ident, $prop:expr, $type:ty, default = $defval:expr$(,)*) => {
@@ -257,7 +257,7 @@ macro_rules! define_property {
offset: ::std::mem::offset_of!($state, $field) as isize,
set_default: true,
defval: $crate::bindings::Property__bindgen_ty_1 { u: $defval as u64 },
- ..$crate::zeroable::Zeroable::ZERO
+ ..::common::zeroable::Zeroable::ZERO
}
};
($name:expr, $state:ty, $field:ident, $prop:expr, $type:ty$(,)*) => {
@@ -267,7 +267,7 @@ macro_rules! define_property {
info: $prop,
offset: ::std::mem::offset_of!($state, $field) as isize,
set_default: false,
- ..$crate::zeroable::Zeroable::ZERO
+ ..::common::zeroable::Zeroable::ZERO
}
};
}
diff --git a/rust/qemu-api/src/qom.rs b/rust/qemu-api/src/qom.rs
index 12c6fc6..49b4f03 100644
--- a/rust/qemu-api/src/qom.rs
+++ b/rust/qemu-api/src/qom.rs
@@ -102,13 +102,14 @@ use std::{
};
pub use bindings::ObjectClass;
+use common::Opaque;
use crate::{
bindings::{
self, object_class_dynamic_cast, object_dynamic_cast, object_get_class,
object_get_typename, object_new, object_ref, object_unref, TypeInfo,
},
- cell::{bql_locked, Opaque},
+ cell::bql_locked,
impl_vmstate_pointer,
};
diff --git a/rust/qemu-api/src/sysbus.rs b/rust/qemu-api/src/sysbus.rs
index e92502a..4a5b4cb 100644
--- a/rust/qemu-api/src/sysbus.rs
+++ b/rust/qemu-api/src/sysbus.rs
@@ -7,10 +7,11 @@
use std::{ffi::CStr, ptr::addr_of_mut};
pub use bindings::SysBusDeviceClass;
+use common::Opaque;
use crate::{
bindings,
- cell::{bql_locked, Opaque},
+ cell::bql_locked,
irq::{IRQState, InterruptSource},
memory::MemoryRegion,
prelude::*,
diff --git a/rust/qemu-api/src/timer.rs b/rust/qemu-api/src/timer.rs
index 1e639ea..383e1a6 100644
--- a/rust/qemu-api/src/timer.rs
+++ b/rust/qemu-api/src/timer.rs
@@ -7,10 +7,10 @@ use std::{
pin::Pin,
};
-use crate::{
- bindings::{self, qemu_clock_get_ns, timer_del, timer_init_full, timer_mod, QEMUClockType},
- callbacks::FnCall,
- cell::Opaque,
+use common::{callbacks::FnCall, Opaque};
+
+use crate::bindings::{
+ self, qemu_clock_get_ns, timer_del, timer_init_full, timer_mod, QEMUClockType,
};
/// A safe wrapper around [`bindings::QEMUTimer`].
diff --git a/rust/qemu-api/src/uninit.rs b/rust/qemu-api/src/uninit.rs
deleted file mode 100644
index b0a8297..0000000
--- a/rust/qemu-api/src/uninit.rs
+++ /dev/null
@@ -1,85 +0,0 @@
-//! Access fields of a [`MaybeUninit`]
-
-use std::{
- mem::MaybeUninit,
- ops::{Deref, DerefMut},
-};
-
-pub struct MaybeUninitField<'a, T, U> {
- parent: &'a mut MaybeUninit<T>,
- child: *mut U,
-}
-
-impl<'a, T, U> MaybeUninitField<'a, T, U> {
- #[doc(hidden)]
- pub const fn new(parent: &'a mut MaybeUninit<T>, child: *mut U) -> Self {
- MaybeUninitField { parent, child }
- }
-
- /// Return a constant pointer to the containing object of the field.
- ///
- /// Because the `MaybeUninitField` remembers the containing object,
- /// it is possible to use it in foreign APIs that initialize the
- /// child.
- pub const fn parent(f: &Self) -> *const T {
- f.parent.as_ptr()
- }
-
- /// Return a mutable pointer to the containing object.
- ///
- /// Because the `MaybeUninitField` remembers the containing object,
- /// it is possible to use it in foreign APIs that initialize the
- /// child.
- pub const fn parent_mut(f: &mut Self) -> *mut T {
- f.parent.as_mut_ptr()
- }
-}
-
-impl<'a, T, U> Deref for MaybeUninitField<'a, T, U> {
- type Target = MaybeUninit<U>;
-
- fn deref(&self) -> &MaybeUninit<U> {
- // SAFETY: self.child was obtained by dereferencing a valid mutable
- // reference; the content of the memory may be invalid or uninitialized
- // but MaybeUninit<_> makes no assumption on it
- unsafe { &*(self.child.cast()) }
- }
-}
-
-impl<'a, T, U> DerefMut for MaybeUninitField<'a, T, U> {
- fn deref_mut(&mut self) -> &mut MaybeUninit<U> {
- // SAFETY: self.child was obtained by dereferencing a valid mutable
- // reference; the content of the memory may be invalid or uninitialized
- // but MaybeUninit<_> makes no assumption on it
- unsafe { &mut *(self.child.cast()) }
- }
-}
-
-/// ```
-/// #[derive(Debug)]
-/// struct S {
-/// x: u32,
-/// y: u32,
-/// }
-///
-/// # use std::mem::MaybeUninit;
-/// # use qemu_api::{assert_match, uninit_field_mut};
-///
-/// let mut s: MaybeUninit<S> = MaybeUninit::zeroed();
-/// uninit_field_mut!(s, x).write(5);
-/// let s = unsafe { s.assume_init() };
-/// assert_match!(s, S { x: 5, y: 0 });
-/// ```
-#[macro_export]
-macro_rules! uninit_field_mut {
- ($container:expr, $($field:tt)+) => {{
- let container__: &mut ::std::mem::MaybeUninit<_> = &mut $container;
- let container_ptr__ = container__.as_mut_ptr();
-
- // SAFETY: the container is not used directly, only through a MaybeUninit<>,
- // so the safety is delegated to the caller and to final invocation of
- // assume_init()
- let target__ = unsafe { std::ptr::addr_of_mut!((*container_ptr__).$($field)+) };
- $crate::uninit::MaybeUninitField::new(container__, target__)
- }};
-}
diff --git a/rust/qemu-api/src/vmstate.rs b/rust/qemu-api/src/vmstate.rs
index ce42b03..06aac3a 100644
--- a/rust/qemu-api/src/vmstate.rs
+++ b/rust/qemu-api/src/vmstate.rs
@@ -35,14 +35,15 @@ use std::{
ptr::{addr_of, NonNull},
};
-pub use crate::bindings::{MigrationPriority, VMStateField};
-use crate::{
- bindings::{self, VMStateFlags},
+use common::{
callbacks::FnCall,
errno::{into_neg_errno, Errno},
- zeroable::Zeroable,
+ Zeroable,
};
+use crate::bindings::{self, VMStateFlags};
+pub use crate::bindings::{MigrationPriority, VMStateField};
+
/// This macro is used to call a function with a generic argument bound
/// to the type of a field. The function must take a
/// [`PhantomData`]`<T>` argument; `T` is the type of
@@ -271,7 +272,7 @@ macro_rules! impl_vmstate_transparent {
impl_vmstate_transparent!(std::cell::Cell<T> where T: VMState);
impl_vmstate_transparent!(std::cell::UnsafeCell<T> where T: VMState);
impl_vmstate_transparent!(std::pin::Pin<T> where T: VMState);
-impl_vmstate_transparent!(crate::cell::Opaque<T> where T: VMState);
+impl_vmstate_transparent!(::common::Opaque<T> where T: VMState);
#[macro_export]
macro_rules! impl_vmstate_bitsized {
@@ -324,7 +325,7 @@ macro_rules! impl_vmstate_c_struct {
vmsd: ::std::ptr::addr_of!($vmsd),
size: ::std::mem::size_of::<$type>(),
flags: $crate::bindings::VMStateFlags::VMS_STRUCT,
- ..$crate::zeroable::Zeroable::ZERO
+ ..common::zeroable::Zeroable::ZERO
};
}
};
@@ -367,7 +368,7 @@ macro_rules! vmstate_unused {
size: $size,
info: unsafe { ::core::ptr::addr_of!($crate::bindings::vmstate_info_unused_buffer) },
flags: $crate::bindings::VMStateFlags::VMS_BUFFER,
- ..$crate::zeroable::Zeroable::ZERO
+ ..::common::Zeroable::ZERO
}
}};
}
@@ -390,7 +391,7 @@ pub type VMSFieldExistCb = unsafe extern "C" fn(
#[macro_export]
macro_rules! vmstate_exist_fn {
($struct_name:ty, $test_fn:expr) => {{
- const fn test_cb_builder__<T, F: for<'a> $crate::callbacks::FnCall<(&'a T, u8), bool>>(
+ const fn test_cb_builder__<T, F: for<'a> ::common::callbacks::FnCall<(&'a T, u8), bool>>(
_phantom: ::core::marker::PhantomData<F>,
) -> $crate::vmstate::VMSFieldExistCb {
const { assert!(F::IS_SOME) };
@@ -414,7 +415,7 @@ macro_rules! vmstate_fields {
$($field),*,
$crate::bindings::VMStateField {
flags: $crate::bindings::VMStateFlags::VMS_END,
- ..$crate::zeroable::Zeroable::ZERO
+ ..::common::zeroable::Zeroable::ZERO
}
];
_FIELDS.as_ptr()
@@ -433,7 +434,7 @@ macro_rules! vmstate_validate {
| $crate::bindings::VMStateFlags::VMS_ARRAY.0,
),
num: 0, // 0 elements: no data, only run test_fn callback
- ..$crate::zeroable::Zeroable::ZERO
+ ..::common::zeroable::Zeroable::ZERO
}
};
}
@@ -455,7 +456,7 @@ macro_rules! impl_vmstate_struct {
vmsd: ::core::ptr::addr_of!(*VMSD),
size: ::core::mem::size_of::<$type>(),
flags: $crate::bindings::VMStateFlags::VMS_STRUCT,
- ..$crate::zeroable::Zeroable::ZERO
+ ..common::Zeroable::ZERO
}
};
}
diff --git a/rust/qemu-api/src/zeroable.rs b/rust/qemu-api/src/zeroable.rs
deleted file mode 100644
index d8239d0..0000000
--- a/rust/qemu-api/src/zeroable.rs
+++ /dev/null
@@ -1,37 +0,0 @@
-// SPDX-License-Identifier: GPL-2.0-or-later
-
-//! Defines a trait for structs that can be safely initialized with zero bytes.
-
-/// Encapsulates the requirement that
-/// `MaybeUninit::<Self>::zeroed().assume_init()` does not cause undefined
-/// behavior.
-///
-/// # Safety
-///
-/// Do not add this trait to a type unless all-zeroes is a valid value for the
-/// type. In particular, raw pointers can be zero, but references and
-/// `NonNull<T>` cannot.
-pub unsafe trait Zeroable: Default {
- /// Return a value of Self whose memory representation consists of all
- /// zeroes, with the possible exclusion of padding bytes.
- const ZERO: Self = unsafe { ::core::mem::MaybeUninit::<Self>::zeroed().assume_init() };
-}
-
-// bindgen does not derive Default here
-#[allow(clippy::derivable_impls)]
-impl Default for crate::bindings::VMStateFlags {
- fn default() -> Self {
- Self(0)
- }
-}
-
-unsafe impl Zeroable for crate::bindings::Property__bindgen_ty_1 {}
-unsafe impl Zeroable for crate::bindings::Property {}
-unsafe impl Zeroable for crate::bindings::VMStateFlags {}
-unsafe impl Zeroable for crate::bindings::VMStateField {}
-unsafe impl Zeroable for crate::bindings::VMStateDescription {}
-unsafe impl Zeroable for crate::bindings::MemoryRegionOps__bindgen_ty_1 {}
-unsafe impl Zeroable for crate::bindings::MemoryRegionOps__bindgen_ty_2 {}
-unsafe impl Zeroable for crate::bindings::MemoryRegionOps {}
-unsafe impl Zeroable for crate::bindings::MemTxAttrs {}
-unsafe impl Zeroable for crate::bindings::CharBackend {}
generated by cgit v1.1 at 2025-10-18 15:23:06 +0000