Re: [PATCH v4 1/2] rust: kernel: create `overflow_assert!` macro
From: Miguel Ojeda
Date: Sun Jul 20 2025 - 12:58:48 EST
Hi Antonio,
Since you are sending likely a new version, a couple quick comments...
On Sun, Jun 29, 2025 at 4:43 AM Antonio Hickey
<contact@xxxxxxxxxxxxxxxxx> wrote:
>
> Co-developed-by: Daniel Cote <danielstonecote@xxxxxxxxx>
> Signed-off-by: Daniel Cote <danielstonecote@xxxxxxxxx>
> Signed-off-by: Antonio Hickey <contact@xxxxxxxxxxxxxxxxx>
> Link: https://github.com/Rust-for-Linux/linux/issues/1159
> Suggested-by: Miguel Ojeda <ojeda@xxxxxxxxxx>
The usual order of the tags would be:
Suggested-by: Miguel Ojeda <ojeda@xxxxxxxxxx>
Link: https://github.com/Rust-for-Linux/linux/issues/1159
Co-developed-by: Daniel Cote <danielstonecote@xxxxxxxxx>
Signed-off-by: Daniel Cote <danielstonecote@xxxxxxxxx>
Signed-off-by: Antonio Hickey <contact@xxxxxxxxxxxxxxxxx>
> /// This macro is only active when `CONFIG_RUST_OVERFLOW_CHECKS` is enabled.
I would probably add another paragraph to clarify/warn that,
therefore, one can only use this macro to add extra checks for users
that don't mind panics in such a case, but that it cannot be relied
for things that need to be always tested for (to prevent UB, access
checks, etc.), similar to what the standard library says for
`debug_assert!` like Tamir mentions or the `WARN*()` docs in C.
> +/// # Examples
> +///
> +/// ```
> +/// overflow_assert!(3 <= 10);
> +/// overflow_assert!(5 <= 5);
> +///
> +/// const X: u8 = 5;
> +/// overflow_assert!(X + 3 < 10);
> +///
> +/// const MAX: i32 = 42;
> +/// const fn f(x: i32) -> i32 {
> +/// x + 1
> +/// }
> +/// overflow_assert!(f(40) < MAX);
> +/// overflow_assert!(f(40) < MAX, "f(x) must not overflow the max value.");
> +/// ```
Since now the macro takes just a `bool`, I would probably try to keep
two or so of these, and I would add a couple comments and try to have
a more "real life" example if possible.
Thanks!
Cheers,
Miguel