Re: [PATCH] rust: num: bounded: add safety comment for Bounded::__new

From: Hsiu Che Yu
Date: Mon Dec 01 2025 - 08:28:15 EST

Next message: Christian König: "Re: [PATCH v2 2/8] dma-buf/dma-fence: Add dma_fence_check_and_signal()"
Previous message: Pratyush Yadav: "Re: [PATCH 2/2] kho: fix restoring of contiguous ranges of order-0 pages"
In reply to: Alice Ryhl: "Re: [PATCH] rust: num: bounded: add safety comment for Bounded::__new"
Next in thread: Miguel Ojeda: "Re: [PATCH] rust: num: bounded: add safety comment for Bounded::__new"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, Dec 01, 2025 at 10:12:27AM +0000, Alice Ryhl wrote:

I disagree. For the same reasons as str::from_utf8_unchecked, this
should also be unsafe. It creates a value that violates invariants,
which may be used to trigger UB combined with other safe code.

Alice

I understand. Once the caller passes a value that cannot be represented with N bits, the type invariant is violated. Keeping this function safe could allow callers to overlook this critical requirement.

Thank you for the feedback. I will submit v2 with the necessary changes and improved documentation.

Best regards,
Hsiu Che Yu

Next message: Christian König: "Re: [PATCH v2 2/8] dma-buf/dma-fence: Add dma_fence_check_and_signal()"
Previous message: Pratyush Yadav: "Re: [PATCH 2/2] kho: fix restoring of contiguous ranges of order-0 pages"
In reply to: Alice Ryhl: "Re: [PATCH] rust: num: bounded: add safety comment for Bounded::__new"
Next in thread: Miguel Ojeda: "Re: [PATCH] rust: num: bounded: add safety comment for Bounded::__new"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]