mirror of
https://github.com/bevyengine/bevy
synced 2024-09-20 06:22:01 +00:00
d38a8dfdd7
# Objective `SAFETY` comments are meant to be placed before `unsafe` blocks and should contain the reasoning of why in this case the usage of unsafe is okay. This is useful when reading the code because it makes it clear which assumptions are required for safety, and makes it easier to spot possible unsoundness holes. It also forces the code writer to think of something to write and maybe look at the safety contracts of any called unsafe methods again to double-check their correct usage. There's a clippy lint called `undocumented_unsafe_blocks` which warns when using a block without such a comment. ## Solution - since clippy expects `SAFETY` instead of `SAFE`, rename those - add `SAFETY` comments in more places - for the last remaining 3 places, add an `#[allow()]` and `// TODO` since I wasn't comfortable enough with the code to justify their safety - add ` #![warn(clippy::undocumented_unsafe_blocks)]` to `bevy_ecs` ### Note for reviewers The first commit only renames `SAFETY` to `SAFE` so it doesn't need a thorough review. |
||
|---|---|---|
| .. | ||
| src | ||
| Cargo.toml | ||
| README.md | ||
bevy_ptr
The bevy_ptr crate provides low-level abstractions for working with pointers in a more safe way than using rust's raw pointers.
Rust has lifetimed and typed references (&'a T), unlifetimed and typed references (*const T), but no lifetimed but untyped references.
bevy_ptr adds them, called Ptr<'a>, PtrMut<'a> and OwningPtr<'a>.
These types are lifetime-checked so can never lead to problems like use-after-frees and must always point to valid data.