Skip to content

implement Write for uninitialized slices #674

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 6 commits into
base: master
Choose a base branch
from
Open

implement Write for uninitialized slices #674

Show file tree
Hide file tree
Changes from 5 commits
Commits
Show all changes
6 commits
Select commit Hold shift + click to select a range
fdec431
support writing to uninit slices
master-hax Aug 6, 2025
3478e99
use split_at consistently
master-hax Aug 6, 2025
e5d2e2d
update documentation
master-hax Aug 6, 2025
ef7758b
doc nit
master-hax Aug 6, 2025
dd98ad6
cargo fmt
master-hax Aug 6, 2025
00346c9
use core::ptr::copy_nonoverlapping as suggested
master-hax Aug 6, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
33 changes: 31 additions & 2 deletions embedded-io-async/src/impls/slice_mut.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
use core::mem;
use core::mem::{self, MaybeUninit};
use embedded_io::SliceWriteError;

use crate::Write;
Expand All @@ -20,7 +20,36 @@ impl Write for &mut [u8] {
return Err(SliceWriteError::Full);
}
let (a, b) = mem::take(self).split_at_mut(amt);
a.copy_from_slice(&buf[..amt]);
a.copy_from_slice(buf.split_at(amt).0);
*self = b;
Ok(amt)
}
}

/// Write is implemented for `&mut [MaybeUninit<u8>]` by copying into the slice, initializing
/// & overwriting its data.
///
/// Note that writing updates the slice to point to the yet unwritten part.
/// The slice will be empty when it has been completely overwritten.
///
/// If the number of bytes to be written exceeds the size of the slice, write operations will
/// return short writes: ultimately, `Ok(0)`; in this situation, `write_all` returns an error of
/// kind `ErrorKind::WriteZero`.
impl Write for &mut [MaybeUninit<u8>] {
#[inline]
async fn write(&mut self, buf: &[u8]) -> Result<usize, Self::Error> {
let amt = core::cmp::min(buf.len(), self.len());
if !buf.is_empty() && amt == 0 {
return Err(SliceWriteError::Full);
}
let (a, b) = mem::take(self).split_at_mut(amt);
buf.split_at(amt)
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

maybe core::ptr::copy_nonoverlapping has a better chance at getting optimized than iterator loops. Or maybe copy_from_slice but i'm not sure if it's possible to use soundly.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

also buf.split_at(amt).0 can be written more readably as buf[..amt]

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

maybe core::ptr::copy_nonoverlapping has a better chance at getting optimized

agreed, but that requires unsafe code. perhaps we could add that under a feature flag in a future PR?

buf.split_at(amt).0 can be written more readably as buf[..amt]

they behave differently though - .split_at() splits the lifetime and also works in const contexts, so i think it is preferred over slicing with []

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

but that requires unsafe code

that's not a problem

they behave differently though - .split_at() splits the lifetime and also works in const contexts, so i think it is preferred over slicing with []

the lifetime is not an issue with readonly &[u8] because aliasing is allowed, and slicing is also allowed in const.

Copy link
Author

@master-hax master-hax Aug 6, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

from what i can tell, slicing is not allowed in const contexts.

this example main.rs using .split_at(n).0 compiles just fine:

const HELLO_WORLD_BYTES: &[u8] = b"hello world";
const HELLO_BYTES_SPLIT_AT: &[u8] = HELLO_WORLD_BYTES.split_at(4).0;
fn main() { panic!() }

================================

PS C:\Users\vivek\git\deletme> cargo rustc -- -Awarnings
   Compiling deletme v0.1.0 (C:\Users\vivek\git\deletme)
    Finished `dev` profile [unoptimized + debuginfo] target(s) in 0.26s

whereas this example main.rs using [..n] fails to compile:

const HELLO_WORLD_BYTES: &[u8] = b"hello world";
const HELLO_BYTES_SLICE_OPERATOR: &[u8] = &HELLO_WORLD_BYTES[..4];
fn main() { panic!() }

================================

PS C:\Users\vivek\git\deletme> cargo rustc -- -Awarnings
   Compiling deletme v0.1.0 (C:\Users\vivek\git\deletme)
error[E0015]: cannot call non-const operator in constants
 --> src/main.rs:2:61
  |
2 | const HELLO_BYTES_SLICE_OPERATOR: &[u8] = &HELLO_WORLD_BYTES[..4];
  |                                                             ^^^^^
  |
  = note: calls in constants are limited to constant functions, tuple structs and tuple variants

For more information about this error, try `rustc --explain E0015`.
error: could not compile `deletme` (bin "deletme") due to 1 previous error

so i think because it supports const contexts, "shrinks" the lifetime, and provides a more simple API, split_at() should be preferred. fwiw i actually like the readability after getting used to it. i had to deal with const issues earlier while working in another no_std crate mmstick/numtoa#23

Copy link
Author

@master-hax master-hax Aug 6, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

updated to replace safe iterator with unsafe core::ptr::copy_nonoverlapping in 00346c9

.0
.iter()
.enumerate()
.for_each(|(index, byte)| {
a[index].write(*byte);
});
*self = b;
Ok(amt)
}
Expand Down
56 changes: 50 additions & 6 deletions embedded-io/src/impls/slice_mut.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
use crate::{Error, ErrorKind, ErrorType, SliceWriteError, Write, WriteReady};
use core::mem;
use core::mem::{self, MaybeUninit};

impl Error for SliceWriteError {
fn kind(&self) -> ErrorKind {
Expand All @@ -9,10 +9,6 @@ impl Error for SliceWriteError {
}
}

impl ErrorType for &mut [u8] {
type Error = SliceWriteError;
}

impl core::fmt::Display for SliceWriteError {
fn fmt(&self, f: &mut core::fmt::Formatter<'_>) -> core::fmt::Result {
write!(f, "{self:?}")
Expand All @@ -21,6 +17,10 @@ impl core::fmt::Display for SliceWriteError {

impl core::error::Error for SliceWriteError {}

impl ErrorType for &mut [u8] {
type Error = SliceWriteError;
}

/// Write is implemented for `&mut [u8]` by copying into the slice, overwriting
/// its data.
///
Expand All @@ -37,7 +37,7 @@ impl Write for &mut [u8] {
return Err(SliceWriteError::Full);
}
let (a, b) = mem::take(self).split_at_mut(amt);
a.copy_from_slice(&buf[..amt]);
a.copy_from_slice(buf.split_at(amt).0);
*self = b;
Ok(amt)
}
Expand All @@ -54,3 +54,47 @@ impl WriteReady for &mut [u8] {
Ok(true)
}
}

impl ErrorType for &mut [MaybeUninit<u8>] {
type Error = SliceWriteError;
}

/// Write is implemented for `&mut [MaybeUninit<u8>]` by copying into the slice, initializing
/// & overwriting its data.
///
/// Note that writing updates the slice to point to the yet unwritten part.
/// The slice will be empty when it has been completely overwritten.
///
/// If the number of bytes to be written exceeds the size of the slice, write operations will
/// return short writes: ultimately, a `SliceWriteError::Full`.
impl Write for &mut [MaybeUninit<u8>] {
#[inline]
fn write(&mut self, buf: &[u8]) -> Result<usize, Self::Error> {
let amt = core::cmp::min(buf.len(), self.len());
if !buf.is_empty() && amt == 0 {
return Err(SliceWriteError::Full);
}
let (a, b) = mem::take(self).split_at_mut(amt);
buf.split_at(amt)
.0
.iter()
.enumerate()
.for_each(|(index, byte)| {
a[index].write(*byte);
});
*self = b;
Ok(amt)
}

#[inline]
fn flush(&mut self) -> Result<(), Self::Error> {
Ok(())
}
}

impl WriteReady for &mut [MaybeUninit<u8>] {
#[inline]
fn write_ready(&mut self) -> Result<bool, Self::Error> {
Ok(true)
}
}