Support validation-only mode in derives

Question

Support validation-only mode in derives

Opened this issue 4 months ago · 0 comments

Some users want to know whether one of their public types satisfies the layout properties required by FromBytes, IntoBytes, etc, but do not want to expose a trait impl to their users. Currently, the best way to do this is pretty ugly:

#[derive(FromBytes)]
struct FooInner { ... }

#[repr(transparent)]
pub struct Foo(FooInner);

// Somewhere in `unsafe` code...

// SAFETY: Since `Foo` is a `#[repr(transparent)]` wrapper around `FooInner`, and 
// since `FooInner: FromBytes`, we know that...

It would be great if we could instead support a validate-only mode for our derives. This would look something like:

#[derive(FromBytes)]
#[zerocopy(validate-only)]
pub struct Foo { ... }

// Somewhere in `unsafe` code...

// SAFETY: Since `Foo` is validated to be `FromBytes`...

Note that this would only be sound for non-generic types. For generic types, our derives don't say in the general case whether a type satisfies the trait's requirements, but instead generate an impl with appropriate bounds. Thus, just because a derive on a generic type compiles successfully doesn't mean that all instantiations of that type satisfy that trait's requirements.