Open
Description
In the Embassy book here
embassy/docs/pages/layer_by_layer.adoc
Line 11 in ef32187
does not prevent you from writing unsafe code.
It goes on to give an example blinky app using PAC, which at no point uses any actual unsafe blocks. So I do not understand what this introduction is trying to demonstrate. As a beginner I am wondering/guessing that it may be one of these:
- that perhaps in Rust embedded cultural practice, the entire PAC crate as a whole is simply considered unsafe and just does not mark its functions as such
- but I don't find any mention of this in the docs for the crate itself https://docs.embassy.dev/stm32-metapac/git/stm32c011d6/index.html
- and I see examples to the contrary in e.g. https://docs.rust-embedded.org/book/start/registers.html where some of the closures do need to deal with
unsafewhile most do not
- that perhaps the example is really more pseudo-code and in practice would need to be wrapped in various
unsafecaveats- I didn't try compile/run it but the code otherwise looks like it's supposed to work as-is so I'd be a little surprised if it were broken?
- especially since in the context I would expect the example to deliberately emphasize just how unsafe using a PAC is given the intro…
- or perhaps the introductory paragraph is using "unsafe" not in a technical Safe Rust vs. Unsafe Rust way, but more of just a colloquial e.g. "you might configure a register wrong and then your code/board won't work right"?
- but you could still make those sorts of logic/hardware mistakes with a HAL crate to some extent too
- and honestly it seems unlikely given the marketing around Rust that such a core term as "unsafe code" would get used generically/casually when talking about low-level API options here
So none of these guesses seems quite right. Could the wording of this section be updated to clarify what it's trying to say?
Metadata
Metadata
Assignees
Labels
No labels