Explicitly initialize more fields which are complex structures. For simple types (bool/u32/usize), they can be omitted since C has already initialized memory to all zeros and this is the valid initialization for those simple types.
Previously such complex fields (InterruptSource/BqlCell/BqlRefCell) were not explicitly initialized in init() and it's fine, because simply setting all memory to zero aligns with their default initialization behavior. However, this behavior is not robust. When adding new complex struct or modifying the initial values of existing structs, this default behavior can easily be broken. Thus, do explicit initialization for HPET to become a good example. Signed-off-by: Zhao Liu <[email protected]> --- rust/hw/timer/hpet/src/device.rs | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/rust/hw/timer/hpet/src/device.rs b/rust/hw/timer/hpet/src/device.rs index bd673a1d0110..1bef94e560f6 100644 --- a/rust/hw/timer/hpet/src/device.rs +++ b/rust/hw/timer/hpet/src/device.rs @@ -737,6 +737,18 @@ unsafe fn init(mut this: ParentInit<Self>) { HPET_REG_SPACE_LEN, ); + // Only consider members with more complex structures. C has already + // initialized memory to all zeros - simple types (bool/u32/usize) can + // rely on this without explicit initialization. + uninit_field_mut!(*this, regs).write(Default::default()); + uninit_field_mut!(*this, hpet_offset).write(Default::default()); + // Set null_mut for now and post_init() will fill it. + uninit_field_mut!(*this, irqs).write(Default::default()); + uninit_field_mut!(*this, rtc_irq_level).write(Default::default()); + uninit_field_mut!(*this, pit_enabled).write(Default::default()); + uninit_field_mut!(*this, num_timers_save).write(Default::default()); + uninit_field_mut!(*this, hpet_id).write(Default::default()); + Self::init_timers(&mut this); } -- 2.34.1
