Skip to content

Make validate_downcastable_from unsafe#6851

Merged
youknowone merged 1 commit intoRustPython:mainfrom
coolreader18:validate_downcastable_from-unsafe
Jan 26, 2026
Merged

Make validate_downcastable_from unsafe#6851
youknowone merged 1 commit intoRustPython:mainfrom
coolreader18:validate_downcastable_from-unsafe

Conversation

@coolreader18
Copy link
Member

@coolreader18 coolreader18 commented Jan 23, 2026
edited by coderabbitai bot
Loading

Meant to put this as part of #6231

Summary by CodeRabbit

  • Refactor
    • Improved type validation safety mechanisms within the object system to enforce explicit unsafe boundaries around type downcast operations, ensuring more secure type checking during runtime.

✏️ Tip: You can customize this high-level summary in your review settings.

@coderabbitai
Copy link
Contributor

coderabbitai bot commented Jan 23, 2026
edited
Loading

📝 Walkthrough

Walkthrough

The PR refactors RustPython's object downcasting mechanism by making validate_downcastable_from unsafe across the codebase and optimizing PyObject::downcastable with a type-ID fast path. The trait method downcastable_from is removed and replaced with instance method dispatch via downcastable.

Changes

Cohort / File(s) Summary
Payload Trait Updates
crates/vm/src/object/payload.rs		 Removed trait method downcastable_from, changed validate_downcastable_from signature to unsafe fn, and updated try_downcast_from to use obj.downcastable::<Self>() for delegation
Core Downcast Optimization
crates/vm/src/object/core.rs		 Refactored PyObject::downcastable<T> to perform type-ID comparison before calling unsafe T::validate_downcastable_from(self) for a fast-path optimization
Derive Macro Implementations
crates/derive-impl/src/pyclass.rs, crates/derive-impl/src/pystructseq.rs		 Updated validate_downcastable_from method signature in PyPayload implementations from fn to unsafe fn
Builtin Type Implementation
crates/vm/src/builtins/str.rs		 Changed PyUtf8Str::validate_downcastable_from signature to unsafe fn

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~12 minutes

Possibly related PRs

Poem

🐰 Unsafe functions now guard the path,
Type IDs dash through fast,
Downcasting logic, sleek and lean,
Faster validation's never been seen!

🚥 Pre-merge checks | ✅ 3
✅ Passed checks (3 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title check ✅ Passed The title 'Make validate_downcastable_from unsafe' clearly and specifically describes the primary change across all modified files: converting validate_downcastable_from from a safe function to an unsafe function.
Docstring Coverage ✅ Passed Docstring coverage is 100.00% which is sufficient. The required threshold is 80.00%.

✏️ Tip: You can configure your own custom pre-merge checks in the settings.

✨ Finishing touches
  • 📝 Generate docstrings

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

@github-actions
Copy link
Contributor

github-actions bot commented Jan 23, 2026

Code has been automatically formatted

The code in this PR has been formatted using:

  • ruff format
    Please pull the latest changes before pushing again:
git pull origin validate_downcastable_from-unsafe

youknowone
youknowone requested changes Jan 24, 2026
View reviewed changes
Copy link
Member

@youknowone youknowone left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

please check the clippy. ( safety docs)

crates/vm/src/builtins/str.rs
const PAYLOAD_TYPE_ID: core::any::TypeId = core::any::TypeId::of::<PyStr>();

fn validate_downcastable_from(obj: &PyObject) -> bool {
unsafe fn validate_downcastable_from(obj: &PyObject) -> bool {
Copy link
Member

@youknowone youknowone Jan 24, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

huh, every other parts are safe but this one was unsafe

@coolreader18 coolreader18 force-pushed the validate_downcastable_from-unsafe branch from 42b66a8 to d8e999c Compare January 25, 2026 18:32
@youknowone youknowone enabled auto-merge (squash) January 25, 2026 22:48
@youknowone youknowone merged commit 617cdc9 into RustPython:main Jan 26, 2026
13 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@youknowone youknowone youknowone approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@coolreader18 @youknowone