Document macro-ed binary invocation methods
str4d opened this issue · comments
Jack Grigg commented
Being a bit of a devils advocate here:
main
also, seems to beunsafe
since the caller is again required to provide a valid pointer.The same logic works here as with
parse
: since it is a generated function, it is accessible to nearby code which may, for example, call it with null.Not to be too copy-pasty here, something like
# Safety This should only be called by Flipperzero OS and never manually.
would be enough.
Originally posted by @JarvisCraft in #95 (comment)
David Coles commented
I agree something like main(args: *mut u8)
should be marked unsafe
since it has the prerequisite that args
contains NUL-terminated bytes. It's also not something that user programs should typically be doing (intended to be called only by the Flipper runtime).