prefer static_map! over explicit unsafe in serde deserialisation#17
Open
Fuuzetsu wants to merge 1 commit into
Open
prefer static_map! over explicit unsafe in serde deserialisation#17Fuuzetsu wants to merge 1 commit into
Fuuzetsu wants to merge 1 commit into
Conversation
Instead of going over all the entries and checking if they are initialised and then going over them again and unwrapping unsafely, we can just go over it once and report the error on first failure. The semantics should be exactly the same but we no longer have an explicit `unsafe` in here: it's moved behind the `static_map!` macro instead which can be considered more battle-hardened. If we're accepting unsafe then it might make more sense to do something like `[MaybeUninit<T>; L::LENGTH]` though something like the `Builder` is needed to make this ergonomic. Either way, I think the version in this commit at least hides the magic. PS: I checked if we can just replace `.unwrap_unchecked()` with `.unwrap()` but it seems that rustc is not able to notice that it will never fail so it generates panic code anyway.
Owner
|
I think a problem is that this code implicitly assumes that into_values produces values in the same order in which they are consumed by the static_map macro. I don't know if I'm making this assumption anywhere else or if there is a test verifying this. On the other hand, with map_values this question does not arise. |
Contributor
Author
|
I think it would be extremely surprising if this assumption wasn't true but OK. The better solution is probably to implement |
Owner
|
try_map_values sounds like a good idea. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Instead of going over all the entries and checking if they are initialised and then going over them
again and unwrapping unsafely, we can just go over it once and report the error on first failure. The semantics should be exactly the same but we no
longer have an explicit
unsafein here: it'smoved behind the
static_map!macro instead which can be considered more battle-hardened.If we're accepting unsafe then it might make more
sense to do something like
[MaybeUninit<T>; L::LENGTH]though something like theBuilderis needed to make this ergonomic. Either way, I think the version in this commit at least hides themagic.
PS: I checked if we can just replace
.unwrap_unchecked()with.unwrap()but itseems that rustc is not able to notice that it
will never fail so it generates panic code anyway.