-
Notifications
You must be signed in to change notification settings - Fork 5
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Entry API #31
Conversation
Will do! Thank you! |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Very nice!
Style-wise and beyond the specific omments the only things I'd consider changing are:
- Moving the
option-bucket
crate intofixed-map-derive
(as apub(crate)
module). This would mean changing theforbid(unsafe_code)
into adeny(unsafe_code)
like you taught me before :). But that's not that big of a deal. - Since the feature is so far along not bother with the
entry
feature flag. Rust is already quite capable at removing things which are unused.
If you do want to make this addition more incremental I'm fine with it too. As long as it's polished up before an ultimate release I don't mind. And if you find yourself in the future lacking the time to do it I'd be more than willing to pick up the missing pieces.
Please move ahead!
option-bucket/src/lib.rs
Outdated
pub fn insert(self, value: T) -> &'a mut T { | ||
// SAFETY: `outer` is `None`, so there is no old value to `drop` | ||
unsafe { | ||
let outer: *mut Option<T> = self.outer; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hm, in terms of invariants, I don't believe there is any hazard with performing a regular overwrite here and avoid the extra unsafe
(unless I'm missing something). Any perf uplift avoiding the drop should also be negligible since 1) the compiler might be able to statically determine that it's None
and 2) checking the None
discriminator is fairly cheap all things considering.
It might also be nice to test it like this:
let old = self.outer.replace(value);
debug_assert!(old.is_none(), "oops");
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hm, in terms of invariants, I don't believe there is any hazard with performing a regular overwrite here and avoid the extra
unsafe
(unless I'm missing something).
Certainly, there's no hazard in treating a None
as an Option
.
Any perf uplift avoiding the drop should also be negligible since 1) the compiler might be able to statically determine that it's
None
and 2) checking theNone
discriminator is fairly cheap all things considering.
While that is true, I also don't really see value in removing the unsafe usage, given all of the unsafe usage in SomeBucket
. If it was the difference between some unsafe and zero unsafe, that would be a different story.
While it may seem insignificant, the entry API exists specifically to allow the programmer to avoid hitting these kinds of unnecessary checks. I'd like to keep it the way it is.
|
Yeah, this is fine. I wanted them in
There's a few primary reasons I don't want a separate crate: It's harder to maintain and it adds a dependency. Both are costs to a project and a user that you don't want to impose without a good reason outweighing them. The former means we'll have to manage and publish a separate crate The latter means that users interested in knowing what this crate is doing (for whatever reason) has to review the contents of a separate crate to understand it. I'm not convinced the size of the dependency carries its weight as a separate dependency. It's not clear to me whether these costs are warranted as it currently only used as an implementation detail in the entry API of this crate. If you in the future found another concrete use somewhere else I would encourage you to break it out into a separate crate though. Despite that it is still very nice that you documented the API and added examples which can act as tests - even if they're internal. As for being able to separate So I want you to keep it an internal module (for this review). If you find uses for this abstraction outside of this crate in the future it's fine to move it then, but please find them first. |
Alright, I've moved
Many users will disagree, and think avoiding unsafe entirely is a feature in itself. I think it would be good to keep the
I think keeping But all of that is debatable after an experimentation period. |
I appreciate it! Looks good so I'll be merging soon once I get to a computer. Continued: I think part of it is that a feature flag isn't the right way to exclude unsafe. Because they are additive across all dependencies you don't actually control their activation. So a Note that for the people that do care about restricring unsafe use I'd encourage them to use a project such as |
Thank you! |
Related #11