Remove some uses of unsafe from Myers pattern matching and fastexp #398
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
There's two uses of `unsafe` that aren't necessary:
- using a union to convert between raw bits in a f64 floating point
format and f64 itself, because there's the safe f64::from_bits
function in std
- using from_raw_parts to build a slice &[T] from a single &T, because
there's the safe slice::from_ref function in std
The latter flags a minor safety issue: the
ShortTracebackHandler::column_slice method had an incorrect lifetime
in its return value. It was incorrectly suggesting that the returned
slice lived for longer than the `self` value. In particular, code
could write something like (in pseudo-Rust, with named lifetimes of
locals):
let states: &'outer [State<T, T::DistType>] = ...;
let column: &'outer [State<T, T::DistType>];
{
let handler = ShortTracebackHandler::new(.., states);
column = handler.column_slice(); // refers to handler.state
} // handler becomes invalid, as does handler.state
println!("{}", column); // invalid use of reference to handler.state
This method is private and explicitly designed for debugging use only,
and so (a) this minor safety issue probably doesn't cause issues in
practice, and (b) the fix doesn't break any existing code.
johanneskoester
approved these changes
Jan 7, 2021
|
No worries, thanks for merging! |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There's two uses of
unsafethat aren't necessary for performanceor functionality:
format and f64 itself, because there's the safe
f64::from_bitsfunction in std
&[T]from a single &T, becausethere's the safe
std::slice::from_reffunctionThe latter flags a minor safety issue: the
ShortTracebackHandler::column_slice method had an incorrect lifetime
in its return value. It was incorrectly suggesting that the returned
slice lived for longer than the
selfvalue. In particular, codecould write something like (in pseudo-Rust, with named lifetimes of
locals):
This method is private and explicitly designed for debugging use only,
and so (a) this minor safety issue probably doesn't cause issues in
practice, and (b) the fix doesn't break any existing code.
After this PR, the only two remaining uses of
unsafeare the following, which are likely important for performance (#229 introduced them and states "Benchmarks are around 1.5 x faster when using unsafe").rust-bio/src/pattern_matching/myers/simple.rs
Lines 143 to 158 in 480872e