frankmcsherry
commented
6 years ago For example, once candidate reconciliation would be to write a method
fn embalm<T: Abomonation>(bytes: &mut [u8])which interprets bytes as a &T and performs all of the appropriate address sanitization, retaining that ability for people who are excited about this, but making it be part of a second pass for people who are less excited about it.
This PR is a major version bump, and is a breaking change in a bunch of ways. The most significant is that
encodeandentombare both generic with respect to aW: Write, and return an::std::io::Result<()>rather than nothing at all. The second most significant is thatembalmdoesn't exist any more, and that was the method that cleaned up your pointers to avoid leaking info about your memory addresses.These two were fundamentally in conflict, and the second was also in conflict with performance (as we will see). I'm open to thoughts on their reconciliation;
embalmis not conceptually complicated, it just requires post memcpy write access to the writer.Most of this PR is simplification and result propagation. There are some performance wins in the benchmarks, presumably due to not having to return to the data to overwrite addresses. The benchmarks should be unaffected on the decode side, as no code was changed there. Other than not erasing addresses, the formats should be the same too (equivalent to in memory representation).
Here are the benchmark changes in
bench.rs:And the changes in
serde.rs:These are pretty decent improvements where there were pointers to update, and the only "regression" is
u8_u64, which I have to imagine is just down to randomness.At the same time, we should now be able to
encodeinto types other thanVec<u8>, including but not limited to&mut [u8],File,TcpStream, and other friends. Note that&mut [u8]will error if it isn't large enough to hold the results, and so you should use the newAbomonationSizetrait to be sure that it is before callingencode.