Wicpar
commented
7 months ago in addition to the PR #1488
i see a big change that can be made in iobuf by using const generics in the config for the segment size. As they do not change during runtime they could be type defined, and thus allow for safe
#[repr (C, align (8192))]
struct AlignedBuf<const N: usize>([u8; N])then implement deref and deref mut and eliminate all of the pointer based unsafes, and at the same time allow the compiler to optimize range checks away during slice access. The only hicup is the memset to zero as you can see here: https://godbolt.org/z/PEj6h4YoP
it can be circumvented by a MaybeUninit and in that case the generated assembly is identical to the more unsafe version.
Use Case:
Unsafe is used almost everywhere in the code. No benchmarks are there to make sure that they give a true benefit over safe alternatives.
One instance if find a bit too unsafe-happy is
which even if it is correct now can very easily break at no additional gain in performance, it's literally the same as the safe version: compiler explorer
Proposed Change:
progressively phase out unsafe code where possible, and where impossible wrap them in primitives that can be extracted to a well tested subcrate, leaving the main crate eventually
#![forbid(unsafe_code)]Who Benefits From The Change(s)?
The whole community, from safe rust garantees, the devs for less bugs to fix, less cases to test
Alternative Approaches
live dangerously