Movatterモバイル変換


[0]ホーム

URL:


Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

Sign up
Appearance settings

WIP: Convert Partial API to ownership-based pattern#970

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to ourterms of service andprivacy statement. We’ll occasionally send you account related emails.

Already on GitHub?Sign in to your account

Draft
fasterthanlime wants to merge5 commits intomain
base:main
Choose a base branch
Loading
frompartial-ownership-api

Conversation

@fasterthanlime
Copy link
Contributor

Summary

This PR migrates thePartial API from a mutable reference pattern (&mut self) to an ownership-based pattern (self).

Changes

  • Partial methods now takeself instead of&mut self and returnResult<Self, ReflectError> instead ofResult<&mut Self, ReflectError>
  • TypedPartial updated to match the new ownership API
  • Poisoning logic removed - cleanup now happens automatically inDrop when errors consume thePartial
  • Fuzzer updated to useOption<Partial> pattern for handling operations that may fail

Benefits

  1. Simpler error handling - No poisoning logic needed, errors naturally consume the value
  2. Cleaner semantics - Ownership transfer makes state transitions explicit
  3. No invalid states - Can't accidentally use a Partial after an error
  4. Rust-idiomatic - Follows builder pattern conventions

Still TODO

  • Update facet-json deserializer
  • Update facet-yaml deserializer
  • Update facet-toml deserializer
  • Update facet-msgpack deserializer
  • Update facet-kdl deserializer
  • Update facet-value deserialize.rs
  • Update all tests

Migration Pattern

// BEFORE: Mutable referencepartial.begin_field("name")?;partial.set(42u32)?;partial.end()?;// AFTER: Ownership transferpartial = partial.begin_field("name")?;partial = partial.set(42u32)?;partial = partial.end()?;

Seefacet-reflect/OWNERSHIP_API_MIGRATION.md for complete migration guide.

Test plan

  • All tests pass
  • Fuzzer runs without crashes/leaks
  • Miri passes

This commit migrates Partial methods from taking `&mut self` and returning`Result<&mut Self, ReflectError>` to taking `self` (ownership) and returning`Result<Self, ReflectError>`.Benefits:- Simpler error handling - no poisoning logic needed- Cleaner semantics - ownership transfer makes state transitions explicit- No invalid states - can't accidentally use a Partial after an error- Rust-idiomatic - follows builder pattern conventionsChanges:- All Partial methods now take `self` instead of `&mut self`- TypedPartial updated to match the ownership API- Removed poisoning logic (require_active, poison_and_cleanup, BuildFailed)- Fuzzer updated to use Option<Partial> pattern for error handlingStill TODO:- Update all deserializers (facet-json, facet-yaml, facet-toml, etc.)- Update facet-value deserialize.rs- Update all testsSee OWNERSHIP_API_MIGRATION.md for migration patterns.
- Convert all deserializers to use the new ownership API pattern- Replace &mut self methods with self -> Result<Self, Error>- Capture path/shape before ownership-taking calls for error handling- Use match blocks instead of map_err closures to avoid borrow-after-move- Update HeapValue::materialize for final type conversion

/// Deserialize a struct from a JSON object.
fndeserialize_struct(&mutself,wip:&mutPartial<'input>) ->Result<()>{
fndeserialize_struct(&mutself,mutwip:Partial<'input>) ->Result<Partial<'input>>{

Check warning

Code scanning / clippy

variable does not need to be mutable Warning

variable does not need to be mutable
log::trace!(
"deserialize_struct_with_flatten: {}",
wip.shape().type_identifier
wip = wip.shape().type_identifier

Check warning

Code scanning / clippy

named argument wip is not used by name Warning

named argument wip is not used by name
message:format!(
"cannot deserialize into reference type '{}' - references require borrowing from existing data",
wip.shape().type_identifier
wip = wip.shape().type_identifier

Check warning

Code scanning / clippy

named argument wip is not used by name Warning

named argument wip is not used by name
With the ownership-based Partial API, these tests are no longer needed:- double_free_test.rs: Double-free is impossible by construction- dynamic_value_segv_test.rs: Uses old inner_mut() API- leak_repro.rs: Uses old inner_mut() APIThe type system now enforces proper ownership, making these failuremodes impossible. The fuzzer can still catch any remaining issues.Updated map_leak_test.rs for the ownership API pattern.
- Remove TypedPartial wrapper, Partial::alloc::<T>() now returns Partial directly- Update tests to use .materialize::<T>()? instead of HeapValue dereference- Fix .unwrap_err() calls that require Debug on Partial (use match instead)- Remove obsolete map_leak_test.rs which tested invalid begin_inner() operation
Copy link

@github-advanced-securitygithub-advanced-securitybot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others.Learn more.

clippy found more than 20 potential problems in the proposed changes. Check theFiles changed tab for more details.

Sign up for freeto join this conversation on GitHub. Already have an account?Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@fasterthanlime

[8]ページ先頭

©2009-2025 Movatter.jp