tustvold commented on code in PR #1866:
URL: https://github.com/apache/arrow-rs/pull/1866#discussion_r896113066
##########
arrow/src/buffer/immutable.rs:
##########
@@ -181,19 +181,14 @@ impl Buffer {
/// View buffer as typed slice.
///
- /// # Safety
+ /// # Panics
///
- /// `ArrowNativeType` is public so that it can be used as a trait bound
for other public
- /// components, such as the `ToByteSlice` trait. However, this means that
it can be
- /// implemented by user defined types, which it is not intended for.
- pub unsafe fn typed_data<T: ArrowNativeType + num::Num>(&self) -> &[T] {
- // JUSTIFICATION
- // Benefit
- // Many of the buffers represent specific types, and consumers of
`Buffer` often need to re-interpret them.
- // Soundness
- // * The pointer is non-null by construction
- // * alignment asserted below.
- let (prefix, offsets, suffix) = self.as_slice().align_to::<T>();
+ /// This function panics if the underlying buffer is not aligned
+ /// correctly for type `T`.
+ pub fn typed_data<T: ArrowNativeType>(&self) -> &[T] {
Review Comment:
I think https://doc.rust-lang.org/std/primitive.f32.html#method.from_bits is
relevant here, the short answer is it is perfectly safe to transmute arbitrary
bytes to floats, it may not be wise, but it is not UB.
In particular the standard library provides safe functions that transmute
u32 -> f32, u64 -> f64, and so I think it is fair to say all bit sequences are
valid.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
