ssbr commented on code in PR #6551:
URL: https://github.com/apache/arrow-rs/pull/6551#discussion_r1799999535
##########
arrow-buffer/src/util/bit_mask.rs:
##########
@@ -127,16 +127,16 @@ unsafe fn set_upto_64bits(
}
/// # Safety
-/// The caller must ensure all arguments are within the valid range.
+/// The caller must ensure `data` has `offset..(offset + 8)` range
#[inline]
unsafe fn read_bytes_to_u64(data: &[u8], offset: usize, count: usize) -> u64 {
debug_assert!(count <= 8);
- let mut tmp = std::mem::MaybeUninit::<u64>::new(0);
+ let mut tmp : u64 = 0;
let src = data.as_ptr().add(offset);
unsafe {
- std::ptr::copy_nonoverlapping(src, tmp.as_mut_ptr() as *mut u8, count);
- tmp.assume_init()
+ std::ptr::copy_nonoverlapping(src, &mut tmp as *mut _ as *mut u8,
count);
Review Comment:
Sorry, I don't know how to use github review. I meant to leave a comment and
mark conversation as resolved (that's how it works with the code review tool at
work), but I hit the button and it ate my comment and immediately closed the
thread.
This is a good point. I don't want to change the behavior in this PR, to
keep it easy to merge / a completely clear net improvement PR, so I just
changed the comment.
In general, I am in favor of adding runtime checks everywhere and removing
all `unsafe`, but I worry that it would defeat the point of these files, which
are trying so hard to be fast and unsafe and stuff. I wouldn't know what
benchmarks to check for regressions in, so I'd prefer to leave that kind of
change to the code owners.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
