Prevent bugs caused by elements with zero counts in the set. #31
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Since the map should never store elements with a count of 0, it is better to store the count as `NonZero<usize>` instead of `usize`. This also allows the `Iter` impl to become smaller and simpler. More importantly, before this change, it was possible to insert an element into the set with a count of zero using `insert_times(val, 0)`, which would've produced misbehavior such as `contains(&val)` returning `true`. The use of `NonZero` makes this bug pop out and less likely to be reintroduced in the future. Now `insert_times(val, 0)` is correctly treated as a no-op. Another source of an element with a count of zero was doing `insert_times(val, usize::MAX); insert_times(val, 1);` with overflow checks disabled, as they are by default in release mode. Now `insert_times()` checks for overflow of the inserted element count as well as the size of the whole set. There is a user-visible change in the signature of `distinct_elements` in that it now surfaces `NonZero<usize>` instead of `usize`. Other API are unchanged. This change also fixes a few clippy lints added over the years, about elided `'_` lifetimes, the bounds of `contains`'s `Q` parameter being specified twice, and missing `edition` key in the crate manifest.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Since the map should never store elements with a count of 0, it is better to store the count as
NonZero<usize>instead ofusize. This also allows theIterimpl to become smaller and simpler.More importantly, before this change, it was possible to insert an element into the set with a count of zero using
insert_times(val, 0), which would've produced misbehavior such ascontains(&val)returningtrue. The use ofNonZeromakes this bug pop out and less likely to be reintroduced in the future. Nowinsert_times(val, 0)is correctly treated as a no-op.Another source of an element with a count of zero was doing
insert_times(val, usize::MAX); insert_times(val, 1);with overflow checks disabled, as they are by default in release mode. Nowinsert_times()checks for overflow of the inserted element count as well as the size of the whole set.There is a user-visible change in the signature of
distinct_elementsin that it now surfacesNonZero<usize>instead ofusize. Other API are unchanged.This change also fixes a few clippy lints added over the years, about elided
'_lifetimes, the bounds ofcontains'sQparameter being specified twice, and missingeditionkey in the crate manifest.I know maintainer has not been present since 2020 and this is unlikely to be merged. I'm making this PR just so that anyone who stumbles upon this repository and wants to use it anyway is at least aware that this bug exists.
Also sent to modern-multiset