lint: add # Safety docs to FFI exports, clean up clippy warnings#10
Merged
Conversation
Make `make lint` (cargo clippy -D warnings, all-targets) green: - Add `# Safety` sections to all 20 public `qjd_*` extern "C" functions plus the test-panic export. A module-level shared-contract block in ffi.rs documents the common obligations (live doc, valid path slice, scratch-buffer lifetime, panic barrier) so per-function docs stay short. - Annotate the two `std::mem::transmute` calls with explicit types. - Collapse bracket-mismatch arms in validate_brackets into match guards. - Stop approximating PI in two tests; switch to arbitrary decimals. - Use Vec::resize instead of per-byte push loops in scanner test fixtures. - Make path::tests::parse's elided lifetime explicit. Drop `cargo fmt --check` from `make lint`: the codebase uses manual column alignment in struct definitions and compact single-line literals that default rustfmt would reflow. Recorded as a deferred item rather than reformatted, since style was an intentional choice. README "Roadmap / Deferred" updated: - Remove the safety-docs entry (done). - Refine AVX-512 estimate to 1.5-1.8x on the bench (L3-bandwidth bound per profile session, not a clean 2x). - Add `validate_brackets` fusion as a new deferred item: profiling showed it's 65% of parse time on structurally-dense JSON (0.3% on the current string-heavy bench), so it's a win for config/JSONL workloads but not for the current bench scenario.
Local review caught that swapping 3.14 → 2.5 (to silence clippy::approx_constant) accidentally removed the only f64 test exercising the decimal-to-binary rounding path: 2.5 is exactly representable in IEEE-754, as are the rest of the suite's values. Switch to 1.7, which is inexact like the original 3.14 was, and rename `f64_decimal` to `f64_inexact_decimal` so the intent is visible in the test name.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
# Safetysections to all 20 publicqjd_*FFI exports plus the test-panic export; a module-level shared-contract block keeps per-function docs short. Also fixes adjacent clippy warnings (transmute annotations, collapsible_if, approx_constant, same_item_push, hidden lifetime).cargo fmt --checkfrommake lint: the codebase uses intentional manual column alignment that default rustfmt would reflow. Tracked as a deferred decision in README rather than reformatted.validate_bracketsfusion as a new deferred item (profile showed it's 65% of parse on dense workloads, 0.3% on the current string-heavy bench).Test plan
make lint(clippy-D warnings, all-targets) — greencargo clippy --release --all-targets --no-default-features -- -D warnings— greencargo clippy --release --all-targets --features test-panic -- -D warnings— greencargo test --release— all integration + unit tests pass