New `slotmap-careful` crate to use when we mustn't re-use keys. (!2298) · Merge requests · The Tor Project / Core / Arti

Nick Mathewson requested to merge nickm/arti:careful-slotmap into main Jul 31, 2024

This crate works as a drop-in replacement for the generational arena types slotmap::{SlotMap, DenseSlotMap, HopSlotMap}, and is implemented a set of wrappers around those types.

The wrappers guarantee that slot versions numbers can never wrap around by marking as unusable any slot whose version number would otherwise get too high. (We add some leeway between our max allowed version number and the largest possible version number, so that we can detect bugs.)

The code relies on the serde encoding of slotmap key versions.
For notes on stability and (surprisingly good) performance,
see the comments.

Test coverage is around 95%.

key_data.rs, since the error cases are unreachable given
slotmap's current behavior.

Open questions:

  * What further testing is a good idea?

  * Will slotmap ever upstream something like this?

See "# Limitations" comment for the parts of slotmap that are not implemented; I hope that we don't need them.

Edited Aug 08, 2024 by Nick Mathewson

New `slotmap-careful` crate to use when we mustn't re-use keys.

Merge request reports