barrique 1.0.0

Portable binary serialiation format
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352

use crate::frame::FrameError;
use crate::region::{AllocOrd, Push, RegionBuffer, RegionError, Seed, REGION_SIZE};

use alloc::vec::Vec;
use core::mem::MaybeUninit;

/// Runtime error for [`Writer`] trait implementation
///
/// If `std` feature enabled, [`crate::decode::WriteError::Io`] variant included, as
/// analogue to [`std::io::Result`]
#[derive(Debug, thiserror::Error)]
pub enum WriteError {
    #[error("Requested buffer out of bounds")]
    OutOfBounds,
    #[cfg(feature = "std")]
    #[error(transparent)]
    Io(#[from] std::io::Error),
}

/// Result of [`Writer`] implementation methods
pub type WriteResult<T> = Result<T, WriteError>;

/// Trait for writing bytes into destination within context of the library.
///
/// # Allocation semantics
///
/// If used only within serializing context, caller will request **up to** 64 KiB
/// per call, but commitment of bytes written can vary depending on data
pub trait Writer {
    /// Allocate exactly `n` possibly uninitialized bytes caller will write to.
    ///
    /// # Advancement semantics
    ///
    /// [`Writer::allocate`] call must not advance the inner cursor, [`Writer::commit`]
    /// is the only method to advance a cursor.
    fn allocate(&mut self, n: usize) -> WriteResult<&mut [MaybeUninit<u8>]>;

    /// Commit `n` written bytes and advance the cursor.
    ///
    /// # Safety
    ///
    /// - advancing inner cursor by `n` must not overflow current capacity
    /// - `..n` bytes allocated from current cursor must be uninitialized.
    unsafe fn commit(&mut self, n: usize);
}

// Writer trait implementations for common types

impl<T> Writer for &mut T
where
    T: Writer,
{
    fn allocate(&mut self, n: usize) -> WriteResult<&mut [MaybeUninit<u8>]> {
        (**self).allocate(n)
    }

    unsafe fn commit(&mut self, n: usize) {
        unsafe { (**self).commit(n); }
    }
}

impl Writer for &mut [u8] {
    fn allocate(&mut self, n: usize) -> WriteResult<&mut [MaybeUninit<u8>]> {
        let slice = self.get_mut(n..).ok_or(WriteError::OutOfBounds)?;

        Ok(unsafe {
            // Safety: `Self` assumed to be initialized, to cast to `MaybeUninit` is allowed
            core::slice::from_raw_parts_mut(slice.as_mut_ptr().cast(), slice.len())
        })
    }

    #[inline]
    unsafe fn commit(&mut self, n: usize) {
        *self = unsafe {
            // Safety: caller guarantees `n` to not overflow
            core::mem::take(self).get_unchecked_mut(n..)
        }
    }
}

impl Writer for &mut [MaybeUninit<u8>] {
    #[inline]
    fn allocate(&mut self, n: usize) -> WriteResult<&mut [MaybeUninit<u8>]> {
        self.get_mut(n..).ok_or(WriteError::OutOfBounds)
    }

    #[inline]
    unsafe fn commit(&mut self, n: usize) {
        *self = unsafe {
            // Safety: caller guarantees `n` to not overflow
            core::mem::take(self).get_unchecked_mut(n..)
        }
    }
}

impl Writer for Vec<u8> {
    fn allocate(&mut self, n: usize) -> WriteResult<&mut [MaybeUninit<u8>]> {
        self.reserve(n);

        let slice = self.spare_capacity_mut();
        Ok(&mut slice[..n])
    }

    #[inline]
    unsafe fn commit(&mut self, n: usize) {
        unsafe {
            // Safety: caller guarantees bytes to be initialized and the
            // length to not overflow
            self.set_len(self.len() + n);
        }
    }
}

/// A helper function to write arbitrary initialized data into uninitialized
/// slice usually returned by [`Writer::allocate`] method.
///
/// # Panics
///
/// Function will panic if `src.len() > dst.len()`
#[inline]
pub(crate) fn write_to_uninit(src: &[u8], dst: &mut [MaybeUninit<u8>]) {
    if src.len() > dst.len() {
        panic!("Attempt to write with overflow")
    }
    unsafe {
        // Safety:
        // - &[u8] assumed to be initialized, so cast to possibly uninitialized
        //   slice is safe.
        // - mutable reference are exclusive, so ranges can not overlap.
        // - source checked to fit within the destination length.
        core::ptr::copy_nonoverlapping(src.as_ptr().cast(), dst.as_mut_ptr(), src.len());
    }
}

mod private {
    pub trait Sealed {}

    // Similar to `DecodeBearer`, user-defined implementations are forbidden
    impl<W: super::Writer> Sealed for super::StreamEncoder<W> {}
}

/// Bearer of an encoding pipeline.
///
/// In context of this crate, bearers are interfaces whose primary purpose is
/// to translate requested operations on in-memory bytes into a format that
/// can be flushed to or read from a source or destination, in compliance
/// with the specification.
///
/// In simpler terms, bearer will collect bytes requested to write until
/// region buffer is full or explicit flush performed, compress the data and
/// flush resulting region into generic destination. However, such description
/// is only applicable for [`EncodeBearer`] since [`DecodeBearer`] has
/// quite opposite behavior
pub trait EncodeBearer: private::Sealed {
    /// Write `bytes` into the region buffer of this bearer.
    ///
    /// # Request bulks
    ///
    /// It is strongly recommended to not request writes of more than `256` bytes
    /// per write, because the [`StreamEncoder`] implementation does not pack the
    /// data. For example, a request of 32 KiB data to write in case of half-full
    /// buffer will trigger a state switch, degrading performance and leaving
    /// a large span of unused capacity.
    ///
    /// Packing is not implemented as it would add additional runtime overhead
    /// and implementation complexity, especially for [`Decode`] implementations
    ///
    /// [`Decode`]: crate::decode::Decode
    fn write(&mut self, bytes: &[u8]) -> Result<(), RegionError>;
}

/// The one and only [`EncodeBearer`] implementation operating on
/// region streams.
///
/// Flushes are performed automatically when the region buffer is full,
/// but the final flush must be invoked by a caller explicitly.
///
/// # Example
///
/// Encoding a [`String`]:
///
/// ```
/// use barrique::encode::StreamEncoder;
/// use barrique::region::{max_encoded_size, AllocOrd};
///
/// let value = String::new("That's a barrique");
/// let mut dst = Vec::with_capacity(max_encoded_size(value.len()));
///
/// let mut bearer = StreamEncoder::new(&mut dst, 0.into(), AllocOrd::Auto(&value));
/// String::encode(&mut bearer, &value).unwrap();
///
/// // Final flush performed by the caller
/// bearer.flush().unwrap();
/// ```
///
/// # Panic
///
/// The [`EncodeBearer::write`] implementation will panic if inner
/// destination [`Writer`] implementation of this encoder returned
/// incorrect result
///
/// # The trait
///
/// The [`EncodeBearer`] trait is essentially a generic wrapper for this
/// struct, providing a cleaner interface for implementing type without
/// trait bounds inclusion and allowing to extend features in
/// the future without breaking API changes
pub struct StreamEncoder<W>
where
    W: Writer,
{
    region_buffer: RegionBuffer,
    authority: Push<W>,
}

impl<W> StreamEncoder<W>
where
    W: Writer,
{
    /// Constructs a new [`StreamEncoder`] with provided destination and [`Seed`].
    ///
    /// # Example
    ///
    /// ```
    /// use barrique::encode::StreamEncoder;
    /// use barrique::region::Seed;
    ///
    /// let mut dst = vec![];
    /// let bearer = StreamEncoder::new(&mut dst, Seed::empty(), Default::default());
    ///
    /// // Now we can call an `Encode` implementation on this bearer ...
    /// ```
    ///
    /// Note on the example: hash will be always zero because [`Seed::empty`] is
    /// an explicit market that the hash computation must be disabled.
    ///
    /// # Allocation semantics
    ///
    /// Each [`StreamEncoder`] constructor call allocates a region buffer with
    /// initial capacity equal to result of [`AllocOrd`] provided. Such semantics
    /// may add (miserable) runtime overhead, but results in a considerable
    /// memory usage decrease for smaller streams.
    ///
    /// If you have access to previously created decoder and your goal is only to
    /// switch the source, consider using [`StreamEncoder::relocate`] method,
    /// which does not reallocate internal buffer
    pub fn new<E>(dst: W, seed: Seed, ord: AllocOrd<E>) -> Self
    where
        E: Encode,
    {
        Self {
            region_buffer: RegionBuffer::new(ord.cap()),
            authority: Push::new(dst, seed),
        }
    }

    /// Flushes the region buffer and replaces the destination of this encoder
    /// with the new one.
    ///
    /// Unlike [`StreamEncoder::relocate_with_seed`], region hash remains
    /// unchanged, making this method useful in cases of operating on
    /// the same format.
    ///
    /// # Example
    ///
    /// ```
    /// use barrique::encode::StreamEncoder;
    /// use barrique::region::Seed;
    ///
    /// let mut dst = vec![];
    /// let mut bearer = StreamEncoder::new(&mut dst, 0.into(), Default::default());
    ///
    /// // Encoding a first value ...
    ///
    /// std::fs::write("serialized_1.bin", dst).unwrap();
    /// bearer.relocate(&mut dst).expect("Failed to relocate the bearer");
    /// 
    /// // Encoding a second value ...
    /// 
    /// std::fs::write("serialized_2.bin", dst).unwrap();
    /// ```
    pub fn relocate(&mut self, src: W) -> Result<(), RegionError> {
        self.relocate_with_seed(src, self.authority.seed())
    }

    /// Flushes current content of the region buffer and replaces the destination
    /// and seed of this encoder with the new values.
    ///
    /// This method differs from the main constructor in a way that it doesn't
    /// reconstruct the inner region buffer, avoiding reallocation.
    pub fn relocate_with_seed(&mut self, src: W, seed: Seed) -> Result<(), RegionError> {
        self.region_buffer.pass(&mut self.authority)?;
        self.authority = Push::new(src, seed);
        
        Ok(())
    }

    /// Flushes the current data in the region buffer
    pub fn flush(&mut self) -> Result<(), RegionError> {
        self.region_buffer.pass(&mut self.authority)?;
        Ok(())
    }
}

impl<W> EncodeBearer for StreamEncoder<W>
where
    W: Writer,
{
    fn write(&mut self, bytes: &[u8]) -> Result<(), RegionError> {
        if bytes.len() > REGION_SIZE {
            // Serving request greater than `REGION_SIZE` is not possible
            return Err(RegionError::OutOfBounds);
        }

        if self.region_buffer.remaining_cap() < bytes.len() {
            self.region_buffer.pass(&mut self.authority)?;
            self.region_buffer.swap();
        }

        unsafe {
            // Safety: `bytes` can not overlap with internal buffer allocation
            // since no interface provided to access it
            self.region_buffer.write_nonoverlapping(bytes);
        }

        Ok(())
    }
}

/// The [`Encode`] implementation runtime error
#[derive(Debug, thiserror::Error)]
pub enum EncodeError {
    #[error("Frame encoding error: \"{0}\"")]
    FrameError(#[from] FrameError),
    #[error("Encode bearer error: \"{0}\"")]
    BearerError(#[from] RegionError),
    #[error("{0}")]
    Other(&'static str),
}

/// A trait defining serialization of implementing type into a byte representation
/// for continuous storage.
pub trait Encode {
    /// Serialize `Self`, by requesting `bearer` to write encoded bytes.
    ///
    /// An implementation serializes `Self` by interpreting it into a byte format and requesting
    /// [`EncodeBearer`] to write format slice via [`EncodeBearer::write`] method
    fn encode(bearer: &mut impl EncodeBearer, src: &Self) -> Result<(), EncodeError>;

    /// Get a possible or actual size of serialized format of `Self` in bytes.
    fn size_of(&self) -> usize;
}