The replace_with_and_return F signature of FnOnce(T) -> (U, T) is rather awkward to use with Result'ing code.

What are your thoughts on a function that behaves similarly to replace_with_and_return, but tweaked to support Result and/or Option? A non-optimal path, but not quite a panic either. Something like:

pub fn replace_with_ok<T, U, D: FnOnce() -> T, F: FnOnce(T) -> Result<T, E>(
    dest: &mut T, 
    default: D,
    f: F
) -> Result<(), E>

I imagine the panic/abort behavior would remain the same. Using the default where applicable.

Though, I could see someone requesting a panic_default: D and err_default: D, but those don't match my use case as much.

Thoughts?

Hello,

Would it be possible to make some more functions which makes it possible to return a value.
In the abort case it may look like this:

pub fn replace_with_or_abort<T, U, F>(dest: &mut T, f: F) -> U where F: FnOnce(T) -> (T, U)

I can make a pr if you want.

Tage

This isn't a huge deal, but I wanted to point out that the documentation for no_std only appears on crates.io and on GitHub. It does not appear on docs.rs. However, I would expect docs.rs to be the primary entry point for newcomers discovering this crate. I think it might be helpful if to add it there as well. There are some really important things to consider in a no_std context.

Thanks for providing this crate, by the way. It's been exactly what I needed in a handful of cases.

The two functions:

• replace_with
• replace_with_and_return

Both have undefined behavior, since they can cause a double use if the default closure provided panics.

While the documentation says that default should not panic, because they are both safe functions default panicing must not cause undefined behavior.

An important note

On panic (or to be more precise, unwinding) of the closure f, default will be called to provide a replacement value. default should not panic – doing so will constitute a double panic and will most likely abort the process.

Panicing while unwinding may cause the process to abort, but you cannot rely on it for soundness, so the following example has ub.

let mut string = String::new();

replace_with(
    &mut string, 
    || panic!(),  // if this panic doesn't cause abort `string` will be freed twice
    |s| { 
        drop(s); // `s´ dropped here
        
        panic!()
    }
);

drop(string); // use after free

The solution is to check if default panics and abort the process.

Hi,

When clicking the link in the README, one comes to this site (no docs exists):
https://docs.rs/replace_with/0.1.5/replace_with/fn.replace_with_or_abort_unchecked.html

It seems that documentation is not generated for this function, but I have not looked deeper than that.

In the readme to this package you state:

It's very akin to take_mut, though uses Drop instead of std::panic::catch_unwind() to react to unwinding, which avoids the optimisation barrier of calling the extern "C" __rust_maybe_catch_panic(). As such it's up to ∞x faster.

I was wondering if you could go into detail here, in particular whether catch_unwind() causes any optimisation barriers in the case where there is no panic (it seems like it does due to the "maybe").

I've also written the following function, which does an inplace replacement of a vector. It doesn't require Default or Clone. The behaviour on failure is to take the last element of the vector and move it in the vector in the spot where the function panicked, and then simply slice the last element from the vector (as it is now moved and doesn't need to be dropped). My implementation seems to work but uses catch_unwind. I was wondering whether there was a better approach here that avoids the catch_unwind() call, particularly if it inhibits optimisation as you suggest (feel free to include any of this in your library as well).

    fn inplace_vec_map<T>(f: impl Fn(T) -> T, mut x: Vec<T>) -> Vec<T> {
        let mut ptr_and_error: Option<(*mut T, _)> = None;

        for item_ref in &mut x {
            unsafe {
                let y1: T = std::ptr::read(item_ref);
                let y2 = std::panic::catch_unwind(std::panic::AssertUnwindSafe(|| f(y1)));
                match y2 {
                    Ok(result) => std::ptr::write(item_ref, result),
                    Err(error) => {
                        ptr_and_error = Some((item_ref, error));
                        break;
                    }
                }
            }
        }

        if let Some((item_ptr, error)) = ptr_and_error {
            let last_index = x.len() - 1;
            unsafe {
                std::ptr::write(item_ptr, std::ptr::read(x.get_unchecked(last_index)));
                x.set_len(last_index);
                std::panic::resume_unwind(error);
            }
        }
        x
    }

Please add a GPLv2-compatible licensing option like MIT or ISC. This would make it practical for me to use and contribute this project, and I suppose some others may feel similarly.