Currently there's implicit trust in the fact that OCaml<T> values are created with the right type.
OCaml::new is marked unsafe as it should, but there are plenty of "safe" wrappers that don't guarantee that we have the right OCaml type. For example, OCamlClosure doesn't have type parameters, and the various call functions use caller-chosen types.
As more complex OCaml<T> types get implemented for various T, it would be good to have these guarantees at the right boundary, so that checks are done at most once and the specializations can trust that they work with the right in-memory representation.
One way to do that would be to introduce a trait that T implements that checks that a RawOCaml is safe to parse as an OCaml<T>.
As for the ocaml! macro which generates most conversions to OCaml<T>, I don't know the overhead of using the safe interfaces every time; assuming the declarations stay well-typed here may or may not be a good idea. For now I'd like to at least ensure safe interfaces exist.
Currently there's implicit trust in the fact that
OCaml<T>values are created with the right type.OCaml::newis marked unsafe as it should, but there are plenty of "safe" wrappers that don't guarantee that we have the right OCaml type. For example,OCamlClosuredoesn't have type parameters, and the various call functions use caller-chosen types.As more complex
OCaml<T>types get implemented for various T, it would be good to have these guarantees at the right boundary, so that checks are done at most once and the specializations can trust that they work with the right in-memory representation.One way to do that would be to introduce a trait that T implements that checks that a
RawOCamlis safe to parse as anOCaml<T>.As for the
ocaml!macro which generates most conversions toOCaml<T>, I don't know the overhead of using the safe interfaces every time; assuming the declarations stay well-typed here may or may not be a good idea. For now I'd like to at least ensure safe interfaces exist.