Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Stabilize `str::len`, `[T]::len` and `str::as_bytes` as const fn #63770

Open
wants to merge 8 commits into
base: master
from

Conversation

@oli-obk
Copy link
Contributor

commented Aug 21, 2019

r? @Centril

cc @RalfJung

This also introduces a scheme for making certain feature gates legal in stabilized const fns

src/libcore/lib.rs Outdated Show resolved Hide resolved
src/libcore/lib.rs Outdated Show resolved Hide resolved
src/libcore/slice/mod.rs Outdated Show resolved Hide resolved
src/libcore/str/mod.rs Outdated Show resolved Hide resolved
src/libcore/slice/mod.rs Show resolved Hide resolved
src/test/ui/consts/const-eval/strlen.rs Show resolved Hide resolved
src/librustc_mir/transform/qualify_min_const_fn.rs Outdated Show resolved Hide resolved
@Centril

This comment has been minimized.

Copy link
Member

commented Aug 21, 2019

cc also @eddyb

src/libsyntax/feature_gate.rs Outdated Show resolved Hide resolved
@Centril

This comment was marked as resolved.

Copy link
Member

commented Aug 21, 2019

Before merging this I would also like to see a new chapter in the rustc guide about standard library development which (for now, in the interest of time) documents allow_internal_unstable(...) and specifically its relation to const_fn_union with notes that (to avoid accidents):

  1. new uses must respect "CTFE is correct if, when it loops forever, completes with a result, or panics, that behavior matches the run-time behavior of the same code." i.e. the determinism at run-time we have been discussing,

  2. new uses also need sign-off from T-Lang through FCP.

(Eventually we should fill that chapter with more stuff about stability, rustc_ attributes, various guidelines, and whatnot but that's for a later time and not this PR...)

@oli-obk

This comment has been minimized.

Copy link
Contributor Author

commented Aug 21, 2019

all review points have been addressed

@Centril Centril removed the needs-fcp label Aug 22, 2019

@Centril

This comment has been minimized.

Copy link
Member

commented Aug 22, 2019

Dear libs and language teams and the community at large...

...I propose that we stabilize the following functions as const fn as it seems clear (to me) that committing to these being const fn is a safe commitment:

  • str::len, str::is_empty, and str::as_bytes
  • [T]::len and [T]::is_empty.

The language team element in this FCP consists of accepting the internal use of #[allow_internal_unstable(const_fn_union)] as seen throughout this PR.

We are not stabilizing const_fn_union at this time because it can be used to transmute between types. This in turn would allow you to encode the operation *[const|mut] T -> usize which can be used to observe addresses during execution. However, a const fn must retain deterministic execution even at run-time as laid out by @RalfJung: - "CTFE is correct if, when it loops forever, completes with a result, or panics, that behavior matches the run-time behavior of the same code.". As such, a const fn which behaves non-deterministically at run-time has undefined behavior. At this point in time we lack sufficient educational material to stabilize this for everyone but can still make internal use of it.

Our policy-to-be re. allow_internal_unstable with regards to const fn is documented here. Additionally, we would appreciate that you always ping @oli-obk, @RalfJung, and @Centril if you are adding more allow_internal_unstable attributes to any const fn.

@rfcbot merge

@rfcbot

This comment has been minimized.

Copy link

commented Aug 22, 2019

Team member @Centril has proposed to merge this. The next step is review by the rest of the tagged team members:

No concerns currently listed.

Once a majority of reviewers approve (and at most 2 approvals are outstanding), this will enter its final comment period. If you spot a major issue that hasn't been raised at any point in this process, please speak up!

See this document for info about what commands tagged team members can give me.

src/libcore/slice/mod.rs Outdated Show resolved Hide resolved
@RalfJung

This comment has been minimized.

Copy link
Member

commented Aug 24, 2019

However, a const fn must retain deterministic execution even at run-time

To elaborate on that, here's a "bad" const fn:

const fn mk_int() -> usize {
  let v = 42;
  &v as *const _ as usize
}

If we allow raw-to-int casts (or union accesses or transmute, both of which let users implement said casts), such a const fn can be written by stable (unsafe) code.

What's bad about that function is that it would be desirable for unsafe code, and maybe even for the compiler, to rely on the fact that a function with signature const fn() -> usize will always return the same thing, even when called at run-time.

@Centril

This comment has been minimized.

Copy link
Member

commented Aug 24, 2019

To elaborate on that, here's a "bad" const fn:

@oli-obk might be a good idea to add to the rustc guide PR also.

@Centril Centril added the I-nominated label Aug 30, 2019

@@ -435,6 +435,30 @@ pub fn find_by_name(attrs: &[Attribute], name: Symbol) -> Option<&Attribute> {
attrs.iter().find(|attr| attr.check_name(name))
}

pub fn allow_internal_unstable<'a>(

This comment has been minimized.

Copy link
@Centril

Centril Sep 1, 2019

Member
Suggested change
pub fn allow_internal_unstable<'a>(
pub fn allow_internal_unstable_list<'a>(

(suggests an action performed as currently named)

@Centril

This comment has been minimized.

Copy link
Member

commented Sep 1, 2019

r=me with comment above addressed and #63770 (comment) incorporated into the rustc guide once FCP has completed.

@oli-obk

This comment has been minimized.

Copy link
Contributor Author

commented Sep 1, 2019

Ping @Kimundi @joshtriplett @nikomatsakis @pnkfelix @withoutboats the FCP is waiting on an action by you

@nikomatsakis

This comment has been minimized.

Copy link
Contributor

commented Sep 12, 2019

@rfcbot fcp reviewed

@rfcbot

This comment has been minimized.

Copy link

commented Sep 12, 2019

🔔 This is now entering its final comment period, as per the review above. 🔔

@Centril Centril removed the I-nominated label Sep 13, 2019

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.