-
Notifications
You must be signed in to change notification settings - Fork 12.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[WIP] Constified slice::sort_unstable, sort_internals #102279
Conversation
(rust-highfive has picked a reviewer for you, use r? to override) |
library/core/src/slice/sort.rs
Outdated
// Mainly lhs and rhs being in the same allocated Object | ||
// and a multiple of their size apart. | ||
unsafe { lhs.offset_from(rhs) }.eq(&zero) | ||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Should those helper functions themself be unsafe?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yes they should, and they should document their precondition.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
But the the same safety comment would be duplicated 9 times for lt, 4 times for eq and 10 times for width.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
That indicates that the code is repeatedly doing the same subtle safety-relevant reasoning. This doesn't get better by not talking about it, it only gets better by restructuring the code in a way that avoids doing subtle safety-relevant reasoning in many places. (I don't know if that is possible, I don't have the time to do a detailed code review -- sorry.)
library/core/src/slice/sort.rs
Outdated
// (r.addr() - l.addr()) / mem::size_of::<T>() | ||
|
||
// SAFETY: To be investigated as noted above. | ||
(unsafe { r.offset_from(l) as usize }) / mem::size_of::<T>() |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
How should the const safety of this be verified?
What should the safety comment be exactly?
cc @RalfJung
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
You need to explain why these pointers are in the same allocation and their distance is an integer multiple of their size.
I am not familiar with this code unfortunately and won't be able to do a detailed review.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
cc @Gankra since the comment about maybe migrating was by them.
The current sort relies on comparing with null pointers, which is (currently) UB. I could add checks using I could investigate if i can adapt the algorithm to avoid null pointers but I don't know if that will be possible without large changes to the algorithm itself. |
77bf0aa
to
8192468
Compare
I went with adding null pointer checks at CT using |
☔ The latest upstream changes (presumably #104591) made this pull request unmergeable. Please resolve the merge conflicts. |
9d3478c
to
ecf4d16
Compare
☔ The latest upstream changes (presumably #107143) made this pull request unmergeable. Please resolve the merge conflicts. |
ecf4d16
to
b00c88b
Compare
b00c88b
to
441de53
Compare
☔ The latest upstream changes (presumably #107191) made this pull request unmergeable. Please resolve the merge conflicts. |
Constifies most of the sort related functions in core.
TODO:
Maybewait for Allow const iterator implementations #102225 to land and use theIterator
functions and for loops instead of manual while loops again.Open tracking issue#Tracking Issue for unstable sorting in const context #102307cc @RalfJung @fee1-dead