rust-lang / rust

Empowering everyone to build reliable and efficient software.

https://www.rust-lang.org

Other

97.34k stars 12.59k forks source link

Tracking Issue for `const_char_encode_utf8` #130512

Open bjoernager opened 2 weeks ago

bjoernager commented 2 weeks ago

Feature gate: #![feature(const_char_encode_utf8)]

This is a tracking issue for supporting char::encode_utf8 in const scenarios.

Public API

impl char {
    pub const fn encode_utf8(self, dst: &mut [u8]) -> &mut str;
}

Steps / History

[x] Implementation: #130511
[x] Address diagnostics: #130611
[ ] Final comment period (FCP)
[ ] Stabilization PR

Unresolved Questions

None yet.

dtolnay commented 2 weeks ago

@rfcbot fcp merge

const for https://doc.rust-lang.org/nightly/core/primitive.char.html#method.encode_utf8

rfcbot commented 2 weeks ago

Team member @dtolnay has proposed to merge this. The next step is review by the rest of the tagged team members:

[x] @Amanieu
[x] @BurntSushi
[x] @dtolnay
[ ] @joshtriplett
[ ] @m-ou-se

No concerns currently listed.

Once a majority of reviewers approve (and at most 2 approvals are outstanding), this will enter its final comment period. If you spot a major issue that hasn't been raised at any point in this process, please speak up!

See this document for info about what commands tagged team members can give me.

BurntSushi commented 2 weeks ago

I'll note that in the implementation PR, making this const seems to require making the panic error message worse (even in the case where encode_utf8 isn't used in a const context) and also introducing more uses of unsafe. I'm not especially happy about that.

bjoernager commented 2 weeks ago

The use of unsafe code cannot be avoided as long as slice indexes aren't const-friendly (AFAIK). But I would argue that this use is properly documented and (relatively) invulnerable to UB, although I am open to other views on this.

@RalfJung has also noted that core::intrinsics::const_eval_select could be used to regain full diagnostics in non-const calls – a feature which I would be more than happy trying to implement.

RalfJung commented 2 weeks ago

We could have a safe "const fn subslice" that does the bounds check and then uses unsafe from_raw_parts. That would avoid introducing new unsafe reasoning in encode_utf8 itself.

bjoernager commented 2 weeks ago

130611 resolves the diagnostics question. Can this be added without conflicting with the FCP?

BurntSushi commented 2 weeks ago

@bjoernager Yeah that should be fine. Thank you! I appreciate that. :-)

RalfJung commented 2 weeks ago

Plesse add a FIXME(const-hack) next to the const-eval-select to document that it should be removed again in the future, when possible.

bjoernager commented 2 weeks ago

Done. :)

rfcbot commented 3 days ago

:bell: This is now entering its final comment period, as per the review above. :bell: