Relax str::get_unchecked precondition to permit empty slicing #69385
Conversation
Prior to this commit, `str` documented that `get_unchecked` had the precondition that "`begin` must come before `end`". This would appear to prohibit empty slices (i.e. begin == end). In practice, get_unchecked is called often with empty slices. Let's relax the precondition so as to allow them.
|
Thanks for the pull request, and welcome! The Rust team is excited to review your changes, and you should hear from @shepmaster (or someone else) soon. If any changes to this PR are deemed necessary, please add them as extra commits. This ensures that the reviewer can see what has changed since they last reviewed the code. Due to the way GitHub handles out-of-date commits, this should also make it reasonably obvious what issues have or haven't been addressed. Large or tricky changes may require several passes of review and changes. Please see the contribution instructions for more information. |
rust-highfive
added
the
S-waiting-on-review
|
Surely get_unchecked is invalid on an empty slice, with any index? (Possibly modulo ZSTs, but even there I'm not sure). It was always my understanding that get_unchecked is UB exactly when get would return None; but this sort of implies that's not correct? Could you provide an example where this would be fine? |
|
An example is: I would expect this to work, despite violating the precondition that "the starting index must come before the ending index" |
let ptr = slice.as_ptr().add(self.start);
let len = self.end - self.start;
super::from_utf8_unchecked(slice::from_raw_parts(ptr, len))==> let ptr = "abc".as_ptr();
let len = 0 - 0;
super::from_utf8_unchecked(slice::from_raw_parts(ptr, len))==> super::from_utf8_unchecked(&[])==> "" |
|
Yes, that is the current observed behavior. However it is undefined, because it violates the precondition. My change adjusts the precondition to make this defined. Note it is purely a documentation change. |
|
@bors r+ rollup |
|
📌 Commit 9e41c4b has been approved by |
bors
added
S-waiting-on-bors
… r=nagisa Relax str::get_unchecked precondition to permit empty slicing Prior to this commit, `str` documented that `get_unchecked` had the precondition that "`begin` must come before `end`". This would appear to prohibit empty slices (i.e. begin == end). In practice, get_unchecked is called often with empty slices. Let's relax the precondition so as to allow them.
… r=nagisa Relax str::get_unchecked precondition to permit empty slicing Prior to this commit, `str` documented that `get_unchecked` had the precondition that "`begin` must come before `end`". This would appear to prohibit empty slices (i.e. begin == end). In practice, get_unchecked is called often with empty slices. Let's relax the precondition so as to allow them.
Rollup of 5 pull requests Successful merges: - #69372 (Updates links in various Compiler Error Index entries) - #69385 (Relax str::get_unchecked precondition to permit empty slicing) - #69386 (Fix minor error in `MaybeUninit::get_mut()` doc example) - #69394 (Clean up E0367 explanation) - #69405 (docs: Stdin::read_line: mention the appending) Failed merges: r? @ghost
|
(In hindsight, I missed that this was referring to a range index vs. a usize index). |
Prior to this commit,
strdocumented thatget_uncheckedhadthe precondition that "
beginmust come beforeend". This would appearto prohibit empty slices (i.e. begin == end).
In practice, get_unchecked is called often with empty slices. Let's relax
the precondition so as to allow them.