-
Notifications
You must be signed in to change notification settings - Fork 20
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
add wrapping_offset_from #244
Comments
After looking at the slice iterator code again, actually the ZST code path does not do pointer subtraction any more. So I guess that concrete motivation for I still think it would make sense to have a function that mirrors |
So, I've wanted a wrapping equivalent to In the PR your version is unsafe because it requires that the pointers be from the same object (and the pointers be an exact multiple of
This is somewhat surprising, since I think it'd be reasonable for users to expect the operation to behave as wrapping arithmetic on the addresses. IMO it's also not worth it -- That said, the non-const case seems a lot more useful... if the function were safe. While it's true that I think this would be true for I've found this to be the case in my own projects, which often end up with some utility function like the following (typed from memory): // in a utils.rs somewhere...
pub(crate) fn ptr_byte_diff<T>(a: *const T, b: *const T) -> isize {
a.addr().wrapping_sub(b.addr()) as isize
} Which is basically something like a (safe) Sadly, I have no idea what the non I also don't know if this is sufficiently useful to justify adding (especially if it would just be the version for the byte offset). I've found it useful, but perhaps it's too niche? (Not to mention, it can't support const in any way I can see. I don't think this is that bad (as mentioned) but it was the goal of your proposal...) |
I'm doubtful that will always work satisfyingly. But I don't have a counterexample.
A safe version of this can't be the exact dual to And indeed, it cannot be Note that a safe |
We discussed this in the libs-meeting today. With rust-lang/rust#92512 (comment) the primary motivation seems to be gone. And as thomcc explains other use-cases many want this to be a safe function but then we can't make it So we're closing this based on the given motivation. If there's a better one, maybe with different tradeoffs you can make an updated ACP. |
Proposal
Problem statement
Using
wrapping_offset
it is possible (even at const-time) to create pointers that are still associated with the original allocation they came from, but may point out-of-bounds of that allocation. One fairly common use of such an operation is for iterators over slices of ZST, where thebegin
andend
pointers are re-interpreted as "the difference between them (in bytes) is the remaining number of elements" but where they actually point is irrelevant (since ZST values do not carry any data, only their count is relevant). This need an operation to compute the distance between two such pointers created bywrapping_offset
. Currently, we do not offer such an operation: at runtime it is possible to cast the pointers to integers and do the subtraction there, but at compile time that will not work -- and also it seems preferable to avoid ptr-to-int casts when they are not actually needed.Motivating examples or use cases
I mentioned the ZST iterator above. Also see rust-lang/rust#92512.
Solution sketch
Add a
wrapping_offset_from
that allows subtracting pointers even if they are out-of-bounds or have wrapped the address space, as long as they originate from the same allocation.See rust-lang/rust#112837 for an implementation of this.
Alternatives
If we do nothing, implementing iterators in this way in
const fn
will remain impossible.We could weaken the
offset_from
requirements to allow out-of-bounds and wrapping difference. However that would destroy the symmetry indicating by the naming ofoffset
andoffset_from
.Links and related work
What happens now?
This issue is part of the libs-api team API change proposal process. Once this issue is filed the libs-api team will review open proposals as capability becomes available. Current response times do not have a clear estimate, but may be up to several months.
Possible responses
The libs team may respond in various different ways. First, the team will consider the problem (this doesn't require any concrete solution or alternatives to have been proposed):
Second, if there's a concrete solution:
The text was updated successfully, but these errors were encountered: