Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

BatString.ml should use unsafe versions of set and get #836

Merged
merged 3 commits into from
Mar 24, 2018
Merged

BatString.ml should use unsafe versions of set and get #836

merged 3 commits into from
Mar 24, 2018

Conversation

murmour
Copy link
Contributor

@murmour murmour commented Feb 19, 2018

This gives a slight performance boost to one of my programs.

@murmour murmour force-pushed the String-tweaks branch 2 times, most recently from ff28298 to 6f1f376 Compare February 19, 2018 05:25
@UnixJunkie
Copy link
Member

Is it always guaranteed that i is in [0..n-1]?
This will need to be carefully reviewed by several maintainers I think.

@murmour
Copy link
Contributor Author

murmour commented Feb 20, 2018

Is it always guaranteed that i is in [0..n-1]?

I have carefully reviewed the changes again, and believe so, yes.

@gasche
Copy link
Member

gasche commented Feb 20, 2018

In 266d5f6 I started annotating occurrences of unsafe_{get,set} with static assertions in comments, to check that the invariants are indeed respected. I think we should consider completing this annotation work before merging the PR, but I have other things to do for the rest of the day. Feel free to help!

(In OCaml, assert is not disabled in builds, so using assert for static conditions is not a good way to remove array-access checks. It would be nice if we could use something like Why3 from OCaml to check those facts statically.)

@UnixJunkie
Copy link
Member

I'll try to read the full diff tomorrow.
I need a fresh head.
I am worried it could insert security problems.

@UnixJunkie UnixJunkie self-assigned this Feb 20, 2018
@murmour
Copy link
Contributor Author

murmour commented Feb 27, 2018

@gasche

In 266d5f6 I started annotating occurrences of unsafe_{get,set} with static assertions in comments, to check that the invariants are indeed respected. I think we should consider completing this annotation work before merging the PR, but I have other things to do for the rest of the day. Feel free to help!

A great idea!

I've added assertions to those functions that are affected by the PR (except a couple of really trivial cases), so that we could be more sure that the change does not cause regressions.

gasche
gasche reviewed Feb 27, 2018
View reviewed changes
src/batString.mlv Outdated
if BatChar.is_digit (unsafe_get s1 0) && BatChar.is_digit (unsafe_get s2 0) then
(* groups are never empty, so index 0 is always valid *)
if BatChar.is_digit (unsafe_get s1 0) &&
BatChar.is_digit (unsafe_get s2 0) then
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't trust the Enum module enough to ensure this property (or have you went to annotate all Enum functions involved here with static assertions to "prove" this as well?). You don't risk undefined behavior on trusting another module's interface specifications. I that you must use safe accessors here -- in any case, the overhead of Enum largely drowns out any bound access cost.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Your arguments are convincing. I've reverted this change.

@UnixJunkie
Copy link
Member

'len-1' should be written 'len - 1'.
There are several changes like this, this is not the standard OCaml convention.

@UnixJunkie
Copy link
Member

Appart for lines 405..410 and 732 (indentation), I am OK with the changes.
It would have been easier to review if only unsafe_get was introduced, not unsage_get plus
some indentation changes.
Sorry for sounding grumpy, but this is a useful contribution so thank you.

@murmour
Copy link
Contributor Author

murmour commented Mar 7, 2018

I've reverted a few unnecessary changes.

@murmour
Copy link
Contributor Author

murmour commented Mar 24, 2018

The branch was rebased to resolve conflicts. Are there any outstanding issues remaining?

@gasche gasche merged commit 1cbc430 into ocaml-batteries-team:master Mar 24, 2018
@gasche
Copy link
Member

gasche commented Mar 24, 2018

Thanks for the ping, merged.

(For the record, I have mixed feelings about using unsafe operations, but I believe we have used due diligence here to avoid problems.)

@gasche gasche mentioned this pull request Sep 11, 2018
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@gasche gasche gasche left review comments

Assignees

@UnixJunkie UnixJunkie

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@murmour @UnixJunkie @gasche