Skip to content

Vec::from_raw_parts docs incorrectly suggest the pointer is legal to be null #19269

Closed
@mahkoh

Description

@mahkoh
Contributor

Activity

changed the title [-]Vec::from_raw_parts causes UB if ptr is null[/-] [+]Vec::from_raw_parts incorrectly allow the pointer to be null[/+] on Nov 24, 2014
thestinger

thestinger commented on Nov 24, 2014

@thestinger
Contributor

The documentation is misleading. The pointer is not allowed to be null.

changed the title [-]Vec::from_raw_parts incorrectly allow the pointer to be null[/-] [+]Vec::from_raw_parts docs incorrectly suggest the pointer is legal to be null[/+] on Nov 24, 2014
mitsuhiko

mitsuhiko commented on Nov 24, 2014

@mitsuhiko
Contributor

How do you make an empty slice if the pointer is not allowed to be null?

thestinger

thestinger commented on Nov 24, 2014

@thestinger
Contributor

@mitsuhiko: The underlying representation is an implementation detail and shouldn't be documented beyond the ability to convert the raw parts obtained from a vector back into a vector.

thestinger

thestinger commented on Nov 24, 2014

@thestinger
Contributor

The language and library documentation has a love affair with making far too many promises about the implementation. In the vector module, there are numerous errors when it comes to information about the vector's capacity too. It tends to guarantee that the capacity is exactly what was asked for rather than at least that much. It is allowed to set the capacity to a value provided by the allocator.

mitsuhiko

mitsuhiko commented on Nov 24, 2014

@mitsuhiko
Contributor

Does that mean you are required to special case the empty case and then use a different way to make an empty vector?

thestinger

thestinger commented on Nov 24, 2014

@thestinger
Contributor

No, it means you can't use this method outside of the standard library beyond converting from an existing vector.

thestinger

thestinger commented on Nov 24, 2014

@thestinger
Contributor

If what you're asking is how it does this internally, the answer is that empty vectors along with zero-size allocations in general are allowed to be entirely arbitrary pointers. They will never be dereferenced and the compiler / library code will never attempt to deallocate them.

thestinger

thestinger commented on Nov 24, 2014

@thestinger
Contributor

The documentation is not supposed to cover these implementation details. It would make sense to cover it in comments (which it is) or internal design documentation.

mitsuhiko

mitsuhiko commented on Nov 24, 2014

@mitsuhiko
Contributor

In that case I suppose the docs should say: can only be constructed from components of an already existing vector.

added a commit that references this issue on Nov 25, 2014
193b9e5
added a commit that references this issue on Dec 8, 2014

auto merge of #19306 : steveklabnik/rust/gh19269, r=nikomatsakis,brson

2e996ff

2 remaining items

Loading
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

      Development

      Participants

      @mitsuhiko@huonw@thestinger@mahkoh

      Issue actions

        Vec::from_raw_parts docs incorrectly suggest the pointer is legal to be null · Issue #19269 · rust-lang/rust