Skip to content

Commit

Permalink
Auto merge of #41602 - hsivonen:explainnonnull, r=steveklabnik
Browse files Browse the repository at this point in the history
Explain why zero-length slices require a non-null pointer

In reference to [a thread on Discourse](https://users.rust-lang.org/t/why-does-std-slice-from-raw-parts-require-a-non-null-pointer-for-zero-length-slices/10534), explain why `from_raw_parts` requires a non-null pointer for zero-length slices.

r? @steveklabnik
  • Loading branch information
bors committed Apr 30, 2017
2 parents 78f6318 + e36f59e commit c0f86f5
Show file tree
Hide file tree
Showing 2 changed files with 10 additions and 3 deletions.
8 changes: 6 additions & 2 deletions src/libcore/slice/mod.rs
Original file line number Diff line number Diff line change
Expand Up @@ -2354,7 +2354,10 @@ impl<'a, T> FusedIterator for ChunksMut<'a, T> {}
/// valid for `len` elements, nor whether the lifetime inferred is a suitable
/// lifetime for the returned slice.
///
/// `p` must be non-null, even for zero-length slices.
/// `p` must be non-null, even for zero-length slices, because non-zero bits
/// are required to distinguish between a zero-length slice within `Some()`
/// from `None`. `p` can be a bogus non-dereferencable pointer, such as `0x1`,
/// for zero-length slices, though.
///
/// # Caveat
///
Expand Down Expand Up @@ -2387,7 +2390,8 @@ pub unsafe fn from_raw_parts<'a, T>(p: *const T, len: usize) -> &'a [T] {
///
/// This function is unsafe for the same reasons as `from_raw_parts`, as well
/// as not being able to provide a non-aliasing guarantee of the returned
/// mutable slice.
/// mutable slice. `p` must be non-null even for zero-length slices as with
/// `from_raw_parts`.
#[inline]
#[stable(feature = "rust1", since = "1.0.0")]
pub unsafe fn from_raw_parts_mut<'a, T>(p: *mut T, len: usize) -> &'a mut [T] {
Expand Down
5 changes: 4 additions & 1 deletion src/libcore/str/mod.rs
Original file line number Diff line number Diff line change
Expand Up @@ -319,7 +319,10 @@ pub fn from_utf8_mut(v: &mut [u8]) -> Result<&mut str, Utf8Error> {
///
/// The data must be valid UTF-8
///
/// `p` must be non-null, even for zero-length str.
/// `p` must be non-null, even for zero-length strs, because non-zero bits
/// are required to distinguish between a zero-length str within `Some()`
/// from `None`. `p` can be a bogus non-dereferencable pointer, such as `0x1`,
/// for zero-length strs, though.
///
/// # Caveat
///
Expand Down

0 comments on commit c0f86f5

Please sign in to comment.