mirror of
https://github.com/rust-lang/rust.git
synced 2024-11-27 01:04:03 +00:00
3406ada96f
rename ptr::invalid -> ptr::without_provenance It has long bothered me that `ptr::invalid` returns a pointer that is actually valid for zero-sized memory accesses. In general, it doesn't even make sense to ask "is this pointer valid", you have to ask "is this pointer valid for a given memory access". We could say that a pointer is invalid if it is not valid for *any* memory access, but [the way this FCP is going](https://github.com/rust-lang/unsafe-code-guidelines/issues/472), it looks like *all* pointers will be valid for zero-sized memory accesses. Two possible alternative names emerged as people's favorites: 1. Something involving `dangling`, in analogy to `NonNull::dangling`. To avoid inconsistency with the `NonNull` method, the address-taking method could be called `dangling_at(addr: usize) -> *const T`. 2. `without_provenance`, to be symmetric with the inverse operation `ptr.addr_without_provenance()` (currently still called `ptr.addr()` but probably going to be renamed) I have no idea which one of these is better. I read [this comment](https://github.com/rust-lang/rust/pull/117658#issuecomment-1830934701) as expressing a slight preference for something like the second option, so I went for that. I'm happy to go with `dangling_at` as well. Cc `@rust-lang/opsem` |
||
|---|---|---|
| .. | ||
| assembly | ||
| auxiliary | ||
| codegen | ||
| codegen-units | ||
| coverage | ||
| coverage-run-rustdoc | ||
| debuginfo | ||
| incremental | ||
| mir-opt | ||
| pretty | ||
| run-make | ||
| run-make-fulldeps | ||
| run-pass-valgrind | ||
| rustdoc | ||
| rustdoc-gui | ||
| rustdoc-js | ||
| rustdoc-js-std | ||
| rustdoc-json | ||
| rustdoc-ui | ||
| ui | ||
| ui-fulldeps | ||
| COMPILER_TESTS.md | ||