Skip to content

Should Vec::as_ptr()/Vec::as_mut_ptr() return nullptr instead of the dangling value? #140410

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
cmazakas opened this issue Apr 28, 2025 · 4 comments
Open

Should Vec::as_ptr()/Vec::as_mut_ptr() return nullptr instead of the dangling value? #140410

cmazakas opened this issue Apr 28, 2025 · 4 comments
Labels
C-discussion Category: Discussion or questions that doesn't represent real issues. T-libs-api Relevant to the library API team, which will review and decide on the PR/issue.

Comments

@cmazakas
Copy link

In Rust's stdlib, the only way to know if the return from as_mut_ptr() is to check the .capacity() of the Vec.

While this is fine on its own, it does create an interesting interaction with system's APIs which expect either NULL or a valid pointer.

I think updating .as_ptr() and .as_mut_ptr() to return nullptr in the case of capacity() == 0 could help marginally reduce errors when using external APIs written in C or C++ where this idiom is common. There's a lot of debug checking that will specifically check for NULL but this isn't possible when the pointer's value is 0x1, as an example.
@rustbot rustbot added the needs-triage This issue may need triage. Remove it if it has been sufficiently triaged. label Apr 28, 2025
@lolbinarycat lolbinarycat added T-libs-api Relevant to the library API team, which will review and decide on the PR/issue. C-discussion Category: Discussion or questions that doesn't represent real issues. labels Apr 28, 2025
@saethlin
Copy link
Member

This isn't going to happen. These functions are trivial accessors; so I'm sure if we added logic to them that would cause a number of performance regressions in the wild. More importantly though, returning null just trades off one bug for another; any code doing NonNull::new(vec.as_ptr()).unwrap() would now have a problem.

@saethlin saethlin removed the needs-triage This issue may need triage. Remove it if it has been sufficiently triaged. label Apr 29, 2025
@ChrisDenton
Copy link
Member

We could have a new function that returns an Option<NonNull> or something like that which then has an additional guarantee not to be dangling. But that would need an API Change Proposal and a clear motivation.

@cuviper
Copy link
Member

cuviper commented Apr 29, 2025

We could have a new function that returns an Option<NonNull> or something like that which then has an additional guarantee not to be dangling.

... except for ZSTs which are always dangling, and always usize::MAX capacity.

@ChrisDenton
Copy link
Member

For ZSTs, such a function could just always return None. How useful that would be I don't know.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
C-discussion Category: Discussion or questions that doesn't represent real issues. T-libs-api Relevant to the library API team, which will review and decide on the PR/issue.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
6 participants
@cuviper @ChrisDenton @cmazakas @saethlin @lolbinarycat @rustbot