Skip to content

Clarify one-past-the-end pointer validity#154370

Open
justanotheranonymoususer wants to merge 1 commit intorust-lang:mainfrom
justanotheranonymoususer:clarify-ptr-add
Open

Clarify one-past-the-end pointer validity#154370
justanotheranonymoususer wants to merge 1 commit intorust-lang:mainfrom
justanotheranonymoususer:clarify-ptr-add

Conversation

@justanotheranonymoususer
Copy link
Contributor

@justanotheranonymoususer justanotheranonymoususer commented Mar 25, 2026

It's documented that vec.as_ptr().add(vec.len()) is safe, but the main safety condition wasn't clear enough.

@rustbot rustbot added S-waiting-on-review Status: Awaiting review from the assignee but also interested parties. T-libs Relevant to the library team, which will review and decide on the PR/issue. labels Mar 25, 2026
@rustbot
Copy link
Collaborator

rustbot commented Mar 25, 2026

r? @scottmcm

rustbot has assigned @scottmcm.
They will have a look at your PR within the next two weeks and either review your PR or reassign to another reviewer.

Use r? to explicitly pick a reviewer

Why was this reviewer chosen?

The reviewer was selected based on:

  • Owners of files modified in this PR: @scottmcm, libs
  • @scottmcm, libs expanded to 8 candidates
  • Random selection from Mark-Simulacrum, scottmcm

bjorn3
bjorn3 reviewed Mar 25, 2026
View reviewed changes
library/core/src/ptr/const_ptr.rs
///
/// * If the computed offset is non-zero, then `self` must be [derived from][crate::ptr#provenance] a pointer to some
/// [allocation], and the entire memory range between `self` and the result must be in
/// [allocation], and the entire memory range between `self` and the result (not including result) must be in
Copy link
Member

@bjorn3 bjorn3 Mar 25, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

for sub the self argument is after the result, so this would need to be not including self, right? also "memory range from the result to self (exclusive)" reads a bit more fluently to me.

Copy link
Contributor Author

@justanotheranonymoususer justanotheranonymoususer Mar 25, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

For sub, not sure if the note is relevant because the pointer isn't moving forward. If non-zero and non-wraparound, you can't end up in the one-past-the-end situation anyway.

For "not including result" vs "exclusive", for me as not a native speaker, my version is clearer, but I can change. Let me know.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@bjorn3 bjorn3 bjorn3 left review comments

Assignees

@scottmcm scottmcm

Labels

S-waiting-on-review Status: Awaiting review from the assignee but also interested parties. T-libs Relevant to the library team, which will review and decide on the PR/issue.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@justanotheranonymoususer @rustbot @bjorn3 @scottmcm