New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Don't use dangling NonNull as sentinel #3289
Conversation
unsafe fn null_pointer() -> NonNull<u8> { | ||
NonNull::new_unchecked(ALIGNMENT as *mut u8) | ||
fn dangling() -> NonNull<u8> { | ||
// SAFETY: ALIGNMENT is a non-zero usize which is then casted |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is copy-pasted from https://doc.rust-lang.org/src/core/ptr/non_null.rs.html#90
#[inline] | ||
unsafe fn null_pointer() -> NonNull<u8> { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This isn't actually unsafe see https://doc.rust-lang.org/std/ptr/struct.NonNull.html#method.dangling
NonNull::new_unchecked(ALIGNMENT as *mut u8) | ||
fn dangling() -> NonNull<u8> { | ||
// SAFETY: ALIGNMENT is a non-zero usize which is then casted | ||
// to a *mut T. Therefore, `ptr` is not null and the conditions for |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
nit: there is no ptr
so might be confused for some readers.
Which issue does this PR close?
Closes #.
Rationale for this change
Aside from a method called
null_pointer
returning aNonNull
being slightly oxymoronic, using the returned value as a sentinel could in extremely unlikely situations lead to a false positive. This would only ever result in leaking memory, but we might as well clean it up.What changes are included in this PR?
Are there any user-facing changes?