mikros/rust
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Auto merge of #97053 - CAD97:realloc-clarification, r=dtolnay

Browse Source 
Remove potentially misleading realloc parenthetical

This parenthetical is problematic, because it suggests that the following is sound:

```rust
let layout = Layout:🆕:<[u8; 32]>();
let p1 = alloc(layout);
let p2 = realloc(p1, layout, 32);
if p1 == p2 {
    p1.write([0; 32]);
    dealloc(p1, layout);
} else {
    dealloc(p2, layout);
}
```

At the very least, this isn't the case for [ANSI `realloc`](https://en.cppreference.com/w/c/memory/realloc)

> The original pointer `ptr` is invalidated and any access to it is undefined behavior (even if reallocation was in-place).

and [Windows `HeapReAlloc`](https://docs.microsoft.com/en-us/windows/win32/api/heapapi/nf-heapapi-heaprealloc) is unclear at best (`HEAP_REALLOC_IN_PLACE_ONLY`'s description may imply that the old pointer may be used if `HEAP_REALLOC_IN_PLACE_ONLY` is provided).

The conservative position is to just remove the parenthetical.

cc `@rust-lang/wg-unsafe-code-guidelines` `@rust-lang/wg-allocators`
This commit is contained in:
bors 2022-05-16 02:33:34 +00:00
commit 56d540e057
2 changed files with 5 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
library/core/src/alloc/global.rs
View File

@ -208,11 +208,9 @@ pub unsafe trait GlobalAlloc {
///
/// If this returns a non-null pointer, then ownership of the memory block
/// referenced by `ptr` has been transferred to this allocator.
/// The memory may or may not have been deallocated,
/// and should be considered unusable (unless of course it was
/// transferred back to the caller again via the return value of
/// this method). The new memory block is allocated with `layout`, but
/// with the `size` updated to `new_size`. This new layout should be
/// The memory may or may not have been deallocated, and should be
/// considered unusable. The new memory block is allocated with `layout`,
/// but with the `size` updated to `new_size`. This new layout should be
/// used when deallocating the new memory block with `dealloc`. The range
/// `0..min(layout.size(), new_size)` of the new memory block is
/// guaranteed to have the same values as the original block.

6
library/core/src/alloc/mod.rs
View File

@ -161,8 +161,7 @@ pub unsafe trait Allocator {
///
/// If this returns `Ok`, then ownership of the memory block referenced by `ptr` has been
/// transferred to this allocator. The memory may or may not have been freed, and should be
/// considered unusable unless it was transferred back to the caller again via the return value
/// of this method.
/// considered unusable.
///
/// If this method returns `Err`, then ownership of the memory block has not been transferred to
/// this allocator, and the contents of the memory block are unaltered.
@ -288,8 +287,7 @@ pub unsafe trait Allocator {
///
/// If this returns `Ok`, then ownership of the memory block referenced by `ptr` has been
/// transferred to this allocator. The memory may or may not have been freed, and should be
/// considered unusable unless it was transferred back to the caller again via the return value
/// of this method.
/// considered unusable.
///
/// If this method returns `Err`, then ownership of the memory block has not been transferred to
/// this allocator, and the contents of the memory block are unaltered.