diff options
| author | Ralf Jung <post@ralfj.de> | 2022-11-18 10:41:44 +0100 |
|---|---|---|
| committer | Ralf Jung <post@ralfj.de> | 2022-11-18 10:43:40 +0100 |
| commit | d26659d61153922fdd44485b409747566661a674 (patch) | |
| tree | 2d4e452165a0591a9d533c17bf34273a973e140d | |
| parent | 83356b78c4ff3e7d84e977aa6143793545967301 (diff) | |
| download | rust-d26659d61153922fdd44485b409747566661a674.tar.gz rust-d26659d61153922fdd44485b409747566661a674.zip | |
clarify that realloc refreshes pointer provenance even when the allocation remains in-place
| -rw-r--r-- | library/core/src/alloc/global.rs | 8 | ||||
| -rw-r--r-- | library/core/src/alloc/mod.rs | 10 |
2 files changed, 11 insertions, 7 deletions
diff --git a/library/core/src/alloc/global.rs b/library/core/src/alloc/global.rs index 6756eecd0e0..1d80b8bf9ec 100644 --- a/library/core/src/alloc/global.rs +++ b/library/core/src/alloc/global.rs @@ -208,9 +208,11 @@ pub unsafe trait GlobalAlloc { /// /// If this returns a non-null pointer, then ownership of the memory block /// referenced by `ptr` has been transferred to this allocator. - /// The memory may or may not have been deallocated, and should be - /// considered unusable. The new memory block is allocated with `layout`, - /// but with the `size` updated to `new_size`. This new layout should be + /// Any access to the old `ptr` is Undefined Behavior, even if the + /// allocation remained in-place. The newly returned pointer is the only valid pointer + /// for accessing this memory now. + /// The new memory block is allocated with `layout`, + /// but with the `size` updated to `new_size`. This new layout must be /// used when deallocating the new memory block with `dealloc`. The range /// `0..min(layout.size(), new_size)` of the new memory block is /// guaranteed to have the same values as the original block. diff --git a/library/core/src/alloc/mod.rs b/library/core/src/alloc/mod.rs index a4bf6a853a6..a6082455fac 100644 --- a/library/core/src/alloc/mod.rs +++ b/library/core/src/alloc/mod.rs @@ -169,8 +169,9 @@ pub unsafe trait Allocator { /// this, the allocator may extend the allocation referenced by `ptr` to fit the new layout. /// /// If this returns `Ok`, then ownership of the memory block referenced by `ptr` has been - /// transferred to this allocator. The memory may or may not have been freed, and should be - /// considered unusable. + /// transferred to this allocator. Any access to the old `ptr` is Undefined Behavior, even if the + /// allocation was grown in-place. The newly returned pointer is the only valid pointer + /// for accessing this memory now. /// /// If this method returns `Err`, then ownership of the memory block has not been transferred to /// this allocator, and the contents of the memory block are unaltered. @@ -295,8 +296,9 @@ pub unsafe trait Allocator { /// this, the allocator may shrink the allocation referenced by `ptr` to fit the new layout. /// /// If this returns `Ok`, then ownership of the memory block referenced by `ptr` has been - /// transferred to this allocator. The memory may or may not have been freed, and should be - /// considered unusable. + /// transferred to this allocator. Any access to the old `ptr` is Undefined Behavior, even if the + /// allocation was shrunk in-place. The newly returned pointer is the only valid pointer + /// for accessing this memory now. /// /// If this method returns `Err`, then ownership of the memory block has not been transferred to /// this allocator, and the contents of the memory block are unaltered. |