nordic-dev.net/rust
nordic-dev.net/rust
2
0
Fork 0
mirror of https://github.com/rust-lang/rust.git synced 2024-11-28 09:44:08 +00:00
Code Issues Packages Projects Releases Wiki Activity

Document that heap allocations are not guaranteed to happen, even if explicitly performed in the code

Browse Source
This commit is contained in:
oli 2020-11-19 11:05:15 +00:00
parent 30e49a9ead
commit a2f938ac52
2 changed files with 25 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
library/core/src/alloc/global.rs
View File

@ -53,6 +53,19 @@ use crate::ptr;
/// * `Layout` queries and calculations in general must be correct. Callers of
/// this trait are allowed to rely on the contracts defined on each method,
/// and implementors must ensure such contracts remain true.
///
/// * You may not rely on allocations actually happening, even if there are explicit
/// heap allocations in the source. The optimizer may detect allocation/deallocation
/// pairs that it can instead move to stack allocations/deallocations and thus never
/// invoke the allocator here.
/// More concretely, the following code example is unsound, irrespective of whether your
/// custom allocator allows counting how many allocations have happened.
///
/// ```rust,ignore
/// drop(Box::new(42));
/// let number_of_heap_allocs = /* call private allocator API */;
/// unsafe { std::intrinsics::assume(number_of_heap_allocs > 0); }
/// ```
#[stable(feature = "global_alloc", since = "1.28.0")]
pub unsafe trait GlobalAlloc {
/// Allocate memory as described by the given `layout`.

12
library/core/src/alloc/mod.rs
View File

@ -94,6 +94,18 @@ pub unsafe trait AllocRef {
/// The returned block may have a larger size than specified by `layout.size()`, and may or may
/// not have its contents initialized.
///
/// Note that you may not rely on this method actually getting called, even if there are calls
/// to it in the source. The optimizer may detect allocation/deallocation pairs that it can
/// instead move to stack allocations/deallocations and thus never invoke the allocator here.
/// More concretely, the following code example is unsound, irrespective of whether your
/// custom allocator allows counting how many allocations have happened.
///
/// ```rust,ignore
/// Global::dealloc(Global::alloc(some_layout));
/// let number_of_heap_allocs = /* call private allocator API */;
/// unsafe { std::intrinsics::assume(number_of_heap_allocs > 0); }
/// ```
///
/// # Errors
///
/// Returning `Err` indicates that either memory is exhausted or `layout` does not meet