1 //! Memory allocation APIs
3 #![stable(feature = "alloc_module", since = "1.28.0")]
8 #[stable(feature = "global_alloc", since = "1.28.0")]
9 pub use self::global
::GlobalAlloc
;
10 #[stable(feature = "alloc_layout", since = "1.28.0")]
11 pub use self::layout
::{Layout, LayoutErr}
;
14 use crate::ptr
::{self, NonNull}
;
16 /// The `AllocErr` error indicates an allocation failure
17 /// that may be due to resource exhaustion or to
18 /// something wrong when combining the given input arguments with this
20 #[unstable(feature = "allocator_api", issue = "32838")]
21 #[derive(Clone, PartialEq, Eq, Debug)]
24 // (we need this for downstream impl of trait Error)
25 #[unstable(feature = "allocator_api", issue = "32838")]
26 impl fmt
::Display
for AllocErr
{
27 fn fmt(&self, f
: &mut fmt
::Formatter
<'_
>) -> fmt
::Result
{
28 f
.write_str("memory allocation failed")
32 /// A desired initial state for allocated memory.
33 #[derive(Debug, Copy, Clone, PartialEq, Eq)]
34 #[unstable(feature = "allocator_api", issue = "32838")]
36 /// The contents of the new memory are uninitialized.
38 /// The new memory is guaranteed to be zeroed.
43 /// Initialize the specified memory block.
45 /// This behaves like calling [`AllocInit::init_offset(memory, 0)`][off].
47 /// [off]: AllocInit::init_offset
51 /// * `memory.ptr` must be [valid] for writes of `memory.size` bytes.
53 /// [valid]: ../../core/ptr/index.html#safety
55 #[unstable(feature = "allocator_api", issue = "32838")]
56 pub unsafe fn init(self, memory
: MemoryBlock
) {
57 self.init_offset(memory
, 0)
60 /// Initialize the memory block like specified by `init` at the specified `offset`.
62 /// This is a no-op for [`AllocInit::Uninitialized`][] and writes zeroes for
63 /// [`AllocInit::Zeroed`][] at `ptr + offset` until `ptr + layout.size()`.
67 /// * `memory.ptr` must be [valid] for writes of `memory.size` bytes.
68 /// * `offset` must be smaller than or equal to `memory.size`
70 /// [valid]: ../../core/ptr/index.html#safety
72 #[unstable(feature = "allocator_api", issue = "32838")]
73 pub unsafe fn init_offset(self, memory
: MemoryBlock
, offset
: usize) {
75 offset
<= memory
.size
,
76 "`offset` must be smaller than or equal to `memory.size`"
79 AllocInit
::Uninitialized
=> (),
80 AllocInit
::Zeroed
=> {
81 memory
.ptr
.as_ptr().add(offset
).write_bytes(0, memory
.size
- offset
)
87 /// Represents a block of allocated memory returned by an allocator.
88 #[derive(Debug, Copy, Clone)]
89 #[unstable(feature = "allocator_api", issue = "32838")]
90 pub struct MemoryBlock
{
95 /// A placement constraint when growing or shrinking an existing allocation.
96 #[derive(Debug, Copy, Clone, PartialEq, Eq)]
97 #[unstable(feature = "allocator_api", issue = "32838")]
98 pub enum ReallocPlacement
{
99 /// The allocator is allowed to move the allocation to a different memory address.
100 // FIXME(wg-allocators#46): Add a section to the module documentation "What is a legal
101 // allocator" and link it at "valid location".
103 /// If the allocation _does_ move, it's the responsibility of the allocator
104 /// to also move the data from the previous location to the new location.
106 /// The address of the new memory must not change.
108 /// If the allocation would have to be moved to a new location to fit, the
109 /// reallocation request will fail.
113 /// An implementation of `AllocRef` can allocate, grow, shrink, and deallocate arbitrary blocks of
114 /// data described via [`Layout`][].
116 /// `AllocRef` is designed to be implemented on ZSTs, references, or smart pointers because having
117 /// an allocator like `MyAlloc([u8; N])` cannot be moved, without updating the pointers to the
118 /// allocated memory.
120 /// Unlike [`GlobalAlloc`][], zero-sized allocations are allowed in `AllocRef`. If an underlying
121 /// allocator does not support this (like jemalloc) or return a null pointer (such as
122 /// `libc::malloc`), this must be caught by the implementation.
124 /// ### Currently allocated memory
126 /// Some of the methods require that a memory block be *currently allocated* via an allocator. This
129 /// * the starting address for that memory block was previously returned by [`alloc`], [`grow`], or
132 /// * the memory block has not been subsequently deallocated, where blocks are either deallocated
133 /// directly by being passed to [`dealloc`] or were changed by being passed to [`grow`] or
134 /// [`shrink`] that returns `Ok`. If `grow` or `shrink` have returned `Err`, the passed pointer
137 /// [`alloc`]: AllocRef::alloc
138 /// [`grow`]: AllocRef::grow
139 /// [`shrink`]: AllocRef::shrink
140 /// [`dealloc`]: AllocRef::dealloc
142 /// ### Memory fitting
144 /// Some of the methods require that a layout *fit* a memory block. What it means for a layout to
145 /// "fit" a memory block means (or equivalently, for a memory block to "fit" a layout) is that the
146 /// following conditions must hold:
148 /// * The block must be allocated with the same alignment as [`layout.align()`], and
150 /// * The provided [`layout.size()`] must fall in the range `min ..= max`, where:
151 /// - `min` is the size of the layout most recently used to allocate the block, and
152 /// - `max` is the latest actual size returned from [`alloc`], [`grow`], or [`shrink`].
154 /// [`layout.align()`]: Layout::align
155 /// [`layout.size()`]: Layout::size
159 /// * Memory blocks returned from an allocator must point to valid memory and retain their validity
160 /// until the instance and all of its clones are dropped,
162 /// * cloning or moving the allocator must not invalidate memory blocks returned from this
163 /// allocator. A cloned allocator must behave like the same allocator, and
165 /// * any pointer to a memory block which is [*currently allocated*] may be passed to any other
166 /// method of the allocator.
168 /// [*currently allocated*]: #currently-allocated-memory
169 #[unstable(feature = "allocator_api", issue = "32838")]
170 pub unsafe trait AllocRef
{
171 /// Attempts to allocate a block of memory.
173 /// On success, returns a [`MemoryBlock`][] meeting the size and alignment guarantees of `layout`.
175 /// The returned block may have a larger size than specified by `layout.size()` and is
176 /// initialized as specified by [`init`], all the way up to the returned size of the block.
178 /// [`init`]: AllocInit
182 /// Returning `Err` indicates that either memory is exhausted or `layout` does not meet
183 /// allocator's size or alignment constraints.
185 /// Implementations are encouraged to return `Err` on memory exhaustion rather than panicking or
186 /// aborting, but this is not a strict requirement. (Specifically: it is *legal* to implement
187 /// this trait atop an underlying native allocation library that aborts on memory exhaustion.)
189 /// Clients wishing to abort computation in response to an allocation error are encouraged to
190 /// call the [`handle_alloc_error`] function, rather than directly invoking `panic!` or similar.
192 /// [`handle_alloc_error`]: ../../alloc/alloc/fn.handle_alloc_error.html
193 fn alloc(&mut self, layout
: Layout
, init
: AllocInit
) -> Result
<MemoryBlock
, AllocErr
>;
195 /// Deallocates the memory referenced by `ptr`.
199 /// * `ptr` must denote a block of memory [*currently allocated*] via this allocator, and
200 /// * `layout` must [*fit*] that block of memory.
202 /// [*currently allocated*]: #currently-allocated-memory
203 /// [*fit*]: #memory-fitting
204 unsafe fn dealloc(&mut self, ptr
: NonNull
<u8>, layout
: Layout
);
206 /// Attempts to extend the memory block.
208 /// Returns a new [`MemoryBlock`][] containing a pointer and the actual size of the allocated
209 /// memory. The pointer is suitable for holding data described by a new layout with `layout`’s
210 /// alignment and a size given by `new_size`. To accomplish this, the allocator may extend the
211 /// allocation referenced by `ptr` to fit the new layout. If the [`placement`] is
212 /// [`InPlace`], the returned pointer is guaranteed to be the same as the passed `ptr`.
214 /// If [`MayMove`] is used then ownership of the memory block referenced by `ptr`
215 /// is transferred to this allocator. The memory may or may not be freed, and should be
216 /// considered unusable (unless of course it is transferred back to the caller again via the
217 /// return value of this method).
219 /// If this method returns `Err`, then ownership of the memory block has not been transferred to
220 /// this allocator, and the contents of the memory block are unaltered.
222 /// The memory block will contain the following contents after a successful call to `grow`:
223 /// * Bytes `0..layout.size()` are preserved from the original allocation.
224 /// * Bytes `layout.size()..old_size` will either be preserved or initialized according to
225 /// [`init`], depending on the allocator implementation. `old_size` refers to the size of
226 /// the `MemoryBlock` prior to the `grow` call, which may be larger than the size
227 /// that was originally requested when it was allocated.
228 /// * Bytes `old_size..new_size` are initialized according to [`init`]. `new_size` refers to
229 /// the size of the `MemoryBlock` returned by the `grow` call.
231 /// [`InPlace`]: ReallocPlacement::InPlace
232 /// [`MayMove`]: ReallocPlacement::MayMove
233 /// [`placement`]: ReallocPlacement
234 /// [`init`]: AllocInit
238 /// * `ptr` must denote a block of memory [*currently allocated*] via this allocator,
239 /// * `layout` must [*fit*] that block of memory (The `new_size` argument need not fit it.),
240 // We can't require that `new_size` is strictly greater than `memory.size` because of ZSTs.
241 // An alternative would be
242 // * `new_size must be strictly greater than `memory.size` or both are zero
243 /// * `new_size` must be greater than or equal to `layout.size()`, and
244 /// * `new_size`, when rounded up to the nearest multiple of `layout.align()`, must not overflow
245 /// (i.e., the rounded value must be less than or equal to `usize::MAX`).
247 /// [*currently allocated*]: #currently-allocated-memory
248 /// [*fit*]: #memory-fitting
252 /// Returns `Err` if the new layout does not meet the allocator's size and alignment
253 /// constraints of the allocator, or if growing otherwise fails.
255 /// Implementations are encouraged to return `Err` on memory exhaustion rather than panicking or
256 /// aborting, but this is not a strict requirement. (Specifically: it is *legal* to implement
257 /// this trait atop an underlying native allocation library that aborts on memory exhaustion.)
259 /// Clients wishing to abort computation in response to an allocation error are encouraged to
260 /// call the [`handle_alloc_error`] function, rather than directly invoking `panic!` or similar.
262 /// [`handle_alloc_error`]: ../../alloc/alloc/fn.handle_alloc_error.html
268 placement
: ReallocPlacement
,
270 ) -> Result
<MemoryBlock
, AllocErr
> {
272 ReallocPlacement
::InPlace
=> Err(AllocErr
),
273 ReallocPlacement
::MayMove
=> {
274 let size
= layout
.size();
277 "`new_size` must be greater than or equal to `layout.size()`"
280 if new_size
== size
{
281 return Ok(MemoryBlock { ptr, size }
);
284 let new_layout
= Layout
::from_size_align_unchecked(new_size
, layout
.align());
285 let new_memory
= self.alloc(new_layout
, init
)?
;
286 ptr
::copy_nonoverlapping(ptr
.as_ptr(), new_memory
.ptr
.as_ptr(), size
);
287 self.dealloc(ptr
, layout
);
293 /// Attempts to shrink the memory block.
295 /// Returns a new [`MemoryBlock`][] containing a pointer and the actual size of the allocated
296 /// memory. The pointer is suitable for holding data described by a new layout with `layout`’s
297 /// alignment and a size given by `new_size`. To accomplish this, the allocator may shrink the
298 /// allocation referenced by `ptr` to fit the new layout. If the [`placement`] is
299 /// [`InPlace`], the returned pointer is guaranteed to be the same as the passed `ptr`.
301 /// If this returns `Ok`, then ownership of the memory block referenced by `ptr` has been
302 /// transferred to this allocator. The memory may or may not have been freed, and should be
303 /// considered unusable unless it was transferred back to the caller again via the
304 /// return value of this method.
306 /// If this method returns `Err`, then ownership of the memory block has not been transferred to
307 /// this allocator, and the contents of the memory block are unaltered.
309 /// The behavior of how the allocator tries to shrink the memory is specified by [`placement`].
311 /// [`InPlace`]: ReallocPlacement::InPlace
312 /// [`placement`]: ReallocPlacement
316 /// * `ptr` must denote a block of memory [*currently allocated*] via this allocator,
317 /// * `layout` must [*fit*] that block of memory (The `new_size` argument need not fit it.), and
318 // We can't require that `new_size` is strictly smaller than `memory.size` because of ZSTs.
319 // An alternative would be
320 // * `new_size must be strictly smaller than `memory.size` or both are zero
321 /// * `new_size` must be smaller than or equal to `layout.size()`.
323 /// [*currently allocated*]: #currently-allocated-memory
324 /// [*fit*]: #memory-fitting
328 /// Returns `Err` if the new layout does not meet the allocator's size and alignment
329 /// constraints of the allocator, or if shrinking otherwise fails.
331 /// Implementations are encouraged to return `Err` on memory exhaustion rather than panicking or
332 /// aborting, but this is not a strict requirement. (Specifically: it is *legal* to implement
333 /// this trait atop an underlying native allocation library that aborts on memory exhaustion.)
335 /// Clients wishing to abort computation in response to an allocation error are encouraged to
336 /// call the [`handle_alloc_error`] function, rather than directly invoking `panic!` or similar.
338 /// [`handle_alloc_error`]: ../../alloc/alloc/fn.handle_alloc_error.html
344 placement
: ReallocPlacement
,
345 ) -> Result
<MemoryBlock
, AllocErr
> {
347 ReallocPlacement
::InPlace
=> Err(AllocErr
),
348 ReallocPlacement
::MayMove
=> {
349 let size
= layout
.size();
352 "`new_size` must be smaller than or equal to `layout.size()`"
355 if new_size
== size
{
356 return Ok(MemoryBlock { ptr, size }
);
359 let new_layout
= Layout
::from_size_align_unchecked(new_size
, layout
.align());
360 let new_memory
= self.alloc(new_layout
, AllocInit
::Uninitialized
)?
;
361 ptr
::copy_nonoverlapping(ptr
.as_ptr(), new_memory
.ptr
.as_ptr(), new_size
);
362 self.dealloc(ptr
, layout
);