Clarify offset rules a bit
This commit is contained in:
parent
f191f92421
commit
82b43568a6
@ -255,12 +255,17 @@ extern "rust-intrinsic" {
|
||||
/// Returns `true` if a type is managed (will be allocated on the local heap)
|
||||
pub fn owns_managed<T>() -> bool;
|
||||
|
||||
/// Calculates the offset from a pointer. The offset *must* be in-bounds of
|
||||
/// the object, or one-byte-past-the-end. An arithmetic overflow is also
|
||||
/// undefined behaviour.
|
||||
/// Calculates the offset from a pointer.
|
||||
///
|
||||
/// This is implemented as an intrinsic to avoid converting to and from an
|
||||
/// integer, since the conversion would throw away aliasing information.
|
||||
///
|
||||
/// # Safety
|
||||
///
|
||||
/// Both the starting and resulting pointer must be either in bounds or one
|
||||
/// byte past the end of an allocated object. If either pointer is out of
|
||||
/// bounds or arithmetic overflow occurs then any further use of the
|
||||
/// returned value will result in undefined behavior.
|
||||
pub fn offset<T>(dst: *const T, offset: isize) -> *const T;
|
||||
|
||||
/// Copies `count * size_of<T>` bytes from `src` to `dst`. The source
|
||||
|
@ -301,9 +301,10 @@ impl<T: ?Sized> *const T {
|
||||
///
|
||||
/// # Safety
|
||||
///
|
||||
/// The offset must be in-bounds of the object, or one-byte-past-the-end.
|
||||
/// Otherwise `offset` invokes Undefined Behaviour, regardless of whether
|
||||
/// the pointer is used.
|
||||
/// Both the starting and resulting pointer must be either in bounds or one
|
||||
/// byte past the end of an allocated object. If either pointer is out of
|
||||
/// bounds or arithmetic overflow occurs then
|
||||
/// any further use of the returned value will result in undefined behavior.
|
||||
#[stable(feature = "rust1", since = "1.0.0")]
|
||||
#[inline]
|
||||
pub unsafe fn offset(self, count: isize) -> *const T where T: Sized {
|
||||
|
Loading…
Reference in New Issue
Block a user