FROMGIT: rust: alloc: add missing invariant in Vec::set_len()

When setting a new length, we have to justify that the set length represents the exact number of elements stored in the vector. Reviewed-by: Benno Lossin <benno.lossin@proton.me> Reported-by: Alice Ryhl <aliceryhl@google.com> Closes: https://lore.kernel.org/rust-for-linux/20250311-iov-iter-v1-4-f6c9134ea824@google.com Fixes: 2aac4cd7dae3 ("rust: alloc: implement kernel `Vec` type") Link: https://lore.kernel.org/r/20250315154436.65065-2-dakr@kernel.org Signed-off-by: Danilo Krummrich <dakr@kernel.org> Bug: 414994413 (cherry picked from commit fb1bf1067de979c89ae33589e0466d6ce0dde204 https://github.com/Rust-for-Linux/linux.git alloc-next) Change-Id: Ib9a4889aa2144197ce7da035e45f78520b12e397 Signed-off-by: Alice Ryhl <aliceryhl@google.com>
2025-03-15 16:43:02 +01:00
parent 025e0fc417
commit f037ab7a73
1 changed files with 3 additions and 0 deletions
--- a/rust/kernel/alloc/kvec.rs
+++ b/rust/kernel/alloc/kvec.rs
@@ -193,6 +193,9 @@ where
    #[inline]
    pub unsafe fn set_len(&mut self, new_len: usize) {
        debug_assert!(new_len <= self.capacity());
+
+        // INVARIANT: By the safety requirements of this method `new_len` represents the exact
+        // number of elements stored within `self`.
        self.len = new_len;
    }