//! Based on //! //! by matthieu-m use core::error::Error; use core::fmt::{self, Debug, Display, Formatter}; #[cfg(not(no_global_oom_handling))] use core::intrinsics::{const_allocate, const_make_global}; use core::marker::PhantomData; #[cfg(not(no_global_oom_handling))] use core::marker::Unsize; #[cfg(not(no_global_oom_handling))] use core::mem::{self, SizedTypeProperties}; use core::ops::{Deref, DerefMut}; use core::ptr::{self, NonNull, Pointee}; use crate::alloc::{self, Layout, LayoutError}; /// ThinBox. /// /// A thin pointer for heap allocation, regardless of T. /// /// # Examples /// /// ``` /// #![feature(thin_box)] /// use std::boxed::ThinBox; /// /// let five = ThinBox::new(5); /// let thin_slice = ThinBox::<[i32]>::new_unsize([1, 2, 3, 4]); /// /// let size_of_ptr = size_of::<*const ()>(); /// assert_eq!(size_of_ptr, size_of_val(&five)); /// assert_eq!(size_of_ptr, size_of_val(&thin_slice)); /// ``` #[unstable(feature = "thin_box", issue = "92791")] pub struct ThinBox { // This is essentially `WithHeader<::Metadata>`, // but that would be invariant in `T`, and we want covariance. ptr: WithOpaqueHeader, _marker: PhantomData, } /// `ThinBox` is `Send` if `T` is `Send` because the data is owned. #[unstable(feature = "thin_box", issue = "92791")] unsafe impl Send for ThinBox {} /// `ThinBox` is `Sync` if `T` is `Sync` because the data is owned. #[unstable(feature = "thin_box", issue = "92791")] unsafe impl Sync for ThinBox {} #[unstable(feature = "thin_box", issue = "92791")] impl ThinBox { /// Moves a type to the heap with its [`Metadata`] stored in the heap allocation instead of on /// the stack. /// /// # Examples /// /// ``` /// #![feature(thin_box)] /// use std::boxed::ThinBox; /// /// let five = ThinBox::new(5); /// ``` /// /// [`Metadata`]: core::ptr::Pointee::Metadata #[cfg(not(no_global_oom_handling))] pub fn new(value: T) -> Self { let meta = ptr::metadata(&value); let ptr = WithOpaqueHeader::new(meta, value); ThinBox { ptr, _marker: PhantomData } } /// Moves a type to the heap with its [`Metadata`] stored in the heap allocation instead of on /// the stack. Returns an error if allocation fails, instead of aborting. /// /// # Examples /// /// ``` /// #![feature(allocator_api)] /// #![feature(thin_box)] /// use std::boxed::ThinBox; /// /// let five = ThinBox::try_new(5)?; /// # Ok::<(), std::alloc::AllocError>(()) /// ``` /// /// [`Metadata`]: core::ptr::Pointee::Metadata pub fn try_new(value: T) -> Result { let meta = ptr::metadata(&value); WithOpaqueHeader::try_new(meta, value).map(|ptr| ThinBox { ptr, _marker: PhantomData }) } } #[unstable(feature = "thin_box", issue = "92791")] impl ThinBox { /// Moves a type to the heap with its [`Metadata`] stored in the heap allocation instead of on /// the stack. /// /// # Examples /// /// ``` /// #![feature(thin_box)] /// use std::boxed::ThinBox; /// /// let thin_slice = ThinBox::<[i32]>::new_unsize([1, 2, 3, 4]); /// ``` /// /// [`Metadata`]: core::ptr::Pointee::Metadata #[cfg(not(no_global_oom_handling))] pub fn new_unsize(value: T) -> Self where T: Unsize, { if size_of::() == 0 { let ptr = WithOpaqueHeader::new_unsize_zst::(value); ThinBox { ptr, _marker: PhantomData } } else { let meta = ptr::metadata(&value as &Dyn); let ptr = WithOpaqueHeader::new(meta, value); ThinBox { ptr, _marker: PhantomData } } } } #[unstable(feature = "thin_box", issue = "92791")] impl Debug for ThinBox { fn fmt(&self, f: &mut Formatter<'_>) -> fmt::Result { Debug::fmt(self.deref(), f) } } #[unstable(feature = "thin_box", issue = "92791")] impl Display for ThinBox { fn fmt(&self, f: &mut Formatter<'_>) -> fmt::Result { Display::fmt(self.deref(), f) } } #[unstable(feature = "thin_box", issue = "92791")] impl Deref for ThinBox { type Target = T; fn deref(&self) -> &T { let value = self.data(); let metadata = self.meta(); let pointer = ptr::from_raw_parts(value as *const (), metadata); unsafe { &*pointer } } } #[unstable(feature = "thin_box", issue = "92791")] impl DerefMut for ThinBox { fn deref_mut(&mut self) -> &mut T { let value = self.data(); let metadata = self.meta(); let pointer = ptr::from_raw_parts_mut::(value as *mut (), metadata); unsafe { &mut *pointer } } } #[unstable(feature = "thin_box", issue = "92791")] impl Drop for ThinBox { fn drop(&mut self) { unsafe { let value = self.deref_mut(); let value = value as *mut T; self.with_header().drop::(value); } } } #[unstable(feature = "thin_box", issue = "92791")] impl ThinBox { fn meta(&self) -> ::Metadata { // Safety: // - NonNull and valid. unsafe { *self.with_header().header() } } fn data(&self) -> *mut u8 { self.with_header().value() } fn with_header(&self) -> &WithHeader<::Metadata> { // SAFETY: both types are transparent to `NonNull` unsafe { &*((&raw const self.ptr) as *const WithHeader<_>) } } } /// A pointer to type-erased data, guaranteed to either be: /// 1. `NonNull::dangling()`, in the case where both the pointee (`T`) and /// metadata (`H`) are ZSTs. /// 2. A pointer to a valid `T` that has a header `H` directly before the /// pointed-to location. #[repr(transparent)] struct WithHeader(NonNull, PhantomData); /// An opaque representation of `WithHeader` to avoid the /// projection invariance of `::Metadata`. #[repr(transparent)] struct WithOpaqueHeader(NonNull); impl WithOpaqueHeader { #[cfg(not(no_global_oom_handling))] fn new(header: H, value: T) -> Self { let ptr = WithHeader::new(header, value); Self(ptr.0) } #[cfg(not(no_global_oom_handling))] fn new_unsize_zst(value: T) -> Self where Dyn: ?Sized, T: Unsize, { let ptr = WithHeader::<::Metadata>::new_unsize_zst::(value); Self(ptr.0) } fn try_new(header: H, value: T) -> Result { WithHeader::try_new(header, value).map(|ptr| Self(ptr.0)) } } impl WithHeader { #[cfg(not(no_global_oom_handling))] fn new(header: H, value: T) -> WithHeader { let value_layout = Layout::new::(); let Ok((layout, value_offset)) = Self::alloc_layout(value_layout) else { // We pass an empty layout here because we do not know which layout caused the // arithmetic overflow in `Layout::extend` and `handle_alloc_error` takes `Layout` as // its argument rather than `Result`, also this function has been // stable since 1.28 ._. // // On the other hand, look at this gorgeous turbofish! alloc::handle_alloc_error(Layout::new::<()>()); }; unsafe { // Note: It's UB to pass a layout with a zero size to `alloc::alloc`, so // we use `layout.dangling()` for this case, which should have a valid // alignment for both `T` and `H`. let ptr = if layout.size() == 0 { // Some paranoia checking, mostly so that the ThinBox tests are // more able to catch issues. debug_assert!(value_offset == 0 && T::IS_ZST && H::IS_ZST); layout.dangling() } else { let ptr = alloc::alloc(layout); if ptr.is_null() { alloc::handle_alloc_error(layout); } // Safety: // - The size is at least `aligned_header_size`. let ptr = ptr.add(value_offset) as *mut _; NonNull::new_unchecked(ptr) }; let result = WithHeader(ptr, PhantomData); ptr::write(result.header(), header); ptr::write(result.value().cast(), value); result } } /// Non-panicking version of `new`. /// Any error is returned as `Err(core::alloc::AllocError)`. fn try_new(header: H, value: T) -> Result, core::alloc::AllocError> { let value_layout = Layout::new::(); let Ok((layout, value_offset)) = Self::alloc_layout(value_layout) else { return Err(core::alloc::AllocError); }; unsafe { // Note: It's UB to pass a layout with a zero size to `alloc::alloc`, so // we use `layout.dangling()` for this case, which should have a valid // alignment for both `T` and `H`. let ptr = if layout.size() == 0 { // Some paranoia checking, mostly so that the ThinBox tests are // more able to catch issues. debug_assert!(value_offset == 0 && size_of::() == 0 && size_of::() == 0); layout.dangling() } else { let ptr = alloc::alloc(layout); if ptr.is_null() { return Err(core::alloc::AllocError); } // Safety: // - The size is at least `aligned_header_size`. let ptr = ptr.add(value_offset) as *mut _; NonNull::new_unchecked(ptr) }; let result = WithHeader(ptr, PhantomData); ptr::write(result.header(), header); ptr::write(result.value().cast(), value); Ok(result) } } // `Dyn` is `?Sized` type like `[u32]`, and `T` is ZST type like `[u32; 0]`. #[cfg(not(no_global_oom_handling))] fn new_unsize_zst(value: T) -> WithHeader where Dyn: Pointee + ?Sized, T: Unsize, { assert!(size_of::() == 0); const fn max(a: usize, b: usize) -> usize { if a > b { a } else { b } } // Compute a pointer to the right metadata. This will point to the beginning // of the header, past the padding, so the assigned type makes sense. // It also ensures that the address at the end of the header is sufficiently // aligned for T. let alloc: &::Metadata = const { // FIXME: just call `WithHeader::alloc_layout` with size reset to 0. // Currently that's blocked on `Layout::extend` not being `const fn`. let alloc_align = max(align_of::(), align_of::<::Metadata>()); let alloc_size = max(align_of::(), size_of::<::Metadata>()); unsafe { // SAFETY: align is power of two because it is the maximum of two alignments. let alloc: *mut u8 = const_allocate(alloc_size, alloc_align); let metadata_offset = alloc_size.checked_sub(size_of::<::Metadata>()).unwrap(); // SAFETY: adding offset within the allocation. let metadata_ptr: *mut ::Metadata = alloc.add(metadata_offset).cast(); // SAFETY: `*metadata_ptr` is within the allocation. metadata_ptr.write(ptr::metadata::(ptr::dangling::() as *const Dyn)); // SAFETY: valid heap allocation const_make_global(alloc); // SAFETY: we have just written the metadata. &*metadata_ptr } }; // SAFETY: `alloc` points to `::Metadata`, so addition stays in-bounds. let value_ptr = unsafe { (alloc as *const ::Metadata).add(1) }.cast::().cast_mut(); debug_assert!(value_ptr.is_aligned()); mem::forget(value); WithHeader(NonNull::new(value_ptr.cast()).unwrap(), PhantomData) } // Safety: // - Assumes that either `value` can be dereferenced, or is the // `NonNull::dangling()` we use when both `T` and `H` are ZSTs. unsafe fn drop(&self, value: *mut T) { struct DropGuard { ptr: NonNull, value_layout: Layout, _marker: PhantomData, } impl Drop for DropGuard { fn drop(&mut self) { // All ZST are allocated statically. if self.value_layout.size() == 0 { return; } unsafe { // SAFETY: Layout must have been computable if we're in drop let (layout, value_offset) = WithHeader::::alloc_layout(self.value_layout).unwrap_unchecked(); // Since we only allocate for non-ZSTs, the layout size cannot be zero. debug_assert!(layout.size() != 0); alloc::dealloc(self.ptr.as_ptr().sub(value_offset), layout); } } } unsafe { // `_guard` will deallocate the memory when dropped, even if `drop_in_place` unwinds. let _guard = DropGuard { ptr: self.0, value_layout: Layout::for_value_raw(value), _marker: PhantomData::, }; // We only drop the value because the Pointee trait requires that the metadata is copy // aka trivially droppable. ptr::drop_in_place::(value); } } fn header(&self) -> *mut H { // Safety: // - At least `size_of::()` bytes are allocated ahead of the pointer. // - We know that H will be aligned because the middle pointer is aligned to the greater // of the alignment of the header and the data and the header size includes the padding // needed to align the header. Subtracting the header size from the aligned data pointer // will always result in an aligned header pointer, it just may not point to the // beginning of the allocation. let hp = unsafe { self.0.as_ptr().sub(Self::header_size()) as *mut H }; debug_assert!(hp.is_aligned()); hp } fn value(&self) -> *mut u8 { self.0.as_ptr() } const fn header_size() -> usize { size_of::() } fn alloc_layout(value_layout: Layout) -> Result<(Layout, usize), LayoutError> { Layout::new::().extend(value_layout) } } #[unstable(feature = "thin_box", issue = "92791")] impl Error for ThinBox { fn source(&self) -> Option<&(dyn Error + 'static)> { self.deref().source() } }